CVE-2019-16928

HIGH

Description

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

References

http://www.openwall.com/lists/oss-security/2019/09/28/1

http://www.openwall.com/lists/oss-security/2019/09/28/2

http://www.openwall.com/lists/oss-security/2019/09/28/3

http://www.openwall.com/lists/oss-security/2019/09/28/4

https://bugs.exim.org/show_bug.cgi?id=2449

https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f

https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/

https://lists.fedoraproject.org/archives/list/[email protected]/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/

https://lists.fedoraproject.org/archives/list/[email protected]/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/

https://seclists.org/bugtraq/2019/Sep/60

https://security.gentoo.org/glsa/202003-47

https://usn.ubuntu.com/4141-1/

https://www.debian.org/security/2019/dsa-4536

Details

Source: MITRE

Published: 2019-09-27

Updated: 2020-08-18

Type: CWE-120

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:* versions from 4.92 to 4.92.2 (inclusive)

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
134775GLSA-202003-47 : Exim: Heap-based buffer overflowNessusGentoo Local Security Checks
high
130280Amazon Linux AMI : exim (ALAS-2019-1310)NessusAmazon Linux Local Security Checks
high
129768Fedora 29 : exim (2019-d778bd4137)NessusFedora Local Security Checks
high
129655Fedora 31 : exim (2019-e080507ba5)NessusFedora Local Security Checks
high
129508Fedora 30 : exim (2019-006dfc94cd)NessusFedora Local Security Checks
high
129470Exim 4.92.x < 4.92.3 Heap Buffer OverflowNessusSMTP problems
high
129466Ubuntu 19.04 : Exim vulnerability (USN-4141-1)NessusUbuntu Local Security Checks
high
129414Debian DSA-4536-1 : exim4 - security updateNessusDebian Local Security Checks
high