Exim software Vulnerability

Vulnerability in Exim software allows hackers to gain control of your mail server

Target: Exim users

Attack Vector: Remote code execution

Summary:

A new critical vulnerability has been discovered in Exim, a widely developed mail transfer agent (MTA) used on Unix based operating systems. An attacker can exploit an off-by-one buffer overflow with a precisely constructed mail message. It is possible for attackers to exploit remotely without any authentication due to the nature of the vulnerability in relation to how SMTP transactions are conducted.

Risk assessment summary:

The threat is assessed as 3e MODERATE and the likelihood has been rated as POSSIBLE. If successful, by sending specially manipulated input to a server running Exim, attackers may be able to remotely execute code and take control of mail servers. Although a patch has been released, it may take weeks or even months for the vulnerability to be fully mitigated as users may not update their servers, leaving them at risk.

2 thoughts on “Exim software Vulnerability”

  1. hello!,I like your writing so much! share we communicate more about your post on AOL? I need a specialist on this area to solve my problem. Maybe that’s you! Looking forward to see you.

Leave a Reply

Your email address will not be published. Required fields are marked *