A security issue in remote execution orders (RCE από το remote command execution) επηρεάζει πάνω από τους μισούς διακομιστές ηλεκτρονικού ταχυδρομείου του Διαδικτύου, σύμφωνα με ερευνητές better safetyof Qualys.
The vulnerability affects Exim, a mail transfer agent (MTA), which is a software which runs on email servers to transmit messages from senders to recipients.
According to one research Of all mail servers visible on the Internet, 57% (507,389) of all servers run Exim.
In a security alert, Qualys, a cybersecurity company that specializes in cloud security, said it found a very dangerous vulnerability in Exim installations in versions 4.87 to 4.91.
The vulnerability is described as RCE and is different, but just as dangerous as the remote code execution vulnerability which allows a local or remote attacker to run commands on the Exim server as root.
Qualys said the vulnerability could be exploited directly by a local attacker who has a physical presence on an email server, even with a low-profile account.
But the real danger comes from afar hacker that exploit the vulnerability as they can scan the Internet for vulnerable servers and compromise systems.
"Due to the extreme complexity of the Exim code, we can not guarantee that this method of exploitation is unique, there may be faster methods."
In addition, the Qualys team reports that the vulnerability was fixed completely by accident:
The vulnerability was fixed with the release of Exim 4.92 on February 10, 2019, but at the time version 4.92 was released, they were unaware of the security vulnerability.
It was recently discovered by the Qualys team while testing older versions of Exim, and they now warn Exim users to update to version 4.92.
________________
- Amazon, Apple, Facebook, & Google: great anti-monopoly research from the US
- ProtonMail suspected to cooperate with the authorities
- Samsung is trying to get Huawei's customers
