Autor: Brad Jorsch Datum: To: exim-dev Betreff: Re: [exim-dev] Remote root vulnerability in Exim
On Thu, Dec 09, 2010 at 12:27:30PM +1000, Ted Cooper wrote: >
> The real issue here is why Exim is treating the HeaderX line like
> trusted configuration data. There must be a buffer overflow but I
> haven't spotted it in the few minutes I've looked at this. I can
> probably find it without the data dump but if someone else can put some
> eyes on this too that would be great. I'm not that good at spotting
> things like this but no-one else has said anything.
I've tried to take a look, but I haven't been able to reproduce it in a
quick attempt.