Re: [exim] CVE-2019-15846: Exim - local or remote attacker c…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M--+\Heiko Schlittermann at <-
M+\MMCyborg at ->
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: oss-security, Exim Users
Subject: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges.
An Update to the mitigation for the current CVE:

Add - as part of the mail ACL (the ACL referenced by the main config
option "acl_smtp_mail"): 

     deny    condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_sni}}}}
     deny    condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_peerdn}}}}


This should prevent the currently known attack vector. 

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges.[exim] for europeans only: EU GDPR and mitigation of CVE-2019-15846->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)