moin moin, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789 ---- An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. ---- Exim might be your default mail daemon (MTA) and might be installed due to package dependencies. Default should have it only listening to localhost, so this issue would not be exploitable unless the attacker is already on your machine. You can see if you even have a mail daemon running by checking to see if you have something listening on port 25. ---- $ ss -tln | grep :25 LISTEN 0 20 127.0.0.1:25 0.0.0.0:* LISTEN 0 20 [::1]:25 [::]:* $ ---- Those are only listening on localhost ( and not exim ), so wouldn't be exploitable even if this box was directly connected to the Internet. If you have 0.0.0.0 or a non-localhost IP while running exim make sure you've updated recently. check for exim on debian-based systems: dpkg -l | grep exim check for exim on rpm-based systems: rpm -qa | grep exim ciao, der.hans -- # https://www.LuftHans.com https://www.PhxLinux.org # Nobody grows old merely by living a number of years. # We grow old by deserting our ideals. # Years may wrinkle the skin, but to give up enthusiasm # wrinkles the soul. -- Samuel Ullman --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss