|Original author(s)||Philip Hazel (started 1995)|
|Developer(s)||The Exim Maintainers|
Thus you can expect hackers, crackers and NSA to target it.
Exim < 4.86.2 – Privilege Escalation
exim --version; # check your exim version
The available version of Exim on debian stable is 4.84.2-2, you can easily upgrade the version to version 4.89 by installing the needed package from backports through the following steps, run:
echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list echo "deb http://httpredir.debian.org/debian jessie-backports main contrib non-free" >> /etc/apt/sources.list
apt-get update apt-get remove exim4 apt-get -t jessie-backports install exim4
You can install a even more recent version from testing using apt-pinning way but it is not recommanded because you can break some dependencies.
„This vulnerability could be exploited by attackers who have local access to the
system to escalate their privileges to root which would allow them to fully
compromise the system.“
„To exploit this setting and gain the effective root privilege of the SUID binary,
attackers can inject PERL5OPT perl environment variable, which does not get
cleaned by affected versions of Exim.“
what version of mail server you are running you can test with telnet connecting to the SMTP port of your server:
telnet domain.com 25 # or telnet domain.com 587
Connection closed by foreign host. user@debian9:~$ telnet mx.freenet.de 587 Trying 220.127.116.11... Connected to mx.freenet.de. Escape character is '^]'. 220 mx0.freenet.de ESMTP Exim 4.85 Thu, 06 Jul 2017 11:27:46 +0200 ^C quit Connection closed by foreign host. user@debian9:~$ telnet mail.gmx.net 587 Trying 18.104.22.168... Connected to mail.gmx.net. Escape character is '^]'. 220 gmx.com (mrgmx002) Nemesis ESMTP Service ready quit 221 gmx.com Service closing transmission channel Connection closed by foreign host. user@debian9:~$ telnet mail.your-server.de 587; # hetzner Trying 22.214.171.124... Connected to mail.your-server.de. Escape character is '^]'. 220 sslproxy02.your-server.de ESMTP Exim 4.84_2 Thu, 06 Jul 2017 11:29:00 +0200 quit 221 sslproxy02.your-server.de closing connection Connection closed by foreign host.
PS: All Cisco devices have NSA-backdoors factory build-in… have PHUN! 😀