Re: [exim-dev] PCRE vulnerability

Góra strony
Delete this message
Reply to this message
Autor: Tony Finch
Data:  
Dla: Jakob Hirsch
CC: exim-dev
Temat: Re: [exim-dev] PCRE vulnerability
On Mon, 22 Aug 2005, Jakob Hirsch wrote:
>
> According to the alert, only "Applications that parse untrusted regular
> expressions may be vulnerable." Exim does not do that by default, AFAIK,
> but there may be a few setups allowing that, e.g. user specified filters
> with regex.


This can be a problem in setups where Exim runs filters at SMTP time while
it is running as the exim user, which might allow escalation to root
privilege. That's the only really dangerous scenario I can think of.

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}