Security News

21 vulnerabilities found in Exim, update your instances ASAP!
2021-05-05 09:10

A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated remote code execution on the Exim Server. They have all been fixed in Exim v4.94.2, and the software maintainers advise users to update their instances as soon as possible, as all versions of Exim previous to version 4.94.2 are now obsolete.

Qualys Flags Gaping Security Holes in Exim Mail Server
2021-05-04 19:31

Security researchers document 21 major security vulnerabilities in Exim and warn that users are exposed to remote code execution flaws. Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors.

Critical 21Nails Exim bugs expose millions of servers to attacks
2021-05-04 15:46

Newly discovered critical vulnerabilities in the Exim mail transfer agent software allow unauthenticated remote attackers to execute arbitrary code and gain root privilege on mail servers with default or common configurations. All versions released before Exim 4.94.2 are vulnerable to attacks attempting to exploit the 21Nails vulnerabilities.

Several Exim Vulnerabilities Exploited in Russia-Linked Attacks
2020-06-02 16:24

Several vulnerabilities affecting the Exim mail transfer agent have been exploited by Russia-linked hackers, and administrators have been urged to patch immediately, but hundreds of thousands of servers remain unpatched. The U.S. National Security Agency issued an alert last week to urge users to update their Exim servers to version 4.93 or newer, as earlier versions are impacted by vulnerabilities that have been exploited by a hacker group with ties to the Russian military.

NSA Publishes IOCs Associated With Russian Targeting of Exim Servers
2020-05-29 15:31

The U.S. National Security Agency on Thursday published information on the targeting of Exim mail servers by the Russia-linked threat actor known as Sandworm Team. The open-source Exim mail transfer agent is used broadly worldwide, powering more than half of the Internet's email servers and also being pre-installed in some Linux distributions.

NSA warns about Sandworm APT exploiting Exim flaw
2020-05-29 10:36

The Russian APT group Sandworm has been exploiting a critical Exim flaw to compromise mail servers since August 2019, the NSA has warned in a security advisory published on Thursday. Attackers started exploiting it to compromise Linux servers and instal cryptocoin miners on them, and Microsoft warned about a Linux worm leveraging the flaw to target Azure virtual machines running affected versions of Exim.

It's not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously
2020-05-29 06:08

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists. The American surveillance super-agency said [PDF] on Thursday the Kremlin's military intelligence hackers are actively targeting some systems vulnerable to CVE-2019-10149, a security hole in the widely used Exim mail transfer agent that was fixed last June.

It's not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously
2020-05-29 06:08

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists. The American surveillance super-agency said [PDF] on Thursday the Kremlin's military intelligence hackers are actively targeting some systems vulnerable to CVE-2019-10149, a security hole in the widely used Exim mail transfer agent that was fixed last June.

Exim suffers another ‘critical’ remote code execution flaw
2019-10-02 12:28

This latest Exim flaw could lead to at least a denial of service crash in the software but also the possibility of remote code execution.

Guess what? You should patch Exim again!
2019-10-01 09:52

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off...