Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment…

Pàgina inicial
Delete this message
Reply to this message
Autor: Chris Siebenmann
Data:  
A: Always Learning
CC: Exim, cks
Assumpte: Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment.
> Thank you very much for your helpful summary. Currently I do not
> understand how someone can use Exim to execute malicious Perl scripts
> unless Exim has a facility to execute Perl scripts, for example
> [...]


There's a full-disclosure mailing list message about the bug; it
provides details of how this is exploitable provided only that you have
perl_startup defined in your Exim configuration:

    https://marc.info/?l=full-disclosure&m=145781499028909&w=2


    - cks