Mail Protection: SMTP, POP3, Antispam and Antivirus Exim remote exploit ?

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 9 replies
Subscribers 1 subscriber
Views 4076 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exim remote exploit ?

Pikkio over 14 years ago

Anybody knows if astaro is vulnerable to this issue ?
Re: [exim-dev] Remote root vulnerability in Exim

Possible root vulnerability in Exim internet mailer - Update - The H Security: News and Features

Thanks

This thread was automatically locked due to age.

Parents

0 BarryG over 14 years ago

This needs to be answered/addressed by Astaro.

There is now a scripted attack or worm installing rootkits on servers with this vulnerability.
Reports of Attacks against EXIM vulnerability

I'm very glad that Astaro chroots everything, but that may not be enough to prevent any infection.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 14 years ago in reply to BarryG

Just because it's reporting version 4.69 doesn't mean it's not been patched; the 2 patches necessary have been around a long time, and I wouldn't be surprised if Astaro didn't already have them compiled into their build of it. I imagine that there's already an IPS rule that detects this sort of thing already as well.

I'll be starting a case with Astaro to determine what their response is.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BrucekConvergent over 14 years ago in reply to BarryG

Just because it's reporting version 4.69 doesn't mean it's not been patched; the 2 patches necessary have been around a long time, and I wouldn't be surprised if Astaro didn't already have them compiled into their build of it. I imagine that there's already an IPS rule that detects this sort of thing already as well.

I'll be starting a case with Astaro to determine what their response is.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BrucekConvergent over 14 years ago in reply to BrucekConvergent

Case started for further information... I'll keep you guys posted.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 14 years ago in reply to BrucekConvergent

LOL.... 7.509 has been released to address this issue:

Up2Date 7.509 Released

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel