400 thousand servers can be exposed to RCE-attacks because of vulnerability in the mail agent Exim
In the popular agent for sending messages Exim
is detected. A serious vulnerability that allows attackers to remotely execute code. The problem was discovered by researchers at Devcore Security Consulting, according to their estimates, a vulnerable version of Exim can be used by approximately 40?000 servers around the world. bulletin security, which stated that it is difficult to assess the severity of the vulnerability at the moment: "We believe that it is not easy to exploit it." The bug was fixed in Exim ??? version - all users are recommended to install it as soon as possible.
In addition, Positive Technologies experts have created a signature for IDS Suricata, which allows to detect and prevent attempts to exploit the vulnerability CVE-2018-6789 - you can use it by downloading the signature in our system PT Network Attack Discovery :
Fresh #Exim pre-auth # RCE with nice cve id (:
? Affected: ? https://t.co/5Ujjg5MCfv
.-- Attack Detection (@AttackDetection) March ? 2018
P. S. May 15-16 in Moscow will host an international forum on practical information security Positive Hack Days 8. At the moment, applications are accepted during the Call For Papers. Topics are presented at special page , send your orders to [email protected] .