Dňa 6. októbra 2023 2:22:10 UTC používateľ Jasen Betts via Exim-users <exim-users@???> napísal:
>> Please, do you want to tell, that having resolver on localhost prevents
>> to exploit this?
>
>It does not prevent the exploit, but to execute the exploit you'd need
>root permissions, which kind of makes it moot,
hmm, i still cannot get how "network adjacent" is related to root
privileges. But my head never was good for attacks...
Another thing, which is out of my head, is that discussion about
validating of DNS responses in resolvers ended at "unknown" query
types. But exim's dnsdb allows only limited, well known, types, thus
"unknown" types are unrelated.
BTW, Heiko, i see that discussion with ZDI "continue" on oss-security.
Please, can you from time to time post summary here?
regards
--
Slavko
https://www.slavino.sk/
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/