Ooo just that, forgot that...
But still the question remains, how does it prevent the exploit? Doesn't the
exploit (root command) get executed immidiately when TLS negotiation is
done?
-----Ursprungligt meddelande-----
Från: Exim-users <exim-users-bounces+sebastian=sebbe.eu@???> För Cyborg
via Exim-users
Skickat: den 6 september 2019 21:35
Till: exim-users@???
Ämne: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute
programs with root privileges
Am 06.09.19 um 20:50 schrieb Sebastian Nielsen via Exim-users:
> Shouldn't this be in connect ACL?
> How would the deny in MAIL FROM prevent the exploit? What I have
understand is that there is exploit in the SNI of the TLS negotiation, thus
the whole connect attempt must be rejected right?
>
>
The connect with Starttls is unencrypted, and later upgraded, so you
need to check it later, when its done for sure.
best regards,
Marius
--
## List details at
https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
