Exim remote root exploit
Thanks for not tagging a memory corruption issue as a security-related item, guys, and for allowing trivial privilege escalation.
Thanks.
Anyway, the exploit is trivial. telnet trivial.
It's being used with networked vulnerability scans.
The affected version of exim shipped as default for a HUGE number of machines and multiple distributions. It was seen in the wild before it was even acknowledged as a bug, and took the exim team a while to reproduce, so there's a non-zero possibility that if you run Exim 4.69 or earlier that you've been 0wned.
I recommend that if you run Exim you check--Now.
-Kysh
Thanks.
Anyway, the exploit is trivial. telnet trivial.
It's being used with networked vulnerability scans.
The affected version of exim shipped as default for a HUGE number of machines and multiple distributions. It was seen in the wild before it was even acknowledged as a bug, and took the exim team a while to reproduce, so there's a non-zero possibility that if you run Exim 4.69 or earlier that you've been 0wned.
I recommend that if you run Exim you check--Now.
-Kysh