An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2018-6789 | Exim Buffer Overflow Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
CVE-2018-6789 is a vulnerability in Exim, an open-source mail transfer agent. This vulnerability, identified as an off-by-one buffer overflow, allows attackers to execute arbitrary code remotely by sending specially crafted messages to the SMTP listener.
References
|
| CVE-2018-6789 | Exim Buffer Overflow Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2018-6789 is a vulnerability in Exim, an open-source mail transfer agent. This vulnerability, identified as an off-by-one buffer overflow, allows attackers to execute arbitrary code remotely by sending specially crafted messages to the SMTP listener.
References
|