An anonymous reader quotes a report from NBC News: The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange. The perpetrator, Microsoft said in a blog post, is a hacker group that the company has “high confidence” is working for the Chinese government and primarily spies on American…
Tag: mail server
OpenBSD Mail Server Bug Allowed Remotely Executing Shell Commands As Root
This week a remotely-exploitable vulnerability (granting root privileges) was discovered in OpenSMTPD (OpenBSD’s implementation of server-side SMTP). ZDNet notes that the library’s “portable” version “has also been incorporated into other OSes, such as FreeBSD, NetBSD, and some Linux distros, such as Debian, Fedora, Alpine Linux, and more.”
To exploit this issue, an attacker must craft and send malformed SMTP messages to a…