Unpatched Zimbra flaw under attack is letting hackers backdoor servers

EnlargeJeremy Brooks / Flickr

An unpatched code-execution vulnerability in the Zimbra Collaboration software is under active exploitation by attackers using the attacks to backdoor servers.

The attacks began no later than September 7, when a Zimbra customer reported a few days later that a server running the company’s Amavis spam-filtering engine processed an email containing a malicious attachment. Within seconds, the scanner copied a malicious Java file to the server and then executed it. With that, the attackers had installed a web shell, which they could then use to log into and take control of the server.

Zimbra has yet

→ Continue reading at Ars Technica

Related articles


Share article

Latest articles