Re: [exim] buffer overflow or so in exim

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Pascal Bourdais
CC: exim-users
Subject: Re: [exim] buffer overflow or so in exim
On 2011-01-19 at 13:50 +0100, Pascal Bourdais wrote:
> # exim -bV
> Exim version 4.68 #8 built 03-Sep-2009 09:01:10

There are known issues with that version. There have been security
notices from major vendors urging people to upgrade.

If you are not using a vendor's packages, but installing Exim yourself,
then you should subscribe to:

http://lists.exim.org/mailman/listinfo/exim-announce

Then you would have read both:

http://www.gossamer-threads.com/lists/exim/announce/89583
http://www.gossamer-threads.com/lists/exim/announce/89810

In short: there is a buffer overflow vulnerability in versions before
4.70, which was released in November 2009. This was discovered[*] in
December 2010, when 4.72 was current. 4.73 has since been released,
which additionally fixes the privilege escalation problem used in the
attacks to get from the Exim run-time user to the "root" account.

-Phil 

[*] Where "discovered" means "revealed to be a problem to the Exim
    maintainers, after a report of a compromise", so the underground
    exploit community had known of this beforehand; probably by reading
    the changelog which for 4.70 explicitly noted that a buffer overflow
    issue had been fixed.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Dealing with Yahoo mail RFC violations[...]->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)