Published: 03/05/2024 Updated: 03/05/2024

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17515.

Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticators are used For the oldstable distribution (bullseye), these problems have been fixed in version 4942-7+deb11u1 For the stable distribution (bookworm), these problems have been fixed in ver ...

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability NOTE: wwwzerodayinitiativecom/advisories/ZDI-23-1470/ (CVE-2023-42116) Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability NOTE: wwwzerodayinitiativecom/advisories/ZDI-23-1471/ (CVE-2023-42117) ...

DescriptionThe vulnerability was found in Exim within the handling of NTLM challenge requests The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer An attacker can leverage this vulnerability to execute code in the context of the service account Au ...

https://www.zerodayinitiative.com/advisories/ZDI-23-1470/https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5512 https://access.redhat.com/security/cve/cve-2023-42116 https://www.zerodayinitiative.com/advisories/ZDI-23-1470/

CVE-2023-42116

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect