During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the Dovecot IMAP and POP3 server is the use of Dovecot as a local delivery agent for Exim. The Dovecot documentation contains an example using a dangerous configuration option for Exim, which leads to a remote command execution vulnerability in Exim.
3025b7b604291903b2d800d82014d424dcaadbb269d1a91c5be2394530f8e8c8
Exim sender_address parameter remote command execution exploit that spawns a connect-back shell.
9b7e5b2ab5d077019a9d4cd152be0e3cd435bd5a759bcb011ea9bf0a0ca131fb