Exim suffers another ‘critical’ remote code execution flaw
Remember the critical remote code execution (RCE) vulnerability in the Exim email server, CVE-2019-15846, from mid-September?
Barely two weeks later, and the software's maintainers have issued an advisory for another potentially troublesome bug, identified as CVE-2019-16928, which has been given the same critical rating.
Affecting all Exim versions between and including 4.92 to 4.92.2, this one's described as:
A heap-based buffer overflow in string_vformat (string.c). The currently known exploit uses an extraordinary long EHLO string to crash the Exim process that is receiving the message.
The “currently known exploit” refers to a proof of concept created by QAX A-Team, which first reported the flaw.
This could lead to at least a denial of service crash in the software but also, more worryingly, the possibility of remote code execution.
The flaw isn't being targeted in the wild yet, but there is a risk this might be a matter of time given that it looks relatively easy to exploit.
Comments are closed.