FreeBSD : Exim -- RCE in deliver_message() function (45bea6b5-8855-11e9-8d41-97657151f8c2)
High Nessus Plugin ID 125749
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionExim team and Qualys report :
We received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit.
A patch exists already, is being tested, and backported to all versions we released since (and including) 4.87.
The severity depends on your configuration. It depends on how close to the standard configuration your Exim runtime configuration is. The closer the better.
Exim 4.92 is not vulnerable.
SolutionUpdate the affected package.