Lucene search
GoogleOSV:CVE-2017-16944HistoryNov 25, 2017 - 5:29 p.m.
CVE-2017-16944
2017-11-2517:29:00
Google
osv.dev
8
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a ‘.’ character signifying the end of the content, related to the bdat_getc function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| exim | eq | exim-4_69 | |
| exim | eq | exim-4_73 | |
| exim | eq | exim-4_76 | |
| exim | eq | list_safety_merge_proposal | |
| exim | eq | exim-4_83_RC3 | |
| exim | eq | exim-4_80_RC4 | |
| exim | eq | exim-4_51 | |
| exim | eq | exim-4_85_RC4 | |
| exim | eq | exim-4_88_RC4 | |
| exim | eq | exim-4_72_RC1 |
References
openwall.com/lists/oss-security/2017/11/25/1
openwall.com/lists/oss-security/2017/11/25/2
openwall.com/lists/oss-security/2017/11/25/3
www.openwall.com/lists/oss-security/2021/05/04/7
www.securitytracker.com/id/1039873
bugs.exim.org/show_bug.cgi?id=2201
lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
www.debian.org/security/2017/dsa-4053
www.exploit-db.com/exploits/43184/
Related
openvas
openvas
Ubuntu: Security Advisory (USN-3499-1)
2017-11-30 00:00:00
Fedora Update for exim FEDORA-2017-0032baa7d7
2017-12-14 00:00:00
Fedora Update for exim FEDORA-2017-0053bb9719
2017-12-14 00:00:00
nvd
nvd
CVE-2017-16944
2017-11-25 17:29:00
nessus
nessus
Ubuntu 17.04 / 17.10 : exim4 vulnerability (USN-3499-1)
2017-11-30 00:00:00
FreeBSD : exim -- remote DoS attack in BDAT processing (75dd622c-d5fd-11e7-b9fe-c13eb7bcbf4f)
2017-12-01 00:00:00
Fedora 26 : exim (2017-0032baa7d7)
2017-12-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Exim MTA BDAT Denial Of Service (CVE-2017-16944)
2017-11-29 00:00:00
prion
prion
Design/Logic Flaw
2017-11-25 17:29:00
redhatcve
redhatcve
CVE-2017-16944
2017-11-27 09:19:43
debiancve
debiancve
CVE-2017-16944
2017-11-25 17:29:00
alpinelinux
alpinelinux
CVE-2017-16944
2017-11-25 17:29:00
ubuntu
ubuntu
Exim vulnerability
2017-11-29 00:00:00
zdt
zdt
Exim 4.89 - BDAT Denial of Service Exploit
2017-11-27 00:00:00
cvelist
cvelist
CVE-2017-16944
2017-11-25 17:00:00
ubuntucve
ubuntucve
CVE-2017-16944
2017-11-27 00:00:00
packetstorm
packetstorm
Exim 4.89 Denial Of Service
2017-11-27 00:00:00
cve
cve
CVE-2017-16944
2017-11-25 17:29:00
freebsd
freebsd
exim -- remote DoS attack in BDAT processing
2017-11-23 00:00:00
thn
thn
Exim Internet Mailer Found Vulnerable to RCE And DoS Bugs; Patch Now
2017-11-26 22:54:00
amazon
amazon
Critical: exim
2017-12-20 18:51:00
fedora
fedora
[SECURITY] Fedora 27 Update: exim-4.89-7.fc27
2017-12-12 11:30:33
[SECURITY] Fedora 26 Update: exim-4.89-7.fc26
2017-12-12 13:46:34
osv
osv
CVE-2017-16943
2017-11-25 17:29:00
exim4 - security update
2017-11-30 00:00:00
seebug
seebug
Exim Use-After-Free(CVE-2017-16943)
2017-11-28 00:00:00
Exim 4.89 - 'BDAT' Denial of Service(CVE-2017-16944)
2017-11-29 00:00:00
hackerone
hackerone
debian
debian
[SECURITY] [DSA 4053-1] exim4 security update
2017-11-30 08:03:04
gentoo
gentoo
Exim: Multiple vulnerabilities
2018-03-06 00:00:00
archlinux
archlinux
[ASA-201711-32] exim: multiple issues
2017-11-30 00:00:00
suse
suse
Security update for exim (critical)
2021-05-07 00:00:00
Security update for exim (critical)
2021-05-20 00:00:00
Security update for exim (critical)
2021-05-20 00:00:00