CVE-2017-16943 Amazon Linux Security Advisory for exim: ALAS-2017-932

漏洞类别:Amazon Linux

漏洞等级:

漏洞信息

Use-after-free in receive_msg function via vectors involving BDAT commands
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands. (CVE-2017-16943 )

Infinite loop and stack exhaustion in receive_msg function via vectors involving BDAT commands
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a ‘.’ character signifying the end of the content, related to the bdat_getc function. (CVE-2017-16944 )

QID Detection Logic:
This authenticated QID verifies if the version of the following files is lesser than 4.89-4.17.amzn1: exim-debuginfo,exim,exim-greylist,exim-mysql,exim-pgsql,exim-mon

漏洞危害

Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.

解决方案

Please refer to Amazon advisory ALAS-2017-932 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ALAS-2017-932: Amazon Linux (exim (4.89-4.17.amzn1) on i686)

ALAS-2017-932: Amazon Linux (exim (4.89-4.17.amzn1) on x86_64)

ALAS-2017-932: Amazon Linux (exim (4.89-4.17.amzn1) on src)

Leave a Reply