Package: exim4 Version: 4.96-15+deb12u6 Severity: normal Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
In its default config, exim delivers mail to system accounts. An attacker can send mail to, say, s...@server.example.com and wait for the reply. No reply means that sshd is installed on the target system. "Unrouteable address" means that this is not the case. The same applies for all packages that create system accounts. One could set FIRST_USER_ACCOUNT_UID to prevent mail to system accounts to be delivered, but this doesn't make things better. The reply will then be "no mail to system accounts", which is different from "Unrouteable address". The attacker can still send mail to well-known system account names and find out whether the corresponding package is installed or not. -- Package-specific info: Exim version 4.96 #2 built 28-Sep-2024 14:49:26 Copyright (c) University of Cambridge, 1995 - 2018 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2022 Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013) Support for: crypteq iconv() IPv6 GnuTLS TLS_resume move_frozen_messages DANE DKIM DNSSEC Event I18N OCSP PIPECONNECT PRDR Queue_Ramp SOCKS SRS TCP_Fast_Open Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd Authenticators: cram_md5 external plaintext Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp Fixed never_users: 0 Configure owner: 0:0 Size of off_t: 8 Configuration file search path is /etc/exim4/exim4.conf:/var/lib/exim4/config.autogenerated Configuration file is /var/lib/exim4/config.autogenerated -- System Information: Debian Release: 12.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: i386 (i686) Foreign Architectures: amd64 Kernel: Linux 6.1.0-28-686-pae (SMP w/4 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages exim4 depends on: ii debconf [debconf-2.0] 1.5.82 ii exim4-base 4.96-15+deb12u6 ii exim4-daemon-light 4.96-15+deb12u6 exim4 recommends no packages. exim4 suggests no packages. -- debconf information: exim4/drec:
