Exim, which powers 60% of the Internet’s email servers, is vulnerable to a remote code execution (CVE-2019-15846) in all versions prior to 4.92.2 which has just been released to patch the problem. TLS connections must be enabled in order to exploit the vulnerability. The flaw exists in the way Exim handles SNI (Server Name Indication)Read more
Blog
The world’s most popular mail server is vulnerable to a remote command execution flaw Exim is the world’s most popular mail server, with 57% of the mail servers connected to the web running Exim (as of June 2019). The vulnerability reported by Qualys (CVE-2019-10149) affects Exim versions 4.87 to 4.91 inclusive running on several LinuxRead more
