Home > Cyber News > CVE-2018-6789 Exim Flaw Exposes 400,000 Email Servers

CVE-2018-6789 Exim Flaw Exposes 400,000 Email Servers

A flaw in a widely used email program that may be exposing some 400,000 servers globally has been discovered by security researchers.

The vulnerability which has been identified as CVE-2018-6789 resides in all releases of the Exim message transfer agent (more specifically in base64 decode function) without the 4.90.1 version.

The flaw is a buffer overflow one and puts servers at risk of attacks that can execute malicious code. The bug can be exploited by sending specially crafted input to a server running Exim.

Related Story: uTorrent Vulnerability Could Be Exploited by Any Website

CVE-2018-6789 Exim Vulnerability in Detail

Devcore researchers found and reported the Exim flaw:

We reported an overflow vulnerability in the base64 decode function of Exim on 5 February, 2018, identified as CVE-2018-6789. This bug exists since the first commit of exim, hence ALL versions are affected. According to our research, it can be leveraged to gain Pre-auth Remote Code Execution and at least 400k servers are at risk. Patched version 4.90.1 is already released and we suggest to upgrade exim immediately.

There is a buffer overflow in base64d(), if some pre-conditions are met. Using a handcrafted message, remote code execution seems to be possible,” Exim said.

Apparently, about 400,000 servers are at risk, as reported by Devcore, the researchers who found the flaw. Queries on the Shodan computer search engine found a large number of servers running vulnerable versions.

A patch for the flaw is already available and is currently being tested.
Currently Exim is unsure about the severity of the flaw. However, they believe that an exploit is difficult, and that mitigation isn’t known.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree