Displaying 2 results from an estimated 2 matches for "helo_verify_hosts".
2015 Jan 27
3
CVE-2015-0235 - glibc gethostbyname
...Tony Finch <dot--at-- at dotat.at>
Subject: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable
via exim
Date: Tue, 27 Jan 2015 17:33:45 +0000
"The Exim mail server is exploitable remotely if configured to perform
extra security checks on the HELO and EHLO commands ("helo_verify_hosts"
or "helo_try_verify_hosts" option, or "verify = helo" ACL); we developed
a reliable and fully-functional exploit that bypasses all existing
protections (ASLR, PIE, NX) on 32-bit and 64-bit machines.
http://www.openwall.com/lists/oss-security/2015/01/27/9
----------------...
2011 Jun 28
3
Exim and Dovecot2 SASL: 435 Unable to authenticate at present
...hed "localhost")
29279 duplicate IP address 127.0.0.1 (MX=-1) removed
29279 gethostbyname2 looked up these IP addresses:
29279 name=localhost address=::1
29279 name=localhost address=127.0.0.1
29279 host in recipient_unqualified_hosts? yes (matched "localhost")
29279 host in helo_verify_hosts? no (option unset)
29279 host in helo_try_verify_hosts? no (option unset)
29279 host in helo_accept_junk_hosts? no (option unset)
29279 SMTP>> 220 mail.domain.lan, ESMTP ready
29279 tls_do_write(7f10202175a0, 31)
29279 gnutls_record_send(SSL, 7f10202175a0, 31)
29279 outbytes=31
29279 Process...