Re: [exim-dev] Remote root vulnerability in Exim

Top Page

Reply to this message
Author: Graeme Fowler
To: James E. Blair, Sergey Kononenko
CC: exim-dev, pkg-exim4-maintainers, Paul Fisher
Subject: Re: [exim-dev] Remote root vulnerability in Exim
That explains mone and others' inability to compromise 4.7x. Interesting, thanks.


Sent from my phone, excuse top posting...

-----Original Message-----
From: James E. Blair <jeblair@???>
Sent: 10 December 2010 7:19
To: Sergey Kononenko <sergk@???>
Cc: exim-dev@???; pkg-exim4-maintainers@???; Paul Fisher <pnfisher@???>
Subject: Re: [exim-dev] Remote root vulnerability in Exim

On 12/07/2010 01:59 PM, Sergey Kononenko wrote:
> Hi,
> While investigating security break in the network of my company, I've
> captured (by tcpdump) sequence of successful remote root attack through
> Exim. It was Exim from Debian Lenny (exim4-daemon-light 4.69-9).

Paul Fisher and I have successfully run the exploit against a copy of
Exim running in a debugger on debian lenny, and we believe it utilizes
this bug:

It was fixed in 4.70, but not in the version currently in debian

James E. Blair
UC Berkeley

## List details at Exim details at ##