Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?

Pàgina inicial
Aquest missatge és part del següent fil:
Ml'arbre de fils complet ordenat per data
MGeorges Arnould en <-
MGeorges Arnould en ->
Delete this message
Reply to this message
Autor: Nico Erfurth
Data:  
A: Georges Arnould
CC: exim-users
Assumpte: Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?
Georges Arnould wrote:
> Hi there,
>
>     I suppose that this has may be been discussed in this list but I just
> subscribed. A forward of an 'answering message' will be fine for me :o)

>
>     I run an exim 3.36 on a backup MX and it seems that some hackers managed
> to bypass the AUTH protection. Yesterday, I received about 6000 mails for
> relay purpose and the sender used auth : "fixed_login:admin" in logs.

>
>     Because of the goal of this computer, I closed the AUTH facilities, but
> here are my questions :

>
>     - Is there something I should know about this problem, like a patch to
> apply ?
>     - Is Exim 4.10 vulnerable to the same problem ?

>
>     Thank's in advance for any helping informations you could send,

I bet your authenticator config is broken, if it can't lookup the
username it will accept anything as password, try it yourself.

Show use your auth-config, and we can help you.

Nico



Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [Exim] SMTP Spoofing - Preventing Local RelayingRe: [Exim] Re: SPA with Outlook 2K->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)