View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0022073 | mantisbt | security | public | 2016-12-26 05:56 | 2017-01-16 03:33 |
Reporter | hanno | Assigned To | dregad | ||
Priority | high | Severity | major | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.4 | ||||
Target Version | 1.3.5 | Fixed in Version | 1.3.5 | ||
Summary | 0022073: Potentially serious RCE vulnerability in bundled PHPMailer before 5.2.18 (CVE-2016-10033) | ||||
Description | There has been a report about a serious vulnerability in PHPMailer before 5.2.18: Details at this point are scarce, but it looks like if an attacker can somehow control parts of the usage of a mail sent via PHPMailer he can execute code on the webserver. It is likely to assume that this affects all mantis installations where untrusted users have accounts or where account creation is open to everyone. Both mantis 2.0.0 rc2 and 1.3.4 currently bundle 5.2.15. Please update the bundled version to 5.2.18. | ||||
Tags | No tags attached. | ||||
I had a short look at latest changes of PHPMailer It seems some things are necessary for an attack
We don't offer users to enter sender address. @dregad, @vboctor |
|
@hanno, thanks for the heads up. @atrol I tend to agree with your analysis, although the vulnerability report is not detailed enough to be 100% sure. That being said, having reviewed at the PHPMailer change log since 5.2.15, I don't think anything has been introduced that would cause issues on our side, so I'll update the submodule to be on the safe side, just in case. |
|
Update, there seems to be another vuln in PHPmailer: Probably wait for the next update and use that. |
|
|
|
From https://github.com/PHPMailer/PHPMailer/issues/924#issuecomment-269452835
|
|
I updated 1.3.x and 2.0.x branches to PHPMailer 5.2.21 |
|
MantisBT: master-1.3.x ca31358f 2016-12-26 03:32 Details Diff |
Update PHPMailer library to 5.2.19 Fixes 0022073 (security issue, CVE-2016-10033) |
Affected Issues 0022073 |
|
mod - library/README.md | Diff File | ||
mod - library/phpmailer | Diff File | ||
MantisBT: master-1.3.x 2d1ce742 2016-12-28 07:39 Details Diff |
Update PHPMailer library to 5.2.19 Fixes 0022073 (security issue, CVE-2016-10045) |
Affected Issues 0022073 |
|
mod - library/README.md | Diff File | ||
mod - library/phpmailer | Diff File |