Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Philip Hazel
Date:  
À: Nico Erfurth
CC: Georges Arnould, exim-users
Sujet: Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?
On Tue, 4 Mar 2003, Nico Erfurth wrote:

> > fixed_login:
> >        driver = plaintext
> >        public_name = LOGIN
> >        server_condition = "${if eq
> > {${lookup{$1}lsearch{/usr/local/exim/etc/trusted_users}{$value}}} {$2} {yes}
> > {no}}"
> >        server_set_id = $1
> >        server_prompts = "Username:: : Password::"

>
> in general you should verify that you lookup SOME password, I used
>
> server_condition = "${if eq\
> {${lookup{$1}lsearch{/usr/local/exim/etc/trusted_users}{$value}fail}}\
> {$2} {yes}{no}}"
>
> to make sure that the expansion fails if the lookup wasn't successful.


I agree with Nico; that lookup of yours will end up as an empty string
if the lookup fails. So all the spammers have to do is supply an empty
string as a password for a non-existant user. At least, that's what
appears to be the case.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.