[exim-dev] [Bug 1805] New: Recent Exim CVE mitigation breaks…

Top Page
This message is part of the following thread:
M+++++++\the complete thread tree sorted by date
MMMMMMMMM 
..Madmin at ->
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 1805] Recent Exim CVE mitigation breaks customer ability to determine where mail was sent from.
Subject: [exim-dev] [Bug 1805] New: Recent Exim CVE mitigation breaks customer ability to determine where mail was sent from.
https://bugs.exim.org/show_bug.cgi?id=1805 

            Bug ID: 1805
           Summary: Recent Exim CVE mitigation breaks customer ability to
                    determine where mail was sent from.
           Product: Exim
           Version: 4.86
          Hardware: x86
                OS: All
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Logging
          Assignee: nigel@???
          Reporter: toddr@???
                CC: exim-dev@???


It turns out that checking cwd=XXX was a popular heuristic for identifying the
source of malware sending email. There are many blogs and forums on the
internet recommending to customers that they do this.

Now that exim.c changes directories to / on startup, the code that comes right
after that emits what the startup directory was is now always /.

The output would look something like this:

2016-03-04 11:46:22 cwd=/root 9 args: /usr/sbin/sendmail -FCronDaemon -i -odi
-oem -oi -t -f root

Now it looks like this:

2016-03-04 11:46:22 cwd=/ 9 args: /usr/sbin/sendmail -FCronDaemon -i -odi -oem
-oi -t -f root

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] Trivial patch - typos[exim-dev] [Bug 1805] Recent Exim CVE mitigation breaks customer ability to determine where mail was sent from.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)