CVE-2019-16928
CVE-2019-16928
In short
Exim email server versions 4.92 to 4.92.2 have a critical flaw where a specially crafted EHLO command can crash the server or let attackers run harmful code remotely. This happens because the server doesn't properly check the size of incoming data.
Technical detail
A heap-based buffer overflow exists in the string_vformat function within string.c when processing overly long EHLO commands during SMTP protocol negotiation. An unauthenticated remote attacker can trigger memory corruption without requiring prior authentication, resulting in arbitrary code execution with the privileges of the Exim process.
Summary generated and translated by AI from the official description.
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugs.exim.org/show_bug.cgi?id=2449https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65fhttps://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/https://seclists.org/bugtraq/2019/Sep/60https://security.gentoo.org/glsa/202003-47https://usn.ubuntu.com/4141-1/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928https://www.debian.org/security/2019/dsa-4536http://www.openwall.com/lists/oss-security/2019/09/28/1