This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EXIM RCE CVE-2019-15846 URGENT

Hi, this seems to be urgent to me as this is remote exploitable. Any update from Sophos for UTM regarding this? Thanks Joerg

 

https://seclists.org/oss-sec/2019/q3/192

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846

https://www.heise.de/security/meldung/Mailserver-Exim-CERT-Bund-kuendigt-Update-fuer-kritische-Schwachstelle-an-4514414.html

 



This thread was automatically locked due to age.
Parents Reply
  • All, Through our reseller I received the following reply from Sophos support: We are not impacted on both (XG and UTM) as we strip such headers before it reach to forwarder. But we will add the patch in upcoming MR to avoid any future issues. Cyberoam don’t use Exim at all so not affected. We are working on a notification for this and should be made available soon.
Children