Home Unlabelled CVE-2019-15846: Exim – remote attacker can execute programs with root privileges

CVE-2019-15846: Exim – remote attacker can execute programs with root privileges

By
Friday, September 06, 2019
Read
Add Comment

CVE ID: CVE-2019-15846


 Credits: Zerons , Qualys Version(s): all versions up to and including 4.92.1 Issue: The SMTP Delivery process in all¹ versions up to and including Exim 4.92.1 has a Buffer Overflow. In the default runtime configuration, this is exploitable with crafted Server Name Indication (SNI) data during a TLS negotiation. In other configurations, it is exploitable with a crafted client TLS certificate. Details: doc/doc-txt/cve-2019-15846 in the downloaded source tree

 Coordinated Release Date (CRD) for Exim 4.92.2: 2019-09-06 10:00 UTC

 Contact: security@???

We released Exim 4.92.2. This is a security update based on 4.92.1.

Mitigation

==========

Do not offer TLS for incomming connections (tls_advertise_hosts).

This mitigation is *not* recommended!

Downloads

=========

Starting at CRD the downloads will be available from the following

sources:

Release tarballs (exim-4.92.2):


 https://ftp.exim.org/pub/exim/exim4/

The package files are signed with my GPG key.

The full Git repo:


 https://git.exim.org/exim.git https://github.com/Exim/exim [mirror of the above] - tag exim-4.92.2 - branch exim-4.92.2+fixes

The tagged commit is the officially released version. The tag is signed

with my GPG key. The +fixes branch isn't officially maintained, but

contains useful patches *and* the security fix. The relevant commit is

signed with my GPG key. The old exim-4.92.1+fixes branch is being functionally

replaced by the new exim-4.92.2+fixes branch.

¹) We've indication, that only versions starting with 4.80 up to and

including 4.92.1 are affected.


 Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -


from Hacker News https://ift.tt/2Lxr5IF
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us