Thanks to LowEndTalk member @active8 for alerting us to an Exim vulnerability that looks pretty awful:
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
Wow. Seems like if I was the Exim publisher, I’d jump on that immediately. Especially since Exim was grossly embarrassed by 21 separate vulnerabilities published in a batch a couple years back.
Sadly, the vendor did not:
06/06/22 – ZDI requested a PSIRT contact.
06/14/22 – ZDI reported the vulnerability to the vendor.
04/25/23 – ZDI asked for an update.
04/25/23 – The vendor asked us to re-send the reports.
05/10/23 – ZDI sent the vulnerability to the vendor.
09/25/23 – ZDI asked for an update and informed the vendor that we intend to publish the case as a zero-day advisory on 09/27/23.
A fix is available for this issue. It’s called Postfix.
UPDATE: Thanks to an anonymous reader for submitting this link which mentions six 0day exploits.
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
- Early Black Friday Offer: VersaWeb has a Dedi Deal in Las Vegas, Dallas, and Miami! - November 23, 2024
- LowEndBoxTV: Are All Hetzner Locations Alike?No!And Piotr Has the Proof: “This is Clearly Not the Same Processor” - November 22, 2024
- One Week From Tomorrow…THE WORLD WILL LOSE THEIR MINDS!Lines Are Already Forming! - November 21, 2024
A little snarky, aren’t we today? Postfix as the ‘fix’ is like saying android is an iphone fix, or turning off wifi is an internet fix. I find info, dialogue and weighing options helpful.