Almost 60% of email servers on the internet affected by new RCE vulnerability: Report

By Digit NewsDesk | Published on Jun 06 2019
Almost 60% of email servers on the internet affected by new RCE vulnerability: Report

A new Remote Command Execution exploit has been discovered.

It is said to affect about 57 percent of email servers running on Exim worldwide.

Get Redmi 8 4GB+64 GB @ RS.7,999

With 12MP+2MP AI Dual camera, 5000mAh battery, fast charging, Fingerprint sensor + AI Face unlock

Click here to know more

A new RCE vulnerability has been discovered by security research company Qualys and it is said to impact over half of the Internet's email servers. While RCE is usually understood as Remote Code Execution, here, it stands for Remote Command Execution and as its nature implies, the new vulnerability enables a local or remote attacker to run commands on the Exim server as admin. Exim is a Mail Transfer Agent (MTA) software, which runs on email servers to pass on emails from senders to recipients. As noted by ZDNet, a survey conducted in June 2019 reports that Exim is used by about 57 percent of all email servers and the security report by Qualys mentions that the flaw affects Exim installations running versions 4.87 to 4.91.

As per the report, the RCE exploit can be abused instantly by a local attacker and also a remote attacker in some non-default configurations. “To remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes),” states Qualys’ Security Advisory to Linux distro maintainers. The flaw was recently discovered by the research team while conducting a code review of the latest changes in the Exim mail server and the firm is advising companies that rely on Exim to update to it to the latest 4.92 version, which is not affected by the RCE vulnerability. 

Currently tracked under the identifier CVE-2019-10149, the new RCE flaw is called "Return of the WIZard" since it resembles the ancient WIZ and DEBUG vulnerabilities that impacted the Sendmail email server back in the 90s. 

New flaws and vulnerabilities keep popping up but thanks to security researchers who responsibly notify companies, users are mostly shielded from malicious attacks. However, this is not the case every time. A new Windows 10 zero-day vulnerability was recently outed online with a proof of concept video. A zero-day flaw is a vulnerability for which developers have no patch ready and attackers can exploit to for their nefarious intents. The new flaw pertains to local privilege escalation (LPE) and if an intruder finds a way to get into your system, this flaw can be used to gain access over a complete system. You can read more about this exploit here


Tata Sky Binge   All You Need To Know
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.