Remote code execution

Exim 4.85 through 4.92 fixed in 4.92.1 allows remote code execution as root in some unusual configurations that use the $sort expansion for items that can be controlled by an attacker e.g., $localpart or $domain...

CVE-2019-10149: the Exim remote command execution vulnerability and early warning analysis-vulnerability warning-the black bar safety net

Recently, security researchers found the Exim mail server there is a remote command execution vulnerability, the vulnerability number CVE-2019-10149 it. The vulnerability in the default configuration may be a local attacker to direct the use, by low-privileged user to execute root command, a remo...