censys.com
Open in
urlscan Pro
2606:4700::6812:e5b
Public Scan
URL:
https://censys.com/cve-2024-39929/
Submission: On July 15 via api from TR — Scanned from DE
Submission: On July 15 via api from TR — Scanned from DE
Form analysis
2 forms found in the DOM<form id="mktoForm_1156" __bizdiag="196352707" __biza="W___" novalidate="novalidate" class="mktoForm mktoHasWidth mktoLayoutAbove" style="font-family: inherit; font-size: 13px; color: rgb(51, 51, 51); width: 1601px;">
<style type="text/css"></style>
<div class="mktoFormRow">
<div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 5px;">
<div class="mktoOffset" style="width: 5px;"></div>
<div class="mktoFieldWrap mktoRequiredField"><label for="Email" id="LblEmail" class="mktoLabel mktoHasWidth" style="width: 300px;">
<div class="mktoAsterix">*</div>Email Address
</label>
<div class="mktoGutter mktoHasWidth" style="width: 5px;"></div><input id="Email" name="Email" maxlength="255" aria-labelledby="LblEmail InstructEmail" type="email" class="mktoField mktoEmailField mktoHasWidth mktoRequired"
aria-required="true" style="width: 300px;"><span id="InstructEmail" tabindex="-1" class="mktoInstruction"></span>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Last_UTM_Medium__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="NULL" style="margin-bottom: 5px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Last_UTM_Source__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="NULL" style="margin-bottom: 5px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Last_UTM_Campaign__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="NULL" style="margin-bottom: 5px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow">
<div class="mktoFormCol" style="margin-bottom: 5px;">
<div class="mktoOffset mktoHasWidth" style="width: 5px;"></div>
<div class="mktoFieldWrap">
<div class="mktoHtmlText mktoHasWidth" style="width: 332px;"><em>Censys uses the contact information you provide to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how
to unsubscribe, as well as our commitment to protecting your privacy, please review our <a href="https://censys.io/privacy-policy/" target="_blank" id="">Privacy Policy</a>.</em></div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow">
<div class="mktoPlaceholder mktoPlaceholderGDPR_Consent__c"></div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow">
<div class="mktoPlaceholder mktoPlaceholderExplicit_Opt_In__c"></div>
<div class="mktoClear"></div>
</div>
<div class="mktoButtonRow"><span class="mktoButtonWrap mktoNative" style="margin-left: 110px;"><button type="submit" class="mktoButton">SUBSCRIBE</button></span></div><input type="hidden" name="formid" class="mktoField mktoFieldDescriptor"
value="1156"><input type="hidden" name="munchkinId" class="mktoField mktoFieldDescriptor" value="120-HWT-117">
</form>
<form __bizdiag="-488594213" __biza="W___" novalidate="novalidate" class="mktoForm mktoHasWidth mktoLayoutAbove"
style="font-family: inherit; font-size: 13px; color: rgb(51, 51, 51); visibility: hidden; position: absolute; top: -500px; left: -1000px; width: 1600px;"></form>
Text Content
Skip to content Censys Search Teams: Industry-leading internet intelligence for growing security teams and organizations | Learn More Dismiss message Toggle Menu * Products < Back PRODUCTS Explore the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management. * Censys Search * Censys Search Commercial Pricing * Censys Attack Surface Management * The Censys Internet Map * Integrations * Solutions < Back SOLUTIONS Discover how to empower your security teams to defend attack surfaces and hunt for threats. * External Attack Surface Management * Cloud Asset Discovery * Exposure and Risk Management * Rapid Response * Subsidiaries, Mergers, and Acquisitions * Security Framework & Compliance * Threat Hunting * Federal * Resources < Back RESOURCES Explore Censys thought leadership on threat hunting, attack surface management, and industry trends. * Resource Hub * Blogs * Censys Search Pricing * Glossary * Exposure Management 101 * Search Documentation * Attack Surface Management Documentation * Company < Back COMPANY Learn more about the Censys mission and the talented team behind it. * About * Leadership * Board of Directors * Customers * Careers * Diversity & Inclusion * Benefits * Partners * Search Now * Request a Demo Advisory JULY 10, 2024 ADVISORY: VULNERABILITY IN EXIM MTA COULD ALLOW MALICIOUS EMAIL ATTACHMENTS PAST FILTERS [CVE-2024-39929] SHARE * Share post on LinkedIn * Share post on Twitter * Share post on Facebook * Share via email July 10, 2024 Tags: * Email * Rapid Response * Date of Disclosure: 2024-07-04 * CVE-ID and CVSS Score: CVE-2024-39929 – CVSS 9.1 * Issue Name and Description: A vulnerability in Exim MTA due to a bug in RFC 2231 header parsing could potentially allow remote attackers to deliver malicious attachments to user inboxes. * Asset Description: * Exim is a free mail transfer agent (MTA) that’s widely used on Unix-like operating systems. This vulnerability affects Exim releases up to and including 4.97.1 * Of the 6,540,044 public facing SMTP mail servers Censys sees online, 4,830,719 (~74%) are running Exim, highlighting how widespread it is. * Vulnerability Impact: The vulnerability could allow a remote attacker to bypass filename extension blocking protection measures and deliver executable attachments directly to end-users’ mailboxes. If a user were to download or run one of these malicious files, the system could be compromised. * Exploitation Details: A PoC is available, but no active exploitation is known yet. * Patch Availability: This issue is fixed in Exim 4.98: https://github.com/Exim/exim/compare/exim-4.98-RC2…exim-4.98-RC3 * Censys Perspective: As of July 10, 2024, Censys observes 1,567,109 publicly exposed Exim servers running a potentially vulnerable version (4.97.1 or earlier), concentrated mostly in the United States, Russia, and Canada. So far, 82 public-facing servers show indications of running a patched release of 4.98. * Detection with Censys: The following queries can be leveraged to identify Censys-visible public-facing Exim instances running potentially vulnerable versions affected by this CVE. * Censys Search Query for Potentially Vulnerable Exposures: services.software: (product=”exim” and version: [* to 4.97.1]) * Censys ASM Query for Potentially Vulnerable Exposures: host.services.software: (product=”exim” and version: [* to 4.97.1]) or web_entity.instances.software: (product=”exim” and version: [* to 4.97.1]) * Censys ASM Risk Query for customers: risks.name=”Vulnerable Exim Server [CVE-2024-39929]” * Risk matches should populate in customer workspaces within 24 hours. * References: * https://bugs.exim.org/show_bug.cgi?id=3099#c4 * https://ubuntu.com/security/CVE-2024-39929 * https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357 * https://nvd.nist.gov/vuln/detail/CVE-2024-39929 Back to Resources Hub GIVE US A CALL: US: 1-888-985-5547 Intl: +1-877-438-9159 * Home * Censys Search * Censys Search Commercial Pricing * Attack Surface Management * The Censys Internet Map * Integrations * Partners * Censys for Federal * Resource Hub * Blog * Glossary * About Censys * Culture * Careers * Contact Us * * SUBSCRIBE TO OUR BLOG * Email Address Censys uses the contact information you provide to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our commitment to protecting your privacy, please review our Privacy Policy. SUBSCRIBE © 2024 Censys * Data Retention Policy * Privacy Policy * Terms & Conditions Show CTA Attack Surface Management Solutions Learn more English * Deutsch * Français * Español