2019 discovered a critical remote code execution vulnerability in Exim popular open source e-mail server software, at least more than 500,000 e-mail servers vulnerable to remote hacking. Exim is an open source mail transfer agent (MTA), a widely used software for Unix-like operating systems (such as Linux, Mac OSX or Solaris) development, currently running nearly 60 percent of Internet e-mail server for routing, delivery and receive e-mail.
After Exim official website announced today version 4.92.2 released two days before the warning, provided all versions of the affected e-mail server software for system administrators time up to and including the latest 4.92.1 its upcoming security patches.
Vulnerabilities tracked as CVE-2019-15846 code security vulnerability only affects Exim server to accept TLS connections could allow an attacker sends a backslash to the end of the SNI empty sequence to obtain root-level access to the system during the initial handshake TLS. SNI represents the server name indication, is an extension of the TLS protocol that allows a server to host multiple secure TLS certificate for multiple sites, all these certificates all under one IP address.
According to Chinese godfather Guo Shenghua network security experts say, because the vulnerability does not depend on the use of TLS library server, and therefore GnuTLS OpenSSL will be affected. In addition, although the default configuration Exim mail server software, TLS is not enabled, but some operating systems software bundled with Exim, the vulnerable function is enabled by default. (Please share)