6 June 2019

New RCE-flaw in Exim impacts almost 60% of email servers worldwide

New RCE-flaw in Exim impacts almost 60% of email servers worldwide

Yesterday we have publish a security bulletin SB2019060505 describing remote code execution vulnerability in Exim MTA. According to the recent survey, Exim is used by 57% (507,389) of all mail servers worldwide.

The flaw affects Exim installations running versions 4.87 to 4.91 and allows local and remote attackers to execute arbitrary commands with execv() call. The major concern in here is that the code will be executed with root privileges.

The vulnerability can be exploited instantly by a local attacker with the access (even having low level account) to an email server. Remote exploitation of this bug requires an attacker to maintain a connection to the vulnerable server for 7 days (by transmitting one byte every few minutes).

It is recommended to install the latest version Exim 4.92 ASAP.

Back to the list

Latest Posts

Hackers actively exploit a recently patched vulnerability in Exim email server software

Hackers actively exploit a recently patched vulnerability in Exim email server software

Millions of Exim email servers are currently under attack.
14 June 2019
FIN8 hacking group reappears with updated ShellTea backdoor, targets POS devices in the hotel industry

FIN8 hacking group reappears with updated ShellTea backdoor, targets POS devices in the hotel industry

FIN8 made several improvements to its malware arsenal, fixing bugs and making the malicious tools harder to detect.
13 June 2019
Hackers weaponize critical Oracle WebLogic vulnerability in cryptojacking attacks

Hackers weaponize critical Oracle WebLogic vulnerability in cryptojacking attacks

Trend Micro’s researchers shed light on some of the activity involving CVE-2019-2725.
11 June 2019
Featured vulnerabilities
Stored XSS in FortiWeb reports
Medium Patched | 13 Jun, 2019
Microsoft update for Adobe Flash (June 2019)
High Patched | 12 Jun, 2019