Re: [exim] CVE-2019-15846: Exim - local or remote attacker…

Top Page

Reply to this message
Author: Sebastian Nielsen
Date:  
To: 'Cyborg via Exim-users'
Subject: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges
Ooo just that, forgot that...

But still the question remains, how does it prevent the exploit? Doesn't the
exploit (root command) get executed immidiately when TLS negotiation is
done?

-----Ursprungligt meddelande-----
Från: Exim-users <exim-users-bounces+sebastian=sebbe.eu@???> För Cyborg
via Exim-users
Skickat: den 6 september 2019 21:35
Till: exim-users@???
Ämne: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute
programs with root privileges

Am 06.09.19 um 20:50 schrieb Sebastian Nielsen via Exim-users:
> Shouldn't this be in connect ACL?
> How would the deny in MAIL FROM prevent the exploit? What I have

understand is that there is exploit in the SNI of the TLS negotiation, thus
the whole connect attempt must be rejected right?
>
>


The connect with Starttls is unencrypted, and later upgraded, so you
need to check it later, when its done for sure.

best regards,
Marius

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/