Published: 25/11/2017 Updated: 04/05/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote malicious users to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exim exim 4.89
exim exim 4.88
debian debian linux 9.0

Exim could be made to crash or run programs if it received specially crafted network traffic ...

Debian Bug report logs - #882671 exim4: CVE-2017-16944: handles BDAT data incorrectly and leads to crash Package: src:exim4; Maintainer for src:exim4 is Exim4 Maintainers <pkg-exim4-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 25 Nov 2017 14:15:02 UTC Severity ...

Debian Bug report logs - #882648 exim4: CVE-2017-16943: use-after-free vulnerability while reading mail header Package: exim4; Maintainer for exim4 is Exim4 Maintainers <pkg-exim4-maintainers@listsaliothdebianorg>; Source for exim4 is src:exim4 (PTS, buildd, popcon) Reported by: Dominic Hargreaves <dom@earthli> D ...

Several vulnerabilities have been discovered in Exim, a mail transport agent The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-16943 A use-after-free vulnerability was discovered in Exim's routines responsible for parsing mail headers A remote attacker can take advantage of this flaw to cause ...

Use-after-free in receive_msg function via vectors involving BDAT commandsThe receive_msg function in receivec in the SMTP daemon in Exim 488 and 489 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands (CVE-2017-16943) Infinite loop and stack exhaustion in receive_m ...

The receive_msg function in receivec in the SMTP daemon in Exim 488 and 489 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands ...

CVE-2017-16943 环境搭建 git clone githubcom/Exim/eximgit git checkout 01c594601670c7e48e676d6c6d32d0f0084067fa cd /exim/src mkdir Local wget "bugseximorg/attachmentcgi?id=1051" -O Makefile 修改Makefile中的路径变量和用户名 cd make -j8 sudo make install

exim_check Tool checks for EXIM mail servers vulnerable to CVE-2017-16943, CVE-2017-16944 by checking the exim Version and the returned capabilities If the mail server does not reply with a vulnerable exim version in the banner or does not return CHUNKING as a capability the server is assumed to be not vulnerable Keep this in mind when testing and understanding results Vulne

CWE-416 https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4 https://bugs.exim.org/show_bug.cgi?id=2199 https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944 https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde http://openwall.com/lists/oss-security/2017/11/25/3 http://openwall.com/lists/oss-security/2017/11/25/2 http://openwall.com/lists/oss-security/2017/11/25/1 http://www.securitytracker.com/id/1039872 https://www.debian.org/security/2017/dsa-4053 http://www.openwall.com/lists/oss-security/2021/05/04/7 https://usn.ubuntu.com/3493-1/https://nvd.nist.gov

CVE-2017-16943

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect