Conversation

Notices

1. GeniusMusing (geniusmusing@nu.federati.net)'s status on Tuesday, 04-May-2021 21:14:48 EDT GeniusMusing
   21Nails vulnerabilities impact 60% of the internet's email servers The Record by Recorded Future
   https://therecord.media/21nails-vulnerabilities-impact-60-of-the-internets-email-servers/
   
   >The maintainers of the Exim email server software have released updates today to patch a collection of 21 vulnerabilities that can allow threat actors to take over servers using both local and remote attack vectors.
   >
   >Known as 21Nails, the vulnerabilities were discovered by security firm Qualys.
   >
   >The bugs impact Exim, a type of email server known as a mail transfer agent (MTA) that helps email traffic travel across the internet and reach its intended destinations.
   >
   >While there are different MTA clients available, an April 2021 survey shows that Exim has a market share of nearly 60% among all MTA solutions, being widely adopted around the internet.
   >
   >The 21Nails vulnerabilities, if left unpatched, could allow threat actors to take over these systems and then intercept or tamper with email communications passing through the Exim server.
   >All Exim versions released since 2004 are impacted
   >...
   
   Update now!
   1. lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Tuesday, 04-May-2021 21:47:09 EDT lnxw48a1

      in reply to
      @geniusmusing I think a lot of Linux desktops use a cut-down Exim so they can send logs and error messages to root without having any capacity to reach the general Internet. Though they’re probably not likely to be targeted, the bugs may still exist.
      
      #Time_to_update all your *nix systems.