Exim vulnerability affecting 1.5M servers lets attackers attach malicious files
A critical vulnerability in Exim mail transfer agent (CVE-2024-39929) exposes 1.5 million email servers to attacks delivering malicious attachments. No active exploits reported, but admins urged to update Exim to version 4.98 RC3 for protection.
Read original article
A critical vulnerability in the Exim mail transfer agent, tracked as CVE-2024-39929, has left over 1.5 million email servers exposed to attacks that can deliver malicious executable attachments to user accounts. Security researchers have highlighted the severity of this issue, as threat actors can easily bypass protections against such attachments, making it easier to distribute malware through emails. While there have been no reported active exploitations yet, the large number of vulnerable servers raises concerns about potential targeting. The vulnerability exists in Exim versions up to 4.97.1, with a fix available in the Release Candidate 3 of Exim 4.98. Although user interaction is required for the attack to succeed, social engineering tactics can still make it a significant threat. Admins are advised to prioritize updating their Exim servers to the latest secure version to mitigate the risk of exploitation.
Related
MOVEit Transfer: Auth bypass and a look at exposure
Progress Software disclosed two critical authentication bypass CVEs affecting MOVEit Transfer and Gateway products on June 25, 2024. CVE-2024-5806 was upgraded from High to Critical. Censys reported 2,700 instances concentrated in the US, emphasizing ongoing vigilance.
RegreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems
A vulnerability in OpenSSH's server on glibc-based Linux systems (CVE-2024-6387) allows remote code execution. Exploiting this flaw requires precise timing. The advisory discusses exploitation details, success rates, and contacting developers for related issues.
Remote Unauthenticated Code Execution in OpenSSH Server
Qualys found regreSSHion, a critical RCE flaw in OpenSSH on glibc-based Linux systems. Over 14 million servers are at risk, with potential root access. Qualys created an exploit but delays release for patching.
'Almost every Apple device' vulnerable to CocoaPods
Security researchers found vulnerabilities in CocoaPods, allowing malicious code insertion and remote code execution. Pod owners were at risk of a zero-click takeover. CocoaPods issued patches, emphasizing the need for secure software development practices.
Latest Ghostscript vulnerability haunts experts as the next big breach enabler
Infosec experts warn of critical Ghostscript vulnerability CVE-2024-29510 allowing RCE. Despite medium severity rating, exploit could lead to severe impacts like file manipulation. Urgent patching advised to prevent breaches.
0 commentsRelated
MOVEit Transfer: Auth bypass and a look at exposure
Progress Software disclosed two critical authentication bypass CVEs affecting MOVEit Transfer and Gateway products on June 25, 2024. CVE-2024-5806 was upgraded from High to Critical. Censys reported 2,700 instances concentrated in the US, emphasizing ongoing vigilance.
RegreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems
A vulnerability in OpenSSH's server on glibc-based Linux systems (CVE-2024-6387) allows remote code execution. Exploiting this flaw requires precise timing. The advisory discusses exploitation details, success rates, and contacting developers for related issues.
Remote Unauthenticated Code Execution in OpenSSH Server
Qualys found regreSSHion, a critical RCE flaw in OpenSSH on glibc-based Linux systems. Over 14 million servers are at risk, with potential root access. Qualys created an exploit but delays release for patching.
'Almost every Apple device' vulnerable to CocoaPods
Security researchers found vulnerabilities in CocoaPods, allowing malicious code insertion and remote code execution. Pod owners were at risk of a zero-click takeover. CocoaPods issued patches, emphasizing the need for secure software development practices.
Latest Ghostscript vulnerability haunts experts as the next big breach enabler
Infosec experts warn of critical Ghostscript vulnerability CVE-2024-29510 allowing RCE. Despite medium severity rating, exploit could lead to severe impacts like file manipulation. Urgent patching advised to prevent breaches.