Re: [exim] just been hacked, could be CVE-2019-10149?

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMM+-+-\Heiko Schlittermann at <-
MMMM\M\MCyborg at ->
Delete this message
Reply to this message
Author: Jan Ingvoldstad
Date:  
To: exim users
Subject: Re: [exim] just been hacked, could be CVE-2019-10149?
On Wed, Jun 19, 2019 at 1:26 PM Calum Mackay via Exim-users <
exim-users@???> wrote:


> Luckily, it looks like the trojans did nothing more than repeated
> attempts to open up my ssh server to root logins, which I think (and
> hope) didn't actually work, so I may have been lucky, and the damage
> isn't widespread.
>
>
> ought I to be reporting this anywhere?
>
>
As this puts the metadata and content of emails transmitted through your
server at risk, as well as any authenticated user/customer login details
(passwords, too), if you are operating within the EEA, you are bound by the
GDPR and probably have a duty to alert any affected and potentially
affected users/customers about the breach and what kind of data is astray,
etc.
--
Jan
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerableRe: [exim] just been hacked, could be CVE-2019-10149?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)