The crew behind Exim reported that a glitch in its email server software program is currently exposing millions of email servers all over the world to potential breaches. Exim is a mail transfer agent (MTA) that runs in the background of email servers. It aids in the sending and receiving of email messages and helps servers act as relays for other customers’ emails. All models of Exim up to and including version 4.92.1 are affected.
The Exim staff said in a recent advisory that anybody who’s at present running Exim over TLS connections is vulnerable. Per the developers, the glitch is unrelated to the TLS libraries, so all Exim email servers are affected, regardless of the TLS library they use.
If the server makes use of TLS, then a hacker could send a Server Name Identification (SNI) ending in a backslash-null sequence during the preliminary TLS connection. This would permit local or remote hackers to run malicious code with root privileges.
A security researcher names “Zerons” first informed the Exim crew about the glitch in July, at which point the Exim developers began working on a patch. The staff has already issued the patch and started to inform the community of email server owners in regards to the defect at the beginning of September.
Some platform vendors, such as the makers of the popular cPanel software program for hosting servers, have already added the patch into their offering. Several different owners of email servers will have to repair it manually or else remain uncovered to breaches.
A brief alternative to fixing would be to disable TLS encryption for emails and send customers’ emails in the plaintext over the Web.