[exim-dev] [Bug 1834] New: Crash after "rejected EXPN root"

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1834] New: Crash after "rejected EXPN root"
https://bugs.exim.org/show_bug.cgi?id=1834

            Bug ID: 1834
           Summary: Crash after "rejected EXPN root"
           Product: Exim
           Version: 4.87
          Hardware: x86
                OS: All
            Status: NEW
          Severity: security
          Priority: medium
         Component: General execution
          Assignee: nigel@???
          Reporter: exim.org@???
                CC: exim-dev@???


I have these log lines in the log and exim did crash afterwards.

2016-05-18T02:09:36+02:00 router exim[9193]: 2016-05-18 02:09:36 no host name
found for IP address 61.139.60.142
2016-05-18T02:09:36+02:00 router exim[9193]: 2016-05-18 02:09:36
H=[61.139.60.142] rejected EXPN root
2016-05-18T02:09:36+02:00 router exim[9193]: 2016-05-18 02:09:36
H=[61.139.60.142] rejected EXPN root


The following entry from grsec is in the kernel log:
[103610.574334] grsec: From 61.139.60.142: Segmentation fault occurred at
0000000000000009 in /usr/sbin/exim[exim:9193] uid/euid:8/8 gid/egid:12/12,
parent /usr/sbin/exim[exim:2020] uid/euid:8/8 gid/egid:12/12
[103610.574511] grsec: From 61.139.60.142: bruteforce prevention initiated due
to crash of /usr/sbin/exim against uid 8, banning suid/sgid execs for 15
minutes. Please investigate the crash report for /usr/sbin/exim[exim:9193]
uid/euid:8/8 gid/egid:12/12, parent /usr/sbin/exim[exim:2020] uid/euid:8/8
gid/egid:12/12

This is with exim 4.87 and GnuTLS 3.5.0 on Gentoo

Same issue occurred a day ago.

Unfortunately I don't have any crash dump or other data at the moment.

--
You are receiving this mail because:
You are on the CC list for the bug.