Hi,
someone posted an exploit on packetstorm, which should not work at all (
and does not on an actual exim )
[root@vpn ~]# nc 127.0.0.1 25
220 locahost ESMTP Exim 4.76 Fri, 07 Jun 2013 15:28:45 +0200
HELO localhost
250 localhost Hello localhost [127.0.0.1]
MAIL FROM: x`ls -la >/tmp/test`@me.de
501 x`ls -la >/tmp/test`@me.de: missing or malformed local part
(expected word or "<")
Was this a security risk ever, or did they just wanne have theire five
minutes ?
marius
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
