InfoSec Handlers Diary Blog - EXIM MTA vulnerability

SANS ISC: InfoSec Handlers Diary Blog - EXIM MTA vulnerability

SANS Site Network
- Current Site
- Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

InfoSec Handlers Diary Blog

EXIM MTA vulnerability

Published: 2010-12-10
Last Updated: 2010-12-10 01:04:30 UTC
by Mark Hofman (Version: 1)

We have had several reports regarding a potential issue in the EXIM Mail Transfer Agent (MTA). Thanks John, Greg, Brad & Edward. The issue relates to a privilege escalation and through a specially crafted email. You can read the information here http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html#exim-dev

Haven't had a chance to install EXIM and test it myself. If you have let us know. In the mean time you may wish to consider running it in unprivileged mode (probably good practice under any circumstances anyway). Instructions on how to do that can be found here http://www.exim.org/exim-html-3.20/doc/html/spec_55.html

Mark H

Keywords: exim MTA vulnerability

4 comment(s)

Top of page

Diary Archives