Hi, I'm running an appliance which includes an Exim MTA and now I'm wondering, if I should be worried because of the RCE with CVSS 9.8 described at the Zero Day Initiative homepage here:
https://www.zerodayinitiative.com/advisories/ZDI-23-1469/ Apparently this has been reported first in 2022, but I'm not sure if this has been fixed, so a statement would be neat, haven't found anything on the website so far. >From their page: """ September 27th, 2023 (0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability ZDI-23-1469 ZDI-CAN-17434 CVE ID [CVE-2023-42115](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115)""" Any information on this would be highly appreciated. Thanks! Best Regards El Duderino. -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
