Security News > 2018 > March > Exim vulnerability opens 400,000 servers to remote code execution

Exim vulnerability opens 400,000 servers to remote code execution
2018-03-07 17:46

If you’re using the Exim mail transfer agent on your Internet-connected Unix-like systems and you haven’t yet upgraded to version 4.90.1, now is the time to do it as all previous versions contain a vulnerability that can be exploited to achieve remote code execution. About the Exim remote code execution vulnerability The buffer overflow vulnerability in the base64 decode function of Exim (CVE-2018-6789) was discovered and reported by Meh Chang of the DEVCORE research team … More → The post Exim vulnerability opens 400,000 servers to remote code execution appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/uq-XqDg5VWM/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-02-08 CVE-2018-6789 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1.
network
low complexity
exim debian canonical CWE-120
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Exim 1 2 14 21 11 48