On 2023-10-06 Slavko via Exim-users <exim-users@lists.exim.org> wrote: [...] > hmm, i still cannot get how "network adjacent" is related to root > privileges. But my head never was good for attacks...
Hello, Afaiui the attack will require special DNS packets that would not be sent out by a real recursive resolver. i.e. the attacker needs to change these packets directly by being in between the resolver and the machine hosting exim. [...] > BTW, Heiko, i see that discussion with ZDI "continue" on oss-security. > Please, can you from time to time post summary here? Until now the discussion there sadly only explains why 3 out of 6 possible issues are still unresolved or not really understood. The person (?) sending mails from ZDI does not answer any questions but sends out unrelated canned responses. :-( cu Andreas -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
