Bug#697057: Arbitrary arguments can be passed to spfquery, bypassing SPF validation
Andreas Metzler
ametzler at downhill.at.eu.org
Tue Jan 1 13:54:12 UTC 2013
On 2012-12-31 Lekensteyn <lekensteyn at gmail.com> wrote:
[...]
> 2. Wait for banner, then send: HELO example.com
> 3. Wait for acknowledgement, then send: MAIL FROM: ${TEST_VALUE}
[...]
> The below values have been tested following the above six steps, but with the
> ${TEST_VALUE} replaced by the ones listed below:
[...]
> 2. Possibly bypass: " --help "ish at example.com
[...]
Hello,
thanks for the bug-report. I think there is a typo in example 2,
<" --help "ish at example.com> is not a valid address (afaik one may only
quote the *whole* local_part). - Exim rejects the address.
cu andreas
More information about the Pkg-exim4-maintainers
mailing list