Re: [exim] CVE-2019-10149: already vulnerable ?

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Jeremy Harris
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] CVE-2019-10149: already vulnerable ?
On 25/06/2019 19:01, mixed8e--- via Exim-users wrote:
>> and i was not sure if EXIM does publish that string in any other possible
>> remote "access vector" too.
>
> That would be nice to know.


A scan over the source gives me:

- logged at daemon startup & shutdown
- written to the process log on SIGUSR1
- included in debug, "-bP config" & "-bV" output
- the default Received: header text
- the default banner text

Only the last two are remotely accessible; all are locally acessible

--
Cheers,
Jeremy