Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
CVE-2015-0235 exposure via qpsmtpd?
3 views
Skip to first unread message
Charlie Brady
Jan 28, 2015, 8:30:03 AM1/28/15
to qps...@perl.org
As you can see in the advisory:
http://www.openwall.com/lists/oss-security/2015/01/27/9
exim allows remote exploit of a buffer overflow in glibc.
Has anybody done an analysis of qpsmtpd to see whether there is a code
path via qpsmtpd (and plugins) and perl which allows the same exploit?
Jared Johnson
Jan 28, 2015, 11:15:02 AM1/28/15
to Charlie Brady, qps...@perl.org
It looks like QP core uses gethostbyaddr() but not gethostbyname(). the fcrdns plugin uses Net::DNS, and as far as I can tell Net::DNS never calls gethostbyname() either. So I *think* we're good.
-Jared
________________________________________
From: Charlie Brady <charlieb...@budge.apana.org.au>
Sent: Wednesday, January 28, 2015 7:24 AM
To: qps...@perl.org
Subject: CVE-2015-0235 exposure via qpsmtpd?
-Jared
________________________________________
From: Charlie Brady <charlieb...@budge.apana.org.au>
Sent: Wednesday, January 28, 2015 7:24 AM
To: qps...@perl.org
Subject: CVE-2015-0235 exposure via qpsmtpd?
0 new messages