Test Kennung:	1.3.6.1.4.1.25623.1.0.108367
Kategorie:	SMTP problems
Titel:	Exim < 4.90.1 RCE Vulnerability - Version Check
Zusammenfassung:	Exim is prone to a remote code execution (RCE) vulnerability.
Beschreibung:	Summary: Exim is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: Exim is prone to an overflow vulnerability in the base64 decode function. The flaw exists due to a calculation mistake of decode buffer length in the b64decode function. Vulnerability Impact: A remote attacker may execute arbitrary commands or conduct a denial of service attack. Affected Software/OS: Exim versions before 4.90.1. Solution: Update to version 4.90.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-6789 BugTraq ID: 103049 http://www.securityfocus.com/bid/103049 Debian Security Information: DSA-4110 (Google Search) https://www.debian.org/security/2018/dsa-4110 https://www.exploit-db.com/exploits/44571/ https://www.exploit-db.com/exploits/45671/ http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/ https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html http://www.openwall.com/lists/oss-security/2018/02/07/2 http://www.securitytracker.com/id/1040461 https://usn.ubuntu.com/3565-1/
Copyright	Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.