exim
-
Releases Packages exim4 – Exim is a mail transport agent Details It was discovered that Exim incorrectly handled validation of user-supplieddata, which could lead to memory corruption. A remote attacker couldpossibly use this issue to execute arbitrary code. (CVE-2023-42117)
-
Johnson Controls Faces Major Ransomware Attack; Dark Angels Group Demands $51 Million Johnson Controls International, a major multinational conglomerate that produces industrial control systems, security equipment, and more, has been hit by a ransomware attack. The attack encrypted numerous company devices, including VMware ESXi servers, disrupting the operations of both the main company and its…
-
Overview Recently, NSFOCUS CERT detected an Exim remote code execution vulnerability (CVE-2023-42115). When external authentication is enabled, due to improper user input verification, an unauthenticated attacker can remotely exploit this vulnerability by writing data beyond the bounds, ultimately executing arbitrary code on the target server. At present, the details of the vulnerability have been disclosed.…
-
The RISKS Digest Volume 33 Issue 88 Saturday, 7th October 2023 Forum on Risks to the Public in Computers and Related Systems ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link…
-
Six new zero-day vulnerabilities in Exim Message Transfer Agent have been reported as part of the Zero-Day initiative. These vulnerabilities were discovered in June 2022 but were not disclosed until now as Exim did not fix them.
-
Andres Ramos Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security and holds a bachelor’s degree in Cybersecurity Engineering.
-
Article Link: PKD, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and Jason Wood – SWN #330 | SC Media
-
Trend Micro’s Zero Day Initiative says Exim zero-days leave organizations open to an remote code execution attack.
-
Multiple vulnerabilities were publicly disclosed by the Zero Day Initiative (ZDI) in Exim Mail Transfer Agent (MTA), including CVE-2023-42115, which is a critical vulnerability enabling unauthenticated attackers to remotely execute code on publicly exposed Exim servers with “External” authentication enabled. This issue results from improper input validation that leads to writing arbitrary code past the…
-
A severe zero-day vulnerability has been discovered in all versions of the Exim mail transfer agent (MTA) software. This vulnerability permits unauthenticated attackers to achieve remote code execution (RCE) on servers that are accessible over the Internet.
-
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.
-
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
-
Sep 30, 2023THNEmail Security / Hacking News Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution.
-
This subreddit is designed for users to post the latest Information Security related news and articles from around the Internet. The subreddit is intended to provide a location one can come and receive updated security news including security, privacy, and other security related industries or topics.
-
reader comments 5 with
-
A still unpatched zero-day RCE impacts more than 3.5M Exim servers
-
In the constantly shifting sands of the digital realm, Exim stands tall as a veritable giant. As an open-source mail transfer agent (MTA) devised for Unix-inspired operating systems such as Linux, Mac OSX, and Solaris, it’s no exaggeration to say that Exim is the lifeline of the Internet’s email communications, powering nearly 60% of the…