Multivendor Vulnerability Alert
Exim base64d Function Buffer Overflow Arbitrary Code Execution Vulnerability
High
Alert ID:
56774
First Published:
2018 February 9 17:52 GMT
Last Updated:
2018 March 16 19:42 GMT
Version:
3
CVSS Score:
Base 8.1,
Temporal 7.1
Click Icon to Copy Verbose Score
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
-
A vulnerability in the base64d function in the SMTP listener component of Exim could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
The vulnerability is due to insufficient validation of user-supplied input by the affected system. An attacker could exploit this vulnerability by submitting a crafted message to the affected system. A successful exploit could cause a buffer overflow condition, which could allow the attacker to execute arbitrary code on the system.
Exim.org has confirmed the vulnerability and released a software patch.
-
To exploit this vulnerability, the attacker must send a crafted message to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.
-
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.
Administrators are advised to monitor affected systems.
-
Exim.org has released a git commit at the following link: CVE-2018-6789
FreeBSD has released a VuXML document at the following link: exim -- a buffer overflow vulnerability, remote code execution
-
Exim.org has released a software patch at the following link: Fix base64d() buffer size (CVE-2018-6789)
FreeBSD has released ports collection updates at the following link: Ports Collection Index
-
Version Description Section Date 3 Cisco has updated this alert to include additional Exim versions that are affected by the Exim base64d function buffer overflow arbitrary code execution vulnerability. Affected Products 2018-March-16 2 Exim.org has released a patch to address the Exim base64d function buffer overflow arbitrary code execution vulnerability. FreeBSD has released a VuXML document and ports collection updates to address this vulnerability. Header, Summary, Vendor Announcements, Fixed Software, Affected Products 2018-February-12 1 Initial public release. — 2018-February-09
-
The security vulnerability applies to the following combinations of products.
Primary Products GNU Public License Exim 4.44 (Base) | 4.50 (Base) | 4.51 (Base) | 4.52 (Base) | 4.53 (Base) | 4.54 (Base) | 4.60 (Base) | 4.61 (Base) | 4.62 (Base) | 4.63 (Base) | 4.64 (Base) | 4.65 (Base) | 4.66 (Base) | 4.67 (Base) | 4.68 (Base) | 4.69 (Base) | 4.70 (Base) | 4.71 (Base) | 4.72 (Base) | 4.73 (Base) | 4.74 (Base) | 4.75 (Base) | 4.76 (Base) | 4.77 (Base) | 4.80 (Base, .1) | 4.82 (Base) | 4.83 (Base) | 4.84 (Base) | 4.85 (Base) | 4.86 (Base) | 4.87 (Base) | 4.88 (Base) | 4.89 (Base) | 4.90 (Base) Associated Products FreeBSD Project FreeBSD 10.2 (.0) | 10.3 (.0) | 11.0 (.0) | 11.1 (.0) | 10.4 (.0) | 8.0 (Base) | 8.1 (Base) | 8.2 (Base) | 8.3 (Base) | 8.4 (Base) | 9.0 (Base) | 9.1 (Base) | 9.2 (Base) | 9.3 (Base) | 10.0 (.0) | 10.1 (.0)
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products