CVE-2009-1579

Description

The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.

Related Vulnerabilities

platform vulnerability
CVE-2009-1579 squirrelmail
CVE-2009-1579