Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Spencer Marshall
Data:  
Para: exim-users@exim.org, Heiko Schlittermann
Asunto: Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable
why is this only being applied to +local_domains? why not everything?
 deny    message       = Restricted characters in address
               local_parts   = ^[.] : ^.*[\$@%!/|]


________________________________

Hi,

Cyborg via Exim-users <exim-users@???> (Do 06 Jun 2019 13:24:21 CEST):
> As the Advisiory is a bit unspecific for a protection, shouldn't a check
> for "$" in
>
>   deny    message       = Restricted characters in address
>               domains       = +local_domains
>               local_parts   = ^[.] : ^.*[\$@%!/|]


Yes, from my POV it suffices. As Jeremy said, for non-SMTP the same
sould be done.

But, for the 2nd exploit, you should do the same with the sender's
address.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -