[28127] in bugtraq
Re: Local root vulnerability found in exim 4.x (and 3.x)
daemon@ATHENA.MIT.EDU (Tabor J. Wells)
Thu Dec 5 21:24:31 2002
Date: Wed, 4 Dec 2002 23:00:50 -0500
From: "Tabor J. Wells" <twells@fsckit.net>
To: Wana Thomas <01psi194@fhwn.ac.at>
Message-ID: <20021205040050.GB12234@fsckit.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021205034457.GA12234@fsckit.net>
[Bugtraq moderator: Please approve this post rather than my previous one.
The archive link in that post munges the patches. Thanks]
On Wed, Dec 04, 2002 at 04:40:29PM +0100,
Wana Thomas <01psi194@fhwn.ac.at> is thought to have said:
> Solution
> --------
>
> Exim developers have been informed and a patch will be
> ready shortly.
Philip Hazel, the author of Exim, released patches for 4.10 and 3.36 on the
exim-users list earlier today. Further details on the vulnerability and
the patches for both versions can be found in the list archives below:
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20021202/046978.html
--
--------------------------------------------------------------------
Tabor J. Wells twells@fsckit.net
Fsck It! Just another victim of the ambient morality
