October 3, 2019
Groundhog Day is still months away, but it feels like we are in a time warp just like Phil Connors.
That’s because Exim has reported yet another critical vulnerability, the second one this month alone.
Although I am not in the camp of vulnerable users, Exim updates depress me for a few different reasons.
Looking over this “update-new CVE-update” process feels similar to re-watching that cult movie.
When the main character realizes that he’s stuck in time, he kills himself in different ways time and time again, only to wake up at six in the morning, sigh and start all over again.
I can understand how frustrating it was for him to report the same news on a loop, as I do it myself right now. The described sequence of scenes is not as dark as it sounds though, just like the vulnerability itself.
Unlike CVE-2019-15846 that allowed attackers to execute code as root, this time Exim 4.92 through 4.92.2 can be exploited by sending a specially crafted message, where an extremely long string in an Extended HELO crashes the Exim process. This exec code overflow vulnerability allows attackers to trigger the bug remotely and get control over the targeted server or to crash it.
“It’s a simple coding error, not growing a string by enough. One-line fix.” – shares Exim developer, Jeremy Harris.
Oh, that reminds me…
I have to make a one-line fix in my presentation too now. To add insult to injury, Exim maintainers announced the patch before it was ready.
One-line fix, but how many users are in jeopardy?
Exim is the most popular mail server in use according to Mail (MX) Server Survey, so these vulnerabilities become easy targets for the adversary.
The access complexity is low, so attackers don’t have to be knowledgeable or skilled to exploit organizations running the Exim mail server and Linux distributions.
How did Phil Connors solve the time loop?
The answer is simple:
He changed his attitude. That’s what you have to do, and I’m here to help you. If you want to leave Exim worries behind you, you can learn more about the StealthMail email security solution by downloading a free StealthMail Datasheet today.