Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: EXIM MTA vulnerability InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

EXIM MTA vulnerability

Published: 2010-12-10
Last Updated: 2010-12-10 01:04:30 UTC
by Mark Hofman (Version: 1)
4 comment(s)

We have had several reports regarding a potential issue in the EXIM Mail Transfer Agent (MTA). Thanks John, Greg, Brad & Edward. The issue relates to a privilege escalation and through a specially crafted email.  You can read the information here 

Haven't had a chance to install EXIM and test it myself.  If you have let us know.  In the mean time you may wish to consider running it in unprivileged mode (probably good practice under any circumstances anyway).  Instructions on how to do that can be found here

Mark H

4 comment(s)
Diary Archives