Re: [exim] CVE-2019-10149: already vulnerable ?

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Calum Mackay
Data:  
Para: exim-users
Assunto: Re: [exim] CVE-2019-10149: already vulnerable ?
On 22/06/2019 9:44 am, Andreas Metzler via Exim-users wrote:
> CVE-2019-10149 is not that it is possible to submit a mail that ends
> up frozen in the queue. CVE is a remote command execution
> vulnerabilty. The fix for CVE-2019-10149 does not remove the
> possibility to generate frozen mails in the queue, it stops the remote
> command execution.


by any chance, please, would anyone happen to have an acl_smtp_rcpt
example that catches these particular exploit attempts — so my queue
doesn't fill up with these frozen msgs — /but/ still allows me to have
"user+suffix@domain" which I enable via local_part_suffix on a redirect
router?

i.e. just rejecting '+' in the local part is too strict, here.


thanks very much indeed.

cheers,
calum.