Autore: Jeremy Harris Data: To: exim-users Oggetto: Re: [exim] CVE-2019-10149: already vulnerable ?
On 25/06/2019 19:01, mixed8e--- via Exim-users wrote: >> and i was not sure if EXIM does publish that string in any other possible
>> remote "access vector" too.
>
> That would be nice to know.
A scan over the source gives me:
- logged at daemon startup & shutdown
- written to the process log on SIGUSR1
- included in debug, "-bP config" & "-bV" output
- the default Received: header text
- the default banner text
Only the last two are remotely accessible; all are locally acessible