Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 1682 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Shellshock for Exim

BAlfson
Has anyone heard anything from Sophos about this?  Report: Criminals use Shellshock against mail servers to build botnet

Cheers - Bob


This thread was automatically locked due to age.
Parents
  • 0
    Bob - Exim would not be vulnerable to bash.  If exim uses bash in a script, bash may be vulnerable.  However, if bash is patched, other products using bash (like Exim, apache, etc.) would be safe as well.

    That being said, and slightly off topic, it still may be vulnerable (and I think it is) to POODLE attacks aimed at SSLv3 support in services like exim, etc..
Reply
  • 0
    Bob - Exim would not be vulnerable to bash.  If exim uses bash in a script, bash may be vulnerable.  However, if bash is patched, other products using bash (like Exim, apache, etc.) would be safe as well.

    That being said, and slightly off topic, it still may be vulnerable (and I think it is) to POODLE attacks aimed at SSLv3 support in services like exim, etc..
Children
No Data
Unfiltered HTML