[exim-dev] [Bug 3063] "SMTP Smuggling" attack

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Exim Bugzilla
Ημερομηνία:  
Προς: exim-dev
Παλιά Θέματα: [exim-dev] [Bug 3063] New: Partially vulnerable to "SMTP Smuggling" if pipelining is enabled
Αντικείμενο: [exim-dev] [Bug 3063] "SMTP Smuggling" attack
https://bugs.exim.org/show_bug.cgi?id=3063

Jeremy Harris <jgh146exb@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|---                         |FIXED


--- Comment #8 from Jeremy Harris <jgh146exb@???> ---
(In reply to Simon Arlott from comment #7)
> This still doesn't comply with RFC5321 because it allows <LF>.<LF> to end
> the message if the first header line ends with <LF>.


That is deliberate, as there are use-cases that require it.

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/