Opened 4 years ago

Closed 4 years ago

#12321 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Tim Tassonis
Priority: normal Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version.

Change History (2)

comment:1 by Tim Tassonis, 4 years ago

Owner: changed from blfs-book to Tim Tassonis
Status: newassigned

CVE ID: CVE-2019-13917 OVE ID: OVE-20190718-0006 Date: 2019-07-18 Credits: Jeremy Harris Version(s): 4.85 up to and including 4.92 Issue: A local or remote attacker can execute programs with root

privileges - if you've an unusual configuration. For details see below.

Coordinated Release Date (CRD) for Exim 4.92.1:

Thu Jul 25 10:00:00 UTC 2019

Contact: exim-security@…

We released Exim 4.92.1. This is a security update based on 4.92.

Conditions to be vulnerable ===========================

If your configuration uses the ${sort } expansion for items that can be controlled by an attacker (e.g. $local_part, $domain). The default config, as shipped by the Exim developers, does not contain ${sort }.

Details =======

The vulnerability is exploitable either remotely or locally and could be used to execute other programs with root privilege. The ${sort } expansion re-evaluates its items.

Mitigation ==========

Do not use ${sort } in your configuration.

comment:2 by Tim Tassonis, 4 years ago

Resolution: fixed
Status: assignedclosed

Fixed in revision 21869.

Note: See TracTickets for help on using tickets.