This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EXIM Vuln. - any news?

Hi,

anyone at Sophos can comment on the EXIM vulns, for instance as described here? https://www.heise.de/news/Jetzt-patchen-Kritische-Root-Luecken-bedrohen-Exim-Mail-Server-6036724.html

Thanks

Joerg

This thread was automatically locked due to age.

Top Replies

bobbylam over 3 years ago +6 verified

Hi all, We just released a new 9.705-7 update on our download server which addresses these exim vulnerabilities.

Parents

0 FormerMember over 3 years ago

Hi JoergRiether,

Thanks for reaching out to the Community!

The internal teams are currently investigating this, and we'll provide an update as soon as more information becomes available.

Thanks,
Cancel
Vote Up +1 Vote Down

Cancel
0 WolfgangS over 3 years ago in reply to FormerMember

How long do they need ?

by the way, the last up2date was 9.705-3. This update is 7 (!) month old !

What the heck are u guys not doin ?

If you dump the utm , then let us know !
Cancel
Vote Up +2 Vote Down

Cancel
0 Marcel Bruckner over 3 years ago in reply to LuCar Toni

so why have the release notes been posted here?
Cancel
Vote Up 0 Vote Down

Cancel
0 FormerMember over 3 years ago in reply to Marcel Bruckner

Hi Marcel Bruckner,

The release notes were posted as a response to WolfgangS comment.

Thanks,
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 3 years ago in reply to Marcel Bruckner

UTM9.706 was built some time ago and is not related to Exim, as it was already finished before Exim vulnerabilities were disclosed.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel
0 Marcel Bruckner over 3 years ago in reply to LuCar Toni

I understand. When can we expect news about the newest Exim vulnerabilities?
Cancel
Vote Up 0 Vote Down

Cancel
0 FormerMember over 3 years ago in reply to Marcel Bruckner
Hi Marcel Bruckner,

We'll update the following blog post with the new information as it becomes available:

Advisory: Multiple Vulnerabilities (AKA 21Nails) in Exim

Thanks,
Cancel
Vote Up +1 Vote Down

Cancel
0 LuCar Toni over 3 years ago in reply to FormerMember

JFYI: The Advisory was updated with the latest information.

__________________________________________________________________________________________________________________
Cancel
Vote Up +2 Vote Down

Cancel
0 JaimeTan Nozawa over 3 years ago in reply to LuCar Toni

The mentioned protection IPS rules are only available on XG 550 or higher models. I would appreciate also release it for models at least +210 or higher.

Thanks
Cancel
Vote Up +1 Vote Down

Cancel
0 reag over 3 years ago in reply to FormerMember

Can't we have just patched exim-related files and instructions in the meantime? I understand utm has no hotfix option out of the box. But such a critical flaw can't wait for a week.

We just recovered from the hafnium nightmare and this is the next critical issue where we can just sit and wait to be exploited.
Cancel
Vote Up +4 Vote Down

Cancel
0 jlbrown over 3 years ago in reply to FormerMember

Will there be a hot fix for those of us on 9.706-8 on the 14th too?
Cancel
Vote Up 0 Vote Down

Cancel
0 solae over 3 years ago in reply to FormerMember

I also agree that this should be addressed faster. For SG there is no workaround in the meantime. We can‘t just replace all SPAM Filers with eg. Sophos Cloud. There neds to be a small fix just for exim, what is taking so long?

Or handle the Exploits with IPS. Just waiting is not an option.

Sophos seems to miss so many things the past years..
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 solae over 3 years ago in reply to FormerMember

I also agree that this should be addressed faster. For SG there is no workaround in the meantime. We can‘t just replace all SPAM Filers with eg. Sophos Cloud. There neds to be a small fix just for exim, what is taking so long?

Or handle the Exploits with IPS. Just waiting is not an option.

Sophos seems to miss so many things the past years..
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data