[exim-dev] Remote root vulnerability in Exim
Dominic Hargreaves
dom at earth.li
Fri Dec 10 16:50:03 UTC 2010
On Fri, Dec 10, 2010 at 04:47:08PM +0000, Dominic Hargreaves wrote:
> On Thu, Dec 09, 2010 at 11:19:22PM -0800, James E. Blair wrote:
> > On 12/07/2010 01:59 PM, Sergey Kononenko wrote:
> > > Hi,
> > >
> > > While investigating security break in the network of my company, I've
> > > captured (by tcpdump) sequence of successful remote root attack through
> > > Exim. It was Exim from Debian Lenny (exim4-daemon-light 4.69-9).
> >
> > Paul Fisher and I have successfully run the exploit against a copy of
> > Exim running in a debugger on debian lenny, and we believe it utilizes
> > this bug:
> >
> > http://bugs.exim.org/show_bug.cgi?id=787
> >
> > It was fixed in 4.70, but not in the version currently in debian
> > stable.
>
> This has now been fixed in Debian stable.
Sorry I should have been more explicit. It's been fixed in
stable-security:
<http://lists.debian.org/debian-security-announce/2010/msg00181.html>.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
More information about the Pkg-exim4-maintainers
mailing list