[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: alert: New event: ET EXPLOIT Possible SpamAssassin Milter Plugin Rem
From: |
Don Armstrong |
Subject: |
Re: alert: New event: ET EXPLOIT Possible SpamAssassin Milter Plugin Remote Arbitrary Command Injection Attempt |
Date: |
Thu, 10 Feb 2011 13:44:43 -0800 |
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Thu, 10 Feb 2011, Adam Katz wrote:
> On 02/10/2011 10:21 AM, David F. Skoll wrote:
> > Aieee.... popen() in security-sensitive software!??!??
> >
> > Also, why does the milter process run as root? That seems like a huge
> > hole all by itself.
>
> Does this affect sendmail as well as postfix?
It only affects you if you're running with -x. This was patched in
Debian and Redhat in March of 2010.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228
Don Armstrong
--
"There's no problem so large it can't be solved by killing the user
off, deleting their files, closing their account and reporting their
REAL earnings to the IRS."
-- The B.O.F.H..
http://www.donarmstrong.com http://rzlab.ucr.edu