Page 1 of 1

Please Patch vulnerable Exim email server

PostPosted:20 Jun 2019 15:43
by edogawa
I received a confirmation from my VPS provider, that there is a vulnerable Exim email server.

The information is as below. Please help provide a patch update.

====================================

We have received a notice about vulnerable Exim email server(s) in your account. We ask that you patch the vulnerabilities presented as soon as possible. If the system cannot be updated, it is recommended that email services are shut down or traffic to the vulnerable Exim services in the TCP ports mentioned in the report is restricted with a firewall.
-----------------------------------------------------------------------------

INSTRUCTIONS FOR SYSTEM OWNERS OR ADMINISTRATORS

NCSC-FI has detected a vulnerable Exim email server in your
network. We published an alert on June 11th on a critical Exim
vulnerability:

https://www.kyberturvallisuuskeskus.fi/ ... a-breaches

The vulnerability can enable an attacker to take control of the
affected system. NCSC-FI has received several reports on data breaches
in Finland where attackers have penetrated systems using the Exim
vulnerability. In connection with the data breaches, the attacker has
installed a backdoor on the server for a later entry.

Typically the vulnerabilities are related to unpatched Linux systems,
which should be updated as soon as possible. In some cases the Exim
services are included in a cPanel package. The cPanel project has also
provided updates.

If the system cannot be updated, it is recommended that email services
are shut down or traffic to the vulnerable Exim services in the TCP
ports mentioned in the report is restricted with a firewall.

Alla esitetyt tiedot ovat seuraavassa muodossa:
The information below follows the following format:
IP | Timestamp | Open ports | SMTP banner