Author: jpff Date: To: exim-users Subject: Re: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable
via exim
I see that Debian have just released a security fix for glibc
==John ff
On Tue, 27 Jan 2015, Tony Finch wrote:
> All I know at the moment comes from the vulnerability announcement that
> Qualys posted this afternoon. Quote:
>
> The Exim mail server is exploitable remotely if configured to perform
> extra security checks on the HELO and EHLO commands ("helo_verify_hosts"
> or "helo_try_verify_hosts" option, or "verify = helo" ACL); we developed
> a reliable and fully-functional exploit that bypasses all existing
> protections (ASLR, PIE, NX) on 32-bit and 64-bit machines.
>
> http://www.openwall.com/lists/oss-security/2015/01/27/9 >
> Tony.
> --
> <fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
> N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
> \N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ >