Home Security Critical Exim Vulnerability Affected Millions Of Servers

Critical Exim Vulnerability Affected Millions Of Servers

by ethhack

A critical vulnerability exposed millions of Exim servers to a serious threat of remote attacks. The vulnerability could allow an attacker to execute malicious code on target machine with root privileges.

Vulnerability Found In Exim Servers

Researchers have found a critical vulnerability in Exim servers that posed a risk to millions of devices. Initially reported by Zerons, the vulnerability exposed the servers to remote attacks.

As explained by Tenable in an advisory, this vulnerability CVE-2019-15846 resembles the one they reported earlier in June (CVE-2019-10149). Upon an exploit, the flaw could let an adversary take complete control of the target servers.

The vulnerability primarily existed in the way an Exim server accepted TLS. Stating about the flaw in their advisory, Exim stated,

The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake.

Sending the malicious SNI ending could result in a buffer overflow in the SMTP delivery process, thereby letting an attacker inject and execute malicious codes with root access.

Since the vulnerability is independent of the TLS library, it affects both GnuTLS and OpenSSL.

Exim Released A Fix

According to the timeline shared in Exim’s advisory, the researcher discovered the bug in July 2019. Following the report, Exim worked on a patch and released the fix in September 2019.

As confirmed by Exim, the vulnerability affected all versions until 4.92.1. Consequently, the vendors have patched the flaw with the release of version 4.92.2.

Besides, Exim also confirmed the existence of a rudimentary proof of concept that is not publicly disclosed.

Currently there is no known exploit, but a rudimentary POC exists.

Therefore, the users of Exim servers must ensure a quick update of their devices with the latest patched version to stay protected from any potential mishap.

Let us know your thoughts in the comments.

The following two tabs change content below.
Avatar
Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Source link

Related Articles

Leave a Comment

deneme bonusu veren sitelerbahis casinomakrobetceltabettipobet365pinbahispolobetgizabetaresbetlordbahisladesbetbetofbettrbet