Multiple Vulnerabilities in Exim Mail Server - DataSec Peripherals Pvt Ltd

Multiple Vulnerabilities in Exim Mail Server

Post author:shashikant redekar
Post published:May 12, 2021
Post category:Vulnerabilities
Post comments:0 Comments

Original Issue Date : May 11, 2021

Severity Rating: HIGH

1. Software Affected

Exim Mail Server versions prior to 4.94.2

2. Overview

Multiple vulnerabilities have been reported in Exim Mail Server which could be exploited by an attacker to execute arbitrary code, gain elevated privileges and conduct other attacks on a targeted system.

3. Description

These vulnerabilities exist in Exim Mail Server due to integer overflow, out of bounds write, out of bounds read, heap buffer overflow, heap buffer underflow, use after free and other errors in various components.

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges and conduct other attacks on a targeted system.

4. Solution

Update to Exim mail server version 4.94.2

https://www.exim.org/mirrors.html

5. Reference

https://www.cybersecurity-help.cz/vdb/SB2021050419

https://www.zdnet.com/article/security-researchers-found-21-flaws-in-this-widely-used-email-server-so-update-immediately/

6. Disclaimer The information provided herein is on “as is” basis, without warranty of any kind

Leave a Reply Cancel reply