Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment…

Góra strony
Delete this message
Reply to this message
Autor: Always Learning
Data:  
Dla: Exim
Temat: Re: [exim] Exim 4.84_2 #1 : WARNING: purging the environment.

On Tue, 2016-04-19 at 14:27 -0400, Chris Siebenmann wrote:
> > Thank you very much for your helpful summary. Currently I do not
> > understand how someone can use Exim to execute malicious Perl scripts
> > unless Exim has a facility to execute Perl scripts, for example
> > [...]
>
> There's a full-disclosure mailing list message about the bug; it
> provides details of how this is exploitable provided only that you have
> perl_startup defined in your Exim configuration:
>
>     https://marc.info/?l=full-disclosure&m=145781499028909&w=2


Thank you very much. I am conservative with production systems and never
introduced the

    perl_startup =


parameter in Exim's configuration files. I can now sleep peacefully at
nights :-)

Thank you.


--
Regards,

Paul.
England, EU.      England's place is in the European Union.