A vulnerability has been found in the popular email software Exim
Today’s exploit of the day is one affecting one of the most popular mail transfer agent.
That has been actively used since its creation in 1995.
A buffer overflow vulnerability has been found in the TLS negotiation code of Exim.
A specially crafted TLS package could potentially lead to code execution.
Exim is included in the default installation in several operating systems such as Debian and Ubuntu, if you are not using it we recommend that you disable it using systemctl:
find it: root@linux:~# service --status-all | grep exim [ + ] exim4 disable it: root@linux:~# systemctl disable exim4
- Exim instances running a version prior to 4.92.2
The vulnerability has been given the CVE of CVE-2019-15846.
A simple shodan search for Exim displays 5 million hosts running Exim.
This blog post is part of the exploit of the day series
where we write a shorter description about interesting
exploits that we index.