Re: [exim] just been hacked, could be CVE-2019-10149?

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Calum Mackay
Data:  
Para: Odhiambo Washington
CC: exim users
Assunto: Re: [exim] just been hacked, could be CVE-2019-10149?
thanks all, for the replies.

On 11/06/2019 7:27 am, Odhiambo Washington wrote:
>     ought I to be reporting this anywhere?

>
> Whom would you like to report to?? :-)
> All vulnerable versions of Exim had a patch released several days ago.


Yes, I meant that there are clearly now exploits active, although all of
the websites I found describing it say otherwise, but of course, they're
a few days out of date, and perhaps it's just obvious that there now
will be active exploits.


Unfortunately, I had been distracted by other issues, and had fallen behind.

Luckily, although the exploit succeeded, it doesn't seem to have tried
anything other than opening up SSH to remote root logins, which didn't
work on my system.

Patched now.

thanks again,
calum.