[exim] Re: Mitigation statement for CVE-2023-42119

Góra strony
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
Dla: exim-users
CC: Andreas Metzler
Temat: [exim] Re: Mitigation statement for CVE-2023-42119
Hi,


Andreas Metzler via Exim-users <exim-users@???> (Fr 06 Okt 2023 18:24:27 CEST):
> Hello,
> Afaiui the attack will require special DNS packets that would not be
> sent out by a real recursive resolver. i.e. the attacker needs to change
> these packets directly by being in between the resolver and the machine
> hosting exim.


Please understand if we do not want to share more details than are known
already to the public.

As far as we understand it currently, if the resolver doesn't check the
responses it gets, we have a problem.

> > BTW, Heiko, i see that discussion with ZDI "continue" on oss-security.
> > Please, can you from time to time post summary here?
>
> Until now the discussion there sadly only explains why 3 out of 6
> possible issues are still unresolved or not really understood. The
> person (?) sending mails from ZDI does not answer any questions but
> sends out unrelated canned responses. :-(


From Exim's side I can assure that we're working on solving the issues
that are related to Exim. (dnsdb, proxy-protocol).

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/