Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?

Startseite
Diese Nachricht ist Teil des folgenden Threads:
MDer komplette Thread sortiert nach Datum
MGeorges Arnould am <-
MGeorges Arnould am ->
Nachricht löschen
Nachricht beantworten
Autor: Nico Erfurth
Datum:  
To: Georges Arnould
CC: exim-users
Betreff: Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?
Georges Arnould wrote:
> Hi there,
>
>     I suppose that this has may be been discussed in this list but I just
> subscribed. A forward of an 'answering message' will be fine for me :o)

>
>     I run an exim 3.36 on a backup MX and it seems that some hackers managed
> to bypass the AUTH protection. Yesterday, I received about 6000 mails for
> relay purpose and the sender used auth : "fixed_login:admin" in logs.

>
>     Because of the goal of this computer, I closed the AUTH facilities, but
> here are my questions :

>
>     - Is there something I should know about this problem, like a patch to
> apply ?
>     - Is Exim 4.10 vulnerable to the same problem ?

>
>     Thank's in advance for any helping informations you could send,

I bet your authenticator config is broken, if it can't lookup the
username it will accept anything as password, try it yourself.

Show use your auth-config, and we can help you.

Nico



Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
Exim-users
Mailing-List-Info | Nachrichten um die Zeit		<-Re: [Exim] SMTP Spoofing - Preventing Local RelayingRe: [Exim] Re: SPA with Outlook 2K->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)