vulnerability

Exim: Handcrafted message can cause a buffer overflow (CVE-2018-6789)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Feb 8, 2018	Jun 7, 2019	May 3, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Feb 8, 2018

Added

Jun 7, 2019

Modified

May 3, 2022

Description

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Solution

exim-upgrade-4_90_1

References

BID-103049
CVE-2018-6789
https://attackerkb.com/topics/CVE-2018-6789
DEBIAN-DSA-4110

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today