Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a user from establishing a direct SMTP session. NOTE: this is a different type of issue than CVE-2006-5262.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hastymail hastymail 1.0.2 |
||
hastymail hastymail 1.1 |
||
hastymail hastymail 1.2 |
||
hastymail hastymail |
||
hastymail hastymail 1.0.1 |