Security News > 2019 > June > Critical Exim flaw exploitable locally and remotely, patch ASAP!
2019-06-07 08:56
A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the “root” user. About CVE-2019-10149 CVE-2019-10149 was discovered by Qualys researchers. It is a remote command execution vulnerability that is exploitable instantly by a local attacker and by a remote attacker in certain non-default configurations. “The vulnerability is critical: it allows a local user to easily run commands as … More → The post Critical Exim flaw exploitable locally and remotely, patch ASAP! appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/evifUrVI1AM/
Related news
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2019-10149 | OS Command Injection vulnerability in multiple products A flaw was found in Exim versions 4.87 to 4.91 (inclusive). | 9.8 |