Remote root vulnerability in Exim
Dec 10, 2010, 20:34 (0 Talkback[s])
(Other stories by Sergey Kononenko)
[ Thanks to An Anonymous Reader for
this link. ]
"While investigating security break in the network of my
company, I've captured (by tcpdump) sequence of successful remote
root attack through Exim. It was Exim from Debian Lenny
(exim4-daemon-light 4.69-9). I didn't find email of current
maintainer of Exim, so I've decided to write to this mailing lists.
I don't want to publish all details of attack before developers can
investigate and fix vulnerability. So I ask Exim maintainers to
contact me and I will send them complete captured sequence of
attack. Here I can put brief sequence of attack:"