Alan McConnell via plug on 6 Sep 2019 08:25:57 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Exim oops


On Fri, Sep 06, 2019 at 10:18:09AM -0400, jeff via plug wrote:
> https://thehackernews.com/2019/09/exim-email-server-vulnerability.html
> 
> Tracked as CVE-2019-15846, the security vulnerability only affects Exim
> servers that accept TLS connections, potentially allowing attackers to gain
> root-level access to the system "by sending an SNI ending in a
> backslash-null sequence during the initial TLS handshake."
  	Many thanks for posting this, Jeff.  I have a perhaps
	stupid question:  I use exim4 as my MTA, called by my
	MUA mutt.  I wouldn't call this use of exim(4) a
	server; am I wrong?

	Another way to ask this question: is there a difference
	between exim4, the MTA, and exim, the email server
	referred to in your post?

TIA for any and all information!

Anxious Alan

-- 
Alan McConnell :  http://globaltap.com/~alan/
       We do not know one millionth of one percent about anything.(Edison)
       Education cuts don't heal.       
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug