--As of October 27, 2014 8:29:52 PM +0100, Robert Schetterer is alleged to
have said:
by the way
http://www.exploit-db.com/exploits/34896/
always have a shellshock patched system these days with postfix/procmail
--As for the rest, it is mine.
Interesting. I dug a bit further out of curiosity.
Postfix is irrelevant in this - Procmail is what needs to be looked at.
More specifically, the rules that are being used; running procmail in and
of itself doesn't allow this to be exploited, it's only if you have a
procmail rule that sticks info into the environment (not uncommon) that it
happens.
The default shell is the recipient's login shell - though that can be
overridden in procmailrc.
I wouldn't rule out other LDA's from having similar problems without proof
- but it's something to be aware of.
Daniel T. Staal
---------------------------------------------------------------
This email copyright the author. Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes. This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---------------------------------------------------------------