(message crossposté dans VPS)
Je cite SANS.ORG:
A critical flaw in the Exim mail transfer agent (MTA) could be exploited to locally, and in certain cases remotely, execute code on vulnerable devices. Exim is running on 57 percent of all email servers. The vulnerability affects Exim versions 4.87 through 4.91. The issue is fixed in version 4.92.
A local attacker can trivially elevate privileges. While most mail servers don't allow users shell access, those that do should consider this a "drop everything" patch. Those in that situation who don't patch in the next 24-48 hours should assume breach. On the other hand, the remote path for exploitation identified by the researchers requires the connection to the mail server to be established for seven days. While a faster path might be discovered, this flaw doesn't appear to offer immediate remote code execution.
Read more in:
- duo.com: Odd Bug Haunts Exim Mail Agent http://duo.com/decipher/odd-bug-haunts-exim-mail-agent
- www.zdnet.com: New RCE vulnerability impacts nearly half of the internet's email servers http://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/
- www.openwall.com: Qualys Security Advisory http://www.openwall.com/lists/oss-security/2019/06/05/4