cvs commit: ports/security/vuxml vuln.xml
Oliver Eikemeier
eikemeier at fillmore-labs.com
Thu May 6 10:07:20 PDT 2004
Jacques A. Vidrine wrote:
> On Thu, May 06, 2004 at 06:19:22PM +0200, Oliver Eikemeier wrote:
>
>>Jacques A. Vidrine wrote:
>>
>>
>>>On Thu, May 06, 2004 at 08:43:53AM -0700, Oliver Eikemeier wrote:
>>>
>>>
>>>>eik 2004/05/06 08:43:53 PDT
>>>>
>>>>FreeBSD ports repository
>>>>
>>>>Modified files:
>>>> security/vuxml vuln.xml
>>>>Log:
>>>>exim buffer overflow when verify = header_syntax is used
>>>>
>>>>Revision Changes Path
>>>>1.90 +27 -0 ports/security/vuxml/vuln.xml
>>>
>>>Thanks!
>>>Actually, there are two bugs: CAN-2004-0399 CAN-2004-0400
>>>Were both of these fixed?
>>
>>I guess I have no access to the preliminary information
>>CAN-2004-0399 contains, so I can't tell.
>
> George's advisory included two bugs:
>
> CAN-2004-0399: exim buffer overflows with sender address/host name
> when sender_verify is enabled
>
> CAN-2004-0400: exim buffer overflow with header name when
> headers_check_syntax is enabled
>
> Maybe only one of them affected the version of exim we have?
Neither do I know George. The advisory I refer to is
<http://www.guninski.com/exim1.html>
I verified that what is called `bug2' affects FreeBSD when
`verify = header_syntax' is used (which is not done in the default
configuration file), `bug1' is mentioned as effecting exim 3.35, which
is a stupid Debianism. Exim 3.36 is available since April 2002
<http://www.exim.org/pipermail/exim-announce/2002q2/000057.html>
in FreeBSD as mail/exim-old, is FORBIDDEN since September 2003 and
has been removed from the ports tree March 2004. `verify = header_syntax'
used to be `headers_check_syntax' in Exim 3.x, so obviously Georgi
Guninski and the George writing the CVE list entries are Debian users.
-Oliver
More information about the cvs-ports
mailing list