Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 06 May 2004 19:07:02 +0200
From:      Oliver Eikemeier <eikemeier@fillmore-labs.com>
To:        "Jacques A. Vidrine" <nectar@FreeBSD.org>
Cc:        ports-committers@FreeBSD.org
Subject:   Re: cvs commit: ports/security/vuxml vuln.xml
Message-ID:  <409A70B6.20000@fillmore-labs.com>
In-Reply-To: <20040506162842.GA1129@madman.celabo.org>
References:  <200405061543.i46FhrL2015423@repoman.freebsd.org> <20040506160133.GB790@madman.celabo.org> <409A658A.30206@fillmore-labs.com> <20040506162842.GA1129@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Jacques A. Vidrine wrote:

> On Thu, May 06, 2004 at 06:19:22PM +0200, Oliver Eikemeier wrote:
> 
>>Jacques A. Vidrine wrote:
>>
>>
>>>On Thu, May 06, 2004 at 08:43:53AM -0700, Oliver Eikemeier wrote:
>>>
>>>
>>>>eik         2004/05/06 08:43:53 PDT
>>>>
>>>>FreeBSD ports repository
>>>>
>>>>Modified files:
>>>>  security/vuxml       vuln.xml 
>>>>Log:
>>>>exim buffer overflow when verify = header_syntax is used
>>>>
>>>>Revision  Changes    Path
>>>>1.90      +27 -0     ports/security/vuxml/vuln.xml
>>>
>>>Thanks!
>>>Actually, there are two bugs: CAN-2004-0399 CAN-2004-0400
>>>Were both of these fixed?
>>
>>I guess I have no access to the preliminary information
>>CAN-2004-0399 contains, so I can't tell.
> 
> George's advisory included two bugs:
> 
> CAN-2004-0399: exim buffer overflows with sender address/host name
> when sender_verify is enabled
> 
> CAN-2004-0400: exim buffer overflow with header name when
> headers_check_syntax is enabled
> 
> Maybe only one of them affected the version of exim we have?

Neither do I know George. The advisory I refer to is
  <http://www.guninski.com/exim1.html>;

I verified that what is called `bug2' affects FreeBSD when
`verify = header_syntax' is used (which is not done in the default
configuration file), `bug1' is mentioned as effecting exim 3.35, which
is a stupid Debianism. Exim 3.36 is available since April 2002 
  <http://www.exim.org/pipermail/exim-announce/2002q2/000057.html>;
in FreeBSD as mail/exim-old, is FORBIDDEN since September 2003 and
has been removed from the ports tree March 2004. `verify = header_syntax'
used to be `headers_check_syntax' in Exim 3.x, so obviously Georgi
Guninski and the George writing the CVE list entries are Debian users.

-Oliver

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?409A70B6.20000>