Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 7 mars 2018

Remote Code Execution Vulnerability in Exim (CERT-EU Security Advisory 2018-006)

On February 05, 2018, Devcore Security Consulting discovered a buffer overflow vulnerability in the base64 decode function of Exim message transfer agent. On March 06, 2018, Exim released a security advisory about the issue, confirming potential remote code execution that could be triggered by sending a handcrafted message. The issue has been fixed in version 4.90.1 of Exim and no alternative mitigation is known.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 223


Événements SSI