CVE-2006-5313

CVE-2006-5313 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a user from establishing a direct SMTP session. NOTE: this is a different type of issue than CVE-2006-5262.

Learn more about our Cis Benchmark Audit For Server Software.