CVE-2007-4560 PoC — ClamAV Popen Function 远程代码执行漏洞

Source

https://github.com/0x1sac/ClamAV-Milter-Sendmail-0.91.2-Remote-Code-Execution

Associated Vulnerability

Title:ClamAV Popen Function 远程代码执行漏洞 (CVE-2007-4560)
Description:ClamAV版本之前的版本0.91.2版本的clamav-milter,当在black hole mode中运行时,远程攻击者可以借助在某popen调用程序中的外壳元字符，且这些元字符涉及sendmail字段的获取"，以执行任意指令。

Description

Exploit for CVE-2007-4560 (ClamAV Milter Sendmail 0.91.2 Remote Code Execution)

Readme

# ClamAV-Milter-Sendmail-0.91.2-Remote-Code-Execution
Exploit for CVE-2007-4560 (ClamAV Milter Sendmail 0.91.2 Remote Code Execution)

The exploit is for educational purposes only and should not be used for malicious purposes.

File Snapshot


 [4.0K]  /data/pocs/679bf9ec91d9c60665aa1800d861bcecf1cc302d
├── [3.2K]  exploit.c
├── [1.0K]  LICENSE
└── [ 227]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!