Re: [exim] CVE-2015-0235 - glibc gethostbyname remotely expl…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Tony Finch
Data:  
Para: Martin Nicholas
CC: exim-users
Asunto: Re: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable via exim
Martin Nicholas <reply-2015@???> wrote:

> Presumably though a specially crafted PTR entry would have the same
> effect? That being so a much larger collection of Exim functions are
> vulnerable.


Yes, I was worried about the same thing!

Fortunately the Qualys vulnerability disclosure covers that: domain names
that come from the DNS are too short to overrun the buffer.
http://seclists.org/oss-sec/2015/q1/274

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}