Home > Cyber News > CVE-2018-6789 Exim Flaw Exposes 400,000 Email Servers
CYBER NEWS

CVE-2018-6789 Exim Flaw Exposes 400,000 Email Servers

by   |  Last Update:  |  0 Comments  

A flaw in a widely used email program that may be exposing some 400,000 servers globally has been discovered by security researchers.

The vulnerability which has been identified as CVE-2018-6789 resides in all releases of the Exim message transfer agent (more specifically in base64 decode function) without the 4.90.1 version.

The flaw is a buffer overflow one and puts servers at risk of attacks that can execute malicious code. The bug can be exploited by sending specially crafted input to a server running Exim.

Related Story: uTorrent Vulnerability Could Be Exploited by Any Website

CVE-2018-6789 Exim Vulnerability in Detail

Devcore researchers found and reported the Exim flaw:

We reported an overflow vulnerability in the base64 decode function of Exim on 5 February, 2018, identified as CVE-2018-6789. This bug exists since the first commit of exim, hence ALL versions are affected. According to our research, it can be leveraged to gain Pre-auth Remote Code Execution and at least 400k servers are at risk. Patched version 4.90.1 is already released and we suggest to upgrade exim immediately.

There is a buffer overflow in base64d(), if some pre-conditions are met. Using a handcrafted message, remote code execution seems to be possible,” Exim said.

Apparently, about 400,000 servers are at risk, as reported by Devcore, the researchers who found the flaw. Queries on the Shodan computer search engine found a large number of servers running vulnerable versions.

A patch for the flaw is already available and is currently being tested.
Currently Exim is unsure about the severity of the flaw. However, they believe that an exploit is difficult, and that mitigation isn’t known.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. CVE-2019-10149: Critical Flaw in Exim Mail Transfer Agent CVE-2019-10149 is a critical security vulnerability in the Exim mail...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. Watchbog Linux Trojan Endangers 1,610,000 Vulnerable Exim Servers A new malicious attack against Jira and Exim servers has...
  4. CVE-2018-1050, CVE-2018-1057 Samba Flaws Endanger Servers Two critical vulnerabilities (CVE-2018-1050, CVE-2018-1057) have been discovered in Samba,...
  5. Cisco Bugs CVE-2018-0151, CVE-2018-171, CVE-2018-015. Patch Now! Three critical vulnerabilities have found in Cisco products. More specifically,...
  6. Which is the Most Secure Browser for 2015 – Firefox, Chrome, Internet Explorer, Safari A Web browser can be two things. A person who...
  7. Google, Microsoft Bugs Top the 20 Most Prevalent Enterprise Vulnerabilities Cybersecurity firm Tenable just released their Vulnerability Intelligence Report which...
  8. CVE-2018-3693: New Spectre 1.1 Vulnerability Emerges The latest variant of the Spectre series of bugs have...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree