Millions of Exim servers vulnerable to root-granting exploit



Millions of Exim servers are vulnerable to a security bug that when exploited can grant attackers the ability to run malicious code with root privileges.

All Exim servers running version 4.92.1 and before are vulnerable, the Exim team said in an advisory this week. Version 4.92.2 was released on Friday, September 6, to address the issue.

The issue might seem unimportant to many, but Exim is one of the most prevalent software today. Exim is a mail transfer agent (MTA), which is software that runs in the background of email servers. While email servers often send or receive messages, they also act as relays for other people’s emails. This is the MTA’s job.

Read more…