Re: [exim] just been hacked, could be CVE-2019-10149?

Top Page
Delete this message
Reply to this message
Author: Calum Mackay
Date:  
To: Odhiambo Washington
CC: exim users
Subject: Re: [exim] just been hacked, could be CVE-2019-10149?
thanks all, for the replies.

On 11/06/2019 7:27 am, Odhiambo Washington wrote:
>     ought I to be reporting this anywhere?

>
> Whom would you like to report to?? :-)
> All vulnerable versions of Exim had a patch released several days ago.


Yes, I meant that there are clearly now exploits active, although all of
the websites I found describing it say otherwise, but of course, they're
a few days out of date, and perhaps it's just obvious that there now
will be active exploits.


Unfortunately, I had been distracted by other issues, and had fallen behind.

Luckily, although the exploit succeeded, it doesn't seem to have tried
anything other than opening up SSH to remote root logins, which didn't
work on my system.

Patched now.

thanks again,
calum.