"Critical Vulnerabilities in Exim Threaten Over 250K Email Servers Worldwide"

According to researchers, thousands of servers running the Exim mail transfer agent are vulnerable to attacks involving the exploitation of critical vulnerabilities that enable remote execution of malicious code with little or no user interaction. Exim is an open-source mail transfer agent used by as many as 253,000 servers on the Internet. Zero Day Initiative disclosed the vulnerabilities but they escaped much notice until recently when they surfaced in a security mailing list. Four of the six vulnerabilities enable Remote Code Execution (RCE) and have severity ratings between 7.5 and 9.8 out of 10. Exim has made patches available for three vulnerabilities in a private repository. This article continues to discuss the potential exploitation and impact of the critical vulnerabilities in Exim.

Ars Technica reports "Critical Vulnerabilities in Exim Threaten Over 250K Email Servers Worldwide"

Submitted by grigby1