Re: [exim] remote access vulnerability in version 4.92-8+deb…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Heiko Schlittermann
Datum:  
To: exim-users
Betreff: Re: [exim] remote access vulnerability in version 4.92-8+deb10u3
Hi Haines,

Haines Brown via Exim-users <exim-users@???> (Sa 30 Nov 2019 19:41:11 CET):
> Of late (perhaps since October?) I've received random messages like
> this:
>
> > Date: Fri, 29 Nov 2019 21:30:34 -0500
> > From: Mail Delivery System <Mailer-Daemon@???>
> > To: postmaster@???
> > Subject: Message frozen
> >
> > Message 1iasWk-0004Ya-NP has been frozen (delivery error message).
> > The sender is <>.
> >
> >  The following address(es) have yet to be delivered:
> >    dng-bounces@???: SMTP error from remote mail server
> >  after pipelined
> >  MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is
> >  prohibited through this server



Your system tried to send a message with an empty sender (probably a
bounce) to dng-bounces@???. The remote system didn't accept
this.

I do not see, how this is related to the mentioned CVE 2019-10149.
(Maybe I'm missing something.)

> My impression is this exploit is not harmless, and so I'd like to know
> if there is a way to block it. Since it depends on emacs4
> configuration, this might be possible.


Here again - I may miss the point, but I do not understand, how the
dependency on emacs4 (configuration?) gives an easy way to block
it (what?).

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -