Two vulnerabilities have been discovered in the widely used, open source, mail transfer agent, Exim.  CVE-2017-16943[1] and CVE-2017-16944[2] are vulnerabilities that exist in both version 4.88 and version 4.89 of Exim.

CVE-2017-16943 allows attackers to remotely execute arbitrary codes.

CVE-2017-16944 could allow a remote attacker to cause a system hang by forcing it to run in an infinite loop due to an improper check for "." while parsing the BDAT header. System hang is a form of denial of service as the system will not crash as it is caught running in a loop.

 

What you should do about it

  • After preforming a business impact review, update to Exim version 4.90. 

 

Additional information

  • In a recent study of over two million internet visible mail servers, Exim was found on 56% of all servers.
  • A proof of concept exploit code for CVE-2017-16943 has been released. This release will most likely mean that cyber criminals will quickly incorporate the vulnerability into their attacks as the exploitation code is already available. As such, this update should receive a high priority.

 

Additional Sources

[1] https://nvd.nist.gov/vuln/detail/CVE-2017-16943

[2] https://nvd.nist.gov/vuln/detail/CVE-2017-16944

 

If you have any questions please reach out to the eSentire Security Operations Center.

eSentire Media Contacts

Mandy Bachus | eSentire | [email protected] | +1 519.651.2200 x5226 | @MandyBachus

Angela Tuzzo | MRB Public Relations | [email protected] | +1 732.758.1100 x105 | @MRB_PR

Ready to start the conversation about cybersecurity?
Talk to us today.
Let's Talk