What is it?
Exim is a very popular mail transfer agent (MTA). In 2020, researchers found 21 unique vulnerabilities in Exim. Collectively, these threats are called “21nails.”
Why is it a risk?
While each of the 21 vulnerabilities is a threat, some of the vulnerabilities can be chained together to obtain a full remote unauthenticated code execution and gain root privileges on the Exim Server.
The Qualys Security Advisory linked below provides details about each of the 21 threats.
How can you mitigate the risk?
You should upgrade your installation of Exim to the latest version. See the link below.
Resources:
Qualys Security Advisory
https://www.qualys.com/2021/05/04/21nails/21nails.txt
Exim Download page
