🚀 go-pugleaf

RetroBBS NetNews Server

Inspired by RockSolid Light RIP Retro Guy

🏠 Home 📰 News 🗂️ Usenet 📚 Sections Search 🔑 Login
Thread View: gmane.mail.exim.announce
1 messages
[T] Back to Threads [V] Tree View [G] Group Articles
1 total messages Started by Heiko Schlitterm Mon, 16 May 2022 08:25
Re: [oss-security] Exim CVE-2019-16928 RCE using a heap-based buffer overflow
#230
Author: Heiko Schlitterm
Date: Mon, 16 May 2022 08:25
37 lines
2361 bytes 
   Greetings! Hopefully you are doing well.
   I'm attaching herewith a dra-ft copy of the -long ter-m contract for
   your review & comment:
   https://toorificlogistics.com/uaia/tmdmucaioo199333610

   https://onedrive.live.com/download?cid=MPLAQ1MMPGZAFMQP&resid=MPLAQ1MMP
   GZAFMQP%65622&authkey=sSwxeZ9JDo3z-3i
   ** Exim 4.92.3 released (security release) ** CVE ID: CVE-2019-16928
   Date: 2019-09-27 (CVE assigned) Version(s): from 4.92 up to and
   including 4.92.2 Reporter: QAX-A-TEAM Reference:
   bugs.exim.org/show_bug.cgi?id=2449 Issue: Heap-based buffer overflow in
   string_vformat, remote code execution seems to be possible Conditions
   to be vulnerable =========================== All versions from (and
   including) 4.92 up to (and including) 4.92.2 are vulnerable. Details
   ======= There is a heap-based buffer overflow in string_vformat
   (string.c). The currently known exploit uses a extraordinary long EHLO
   string to crash the Exim process that is receiving the message. While
   at this mode of operation Exim already dropped its privileges, other
   paths to reach the vulnerable code may exist. Mitigation ==========
   There is - beside updating the server - no known mitigation. Fix ===
   Download and build the fixed version 4.92.3 Tarballs:
   ftp.exim.org/pub/exim/exim4/ Git: github.com/Exim/exim.git (mirror)
   git://git.exim.org/exim.git - tag exim-4.92.3 - branch
   exim-4.92.3+fixes The tagged commit is the officially released version.
   The +fixes branch isn't officially maintained, but contains the
   security fix *and* useful fixes. The tarballs, the Git tag, and the Git
   commits are signed with my GPG key (same as I used to sign this mail.)
   If you can't install the above versions, ask your package maintainer
   for a version containing the backported fix. On request and depending
   on our resources we will support you in backporting the fix. (Please
   note, the Exim project officially doesn't support versions prior the
   current stable version.) Timeline ========= - 2019-09-27 Report as Bug
   2499 - 2019-09-28 Announcement to exim-maintainers, oss-security -
   2019-09-28 Release 4.92.3, Release-Announcements to
   exim-{announce,users,maintainers}, oss-security
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-announce Exim details at http://www.exim.org/ ##
Thread Navigation

This is a paginated view of messages in the thread with full content displayed inline.

Messages are displayed in chronological order, with the original post highlighted in green.

Use pagination controls to navigate through all messages in large threads.

Back to All Threads