oss-sec mailing list archives
Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges
From: Heiko Schlittermann <hs () nodmarc schlittermann de>
Date: Sat, 7 Sep 2019 08:23:33 +0200
Phil Pennock <pdp () exim org> (Sa 07 Sep 2019 02:52:56 CEST):
The connect ACL won't protect you against STARTTLS usage, which is far more common for email than TLS-on-connect. I myself use the HELO ACL.
This doesn't seem to be sufficient, you can start "submitting" a message to a remote Exim with the following sequence connect <-- 250 EHLO … <-- 250 STARTTLS <-- 220 MAIL <-- 250 The client is free to skip the 2nd EHLO/HELO. Tested with OpenSSL s_client -servername 'foobar\' -starttls smtp -connect … Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
Attachment:
signature.asc
Description:
Current thread:
- CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 04)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 04)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
- Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Sebastian Nielsen (Sep 06)
- Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Phil Pennock (Sep 06)
- Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Heiko Schlittermann (Sep 06)
- Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Phil Pennock (Sep 09)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
- <Possible follow-ups>
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 05)