Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.

To: debian-user@lists.debian.org
Subject: Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
From: Reco <recoverym4n@enotuniq.net>
Date: Thu, 20 Jun 2019 21:49:45 +0300
Message-id: <[🔎] E1he282-0002e3-50@enotuniq.net>
In-reply-to: <[🔎] 55b8eadd-06c4-5220-8ebc-5836c38d56b0@affinityvision.com.au>
References: <[🔎] b764cc26-2353-2587-437f-8a2282adeda6@affinityvision.com.au> <[🔎] E1hdxNd-0002Kt-UY@enotuniq.net> <[🔎] 55b8eadd-06c4-5220-8ebc-5836c38d56b0@affinityvision.com.au>

	Hi.

On Fri, Jun 21, 2019 at 04:40:11AM +1000, Andrew McGlashan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> 
> 
> On 20/6/19 11:45 pm, Reco wrote:
> > Hi.
> > 
> > On Thu, Jun 20, 2019 at 11:26:08PM +1000, Andrew McGlashan wrote:
> >> Is there a way to provide version of "4.92" easily or some other
> >> text to stop the likelihood of outsiders trying to pound on and
> >> exploit the server? Even though they won't be able to do
> >> successfully due to up to date patch status.
> > 
> > # rgrep banner /etc/exim4/ 
> > /etc/exim4/conf.d/main/02_exim4-config_options:# smtp_banner =
> > $smtp_active_hostname ESMTP Exim $version_number $tod_full 
> > /etc/exim4/exim4.conf.template:# smtp_banner =
> > $smtp_active_hostname ESMTP Exim $version_number $tod_full
> > 
> > Replace v$version_number with 4.92 or set "smtp_banner" to whatever
> > you like.
> 
> Thank you, I've changed the banner for now.... let's hope that lessens
> the problem.

Please share the results if possible.

On this particular MTA I've counted whopping 4 attempts to exploit
CVE-2019-10149 so far. One made from France, three from US.
I'm kind of disappointed, I've expected half a million Chineese and
Russian bots at least ;)

Reco

Reply to:

Follow-Ups:
- Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>

References:
- Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
  - From: Reco <recoverym4n@enotuniq.net>
- Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>

Prev by Date: Re: Please consider unblocking Chromium and linux packages for Buster
Next by Date: Re: Please consider unblocking Chromium and linux packages for Buster
Previous by thread: Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
Next by thread: Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
Index(es):
- Date
- Thread