Six 0day vulnerabilities were reported to Exim mail transfer agent putting 250k email servers under threats
There was already news about the new critical vulnerabilities reported to the Exim Mail transfer agent, which if exploited successfully, allows remote execution of malicious code with little or no user interaction.
Zero Day Initiative first reported the vulnerability on Wednesday but it went unnoticed as everyone was busy on the WebP 0day flaw.
Also at that time, there were not many details about the vulnerabilities. We only know that there were six vulnerabilities in total and four of them were remote code execution flaws.
One of the bugs which is identified as CVE-2023-42115 is the most dangerous one with a CVSS score of 9.8 out of 10. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim, and Authentication is not required to exploit this vulnerability.
According to the description on the Zero Day Initiative page states-
The specific flaw exists within the SMTP service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account.
Exim Six Zero-day Vulnerabilities
Today on 2nd October 2023, Exim came up with the details regarding the above-mentioned vulnerabilities. According to the Exim security advisory, there were six zero-day vulnerabilities were reported to Exim.
Exim confirms that None of these issu ..
Support the originator by clicking the read the rest link below.
