logo
welcome
About us
Newsletter
News Widget
Media Inquiries

Summary

Mail Server Vulnerability Exploited

This is a news story, published by Ars Technica, that relates primarily to Zimbra news.

News about Us crime, violence, terrorism & cybercrime

For more Us crime, violence, terrorism & cybercrime news, you can click here:

more Us crime, violence, terrorism & cybercrime news

Ars Technica news

For more news from Ars Technica, you can click here:

more news from Ars Technica

About the Otherweb

Otherweb, Inc is a public benefit corporation, dedicated to improving the quality of news people consume. We are non-partisan, junk-free, and ad-free. We use artificial intelligence (AI) to remove junk from your news feed, and allow you to select the best politics news, business news, entertainment news, and much more. If you like this article about Us crime, violence, terrorism & cybercrime, you might also like this article about

exploit emails

. We are dedicated to bringing you the highest-quality news, junk-free and ad-free, about your favorite topics. Please come every day to read the latest malicious emails news, Zimbra email news, news about Us crime, violence, terrorism & cybercrime, and other high-quality news about any topic that interests you. We are working hard to create the best news aggregator on the web, and to put you in control of your news feed - whether you choose to read the latest news through our website, our news app, or our daily newsletter - all free!

vulnerable Zimbra servers
Ars Technica

Ars Technica

Attackers exploit critical Zimbra vulnerability using cc’d email addresses

Ars Technica
Summary
Nutrition label

74% Informative

The vulnerability resides in the Zimbra email and collaboration server used by medium and large organizations.

When an admin changes default settings to enable the postjournal service, attackers can execute commands by sending maliciously formed emails to an address hosted on the server.

The malicious emails were sent by the IP address 79.124.49[.]86 and, when successful, attempted to run a file hosted there using the tool known as curl.

The payload isn't delivered through emails directly, but rather through a direct connection to the malicious server.

VR Score

68

Informative language

63

Neutral language

50

Article tone

informal

Language

English

Language complexity

66

Offensive language

not offensive

Hate speech

not hateful

Attention-grabbing headline

not detected

Known propaganda techniques

not detected

Time-value

short-lived

External references

3

https://infosec.exchange/@justicerage/113231837285277188https://infosec.exchange/@iagox86/113239595233469260https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Source diversity

2

infosec.exchangewiki.zimbra.com

Affiliate links

no affiliate links

Read full article