Security Information / 2002 / Security Information -- DSA-097-1 exim

Debian Security Advisory

DSA-097-1 exim -- Uncontrolled program execution

Date Reported:

03 Jan 2002

Affected Packages:

exim

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

Patrice Fournier discovered a bug in all versions of Exim older than Exim 3.34 and Exim 3.952.

The Exim maintainer, Philip Hazel, writes about this issue: "The problem exists only in the case of a run time configuration which directs or routes an address to a pipe transport without checking the local part of the address in any way. This does not apply, for example, to pipes run from alias or forward files, because the local part is checked to ensure that it is the name of an alias or of a local user. The bug's effect is that, instead of obeying the correct pipe command, a broken Exim runs the command encoded in the local part of the address."

This problem has been fixed in Exim version 3.12-10.2 for the stable distribution Debian GNU/Linux 2.2 and 3.33-1.1 for the testing and unstable distribution. We recommend that you upgrade your exim package.

Fixed in:

Debian GNU/Linux 2.2 (potato)

Source:

http://security.debian.org/dists/stable/updates/main/source/exim_3.12-10.2.dsc

http://security.debian.org/dists/stable/updates/main/source/exim_3.12-10.2.diff.gz

http://security.debian.org/dists/stable/updates/main/source/exim_3.12.orig.tar.gz

Alpha:

http://security.debian.org/dists/stable/updates/main/binary-alpha/exim_3.12-10.2_alpha.deb

http://security.debian.org/dists/stable/updates/main/binary-alpha/eximon_3.12-10.2_alpha.deb

ARM:

http://security.debian.org/dists/stable/updates/main/binary-arm/exim_3.12-10.2_arm.deb

http://security.debian.org/dists/stable/updates/main/binary-arm/eximon_3.12-10.2_arm.deb

Intel ia32:

http://security.debian.org/dists/stable/updates/main/binary-i386/exim_3.12-10.2_i386.deb

http://security.debian.org/dists/stable/updates/main/binary-i386/eximon_3.12-10.2_i386.deb

Motorola 680x0:

http://security.debian.org/dists/stable/updates/main/binary-m68k/exim_3.12-10.2_m68k.deb

http://security.debian.org/dists/stable/updates/main/binary-m68k/eximon_3.12-10.2_m68k.deb

PowerPC:

http://security.debian.org/dists/stable/updates/main/binary-powerpc/exim_3.12-10.2_powerpc.deb

http://security.debian.org/dists/stable/updates/main/binary-powerpc/eximon_3.12-10.2_powerpc.deb

Sun Sparc:

http://security.debian.org/dists/stable/updates/main/binary-sparc/exim_3.12-10.2_sparc.deb

http://security.debian.org/dists/stable/updates/main/binary-sparc/eximon_3.12-10.2_sparc.deb

MD5 checksums of the listed files are available in the original advisory.