Exim Remote Exploit Detected

A remotely exploitable vulnerability in Exim has been detected. This article will be updated as soon as a fix has been released.

UPDATED 10 Dec 2010 to add two references links regarding the problem. No permanent fix is available right now.

UPDATE 13 Dec 2010 – The Exim development team is saying that only Exim versions 4.69 and below are affected. Exim 4.70 was released in November 2009, and the current latest available version is 4.72 (released June 2010).

References:
http://www.exim.org/
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html
http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity
Twitter: twitter.com/patchmanagement

Share

Leave a Reply