Re: [exim-dev] Remote root vulnerability in Exim

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Ted Cooper at <-
MMAndreas Metzler at ->
Delete this message
Reply to this message
Author: Gerd Koslowski
Date:  
To: Exim-dev
Subject: Re: [exim-dev] Remote root vulnerability in Exim
Am 2011-01-22 13:48, Ted Cooper schrieb:

> The current version does not have this bug. It was resolved in 4.70
> which is many years old and 4.73 is out currently. 4.74 may be out soon.
>
> If your server has been compromised, backup any data and format it.
> Someone has had full root access to your machine and there is no way to
> ensure that you have cleaned up every back door or trojan.
>
>
Ok, it was running exim4.69-9 as currently distributed by debian-lenny.
... so there was still this vulnerability.

Thanks for your advice.



This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] Remote root vulnerability in Exim[exim-dev] [Bug 1071] Privilege dropping due to -C or -D options breaks logging->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)