A critical security issue has been disclosed in the Exim mail transfer agent that could empower menace actors to supply destructive attachments to goal users’ inboxes.
The vulnerability, tracked as CVE-2024-39929, has a CVSS rating of 9.1 out of 10.. It has been resolved in variation 4.98.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
“Exim as a result of 4.97.1 misparses a multiline RFC 2231 header filename, and therefore distant attackers can bypass a $mime_filename extension-blocking safety mechanism, and probably produce executable attachments to the mailboxes of close people,” according to a description shared on the U.S. Nationwide Vulnerability Database (NVD).
Exim is a free of charge, mail transfer agent that’s used in hosts that are running Unix or Unix-like working systems. It was initial released in 1995 for use at the University of Cambridge.
Attack floor management firm Censys stated 4,830,719 of the 6,540,044 public-facing SMTP mail servers are managing Exim. As of July 12, 2024, 1,563,085 internet-accessible Exim servers are jogging a likely susceptible model (4.97.1 or earlier).
A bulk of the vulnerable cases are positioned in the U.S., Russia, and Canada.
“The vulnerability could allow a distant attacker to bypass filename extension blocking protection measures and provide executable attachments immediately to end-users’ mailboxes,” it pointed out. “If a person have been to obtain or run 1 of these malicious documents, the process could be compromised.”
This also implies that prospective targets need to click on on an attached executable for the attack to be productive. Though there are no stories of energetic exploitation of the flaw, it truly is crucial that end users move speedily to implement the patches to mitigate prospective threats.
The development arrives nearly a year soon after the project maintainers a established of six vulnerabilities in Exim that could end result in info disclosure and distant code execution.
Discovered this report attention-grabbing? Adhere to us on Twitter and LinkedIn to study much more special material we submit.
Some sections of this write-up are sourced from:
thehackernews.com
Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar