Re: [exim] buffer overflow or so in exim

Top Pagina
Delete this message
Reply to this message
Auteur: Phil Pennock
Datum:  
Aan: Pascal Bourdais
CC: exim-users
Onderwerp: Re: [exim] buffer overflow or so in exim
On 2011-01-19 at 13:50 +0100, Pascal Bourdais wrote:
> # exim -bV
> Exim version 4.68 #8 built 03-Sep-2009 09:01:10


There are known issues with that version. There have been security
notices from major vendors urging people to upgrade.

If you are not using a vendor's packages, but installing Exim yourself,
then you should subscribe to:

http://lists.exim.org/mailman/listinfo/exim-announce

Then you would have read both:

http://www.gossamer-threads.com/lists/exim/announce/89583
http://www.gossamer-threads.com/lists/exim/announce/89810

In short: there is a buffer overflow vulnerability in versions before
4.70, which was released in November 2009. This was discovered[*] in
December 2010, when 4.72 was current. 4.73 has since been released,
which additionally fixes the privilege escalation problem used in the
attacks to get from the Exim run-time user to the "root" account.

-Phil

[*] Where "discovered" means "revealed to be a problem to the Exim
    maintainers, after a report of a compromise", so the underground
    exploit community had known of this beforehand; probably by reading
    the changelog which for 4.70 explicitly noted that a buffer overflow
    issue had been fixed.