CVE-2002-1582

Name of the Vulnerable Software and Affected Versions Mailreader.com versions 2.3.30 through 2.3.31

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail. This is specifically a problem when Sendmail is used as the Mail Transfer Agent.

Recommendations For Mailreader.com versions 2.3.30 and 2.3.31, consider restricting the use of the RealEmail configuration variable until a patch is available. As a temporary workaround, avoid using shell metacharacters in the RealEmail variable to minimize the risk of exploitation.