oss-sec mailing list archives
Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow
From: Heiko Schlittermann <hs () schlittermann de>
Date: Sat, 28 Sep 2019 12:32:19 +0200
Dominic Taylor <dom () stablepoint com> (Sa 28 Sep 2019 02:56:11 CEST):
Hi Heiko, Good find, but why no embargo?
The issue was reported publicly via our bugtracker. No point in having an embargo.
Presumably because privs are dropped so this is maybe not as bad as previous?
Yes, the privs are dropped in the reported case, but there may be other ways to call the vulnerable function. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
Attachment:
signature.asc
Description:
Current thread:
- Exim CVE-2019-16928 RCE using a heap-based buffer overflow Heiko Schlittermann (Sep 27)
- Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow Dominic Taylor (Sep 28)
- Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow Heiko Schlittermann (Sep 28)
- Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow Heiko Schlittermann (Sep 28)
- Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow Dominic Taylor (Sep 28)