Re: [exim] Exim hostlist in the exim config - related to CV…

Inizio della pagina
Questo messaggio è parte di questo thread:
M\il thread completo ordinato per data
MMJeremy Harris at <-
 
Delete this message
Reply to this message
Autore: Cyborg
Data:  
To: exim-users
Oggetto: Re: [exim] Exim hostlist in the exim config - related to CVE-2019-15846
Am 10.09.19 um 13:33 schrieb Michael Love via Exim-users:
> Hi All,
> Question:
> We have a restricted hostlist of only other servers able to email exim 4.86.
> For this new vulnerability, is the TLS handshake executed before the whitelist hostlist lookup, or is the whitelist hostlist queried first?
> Thank you.Michael Love.

If you wanne be sure, use IPTABLES to allow your hosts to relay, not the
outdated exim version.

There could be a lot more bugs in your version, which combined together,
result in a new vulnerability path.


best regards,
Marius

Questo messaggio è stato inviato alle seguenti mailing lists:
Exim-users
Informazioni sulla Mailing List | Messaggi correlati		<-Re: [exim] 4.92.2 version[exim] CVE-2019-15846 ..Exim Vulnerability->
Tahini and Hummus and Cumin Development Archives amministrato da cumin AdminsLurker (versione 2.3)