[exim-dev] Remote root vulnerability in Exim
Graeme Fowler
graeme at graemef.net
Fri Dec 10 08:33:35 UTC 2010
That explains mone and others' inability to compromise 4.7x. Interesting, thanks.
Graeme
Sent from my phone, excuse top posting...
-----Original Message-----
From: James E. Blair <jeblair at berkeley.edu>
Sent: 10 December 2010 7:19
To: Sergey Kononenko <sergk at sergk.org.ua>
Cc: exim-dev at exim.org; pkg-exim4-maintainers at lists.alioth.debian.org; Paul Fisher <pnfisher at berkeley.edu>
Subject: Re: [exim-dev] Remote root vulnerability in Exim
On 12/07/2010 01:59 PM, Sergey Kononenko wrote:
> Hi,
>
> While investigating security break in the network of my company, I've
> captured (by tcpdump) sequence of successful remote root attack through
> Exim. It was Exim from Debian Lenny (exim4-daemon-light 4.69-9).
Paul Fisher and I have successfully run the exploit against a copy of
Exim running in a debugger on debian lenny, and we believe it utilizes
this bug:
http://bugs.exim.org/show_bug.cgi?id=787
It was fixed in 4.70, but not in the version currently in debian
stable.
James E. Blair
UC Berkeley
--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
More information about the Pkg-exim4-maintainers
mailing list