WE ARE SEGMENT’S CEO RELEASED A PROOF OF CONCEPT FOR A BUG AFFECTING SQUIRRELMAIL.
Filippo Cavallarin, We are Segment‘s CEO, has found a bug (CVE-2017-7692) affecting SquirrelMail versions 1.4.22 and below. This disclosure, like the one about the Remote Code Execution of Microsoft Remote Desktop Client for Mac, has rapidly spread on a global scale.
Numerous international headlines and social platforms, focused on Cyber Security, wrote about this disclosure, among them, we can list The Register, Helpnet Security and Threat Post.
“SquirrelMail is affected by a Remote Code Execution vulnerability which stems from insufficient escaping of user-supplied data when SquirrelMail has been configured with Sendmail as the main transport. An authenticated attacker may be able to exploit the vulnerability to execute arbitrary commands on the target and compromise the remote system.” as written on SecuriTeam Blogs.
In other words, the attack can occur when the target server uses Sendmail and configured SquirrelMail to use it as a command-line program. In this situation, in fact, it is possible to trick sendmail into using an attacker-provided configuration file that triggers the execution of an arbitrary command.
Cavallarin published details about this vulnerability at the end of April (after not receiving any reply by the SquirrelMail developer). He provided a proof-of-concept exploit for the flaw in a post to the Full Disclosure mailing list, and he even offered an unofficial patch for plugging the hole.
The disclosure created the urgency for the vendor to release patches to address this vulnerability, here more details.
We are Segment is part of the group Interlogica offering numerous service, from consultancy to advanced technology training in the matters of the cyber security sector.