Security News > 2024 > July > Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users' inboxes.
"Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users," according to a description shared on the U.S. National Vulnerability Database.
Exim is a free, mail transfer agent that's used in hosts that are running Unix or Unix-like operating systems.
Attack surface management firm Censys said 4,830,719 of the 6,540,044 public-facing SMTP mail servers are running Exim.
As of July 12, 2024, 1,563,085 internet-accessible Exim servers are running a potentially vulnerable version.
"The vulnerability could allow a remote attacker to bypass filename extension blocking protection measures and deliver executable attachments directly to end-users' mailboxes," it noted.
News URL
https://thehackernews.com/2024/07/critical-exim-mail-server-vulnerability.html
Related news
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems (source)
- New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)