oss-sec mailing list archives

CVE missing? for "Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution"

From: Alexandre Dulaunoy <a () foo be>
Date: Mon, 29 Jul 2013 09:48:39 +0200

Hi All,

I couldn't find the CVE number for the following vulnerability/misconfiguration:

https://www.redteam-pentesting.de/en/advisories/rt-sa-2013-001/-exim-with-dovecot-typical-misconfiguration-leads-to-remote-command-execution

Is there a CVE assigned for this combo vulnerability in Exim/Dovecot?
or as this is a configuration matter there is no CVE assigned (even if
this "recommended configuration" was in the wiki of the vendor)?

Thanks for any feedback,

Cheers

-- 
--                   Alexandre Dulaunoy (adulau) -- http://www.foo.be/
--                             http://www.foo.be/cgi-bin/wiki.pl/Diary
--         "Knowledge can create problems, it is not through ignorance
--                                that we can solve them" Isaac Asimov

Current thread:

CVE missing? for "Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution" Alexandre Dulaunoy (Jul 29)
- Re: CVE missing? for "Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution" Kurt Seifried (Jul 29)