CVE-2017-16943 Ubuntu Security Notification for Exim4 Vulnerability (USN-3493-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension.

漏洞危害

A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

解决方案

Refer to Ubuntu advisory USN-3493-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3493-1: 17.04 (zesty) on src (exim4-daemon-heavy)

USN-3493-1: 17.10 (artful) on src (exim4-daemon-heavy)

USN-3493-1: 17.10 (artful) on src (exim4-daemon-light)

USN-3493-1: 17.04 (zesty) on src (exim4-daemon-light)

Leave a Reply