Re: [exim] remote access vulnerability in version 4.92-8+deb…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Jeremy Harris
Data:  
Para: exim-users
Asunto: Re: [exim] remote access vulnerability in version 4.92-8+deb10u3
On 30/11/2019 18:41, Haines Brown via Exim-users wrote:
> Of late (perhaps since October?) I've received random messages like
> this:
>
>> Date: Fri, 29 Nov 2019 21:30:34 -0500
>> From: Mail Delivery System <Mailer-Daemon@???>
>> To: postmaster@???
>> Subject: Message frozen
>>
>> Message 1iasWk-0004Ya-NP has been frozen (delivery error message).
>> The sender is <>.
>>
>>  The following address(es) have yet to be delivered:
>>    dng-bounces@???: SMTP error from remote mail server
>>  after pipelined
>>  MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is
>>  prohibited through this server

>
> This apparently is a remote exploit vulnerability


How do you conclude that?
--
Cheers,
Jeremy