Almost 60% of email servers on the internet affected by new RCE vulnerability: Report

By Digit NewsDesk | Updated 6 Jun 2019
Almost 60% of email servers on the internet affected by new RCE vulnerability: Report
  • A new Remote Command Execution exploit has been discovered.
  • It is said to affect about 57 percent of email servers running on Exim worldwide.

A new RCE vulnerability has been discovered by security research company Qualys and it is said to impact over half of the Internet's email servers. While RCE is usually understood as Remote Code Execution, here, it stands for Remote Command Execution and as its nature implies, the new vulnerability enables a local or remote attacker to run commands on the Exim server as admin. Exim is a Mail Transfer Agent (MTA) software, which runs on email servers to pass on emails from senders to recipients. As noted by ZDNet, a survey conducted in June 2019 reports that Exim is used by about 57 percent of all email servers and the security report by Qualys mentions that the flaw affects Exim installations running versions 4.87 to 4.91.

advertisements

As per the report, the RCE exploit can be abused instantly by a local attacker and also a remote attacker in some non-default configurations. “To remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes),” states Qualys’ Security Advisory to Linux distro maintainers. The flaw was recently discovered by the research team while conducting a code review of the latest changes in the Exim mail server and the firm is advising companies that rely on Exim to update to it to the latest 4.92 version, which is not affected by the RCE vulnerability. 

Currently tracked under the identifier CVE-2019-10149, the new RCE flaw is called "Return of the WIZard" since it resembles the ancient WIZ and DEBUG vulnerabilities that impacted the Sendmail email server back in the 90s. 

New flaws and vulnerabilities keep popping up but thanks to security researchers who responsibly notify companies, users are mostly shielded from malicious attacks. However, this is not the case every time. A new Windows 10 zero-day vulnerability was recently outed online with a proof of concept video. A zero-day flaw is a vulnerability for which developers have no patch ready and attackers can exploit to for their nefarious intents. The new flaw pertains to local privilege escalation (LPE) and if an intruder finds a way to get into your system, this flaw can be used to gain access over a complete system. You can read more about this exploit here

advertisements
advertisements
Digit NewsDesk
The guy who answered the question 'What are you doing?' with 'Nothing'.
advertisements
ASK DIGIT

Recent Questions

internet use by apps
t ruth pushpalatha
Sept 3, 2014
Responses 4
vishal Pallerla
Sept 4, 2014
Vivek Bhatt
Sept 4, 2014
Lalrindika Ralte
Sept 4, 2014
Hina
Sept 7, 2014
Comments
Be the first one to post the comment
Post a New Comment
You must be signed in to post a comment
advertisements