CyberSec.Space Logo
Back to CVE Browser

CVE-2018-6789

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score39.9630%
EPSS Percentile85.16th
PublishedFeb 8, 2018
Last ModifiedNov 7, 2025

Vulnerability Description

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Affected Platforms (CPE)

πŸ“¦
Exim

Exim

< 4.90.1
πŸ’»
Debian

Debian Linux

= 7.0
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Debian

Debian Linux

= 9.0
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ’»
Canonical

Ubuntu Linux

= 17.10

References & Advisories

πŸ”— http://openwall.com/lists/oss-security/2018/02/10/2
πŸ”— http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html
πŸ”— http://www.openwall.com/lists/oss-security/2018/02/07/2
πŸ”— http://www.securityfocus.com/bid/103049
πŸ”— http://www.securitytracker.com/id/1040461
πŸ”— https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/
πŸ”— https://exim.org/static/doc/security/CVE-2018-6789.txt
πŸ”— https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1

Related Vulnerabilities

CVE-2019-101499.8

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function...

CVE-2019-139179.8

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort }...

CVE-2019-158469.8

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

CVE-2019-169289.8

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer...