Re: [exim-dev] Remote root vulnerability in Exim

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MGerd Koslowski at <-
M\Gerd Koslowski at ->
Delete this message
Reply to this message
Author: Ted Cooper
Date:  
To: exim-dev
Subject: Re: [exim-dev] Remote root vulnerability in Exim
On 22/01/11 17:49, Gerd Koslowski wrote:
> I think that my server was also a victim of this vulnerability.
> I had a hidden .x...something file in the spool directory and a strange
> ..
> As I am not a developer of exim4 I am waiting for a new exim4 to come
> after the bug has been resolved.

The current version does not have this bug. It was resolved in 4.70
which is many years old and 4.73 is out currently. 4.74 may be out soon.

If your server has been compromised, backup any data and format it.
Someone has had full root access to your machine and there is no way to
ensure that you have cleaned up every back door or trojan.

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] Remote root vulnerability in EximRe: [exim-dev] Remote root vulnerability in Exim->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)