Re: [exim] CVE-2019-15846: Exim - local or remote attacker c…

Góra strony
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
Dla: exim-users
Temat: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges
Sebastian Nielsen via Exim-users <exim-users@???> (Fr 06 Sep 2019 21:37:41 CEST):
> Ooo just that, forgot that...
>
> But still the question remains, how does it prevent the exploit? Doesn't the
> exploit (root command) get executed immidiately when TLS negotiation is
> done?


This is left as an exercise to the reader of src/src/string.c, where we
applied the patch.

BTW, when the TLS negotiation is done, this is done by a child of the
listener process, and this child process should have dropped its
privileges already.

--
Heiko