SoylentNews is people
SoylentNews
A bug in an obscure but widely used email program may be putting as many as 400,000 servers around the world at risk of serious attack until they install an update.
The flaw—which is in all releases of the Exim message transfer agent except for version 4.90.1—opens servers to attacks that can execute malicious code, researchers who discovered the vulnerability warned in an advisory published Tuesday. The buffer overflow vulnerability, which is indexed as CVE-2018-6789, resides in base64 decode function. By sending specially manipulated input to a server running Exim, attackers may be able to remotely execute code.
This discussion has been archived.
No new comments can be posted.
400,000 Servers Using Exim May be at Risk of Serious Code-Execution Attacks
|
Log In/Create an Account
| Top
| 24 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Many a man who thinks he's going on a maiden voyage with
a woman finds out later that it was just a shake-down cruise.
(Score: 2, Interesting) by Anonymous Coward on Thursday March 08 2018, @12:24PM (1 child)
I remember the time some 15 years ago when I was working in a small local isp. One of my duties was to maintain and deal the mailserver. It had sendmail and I started to dislike it a lot, then this slowly turning to hate. For every small change required, configurations had to be modified in 3 places of some weird files which in turn were analysed by that m4 sort of thing. And spam at the time was starting to become more and more a fashion in the world.
It was then when I thought what else there exist in *nix so I can use as a mailserver/mta? So I started looking and found out there were quite a few to chose from. And I couldnt choose, I did not know any of them. Which would give me less headache? Be sensible at configurations? Not suck and turn so easily to an open relay? So I started looking at what came in as a default preinstall at distros. There was RH at the time and it had sendmail. A slackware system we also had was the same. When I went home to check my experimantal new Debian install, it had Exim. So it must be good this Exim thing I thought. Got the documentation and started d to read and advance through it like a schoolbook. Configuration file was easy to read, you could even program in its kind of own language, it made sense... I just loved it in comparison to sendmail.
So a month later I was ready. Had the executable compiled in the server, had created my configfile to match what sendmail had. Waited for the night and at 1am killed sendmail and started exim. Those first hours were intense, I felt like entering and living inside eximlog. But in the end it all turned out good. Though all that first week people would report here and there of things not right or changed behaviour of their mail client, some very weird things which they could not explain. But it all got sorted out and way easier than sendmail. And I felt an evil pride when other people's reaction was "What? You changed away from an already running sendmail? Sendmail is THE mta software, are you crazy?"
Eh, the days.
(Score: 2) by frojack on Thursday March 08 2018, @06:43PM
Yes, now that takes a committee, and letting a contract for a team of consultants.
I did roughly the same migration in our own company after taking copious notes, writing a script, testing dozens of times on my home server.
Then we migrated 14 customer sites as if it were routine maintenance. Which it was, in my view.
When was the last time you heard about a Exim vulnerability? Sendmail had them weekly for a while.
No, you are mistaken. I've always had this sig.