26 Sep
2014
26 Sep
'14
11:46 a.m.
On Fri, 26 Sep 2014, Stephan Bosch wrote:
I don't see much of an attack vector there either. However, there are some people that have wrapped /usr/sbin/sendmail in a shell script to achieve some sort of custom messaging behavior. Those would be vulnerable.
Another possibility for trouble would be systems using the Pigeonhole extprograms plugin with shell scripts.
Although I don't use it, it's plausible the checkpassword hook is also vulnerable via the MASTER_USER environment variable:
http://wiki2.dovecot.org/AuthDatabase/CheckPasswordJoseph Tam jtam.home@gmail.com