Severe vulnerability in Exim

To remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes). However, because of the extreme complexity of Exim's code, we cannot guarantee that this exploitation method is unique; faster methods may exist.

Qualys has put out an advisory on a vulnerability in the Exim mail transfer agent, versions 4.87 through 4.91; it allows for easy command execution by a local attacker and remote execution in some scenarios. "" Sites running Exim should upgrade to 4.92 if they have not already.

From: Qualys Security Advisory <qsa-AT-qualys.com> To: "oss-security-AT-lists.openwall.com" <oss-security-AT-lists.openwall.com> Subject: Re: [oss-security] CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit Date: Wed, 5 Jun 2019 17:28:21 +0000 Message-ID: <20190605172049.GD25856@localhost.localdomain> Archive-link: Article