Security News > 2018 > March > Exim vulnerability opens 400,000 servers to remote code execution

Exim vulnerability opens 400,000 servers to remote code execution
2018-03-07 17:46

If you’re using the Exim mail transfer agent on your Internet-connected Unix-like systems and you haven’t yet upgraded to version 4.90.1, now is the time to do it as all previous versions contain a vulnerability that can be exploited to achieve remote code execution. About the Exim remote code execution vulnerability The buffer overflow vulnerability in the base64 decode function of Exim (CVE-2018-6789) was discovered and reported by Meh Chang of the DEVCORE research team … More → The post Exim vulnerability opens 400,000 servers to remote code execution appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/uq-XqDg5VWM/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-02-08 CVE-2018-6789 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1.
network
low complexity
exim debian canonical CWE-119
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Exim 1 2 14 21 9 46