Mail Server (MTA) Market share:
|Server Type||Number of Servers||Percent|
The vulnerability allows to remotely execute code and gain system access with root privileges
In popular software for mail servers, Exim discovered a critical vulnerability (CVE-2019-15846), which allows to remotely execute code and gain system access with root privileges. The fix for the security issue, and its detailed description will be published on Friday, September 6. To prevent attacks using CVE-2019-15846 recommended to update Exim to version 4.92.2 or later.
To remember proekspluatirovat vulnerability can an authorized user or an attacker are on the same network as the affected device. It can also be remember proekspluatirovat remotely if the server is connected to the Internet.
As reported by one of the developers of Exim, Letterman Heiko (Heiko Schlitterman), he and his colleagues became aware of the vulnerability on September 3. The next day, the subscribers of the mailing list received notice of the impending patch which will be released on 6 September.
According to Litterman, yet a full working exploit for the vulnerability exists. However, there are primitive PoC-exploit, in connection with which administrators are urged to install the update as soon as possible.
The patch is the biggest update since the release of version Exim 4.92.1, released in July of this year. The update also fixed a critical vulnerability ( CVE-2019-13917 ), allows remotely to execute code with root privileges when a non-standard configuration settings.