| 1 |
On Fri, 30 Jan 2015 12:19:01 -0500 symack wrote: |
| 2 |
> Hello Andrew, |
| 3 |
> |
| 4 |
> Thank you for your response. For example, Exim implements reverse lookup. |
| 5 |
> How is malicious activity used against it? |
| 6 |
|
| 7 |
Exim uses vulnerable function depending on its configuration, that's |
| 8 |
why it may be possible to remotely execute code with privileges of |
| 9 |
the exim process. |
| 10 |
|
| 11 |
> Do they need telnet or ssh access, |
| 12 |
|
| 13 |
I don't understand this obsession with ssh or telnet. Remote code |
| 14 |
execution means that malicious party can execute any code on |
| 15 |
affected system. |
| 16 |
|
| 17 |
> or buy some freak of nature can exploit the vulnerability in other ways? |
| 18 |
|
| 19 |
Considering how old one's setup should be to be affected to this |
| 20 |
issue, it is likely that such systems have another vulnerabilities, |
| 21 |
allowing attacker to gain root privileges even if exim itself is |
| 22 |
being run as a non-root user. |
| 23 |
|
| 24 |
Best regards, |
| 25 |
Andrew Savchenko |
Archives