[CVE] CVE-2016-10033 (PHPMailer) CMJ0121 PTT批踢踢實業坊

[CVE] CVE-2016-10033 (PHPMailer)

作者: CMJ0121 (請多指教!!) 2016-12-27 09:30:47

CVE - 2016-10033 (PHPMailer) / Remote Code Execution (RCE)
Version - PHPMailer < 5.2.18
Solution
1- Update to 5.2.18 [2]
POC
[1]: https://www.exploit-db.com/exploits/40968/
Ref
[1]: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
[2]: https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md

作者: ibeakid (Curtis) 2016-12-27 18:28:00

推個認真

繼續閱讀

[公告] 版規 v0.1 (2016.12.23)CMJ0121 [閒聊] 不小心就變成版主了CMJ0121 Fw: [公告] NetSecurity 版主上任公告a3225737 [情報] 白帽菁英入門三會給各位帶來滿滿的大平台AIRY0812 [問題] 有人使用弱掃軟體openvas嗎?ptiger [討論] 被駭？liangh [公告] NetSecurity 徵求版主a3225737 [問題] 在2freehosting架設網站被駭客入侵haward79 [新聞] 駭客假冒FB友私訊騙你植入勒索軟體Lockyolduncle [問題] line的對話記錄破解alfonsosoria