[exim] someone posted an none working exploit for exim

Top Page
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: Exim-users@exim.org >> \"<exim-users@exim.org>\"
Subject: [exim] someone posted an none working exploit for exim

Hi,

someone posted an exploit on packetstorm, which should not work at all (
and does not on an actual exim )

[root@vpn ~]# nc 127.0.0.1 25
220 locahost ESMTP Exim 4.76 Fri, 07 Jun 2013 15:28:45 +0200
HELO localhost
250 localhost Hello localhost [127.0.0.1]
MAIL FROM: x`ls -la >/tmp/test`@???
501 x`ls -la >/tmp/test`@???: missing or malformed local part
(expected word or "<")


Was this a security risk ever, or did they just wanne have theire five
minutes ?

marius