CVE-2019-16928: a new vulnerability on Exim exposes millions of email servers to remote attacks

Another potential RCE in Exim! Let’s update, folks!

Continue reading “CVE-2019-16928: a new vulnerability on Exim exposes millions of email servers to remote attacks”

CVE-2019-15846 – Seriously? Another RCE in Exim?

Ok, it is true that Exim is one of the most used SMTP servers in the world, and for this reason it is continuously monitored by many security experts, but in the last months the Remote Code Execution vulnerabilities found are a lot!

Continue reading “CVE-2019-15846 – Seriously? Another RCE in Exim?”

CVE-2018-6789 – Oops! Another RCE vulnerability on EXIM!

Some months ago a serious vulnerability on EXIM has been disclosed (CVE-2017-16943), and in the last hours Meh Chang (from devco.re) discovered a buffer overflow that allows remote command execution on this MTA.

Continue reading “CVE-2018-6789 – Oops! Another RCE vulnerability on EXIM!”

CVE-2017-16943: Exim Remote Code Execution Vulnerability

Two vulnerabilities and an exploit POC impacting the Exim MTA have been publicly disclosed, identified as CVE-2017-16943 & CVE-2017-16944

The vulnerabilities could allow remote attackers to execute arbitrary code or cause a denial of service via vectors involving BDAT commands.

Continue reading “CVE-2017-16943: Exim Remote Code Execution Vulnerability”