Severe Security Vulnerability in Email Transfer Agent Software Exim Affects About 1.5 Million Email Servers Worldwide

Mail Transfer Agent software (abbreviated as MTA) is primarily responsible for forwarding emails across the network. Exim, an open-source and free software, is a typical example and is widely used as a mail transfer agent.

Exim is designed for Unix and Unix-like systems such as Linux, and its flexibility and configurability make it the preferred mail transfer agent software for many system administrators.

According to internet traffic statistics, 74% of the world's 6.5 million SMTP mail servers can be accessed via Exim (i.e., about 4.83 million servers), and a recently discovered vulnerability in Exim affects over 1.5 million SMTP mail servers.

The cybersecurity company Censys discovered a security vulnerability in Exim, identified as CVE-2024-39929. Exploiting this vulnerability allows attackers to bypass protective mechanisms, enabling them to send unfiltered executable attachments to the end user's mailbox.

This vulnerability affects all versions of Exim, including version 4.97.1. However, not all servers using Exim may be detected due to configuration reasons, and intelligence systems have identified 1.56 million mail servers affected by this issue.

The root of the CVE-2024-39929 vulnerability lies in an error when parsing RFC-2231 headers, which manage the encoding and interpretation of filenames in email attachments. Once exploited, malicious attachments can bypass protective mechanisms and enter the user's mailbox.

Currently, there is no evidence of hackers actively exploiting this vulnerability. However, proof of concept has already appeared in the open-source community, making it only a matter of time before hackers might start exploiting this vulnerability.

On July 10th, Exim released version 4.98 to fix this vulnerability. Along with the fix, the new version of Exim also strengthened the parsing of DKIM DNS records. System administrators using Exim are advised to upgrade to the latest version as soon as possible to ensure security.

Exim(1)Linux(29)mail(5)MTA(1)open source software(41)

Copyright Notice:
Thank you for reading. This article was written by Landian News, and the author is Brook.X. If you wish to repost this article, please include a link to the original: https://landian.news/article/2602.html

{{userData.name}}

Severe Security Vulnerability in Email Transfer Agent Software Exim Affects About 1.5 Million Email Servers Worldwide

Mozilla Foundation is Reinventing Firefox Browser to Challenge Google Chrome and Apple Safari

Ubuntu 24.10 Beta, Code-Named "Oracular Oriole," Releases with Official Launch Slated for October 10 (Not an LTS Version)

Major Changes to Bitwarden: License Modification Suggests a Move Away from Full Open Source

Firefox Tests Vertical Tabs Feature, Currently Available in Nightly Builds

Mozilla Firefox v128.0 Official Release Now Available: Introduces Popular Search Term Recommendations from Search Engines

VMware Workstation to Transition from Proprietary Code to Open Source KVM

Notion Reinvents Email with the Launch of Notion Mail: A Glimpse into the Future of Email Clients

Linux Mint 22 Rolls Out ISO for Testing, Built on Ubuntu 24.04 LTS

Fedora Linux 41 Official Release: Featuring Linux Kernel 6.11 and GNOME 47 Desktop Environment

Linus Torvalds now builds the kernel on Ampere Arm chips instead of Apple's M chips.

MAS v2.8: The Ultimate Free Activation Script for Windows & Office

Arc Browser Halts Development: What's Next for The Browser Company?

Microsoft Once Again Delays the Launch of Windows Recall, Citing the Need for Further Refinement

Apple No Longer Requires Developers to Be in the EU for Debugging iOS Alternative Browser Engines/NFC, etc.

OpenAI's ChatGPT for Windows/Mac Client Introduces Advanced Real-Time Voice Features

Apple Allows EU Users to Delete Core Apps Like App Store and Photos in iOS 18.2

Apple Blocks Methods to Bypass AI Restrictions in iOS 18.2 Beta 3, Including Nugget Software

Linux Kernel Project Removes Entries of Several Russian Contributors Due to "Compliance Requirements"