Re: [exim] CVE-2019-15846: Exim - local or remote attacker c…

Top Page

Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges
Am 07.09.19 um 03:16 schrieb Phil Pennock via Exim-users:
> On 2019-09-06 at 22:04 +0200, Heiko Schlittermann via Exim-users wrote:
>> The HELO ACL doesn't help either, as the first EHLO comes before
>> STARTTLS, and the second EHLO doesn't have to come, the client may send
> Oh pox. My memory is going. I hadn't realized that my protection
> against this comes from long-standing local configuration, not Exim
> defaulting to enforcing this:
>
> acl_check_mail:
>   deny    message       = 503 Bad sequence of commands - must send HELO/EHLO first
>           condition     = ${if !def:sender_helo_name}


And i thought, this is "default" besides the unusual textblock :)

acl_check_mail:

  # Hosts are required to say HELO (or EHLO) before sending mail.
  # So don't allow them to use the MAIL command if they haven't
  # done so.

  deny condition = ${if eq{$sender_helo_name}{} {1}}
           message = Nice boys say HELO first

You can find it i.e. in the default redhat configfile.

best regards,
Marius