Re: [exim] remote access vulnerability in version 4.92-8+deb…

Pàgina inicial
Delete this message
Reply to this message
Autor: Cyborg
Data:  
A: exim-users
Assumpte: Re: [exim] remote access vulnerability in version 4.92-8+deb10u3
Am 30.11.19 um 19:41 schrieb Haines Brown via Exim-users:
>
>>  The following address(es) have yet to be delivered:
>>    dng-bounces@???: SMTP error from remote mail server
>>  after pipelined
>>  MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is
>>  prohibited through this server
>   https://www.exim.org/static/doc/security/CVE-2019-10149.txt

>
>

Your mentioned CVE refers to this Exploit: <${run{bash}}@???>

But i don't see any connection with you anti-bounce message in a queue.


Your service may have been hacked (earlier or on a different service)
and/or is sending spams out and/or receiving spam bounces, to be sure,
pls give us more details.

best regards,