A important safety problem has been disclosed within the Exim mail switch agent that would allow menace actors to ship malicious attachments to focus on customers’ inboxes.
The vulnerability, tracked as CVE-2024-39929, has a CVSS rating of 9.1 out of 10.0. It has been addressed in model 4.98.
“Exim via 4.97.1 misparses a multiline RFC 2231 header filename, and thus distant attackers can bypass a $mime_filename extension-blocking safety mechanism, and probably ship executable attachments to the mailboxes of finish customers,” in response to an outline shared on the U.S. Nationwide Vulnerability Database (NVD).
Exim is a free, mail switch agent that is utilized in hosts which can be operating Unix or Unix-like working programs. It was first launched in 1995 to be used on the College of Cambridge.
Assault floor administration agency Censys stated 4,830,719 of the 6,540,044 public-facing SMTP mail servers are operating Exim. As of July 12, 2024, 1,563,085 internet-accessible Exim servers are operating a probably susceptible model (4.97.1 or earlier).
A majority of the susceptible situations are positioned within the U.S., Russia, and Canada.
“The vulnerability may enable a distant attacker to bypass filename extension blocking safety measures and ship executable attachments on to end-users’ mailboxes,” it famous. “If a consumer had been to obtain or run one in all these malicious information, the system may very well be compromised.”
This additionally signifies that potential targets should click on on an hooked up executable for the assault to achieve success. Whereas there are not any stories of lively exploitation of the flaw, it is important that customers transfer shortly to use the patches to mitigate potential threats.
The event comes virtually a 12 months after the challenge maintainers a set of six vulnerabilities in Exim that would end in info disclosure and distant code execution.
