Security News > 2023 > September > New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks
2023-09-30 04:14
Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
News URL
https://thehackernews.com/2023/09/new-critical-security-flaws-expose-exim.html
Related news
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks (source)
- 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Over 37,000 VMware ESXi servers vulnerable to ongoing attacks (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical AMI MegaRAC bug can let attackers hijack, brick servers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-42114 | Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. | 0.0 |