Re: [exim-dev] Remote root vulnerability in Exim

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M.MJeremy Harris at <-
M\MTed Cooper at ->
Delete this message
Reply to this message
Author: Brad Jorsch
Date:  
To: exim-dev
Subject: Re: [exim-dev] Remote root vulnerability in Exim
On Thu, Dec 09, 2010 at 12:27:30PM +1000, Ted Cooper wrote:
>
> The real issue here is why Exim is treating the HeaderX line like
> trusted configuration data. There must be a buffer overflow but I
> haven't spotted it in the few minutes I've looked at this. I can
> probably find it without the data dump but if someone else can put some
> eyes on this too that would be great. I'm not that good at spotting
> things like this but no-one else has said anything.

I've tried to take a look, but I haven't been able to reproduce it in a
quick attempt.

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] Remote root vulnerability in EximRe: [exim-dev] Remote root vulnerability in Exim->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)