RCE vulnerability affects half of mail servers on the internet

A ασφαλείας στην απομακρυσμένων εντολών ( από το remote command execution) επηρεάζει πάνω από τους μισούς διακομιστές ηλεκτρονικού y of the Internet, according to Qualys security researchers.

Vulnerability affects the , a mail transfer agent (MTA), which is software that runs on email servers to transmit messages from senders to recipients.

RCE

According to one research Of all mail servers visible on the Internet, 57% (507,389) of all servers run Exim.

In a security alert, Qualys, a cybersecurity company that specializes in cloud security, said it found a very dangerous vulnerability in Exim installations in versions 4.87 to 4.91.

The vulnerability is described as RCE and is different, but just as dangerous as the remote code execution vulnerability which allows a local or remote attacker to run commands on the Exim server as root.

Qualys reported that the vulnerability can be directly exploited by a local attacker who has presence on an email server, even with a low-privilege account.

But the real danger comes from remote hackers who exploit the vulnerability, as they can scan the Internet for vulnerable servers and compromise systems.


"Due to the extreme complexity of the Exim code, we can not guarantee that this method of exploitation is unique, there may be faster methods."

Furthermore, the Qualys reports that the vulnerability was patched completely by accident:

The vulnerability was fixed with the release of Exim 4.92 on February 10, 2019, but at the time version 4.92 was released, they were unaware of the security vulnerability.

It was recently discovered by the Qualys team while testing older versions of Exim, and they now warn Exim users to update to version 4.92.

________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).