21 nails in Exim mail server: Vulnerabilities enable ‘full remote unauthenticated code execution’, millions of boxes at risk

The Register

Researchers at security biz Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain “a full remote unauthenticated code execution and gain root privileges on the Exim Server.”

Exim is a mail transfer agent (MTA), responsible for receiving and forwarding email messages. It runs primarily on Unix or Linux and is the default MTA on Debian – though Ubuntu and Red Hat Enterprise Linux use Postfix by default.

Some hosting companies use Exim to provide email services to their customers, and it was also popular in universities and other educational institutions (it was initially developed at the University of Cambridge in 1995) though many of these have transitioned to Office 365 or Google email, not least Cambridge itself.

According to one recent survey nearly 60 per cent of mail servers visible on the internet use Exim, followed by Postfix at 34 per cent. Qualys said a Shodan search revealed nearly 4 million Exim servers exposed to the internet.

Full article