Re: [exim-dev] PCRE vulnerability

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Tony Finch
Ημερομηνία:  
Προς: Jakob Hirsch
Υ/ο: exim-dev
Αντικείμενο: Re: [exim-dev] PCRE vulnerability
On Mon, 22 Aug 2005, Jakob Hirsch wrote:
>
> According to the alert, only "Applications that parse untrusted regular
> expressions may be vulnerable." Exim does not do that by default, AFAIK,
> but there may be a few setups allowing that, e.g. user specified filters
> with regex.


This can be a problem in setups where Exim runs filters at SMTP time while
it is running as the exim user, which might allow escalation to root
privilege. That's the only really dangerous scenario I can think of.

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}