According to data for June 2019, Exim is set at 57% (507,389) of all servers found on the Internet. However, there is information that in fact the number of Exim installations exceeds this number tenfold and is estimated as 5.4 million.
Detected by Qualys experts vulnerabilities affect software versions from 4.87 to 4.91. The vulnerability allows a remote/local attacker to launch commands on the mail server with superuser privileges.
Read also: More than 50,000 MS-SQL and PHPMyAdmin servers were infected by rootkits and miners
Local attacker, even with the lowest privileges, can exploit it immediately. However, the most dangerous are remote attackers who scan the Internet for vulnerable servers and are able to take control of vulnerable systems.
For remote exploitation of the default configuration, an attacker must maintain a connection to the vulnerable server for seven days (by sending one byte every few minutes).
“For transmitting one by one for each day (by transmitting one byte every few minutes). However, we cannot guarantee that this method of exploitation is unique; faster methods may exist”, – admit researchers.
In addition, they indicate that vulnerability can be exploited remotely not only with the default configuration settings.
The problem was fixed in the version of Exim 4.92, released in February of this year. It is noteworthy that at the time of new software’s version release, vulnerability was not yet known, and it was fixed accidentally. Researchers discovered the problem only during the audit of old Exim versions.
Vulnerability assigned an identifier CVE-2019-10149, in Qualys, it passes under the name “Return of the WIZard“.
Source: https://www.openwall.com
About Franoapas.co.in Franoapas.co.in pop-ups can not launch out of nowhere. If you have clicked on…
About News-xwamovi.cc News-xwamovi.cc pop-ups can not open out of nowhere. If you have clicked on…
About Happybase.xyz Happybase.xyz pop-ups can not introduce out of nowhere. If you have clicked some…
About Kentosim.xyz Kentosim.xyz pop-ups can not expose out of nowhere. If you have actually clicked…
About News-xhunoyi.cc News-xhunoyi.cc pop-ups can not launch out of nowhere. If you have actually clicked…
About Pectorsed.com Pectorsed.com pop-ups can not expose out of the blue. If you have clicked…