Users of the Exim email server software should update their installations immediately due to a vulnerability that allows hackers to install malicious code with root privileges. The vulnerability is found in all versions of Exim before, 4.92.2, released Friday night to address the problem.
Exim is a very widely used software acting as a mail transfer agent (MTA). The software runs in the background of email servers acting as a relay for other people’s emails. Exim is bundled with many Linux distros, including Debian and Red Hat. Exim also powers email in cPanel making it the most used MTA today with over 57% of the market share.
The vulnerability was discovered in July by a security researcher called Zerons. The flaw allows attackers to take advantage of the TLS ServerName Indicator, a feature allowing TLS to serve different certificates for different websites.
The vulnerability would let an attacker create a buffer overflow to a server running Exim. Since this flaw doesn’t depend on the TLS library used on the server, GnuTLS and OpenSSL are vulnerable. Exim is a Free Libre and Open Source Software (FLOSS), meaning it is built and maintained by volunteers. Updating Exim all installs is strongly recommended by the volunteer team who runs the Exim Maintainers Group.
Header Image by Helpameout