1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Exim Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2018-6789 Mappings

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2018-6789 Exim Buffer Overflow Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
CVE-2018-6789 is a vulnerability in Exim, an open-source mail transfer agent. This vulnerability, identified as an off-by-one buffer overflow, allows attackers to execute arbitrary code remotely by sending specially crafted messages to the SMTP listener.
References
  1. https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/
  2. https://news.sophos.com/en-us/2019/06/07/action-required-exim-mail-servers-need-urgent-patching/
CVE-2018-6789 Exim Buffer Overflow Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
CVE-2018-6789 is a vulnerability in Exim, an open-source mail transfer agent. This vulnerability, identified as an off-by-one buffer overflow, allows attackers to execute arbitrary code remotely by sending specially crafted messages to the SMTP listener.
References
  1. https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/
  2. https://news.sophos.com/en-us/2019/06/07/action-required-exim-mail-servers-need-urgent-patching/