Critical Exim flaw opens servers to remote code execution, patch now! - Help Net Security

Critical Exim flaw opens servers to remote code execution, patch now! - Help Net Security

The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on the underlying system.



About Exim


Exim is the most widely used MTA today and is deployed on over half of all Internet-facing mail servers.


It’s efficient, highly configurable, bundled with most Unix-like systems – and free.


About the vulnerability


CVE-2019-15846 affects Exim versions 4.80 to (and including) 4.92.1. A se ..