Critical Vulnerability in EXIM Servers Exposed Millions to Cyber-Attacks
Critical Vulnerability in EXIM Servers Exposed Millions to Cyber-Attacks

This flaw in EXIM email servers leaves millions of users at risk of being hacked by allowing attackers to execute critical commands.

If you are not familiar with the term then you might be wondering what EXIM is? Allow me to explain, EXIM is an open source MTA or mail transfer agent that is responsible for receiving, routing and delivering email messages. This unique source was developed at the University of Cambridge for the use of UNIX systems; is said to feature more straightforward configuration and task management. EXIM includes user options for defense against mail bombs and unsolicited junk mail: users can set options to refuse messages from particular senders, hosts, or networks. EXIM can be run on any TCP/IP network, in conjunction with any combination of host and user software, and is the default MTA included on some LINUX systems. In the last few days millions of EXIM servers have been exposed to Cyber-threats; it is said that all servers running 4.92.1 version may be affected. This security breach tracked as CVE-2019-15846 allows intruders to gain root-level access to the system; this is the second time in three month that EXIM has experience flaws. Basically, when the Exim server is configured to accept TLS connections, hackers can send a backslash-null sequence attached to the end of an SNI package during the initial TLS handshake. This can enable hackers to run malicious codes and obtain root-level access to the system. Experts explained that in order to remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days. It is necessary to transmit one byte every few minutes; however, the experts cannot guarantee that this exploitation method is unique. EXIM team learned about this breach in July and quickly release an update version 4.92.2 with the security patch.

About Us

Established in 2015, Whitelabel ITSolutions is one of the most reliable collocation hosting providers in the United States. With our main data centers in New Jersey, Whitelabel ITSolutions is staffed with a certified team of engineers with a vision of delivering a fully integrated, trusted collocation hosting service. Whether you need a server, backup services or a place to host your full IT infrastructure, Whitelabel ITSolutions will be able to provide a plan for you all with an unparalleled 24/7 customer support available whenever and wherever our clients need it.


To learn more visit: https://whitelabelitsolutions.com or call: (201) 425-4060. You can also follow us on Facebook, Twitter, LinkedIn and Instagram.