Abuse Melding

Je hebt een klacht over de onderstaande posting:

16-06-2019, 05:49 door Anoniem

Wat een hoop onzin wordt hier weer uitgekraamt, even de feiten op een rijtje. Alleen versies 4.87-4.91 zijn kwetsbaar. The attack's steps are as follows: 1) The attackers send an email, and in the SMTP dialog of that email, the RCPT_TO field gets an email address that contains a "localpart" crafted by the attackers to exploit the Exim vulnerability. Specifically, the attack uses a specially crafted Envelope-From (532.MailFrom) that looks like the below, it would download a Shell script and directly executes it. 2) The infected Exim server executes that localpart in their own user context, when they receive the email. 3) Since people are still running Exim as root, it will then download a shell script that will open SSH access to the MTA server via a public key to the root user. For now, the only thing Exim server owners can do is to update to version 4.92 as soon as possible, and prevent any attacks from impacting their email servers. 4.92 beschikbaar sinds 10 februari, dus gewoon patchen.

Beschrijf je klacht (Optioneel):

captcha