Critical Exim Flaw Opens Millions of Servers to Takeover


Researchers are urging users to upgrade their Exim servers immediately after millions of servers were found to be vulnerable to a critical flaw that could allow a remote, unauthenticated attacker to take full control of them.

Exim, which is free software used on Unix-like operating systems (including Linux or Mac OSX) serves as a mail transfer agent that manages mail routing services for organizations. According to Shodan, Exim is the most used mail transfer agent globally and has over 5 million internet-facing hosts, meaning the attack surface for the flaw is massive.

All versions of Exim servers up to and including 4.92.1 have a serious flaw (CVE-2019-15846) that could allow a local or remote attacker to execute arbitrary code with root privileges, which means that they could take full control of the impacted server. The vulnerability ranks 9.8 out of 10 on the CVSS scale, making it critical in severity.

Read more…
Source: ThreatPost