[lez@sch.bme.hu: Re: [SECURITY] [DSA-058-1] exim printf format attack]

To: debian-www@lists.debian.org
Subject: [lez@sch.bme.hu: Re: [SECURITY] [DSA-058-1] exim printf format attack]
From: Wichert Akkerman <wichert@wiggy.net>
Date: Tue, 12 Jun 2001 11:51:13 +0200
Message-id: <[🔎] 20010612115112.B21167@cistron.nl>
Mail-followup-to: debian-www@lists.debian.org

Can someone update the webpages to note that it is indeed not
remotely vulnerable? 

Wichert.

----- Forwarded message from Megyer Laszlo <lez@sch.bme.hu> -----

From: Megyer Laszlo <lez@sch.bme.hu>
To: security@debian.org
Subject: Re: [SECURITY] [DSA-058-1] exim printf format attack
Date: Tue, 12 Jun 2001 11:21:58 +0200

'morning

On Sun, Jun 10, 2001 at 01:46:42AM +0200, Wichert Akkerman wrote:
> 
> Package        : exim
> Problem type   : remote printf format attack
> Debian-specific: no

You are absolutely kind, but it's NOT a remote vulnerability. It's only exploitable locally with the -bS switch. (It's in batched smtp mode)

Bye
--
Megyer Laszlo (Lez)
lez@sch.bme.hu

-- 
Please respect the privacy of this mailing list.

To UNSUBSCRIBE, email to debian-private-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

----- End forwarded message -----

-- 
  _________________________________________________________________
 /       Nothing is fool-proof to a sufficiently talented fool     \
| wichert@wiggy.net                   http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Reply to:

Follow-Ups:
- Re: [lez@sch.bme.hu: Re: [SECURITY] [DSA-058-1] exim printf format attack]
  - From: Josip Rodin <joy@cibalia.gkvk.hr>

Prev by Date: Language sorting
Next by Date: Re: Update for security FAQ
Previous by thread: Re: Language sorting
Next by thread: Re: [lez@sch.bme.hu: Re: [SECURITY] [DSA-058-1] exim printf format attack]
Index(es):
- Date
- Thread