Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Exim Remote Code Exploit SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Exim Remote Code Exploit

A use-after-free(UAF) vulnerability has been found in Exim version 4.88 and 4.89 which could lead to the execution of arbitrary code or DoS. The patch has been made available today and is available for download here.

[1] https://bugs.exim.org/show_bug.cgi?id=2199
[2] https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16943

-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

 Guy

471 Posts
ISC Handler
Nov 25th 2017
Subscribe Nov 25th 2017
2 years ago

Sign Up for Free or Log In to start participating in the conversation!