#SMTPservers

Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes

by

July 12, 2024 at 11:27AM Censys warns of a critical vulnerability affecting over 1.5 million internet-accessible Exim mail transfer agent installations. Tracked as CVE-2024-39929, it enables attackers to deliver malicious executables to user mailboxes, potentially leading to code execution and system compromise. Despite a patched version being available, most servers remain unpatched, with a PoC … Read more

SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails

by

January 3, 2024 at 06:18AM A new exploitation technique called SMTP smuggling allows threat actors to send malicious emails with fake sender addresses, bypassing security measures. The method exploits vulnerabilities in messaging servers from Microsoft, GMX, and Cisco, impacting SMTP implementations from Postfix and Sendmail. Cisco users are advised to change settings to avoid receiving … Read more