Thanks to LowEndTalk member @active8 for alerting us to an Exim vulnerability that looks pretty awful:
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
Wow. Seems like if I was the Exim publisher, I’d jump on that immediately. Especially since Exim was grossly embarrassed by 21 separate vulnerabilities published in a batch a couple years back.
Sadly, the vendor did not:
06/06/22 – ZDI requested a PSIRT contact.
06/14/22 – ZDI reported the vulnerability to the vendor.
04/25/23 – ZDI asked for an update.
04/25/23 – The vendor asked us to re-send the reports.
05/10/23 – ZDI sent the vulnerability to the vendor.
09/25/23 – ZDI asked for an update and informed the vendor that we intend to publish the case as a zero-day advisory on 09/27/23.
A fix is available for this issue. It’s called Postfix.
UPDATE: Thanks to an anonymous reader for submitting this link which mentions six 0day exploits.
Raindog308 is a longtime LowEndTalk community administrator, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.
As an avid user of LowEndBox providers, Raindog runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.
Beyond the command line, Raindog is a lover of German Shepherds, high-quality knives, target shooting, theology, tabletop RPGs, and hiking in deep, quiet forests.
His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.
You can find him daily in the forums at LowEndTalk under the handle @raindog308.
A little snarky, aren’t we today? Postfix as the ‘fix’ is like saying android is an iphone fix, or turning off wifi is an internet fix. I find info, dialogue and weighing options helpful.