Linux Today: Linux News On Internet Time.

More on LinuxToday

Remote root vulnerability in Exim

Dec 10, 2010, 20:34 (0 Talkback[s])
(Other stories by Sergey Kononenko)


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

[ Thanks to An Anonymous Reader for this link. ]


"While investigating security break in the network of my company, I've captured (by tcpdump) sequence of successful remote root attack through Exim. It was Exim from Debian Lenny (exim4-daemon-light 4.69-9). I didn't find email of current maintainer of Exim, so I've decided to write to this mailing lists. I don't want to publish all details of attack before developers can investigate and fix vulnerability. So I ask Exim maintainers to contact me and I will send them complete captured sequence of attack. Here I can put brief sequence of attack:"

Complete Story

Related Stories: