Security News > 2021 > May > Qualys Flags Gaping Security Holes in Exim Mail Server

Qualys Flags Gaping Security Holes in Exim Mail Server
2021-05-04 19:31

Security researchers document 21 major security vulnerabilities in Exim and warn that users are exposed to remote code execution flaws.

Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors.

An advisory from Qualys documents a total of 21 security vulnerabilities, 10 serious enough to expose Exim mail servers to remote code execution attacks.

Qualys said it reported the flaws to Exim since last October and noted that some of the vulnerabilities have been present in Exim since at least 2004, Qualys warned.

We recently audited central parts of the Exim mail server and discovered 21 vulnerabilities: 11 local vulnerabilities, and 10 remote vulnerabilities.

A separate note from Exim maintainers contains information on applying security patches.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/wuyt9K8K_UY/qualys-flags-gaping-security-holes-exim-mail-server

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Exim 1 0 5 21 15 41
Qualys 6 0 7 4 0 11