all InfoSec news
A Vulnerability in EXIM Could Allow for Arbitrary Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability has been discovered in EXIM which could allow for arbitrary code execution. Exim is a mail transfer agent (MTA) for hosts that are running Unix or Unix-like operating systems. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the service account. An unauthenticated attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.