Mail Protection: SMTP, POP3, Antispam and Antivirus Exim remote exploit ?

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 9 replies
Subscribers 1 subscriber
Views 4076 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exim remote exploit ?

Pikkio over 14 years ago

Anybody knows if astaro is vulnerable to this issue ?
Re: [exim-dev] Remote root vulnerability in Exim

Possible root vulnerability in Exim internet mailer - Update - The H Security: News and Features

Thanks

This thread was automatically locked due to age.

Parents

0 techno.kid over 14 years ago

I read about that yesterday... and did a check on the version on ASL today:

2010:12:11-15:36:29 border exim[4934]: 2010-12-11 15:36:29 exim 4.69 daemon started:

Looks like in ASL there is a newer version since 4.63 is affected. But who knows: maybe the problem exists in 4.69 as well? So... some should go for "testing" :-) Exim 4.63 Remote Exploit

techno.kid
Cancel
Vote Up 0 Vote Down

Cancel
0 Pikkio over 14 years ago in reply to techno.kid

This new bug has been fixed in 4.70.
Latest Astaro uses 4.69 which should be affected....

Cheers
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Pikkio over 14 years ago in reply to techno.kid

This new bug has been fixed in 4.70.
Latest Astaro uses 4.69 which should be affected....

Cheers
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Billybob over 14 years ago in reply to Pikkio

Interesting reading... Astaro's directory structure is completely different than a default install of exim on linux. Furthermore all the daemons are chrooted and to top all that, you can't run exim commands directly.

So, I am sure they will move to the next version soon enough, but I wouldn't loose any sleep over this exploit atleast in the wild.[;)]
Cancel
Vote Up 0 Vote Down

Cancel