Dňa 4. 10. o 8:45 Florian Zumbiehl via Exim-users napísal(a):
responses--however, if that recursive resolver is on a different machine than exim itself, which probably is a common setup, then an attacker with access to the same local network can just send exim faked DNS responses ahead of the recursive resolver to exploit the vulnerability.
Please, do you want to tell, that having resolver on localhost prevents to exploit this? -- Slavko -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
