Exim 4.87 Remote Code Execution Vulnerability

Summary

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Credit:

The information has been provided by Qualys Security Advisory
The original article can be found at: https://www.exim.org/static/doc/security/CVE-2019-10149.txt


Details

This vulnerability is exploitable instantly by a local attacker (and by a remote attacker in certain non-default configurations). To remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes).

Exim is vulnerable by default since version 4.87

Vulnerable Systems:

  • Exim 4.87
  • Exim 4.91

    CVE Information:
    CVE-2018-10149

    Disclosure Timeline:
    Publish Date:06/05/2019

    Categories: News