Re: [exim-dev] PCRE vulnerability

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Tony Finch
Data:  
Para: Jakob Hirsch
CC: exim-dev
Asunto: Re: [exim-dev] PCRE vulnerability
On Mon, 22 Aug 2005, Jakob Hirsch wrote:
>
> According to the alert, only "Applications that parse untrusted regular
> expressions may be vulnerable." Exim does not do that by default, AFAIK,
> but there may be a few setups allowing that, e.g. user specified filters
> with regex.


This can be a problem in setups where Exim runs filters at SMTP time while
it is running as the exim user, which might allow escalation to root
privilege. That's the only really dangerous scenario I can think of.

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}