1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Exim Remote Code Execution CVE-2019-10149

Attack: Exim Remote Code Execution CVE-2019-10149

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Exim.

Additional Information

Exim is a mail transfer agent (MTA) application available for Linux-based and Unix-based operating systems.

Exim is prone to a remote command-execution vulnerability because it fails to sanitize user-supplied input. Specifically, this issue affects the 'deliver_message()' function in '/src/deliver.c' source file.

Successfully exploiting this issue may allow an attacker to execute arbitrary commands as root.

Affected

  • Exim versions 4.87 through 4.91 are vulnerable; other versions may also be affected.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube