⚡ Webinar ▶ Level-Up SaaS Security: A Comprehensive Guide to ITDR and SSPM Save Your Seat
#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
CrowdSec

Exim Mail Transfer Agent | Breaking Cybersecurity News | The Hacker News

Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks

Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks

Sep 06, 2019
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers. Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that affect all versions of the email server software up to and including then-latest 4.92.1. Exim is a widely used, open source mail transfer agent (MTA) software developed for Unix-like operating systems such as Linux, Mac OSX or Solaris, which runs almost 60% of the internet's email servers today for routing, delivering and receiving email messages. Tracked as CVE-2019-15846 , the security vulnerability only affects Exim servers that accept TLS connections, potentially allowing attackers to gain root-level access to the system "by sending an SNI ending in a backslash-null sequence during the ini
Exim Internet Mailer Found Vulnerable to RCE And DoS Bugs; Patch Now

Exim Internet Mailer Found Vulnerable to RCE And DoS Bugs; Patch Now

Nov 27, 2017
A security researcher has discovered and publicly disclosed two critical vulnerabilities in the popular Internet mail message transfer agent Exim , one of which could allow a remote attacker to execute malicious code on the targeted server. Exim is an open source mail transfer agent (MTA) developed for Unix-like operating systems such as Linux, Mac OSX or Solaris, which is responsible for routing, delivering and receiving email messages. The first vulnerability, identified as CVE-2017-16943 , is a use-after-free bug which could be exploited to remotely execute arbitrary code in the SMTP server by crafting a sequence of BDAT commands. "To trigger this bug, BDAT command is necessary to perform an allocation by raising an error," the researcher said. "Through our research, we confirm that this vulnerability can be exploited to remote code execution if the binary is not compiled with PIE." The researcher ( mehqq_ ) has also published a Proof-of-Concept (PoC)
cyber security

external linkFinally, Everyone Can (and Should) Ensure Essential SaaS Security

websiteWing SecuritySaaS Security / Compliance
This new product will help you achieve the baseline requirements for ensuring safe SaaS usage.
Cybersecurity Resources