Ooo just that, forgot that... But still the question remains, how does it prevent the exploit? Doesn't the exploit (root command) get executed immidiately when TLS negotiation is done?
-----Ursprungligt meddelande----- Från: Exim-users <[email protected]> För Cyborg via Exim-users Skickat: den 6 september 2019 21:35 Till: [email protected] Ämne: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Am 06.09.19 um 20:50 schrieb Sebastian Nielsen via Exim-users: > Shouldn't this be in connect ACL? > How would the deny in MAIL FROM prevent the exploit? What I have understand is that there is exploit in the SNI of the TLS negotiation, thus the whole connect attempt must be rejected right? > > The connect with Starttls is unencrypted, and later upgraded, so you need to check it later, when its done for sure. best regards, Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
