A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the “root” user. About CVE-2019-10149 CVE-2019-10149 was discovered by Qualys researchers. It is a remote command execution vulnerability that is exploitable instantly by a local attacker and by a remote attacker in certain non-default configurations. “The vulnerability is critical: it allows a local user to easily run commands as … Continue reading Critical Exim flaw exploitable locally and remotely, patch ASAP!