Exim suffers another ‘critical’ remote code execution flaw
Cyber Security

Exim suffers another ‘critical’ remote code execution flaw

Remember the code execution (RCE) vulnerability in the Exim email server, CVE-2019-15846, from mid-September?

Barely two weeks later, and the software's maintainers have issued an advisory for another potentially troublesome bug, identified as CVE-2019-16928, which has been given the same critical rating.

Affecting all Exim versions between and including 4.92 to 4.92.2, this one's described as:

A heap-based buffer overflow in string_vformat (string.c). The currently known exploit uses an extraordinary long EHLO string to crash the Exim process that is receiving the message.

The “currently known exploit” refers to a proof of concept created by QAX A-Team, which first reported the flaw.

This could lead to at least a denial of service crash in the software but also, more worryingly, the possibility of remote code execution.

The flaw isn't being targeted in the wild yet, but there is a risk this might be a matter of time given that it looks relatively easy to exploit.

You might also like

Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network

Exploit for Critical Windows Defender Bypass Goes Public

NYC subway security flaw and ‘impossible’ Apple Pay vulnerability

Hackers Steal $20M by Exploiting Flaw in Revolut Payments

Comments are closed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More