Re: [exim] remote access vulnerability in version 4.92-8+deb…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Haines Brown
Datum:  
To: Cyborg via Exim-users
Betreff: Re: [exim] remote access vulnerability in version 4.92-8+deb10u3
On Mon, Dec 02, 2019 at 02:20:48PM +0100, Cyborg via Exim-users wrote:
> Am 30.11.19 um 19:41 schrieb Haines Brown via Exim-users:
> >
> >>  The following address(es) have yet to be delivered:
> >>    dng-bounces@???: SMTP error from remote mail server
> >>  after pipelined
> >>  MAIL FROM:<> SIZE=5753: 554 5.7.1 Empty Sender Address is
> >>  prohibited through this server
> >   https://www.exim.org/static/doc/security/CVE-2019-10149.txt

> >
> >
> Your mentioned CVE refers to this Exploit: <${run{bash}}@???>
>
> But i don't see any connection with you anti-bounce message in a queue.


Unfortunately, I deleted my original notes. It seems a discussion of
my errot linked to CVE-2019-10149.txt and nothing in that text
indicated I was on the wrong track.

> Your service may have been hacked (earlier or on a different service)
> and/or is sending spams out and/or receiving spam bounces, to be sure,
> pls give us more details.


Devuan has an application that automatically sends a message
anytime you install an application. I suspect this may be the culprit.

>
> best regards,
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/