Critical Zero Day in Exim Mail Transfer Agent Enables Takeover of Exposed Servers
ShinyHunters gang member pleads guilty, Killnet claims DDoS against royal family website, POC published for SharePoint bypass, FBI warns of multiple ransomware gang strains, much more
An anonymous security researcher discovered and Trend Micro's Zero Day Initiative (ZDI) disclosed a critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software that can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers.
The security bug (CVE-2023-42115) is due to an Out-of-bounds Write weakness in the SMTP service. While this type of issue can lead to software crashes or data corruption following successful exploitation, attackers can also abuse it for code or command execution on vulnerable servers.
ZDI initiative said, "The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.