Phpmailer: [Question] PHPMailer exploit CVE-2016-10033 Clarification

Created on 29 Dec 2016  路  1Comment  路  Source: PHPMailer/PHPMailer

Regarding the exploit as detailed and found here:

http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html

Obviously it is best practise and best policy to keep PHPMailer fully upto date, and that is currently being undertaken on our servers, and I am in no way stating against that.

However, I wanted to clarify as our servers use PHPMailer with SMTP (->isSMTP), so are these still immediately vulnerable to the exploit raised, as that exploit specifically effects PHP mail() function? From my understanding, the sendmail function used by mail does not use SMTP authentication so I hazard that sending messages via authenticated SMTP would not use PHP mail().

Cheers

Most helpful comment

Indeed - you are only exposed if you are using the default transport (isMail()), which calls mail() internally; SMTP does not call mail, and is not vulnerable. You're not necessarily exposed even if you are using mail() - the key requirement is that you use a user-supplied from address.

More details on the project wiki.

>All comments

Indeed - you are only exposed if you are using the default transport (isMail()), which calls mail() internally; SMTP does not call mail, and is not vulnerable. You're not necessarily exposed even if you are using mail() - the key requirement is that you use a user-supplied from address.

More details on the project wiki.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

Synchro picture Synchro  路  5Comments

wilon picture wilon  路  4Comments

nevilpaul picture nevilpaul  路  5Comments

weirdeagle picture weirdeagle  路  3Comments

dregad picture dregad  路  5Comments