Bird_banner_small4
Exim BDAT Use After Free
TSL ID TSL20171127-03
CVE ID(s) CVE-2017-16943
Severity Critical
Description

A use-after-free vulnerability has been reported in the Exim message transfer agent. The vulnerability is due to improperly handling objects in memory.

A remote, unauthenticated attacker could exploit this vulnerability by sending a sequence of maliciously crafted requests. Successful exploitation could lead to arbitrary code execution in the security context of the Exim daemon.

The vendor, Exim, has released the following advisory regarding this vulnerability:

https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html

Affected Products
  • Exim Project Exim 4.88
  • Exim Project Exim 4.89
CVSS Score Base 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is PARTIAL
  • Impact of this vulnerability on data integrity is PARTIAL
  • Impact of this vulnerability on data availability is PARTIAL
Temporal 5.9 (E:POC/RL:OF/RC:C):
  • The exploitability level of this vulnerability is PROOF OF CONCEPT
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
References https://bugs.exim.org/show_bug.cgi?id=2199
https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4
https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
Related Threats