oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges.

From: Heiko Schlittermann <hs () schlittermann de>
Date: Fri, 6 Sep 2019 12:44:30 +0200
Heiko Schlittermann <hs () dmarc schlittermann de> (Fr 06 Sep 2019 12:20:39 CEST):

Mitigation
==========

Do not offer TLS for incomming connections (tls_advertise_hosts).
This mitigation is *not* recommended!


This should block the most popular attack vector:

In your MAIL ACL:

    deny    condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_sni}}}}
            message = sorry


    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

Attachment: signature.asc
Description:

Previous By Date Next
Previous By Thread Next

Current thread: