A new vulnerability in Exim, named BDAT, allows remote attackers to execute code on mail servers using GnuTLS. The flaw exploits the binary data transfer process, compromising systems that use this cryptographic library. The urgency to update affected versions and review security configurations is high to mitigate risks.
Technical details of the BDAT flaw and its exploitation 🔐
The vulnerability lies in the incorrect handling of binary data during TLS negotiation in Exim, allowing buffer overflows that enable remote code execution. It affects builds using GnuTLS, not OpenSSL. Official patches are already available, and it is recommended to apply immediate updates, as well as monitor logs for anomalous patterns of incoming connections.
Email: now with free remote code execution 📧
Because nothing says trust like a mail server that gifts you root access to your system. BDAT, which sounds like a new battery format, actually discharges a dangerous voltage into your network. If your Exim still uses GnuTLS, congratulations: you have a backdoor you didn't ask for. Update before your server starts sending spam emails from its new life as a bot.