Security News

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
2024-07-15 11:03

The maintainers of the Exim mail transfer agent have fixed a critical vulnerability that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. CVE-2024-39929 affects Exim releases up to and including 4.97.1, and has been fixed in Exim v4.98, which was released last week.

Critical Exim bug bypasses security filters on 1.5 million mail servers
2024-07-12 20:48

Censys warns that over 1.5 million Exim mail transfer agent instances are unpatched against a critical vulnerability that lets threat actors bypass security filters. Tracked as CVE-2024-39929 and patched by Exim developers on Wednesday, the security flaw impacts Exim releases up to and including version 4.97.1.

Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
2024-07-12 10:51

A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users' inboxes. "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users," according to a description shared on the U.S. National Vulnerability Database.

Exim patches three of six zero-day bugs disclosed last week
2023-10-02 21:50

Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative, one of them allowing unauthenticated attackers to gain remote code execution. As Exim developer Heiko Schlittermann revealed on the Open Source Security mailing list on Friday, today's fixes were already "Available in a protected repository" and "Ready to be applied by the distribution maintainers."

Critical zero-days in Exim revealed, only 3 have been fixed
2023-10-02 13:55

Six zero-days in Exim, the most widely used mail transfer agent, have been revealed by Trend Micro's Zero Day Initiative last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three of them have been included in Exim v4.96.1, a security release made available today.

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks
2023-09-30 04:14

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of...

Millions of Exim mail servers exposed to zero-day RCE attacks
2023-09-29 20:11

A critical zero-day vulnerability in all versions of Exim mail transfer agent software can let unauthenticated attackers gain remote code execution on Internet-exposed servers. MTA servers like Exim are highly vulnerable targets, primarily because they are often accessible via the Internet, serving as easy entry points for attackers into a target's network.

ALERT — New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking
2021-05-08 04:47

Exim is a popular mail transfer agent used on Unix-like operating systems, with over 60% of the publicly reachable mail servers on the Internet running the software. A Shodan search reveals nearly four million Exim servers that are exposed online.

Raft of Exim Security Holes Allow Linux Mail Server Takeovers
2021-05-05 18:15

A veritable cornucopia of security vulnerabilities in the Exim mail server have been uncovered, some of which could be chained together for unauthenticated remote code execution, gaining root privileges and worm-style lateral movement, according to researchers. "Exim Mail Servers are used so widely and handle such a large volume of the internet's traffic that they are often a key target for hackers," Jogi said, noting that last year, a vulnerability in Exim was a target of the Russian advanced persistent threat known as Sandworm.

21 nails in Exim mail server: Vulnerabilities enable 'full remote unauthenticated code execution', millions of boxes at risk
2021-05-05 17:20

Researchers at security biz Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain "a full remote unauthenticated code execution and gain root privileges on the Exim Server." Exim is a mail transfer agent, responsible for receiving and forwarding email messages.