DESCRIPTION:
Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Linux systems connected to the Internet.
The vulnerability (CVE-2019-15846) affects Exim servers that accept TLS connections. An unauthenticated, remote attacker could send a malicious SNI ending in a backslash-null sequence during the initial TLS handshake, which causes a buffer overflow in the SMTP delivery process. This would allow an attacker to take control of the server entirely. The vulnerability does not depend on the TLS library in use, so both GnuTLS and OpenSSL are affected.
AFFECTED RELEASES:
Exim versions before 4.92.2.
SOLUTION:
1. Please confirm the current version by entering "exim -bV " command.
2. The affected users are recommended to upgrade to version 4.92.2 at least. Please download the software at https://downloads.exim.org/exim4/.
REFERENCE:
1. https://www.exim.org/static/doc/security/CVE-2019-15846.txt
2. https://nvd.nist.gov/vuln/detail/CVE-2019-15846
3. https://thehackernews.com/2019/09/exim-email-server-vulnerability.html
4. https://www.ithome.com.tw/news/132935