Jump to content


Attacks against EXIM vuln ...

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 17 December 2010 - 02:49 PM


Attacks against EXIM vuln...
- http://isc.sans.edu/...l?storyid=10093
Last Updated: 2010-12-17 17:40:25 UTC - "Users of the popular exim mail server report attacks exploiting the recently patched vulnerability [1,2]. It appears that the attacks are scripted and installing popular rootkits...
[1] http://www.reddit.co...nstalled_on_my/
[2] http://www.exim.org/...b32d4f2.en.html ..."

- http://www.kb.cert.org/vuls/id/682457
Last Updated: 2010-12-13 - "... Solution: Apply an update: Users who obtain Exim from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors. This vulnerability is reportedly addressed in Exim version 4.70. Users of Exim from the original source distribution should upgrade to this version or later, as appropriate. Users who are unable to upgrade are encouraged to apply the following patch from the Exim developers:
- http://git.exim.org/...itdiff/24c929a2 ..."

Related: cPanel update: http://www.cpanel.ne...ity-update.html

- http://web.nvd.nist....d=CVE-2010-4344
Last revised: 12/21/2010
CVSS v2 Base Score: 9.3 (HIGH)

:ph34r: :grrr: :ph34r:

Edited by AplusWebMaster, 21 December 2010 - 06:35 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button