Situation
A pre-authentication information disclosure was recently discovered in Exim's PROXY-protocol parser.
Impact
This affects Exim versions from 4.88 (2017) up to and including 4.99.3 that are compiled with SUPPORT_PROXY and configured with a non-empty hosts_proxy.
The Exim build shipped with cPanel does not enable SUPPORT_PROXY and thus would not be affected by this vulnerability.
Call to Action
No action is needed at this time, as cPanel installations are not affected.
Comments
0 comments
Article is closed for comments.