严重 WordPress Core 4.6 mail函数远程代码执行漏洞
CVE编号
CVE-2016-10033利用情况
EXP 已公开补丁情况
官方补丁披露时间
2016-12-31漏洞描述
PHPMailer是一个用于发送电子邮件的PHP函数包。 PHPMailer存在远程代码执行漏洞。攻击者利用漏洞可执行任意代码,利用失败可导致拒绝服务条件。解决建议
厂商已发布修复补丁,请升级至最新版本:https://github.com/PHPMailer/PHPMailer受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | phpmailer_project | phpmailer | * | Up to (including) 5.2.17 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.2 | php-phpmailer | * | Up to (excluding) 5.2.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.3 | php-phpmailer | * | Up to (excluding) 5.2.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.4 | php5-phpmailer | * | Up to (excluding) 5.2.0-r1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.5 | php5-phpmailer | * | Up to (excluding) 5.2.4-r1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian | DPKG | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | libphp-phpmailer | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_11 | libphp-phpmailer | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_12 | libphp-phpmailer | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_7 | libphp-phpmailer | * | Up to (excluding) 5.1-1.2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_8 | libphp-phpmailer | * | Up to (excluding) 5.2.9+dfsg-2+deb8u2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_sid | libphp-phpmailer | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_24 | php-PHPMailer | * | Up to (excluding) 5.2.19-1.fc24 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_25 | php-PHPMailer | * | Up to (excluding) 5.2.21-1.fc25 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_EPEL_6 | php-PHPMailer | * | Up to (excluding) 5.2.19-1.el6 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_EPEL_7 | php-PHPMailer | * | Up to (excluding) 5.2.19-1.el7 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_18.04.5_lts | libphp-phpmailer | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_18.10 | libphp-phpmailer | * | Up to (excluding) 5.2.14+dfsg-2.1 | |||||
- 攻击路径 远程
- 攻击复杂度 容易
- 权限要求 无需权限
- 影响范围 全局影响
- EXP成熟度 EXP 已公开
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 传输被破坏
- 服务器危害 服务器失陷
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-77 | 在命令中使用的特殊元素转义处理不恰当(命令注入) |
Exp相关链接
- https://github.com//opsxcq/exploit-CVE-2016-10033
- https://github.com/0x00-0x00/CVE-2016-10033
- https://github.com/awidardi/opsxcq-cve-2016-10033
- https://github.com/Bajunan/CVE-2016-10033
- https://github.com/chipironcin/CVE-2016-10033
- https://github.com/cved-sources/cve-2016-10033
- https://github.com/GeneralTesler/CVE-2016-10033
- https://github.com/liusec/WP-CVE-2016-10033
- https://github.com/opsxcq/exploit-CVE-2016-10033
- https://github.com/pedro823/cve-2016-10033-45
- https://github.com/qwertyuiop12138/CVE-2016-10033
- https://github.com/Zenexer/safeshell
- https://github.com/zi0Black/CVE-2016-010033-010045
- https://pentesterlab.com/exercises/cve-2016-10033/course
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phpmailer_arg_injection.rb
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/wp_phpmailer_host_header.rb
- https://www.exploit-db.com/exploits/40968
- https://www.exploit-db.com/exploits/40969
- https://www.exploit-db.com/exploits/40970
- https://www.exploit-db.com/exploits/40974
- https://www.exploit-db.com/exploits/40986
- https://www.exploit-db.com/exploits/41962
- https://www.exploit-db.com/exploits/41996
- https://www.exploit-db.com/exploits/42024
- https://www.exploit-db.com/exploits/42221
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论