CVE-2006-1251
EPSS 0.69%
描述
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
如何修補 CVE-2006-1251
要修補 CVE-2006-1251,請將受影響套件升級到下列已修補版本。
- Debian/sa-exim—升級至 4.2.1-1 或更新版本
CVE-2006-1251 正在被利用嗎?
低 — EPSS 為 0.7%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 4.2.1-1