On Fri, 26 Sep 2014, Stephan Bosch wrote:
I don't see much of an attack vector there either. However, there are
some people that have wrapped /usr/sbin/sendmail in a shell script to
achieve some sort of custom messaging behavior. Those would be vulnerable.
Another possibility for trouble would be systems using the Pigeonhole
extprograms plugin with shell scripts.
Although I don't use it, it's plausible the checkpassword hook is also
vulnerable
via the MASTER_USER environment variable:
http://wiki2.dovecot.org/AuthDatabase/CheckPassword
Joseph Tam <jtam.h...@gmail.com>
