diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 09:44:07 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 09:44:07 +0000 |
commit | 39ce00b8d520cbecbd6af87257e8fb11df0ec273 (patch) | |
tree | 4c21a2674c19e5c44be3b3550b476b9e63d8ae3d /doc/cve-2019-15846/cve.txt | |
parent | Initial commit. (diff) | |
download | exim4-upstream.tar.xz exim4-upstream.zip |
Adding upstream version 4.94.2.upstream/4.94.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/cve-2019-15846/cve.txt')
-rw-r--r-- | doc/cve-2019-15846/cve.txt | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/doc/cve-2019-15846/cve.txt b/doc/cve-2019-15846/cve.txt new file mode 100644 index 0000000..b52722b --- /dev/null +++ b/doc/cve-2019-15846/cve.txt @@ -0,0 +1,45 @@ +CVE ID: CVE-2019-15846 +Date: 2019-09-02 (CVE assigned) +Credits: Zerons <sironhide0null@gmail.com> for the initial report + Qualys https://www.qualys.com/ for the analysis +Version(s): all versions up to and including 4.92.1 +Issue: A local or remote attacker can execute programs with root + privileges. + +Conditions to be vulnerable +=========================== + +If your Exim server accepts TLS connections, it is vulnerable. This does +not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected. + +Details +======= + +The vulnerability is exploitable by sending a SNI ending in a +backslash-null sequence during the initial TLS handshake. The exploit +exists as a POC. For more details see the document qualys.mbx + +Mitigation +========== + +Do not offer TLS. (This mitigation is not recommended.) + +Fix +=== + +Download and build a fixed version: + + Tarballs: https://ftp.exim.org/pub/exim/exim4/ + Git: https://github.com/Exim/exim.git + - tag exim-4.92.2 + - branch exim-4.92.2+fixes + +The tagged commit is the officially released version. The +fixes branch +isn't officially maintained, but contains the security fix *and* useful +fixes. + +If you can't install the above versions, ask your package maintainer for +a version containing the backported fix. On request and depending on our +resources we will support you in backporting the fix. (Please note, +the Exim project officially doesn't support versions prior the current +stable version.) |