[Exim] [ Exim 3.36 ] SMTP AUTH hacked ?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Georges Arnould
Date:  
À: exim-users
Sujet: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?
Hi there,

    I suppose that this has may be been discussed in this list but I just
subscribed. A forward of an 'answering message' will be fine for me :o)


    I run an exim 3.36 on a backup MX and it seems that some hackers managed
to bypass the AUTH protection. Yesterday, I received about 6000 mails for
relay purpose and the sender used auth : "fixed_login:admin" in logs.


    Because of the goal of this computer, I closed the AUTH facilities, but
here are my questions :


    - Is there something I should know about this problem, like a patch to
apply ?
    - Is Exim 4.10 vulnerable to the same problem ?


    Thank's in advance for any helping informations you could send,


    Georges