[go: up one dir, main page]
|
|
Log in / Subscribe / Register

ingo1: missing input sanitizing

Package(s):ingo1 CVE #(s):CVE-2006-5449
Created:November 3, 2006 Updated:November 27, 2006
Description: It was discovered that the Ingo email filter rules manager performs insufficient escaping of user-provided data in created procmail rules files, which allows the execution of arbitrary shell commands.
Alerts:
Gentoo 200611-22 horde-ingo 2006-11-27
Debian DSA-1204-1 ingo1 2006-11-02
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds