According to the version from its Banner, the remote Exim is prone to multiple vulnerabilities. 1. Exim creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible. 2. Exim is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges on affected computers. Versions prior to Exim 4.72 RC2 are vulnerable.
Updates are available please see the references for more information.
Updated on 2015-03-25
- Sendmail Parsing Redirection DOS
- Code-Crafters Ability Mail Server IMAP FETCH Request Remote Denial Of Service Vulnerability
- Sendmail custom configuration file
- Microsoft Windows SMTP Server DNS spoofing vulnerability
- MailEnable 'MESMTRPC.exe' SMTP Service Multiple Remote Denial of Service Vulnerabilities