It exists that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exim exim |
||
debian debian linux 9.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 18.10 |
For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. This is our latest installment, focus...
GRU crew actively exploit hole – but you patched it months ago, right? American intelligence follows British lead in warning of serious VPN vulnerabilities
The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists. The American surveillance super-agency said [PDF] on Thursday the Kremlin's military intelligence hackers are actively targeting some systems vulnerable to CVE-2019-10149, a security hole in the widely used Exim mail transfer agent (MTA) that was fixed last June. Here's a sample of Moscow's exploit code, according to the NSA, which is sent to a vulnerab...