UPDATED 22:39 EST / SEPTEMBER 08 2019

SECURITY

Update now: Exim email server software vulnerable to hacking

Users of the popular Exim email server software are being urged to update their installations following the discovery a vulnerability that can allow hackers to install malicious code with root privileges.

The vulnerability is found in all versions of Exim up to and including 4.92.1 with 4.92.2 released Friday night to address the vulnerability.

The vulnerability, called CVE-2019-15846, was discovered by a security researcher called Zerons in late July. It allows an attacker to take advantage of the TLS ServerName Indicator, a feature that allows TLS to serve different certificates for various websites.

An attacker can create a buffer overflow targeting the feature to gain access to a server running Exim. Since the vulnerability doesn’t depend on the TLS library being used by the server, both GnuTLS and OpenSSL are affected. “The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake,” the security advisory notes.

While certainly not a household name, Exim is widely popular and is used to serve an estimated 57% of all publicly reachable email servers on the internet. Originally designed for Unix servers, Exim is available for Linux and Microsoft Corp. Windows as well. While sitting behind the scenes, Exim powers email in cPanel, which is certainly far better known among those who have owned or have ever set up a website on a server, shared, dedicated or otherwise.

Updating Exim installs is being strongly encouraged by the Exim Maintainers Group, the group of coders who donate their time to support and update Exim. The software is open-source and free to use.

According to Hacker News, the Exim Maintainers are offering assistance. “If you can’t install the above versions, ask your package maintainer for a version containing the backported fix,” it advised. “On request and depending on our resources we will support you in backporting the fix.”

Photo: audioreservoir/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU