Re: [exim] just been hacked, could be CVE-2019-10149?

Top Page
Delete this message
Reply to this message
Author: Calum Mackay
Date:  
To: exim users
Subject: Re: [exim] just been hacked, could be CVE-2019-10149?
Interesting point, thanks Jan.

No external users/customers on this system, fortunately. If there were,
or it had anything sensitive anywhere near it, I'd not have been running
unstable on it, and it would have been updated much more frequently.

thanks,
calum.


On 19/06/2019 3:18 pm, Jan Ingvoldstad via Exim-users wrote:
> On Wed, Jun 19, 2019 at 1:26 PM Calum Mackay via Exim-users <
> exim-users@???> wrote:
>
>
>> Luckily, it looks like the trojans did nothing more than repeated
>> attempts to open up my ssh server to root logins, which I think (and
>> hope) didn't actually work, so I may have been lucky, and the damage
>> isn't widespread.
>>
>>
>> ought I to be reporting this anywhere?
>>
>>
> As this puts the metadata and content of emails transmitted through your
> server at risk, as well as any authenticated user/customer login details
> (passwords, too), if you are operating within the EEA, you are bound by the
> GDPR and probably have a duty to alert any affected and potentially
> affected users/customers about the breach and what kind of data is astray,
> etc.
>