Re: [exim] CVE-2019-10149: already vulnerable ?

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Evgeniy Berdnikov
日付:  
To: exim-users
題目: Re: [exim] CVE-2019-10149: already vulnerable ?
On Sun, Jun 23, 2019 at 07:37:37PM +0200, Heiko Schlittermann via Exim-users wrote:
> It *seems* that the attackers test for the Exim version in the SMTP
> banner. In servers having 4.92 I do not see as many attempts as on
> 4.87->4.91. But there may be other things influencing this.


I have 4 external relays for my company with custom greeting message
which has no word "Exim" and no version. No breaking attempts logged
up to 16.06.2019, since this date logs have records about probes
with prefix "root+": <root+${run{...}@...>.
--
Eugene Berdnikov