(fwd) [exim-dev] Remote root vulnerability in Exim
Thomas Hochstein
thh at inter.net
Wed Dec 8 23:13:13 UTC 2010
Not sure if you already spotted the message on exim-dev, so forwarding
it to you.
There is reported to be an exploit - probably a buffer overflow - in
Exim that can be triggered by a specially crafted incoming mail
leading to shell access with Debian-exim rights. From there one can
get elevated privileges by executing Exim as trusted user
(Debian-exim) with another exim.conf file, which will make another
file setuid (as root), and in turn this other file - now setuid root -
will drop a root shell.
The reporter was using exim4-daemon-light 4.69-9.
The exploit is reported to be in the wild.
Regards,
-thh
-------------- next part --------------
An embedded message was scrubbed...
From: sergk at sergk.org.ua (Sergey Kononenko)
Subject: [exim-dev] Remote root vulnerability in Exim
Date: Tue, 7 Dec 2010 23:59:55 +0200
Size: 4008
URL: <http://lists.alioth.debian.org/pipermail/pkg-exim4-maintainers/attachments/20101209/760294ef/attachment.eml>
More information about the Pkg-exim4-maintainers
mailing list