Re: [exim] remote access vulnerability in version 4.92-8+deb…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Cyborg
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] remote access vulnerability in version 4.92-8+deb10u3
Am 30.11.19 um 19:41 schrieb Haines Brown via Exim-users:
>
>>  The following address(es) have yet to be delivered:
>>    dng-bounces@???: SMTP error from remote mail server
>>  after pipelined
>>  MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is
>>  prohibited through this server
>   https://www.exim.org/static/doc/security/CVE-2019-10149.txt

>
>

Your mentioned CVE refers to this Exploit: <${run{bash}}@???>

But i don't see any connection with you anti-bounce message in a queue.


Your service may have been hacked (earlier or on a different service)
and/or is sending spams out and/or receiving spam bounces, to be sure,
pls give us more details.

best regards,