Quote:A veritable cornucopia of security vulnerabilities in the Exim mail server have been uncovered, some of which could be chained together for unauthenticated remote code execution (RCE), gaining root privileges and worm-style lateral movement, according to researchers.
 
The Qualys Research Team has discovered a whopping 21 bugs in the popular mail transfer agent (MTA), which was built to send and receive email on major Unix-like operating systems. It comes pre-installed on Linux distributions such as Debian, for instance.
 
“MTAs are interesting targets for attackers because they are usually accessible over the internet,” according to the Qualys analysis, issued on Tuesday. “Once exploited, they could modify sensitive email settings on the mail servers, allow adversaries to create new accounts on the target mail servers,” Qualys Senior Manager of Vulnerabilities Bharat Jogi said in a post.
 
Researchers said that according to a Shodan search, nearly 4 million Exim servers are directly exposed to the internet.
 
Out of the 21 vulns, which Qualys collectively dubbed “21 Nails,” 10 of them can be exploited remotely. And, most of them can be exploited in either default configuration or “in a very common configuration,” according to Qualys. Also, most of them affect all versions of Exim going back to its inception in 2004.