Re: [exim-dev] Remote root vulnerability in Exim

Top Page

Reply to this message
Author: Ted Cooper
To: exim-dev
Subject: Re: [exim-dev] Remote root vulnerability in Exim
On 10/12/10 00:20, Brad Jorsch wrote:
> I've tried to take a look, but I haven't been able to reproduce it in a
> quick attempt.

My attempt to hunt it down without the dump ended up being quite
fruitless, except for finding where the headers are read in and the
memory allocated for them. After grabbing the dump off Sergey I
discovered I was thinking far too small with the amount of data that was
being sent.

I'm in the process of attempting to write something to reproduce the
result but I have a feeling it's going to be based on a very exact
amount of data being sent which is very dependant on the system exim is
running on.

Is anyone else working on this in the background?