Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Courier-IMAP XMAILDIR变量远程Shell命令注入漏洞
Vulnerability Description
Courier-IMAP是Courier邮件系统中的IMAP服务程序。 Courier-IMAP对变量数据的过滤上存在漏洞,远程攻击者可能利用此漏洞在服务器上执行任意指令。 Courier-IMAP的/usr/lib/courier-imap/courier-imapd.indirect和/usr/lib/courier-imap/courier-pop3d.indirect文件没有充分检查过滤${XMAILDIR}变量,可能导致远程命令执行。假设系统中存在名为user &name的用户(" &"符号在邮
CVSS Information
N/A
Vulnerability Type
N/A