Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

PHP Mailer contact forms at risk of remote code execution attacks

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 3, 2017

We just learned today that websites using PHP Mailer contact forms are at risk from a critically rated remote code execution zero day security flaw that affects hundreds of thousands of internet properties.

Internet security researcher Dawid Golunski discovered the vulnerability (Bulletin CVE-2016-10074) in the popular library.

The security bug is located in some of the world's most popular content management systems (CMS) and various addons available today from several vendors.

We are told that the security flaw also affects the Zend Mailer and Swift Mailer PHP scripts as well.

A security fix was issued for the vulnerability but it can still be bypassed, Golunski asserts, reopening the way for more potential attacks from the wild.

To be sure, Golunski also created a limited proof-of-concept security exploit and a video demonstrating how potential hackers can gain remote code execution.

Only some web sites are exposed, however. Attackers can have shell commands executed on web servers using an email sender address field which is uncommon on web forms, with most offering a box for the user's own email address, we are told.

But it's important to note that this rules out Joomla among other content management systems. Its developers say that the core API does not permit the sender address to be set but extensions may do, rendering those sites which use them to be vulnerable to the exploit.

It also excludes Drupal for the same reasons. Developers of that CMS have issued a public announcement warning on December 29 of the bug given its extreme criticality.

However, system admins must manually check all implementations of PHP Mailer to limit from potential exposures until a full security patch is issued in the interim.

Source: Dawid Golunski.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer