|Original author(s)||Philip Hazel (started 1995)|
|Developer(s)||The Exim Maintainers|
Thus you can expect hackers, crackers and NSA to target it.
Exim < 4.86.2 – Privilege Escalation
„This vulnerability could be exploited by attackers who have local access to the
system to escalate their privileges to root which would allow them to fully
compromise the system.“
„To exploit this setting and gain the effective root privilege of the SUID binary,
attackers can inject PERL5OPT perl environment variable, which does not get
cleaned by affected versions of Exim.“
what version of mail server you are running you can test with telnet connecting to the SMTP port of your server:
telnet domain.com 25 # or telnet domain.com 587
Connection closed by foreign host. user@debian9:~$ telnet mx.freenet.de 587 Trying 18.104.22.168... Connected to mx.freenet.de. Escape character is '^]'. 220 mx0.freenet.de ESMTP Exim 4.85 Thu, 06 Jul 2017 11:27:46 +0200 ^C quit Connection closed by foreign host. user@debian9:~$ telnet mail.gmx.net 587 Trying 22.214.171.124... Connected to mail.gmx.net. Escape character is '^]'. 220 gmx.com (mrgmx002) Nemesis ESMTP Service ready quit 221 gmx.com Service closing transmission channel Connection closed by foreign host. user@debian9:~$ telnet mail.your-server.de 587; # hetzner Trying 126.96.36.199... Connected to mail.your-server.de. Escape character is '^]'. 220 sslproxy02.your-server.de ESMTP Exim 4.84_2 Thu, 06 Jul 2017 11:29:00 +0200 quit 221 sslproxy02.your-server.de closing connection Connection closed by foreign host.
PS: All Cisco devices have NSA-backdoors factory build-in… have PHUN! 😀