Update released for critical vulnerabilities in Exim
Qualys has discovered and released a detailed security advisory about 21 vulnerabilities in Exim. These are a combination of Remote Code Execution (RCE), both authenticated and unauthenticated, and privilege escalation. An attacker could exploit a combination of these to gain root access on vulnerable Exim servers.
CERT NZ recommends all Exim users upgrade to 4.94.2, or the fixed version from your upstream package repository.
Exim versions before 4.94.2
For a full list of vulnerabilities and affected versions, you can read the Qualys Security Advisory. External Link
What this means
An attacker could gain root access on vulnerable mail servers by exploiting unauthenticated RCE, and a privilege escalation vulnerability. This level of access can lead to data exfiltration and further network compromise.
What to look for
How to tell if you're at risk
You are at risk if you are running Exim mail servers older than 4.94.2. Some Linux distributions will backport security fixes to older versions, check the release notes relevant to your systems.
What to do
Upgrade to 4.94.2, or apply patches from your distribution that fix this issue.
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
For media enquiries, email our media desk at firstname.lastname@example.org or call the MBIE media team on 027 442 2141.