Exim suffers another ‘critical’ remote code execution flaw

Remember the remote execution (RCE) vulnerability in the email server, CVE-2019-15846, from mid-September?

Barely two weeks later, and the software’s maintainers have issued an advisory for another potentially troublesome bug, identified as CVE-2019-16928, which has been given the same critical rating.

Affecting all Exim versions between and including 4.92 to 4.92.2, this one’s described as:

A heap-based buffer overflow in string_vformat (string.c). The currently known exploit uses an extraordinary long EHLO string to crash the Exim process that is receiving the message.

The “currently known exploit” refers to a proof of concept created by QAX A-Team, which first reported the flaw.

This could lead to at least a denial of service crash in the software but also, more worryingly, the possibility of remote code execution.

The flaw isn’t being targeted in the wild yet, but there is a risk this might be a matter of time given that it looks relatively easy to exploit.

You might also like More from author

Comments are closed.