The Qualys Research Team has discovered a whopping 21 bugs in the popular mail transfer agent (MTA), which was built to send and receive email on major Unix-like operating systems. Remote code execution, privilege escalation to root and lateral movement through a victim s environment are all on offer for the unpatched or unaware. Researchers said that according to a Shodan search, nearly 4 million Exim servers are directly exposed to the internet. Most of the bugs affect all versions of Exim going back to its inception in 2004.
Source: https://threatpost.com/exim-security-linux-mail-server-takeovers/165894/