PT-2019-3248 · Exim+2 · Exim+2

Heiko Schlittermann

Published

2018-03-12

Updated

2025-02-04

CVE-2019-15846

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.92.2

Description The issue is related to errors in object handling in memory, allowing a remote attacker to gain access to confidential data, disrupt its integrity, and cause a denial of service. It also allows remote attackers to execute arbitrary code as root via a trailing backslash. The vulnerability can be exploited by sending a specially crafted client certificate or a modified value in the SNI. At least half a million email servers are potentially affected.

Recommendations For Exim versions prior to 4.92.2, update to version 4.92.2 to patch the issue. As a temporary workaround, consider disabling TLS support to minimize the risk of exploitation. Restrict access to the Exim server to prevent remote code execution attacks. Avoid using the SNI feature until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2018-1409

ALT-PU-2020-2318

ALT-PU-2021-1764

ALT-PU-2022-2269

BDU:2019-03238

CVE-2019-15846

DLA-1911-1

DSA-4517-1

OPENSUSE-SU-2019:2093-1

OPENSUSE-SU-2019_2093-1

OPENSUSE-SU-2021:0753-1

OPENSUSE-SU-2021_0677-1

OPENSUSE-SU-2024:10746-1

USN-4124-1

USN-4124-2

Affected Products

Exim

Suse

Ubuntu

PT-2019-3248 · Exim+2 · Exim+2

CVE-2019-15846

Weakness Enumeration

Related Identifiers

Affected Products

References · 120