MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos

Severe vulnerability in Exim

jeudi 6 juin 2019, 15:49 , par
Qualys has put out an advisory on a vulnerability in the Exim mail transfer
agent, versions 4.87 through 4.91; it allows for easy command execution by
a local attacker and remote execution in some scenarios. 'To remotely
exploit this vulnerability in the default configuration, an attacker
must keep a connection to the vulnerable server open for 7 days (by
transmitting one byte every few minutes). However, because of the
extreme complexity of Exim's code, we cannot guarantee that this
exploitation method is unique; faster methods may exist.' Sites
running Exim should upgrade to 4.92 if they have not already.
News copyright owned by their original publishers | Copyright © 2004 - 2020 Zicos / 440Network
Date Actuelle
mer. 2 déc. - 20:22 CET