Immunity, Inc.
Name exim_heap_overflow
CVE CVE-2018-6789
Exploit Pack CANVAS
Descriptionexim_heap_overflow
NotesCVE Name: CVE-2018-6789
VENDOR: Exim
NOTES: There is a buffer overflow in the b64decode function, this bug exists since the
first commit of exim, hence ALL versions are affected. This exploit uses the
SMTP method AUTH PLAIN in order to create a one-byte-overflow in the heap.

This exploit has been tested on Ubuntu Server 16.04.5 LTS and Exim 4.86.2 with
AUTH PLAIN enabled (without STARTTLS).

VersionsAffected: All Exim versions below 4.90.1
Repeatability: Infinite
References: https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789
Date public: 10/02/2018
CVSS: N/A

Learn more about the CANVAS Exploit Pack here: CANVAS