CVE-2018-6789

Published: Feb 8, 2018

Modified: Oct 21, 2025

PUBLISHED

Description

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://exim.org/static/doc/security/CVE-2018-6789.txt

x_refsource_CONFIRM

[oss-security] 20180207 CVE-2018-6789 Exim 4.90 and earlier: buffer overflow

mailing-list

x_refsource_MLIST

USN-3565-1

vendor-advisory

x_refsource_UBUNTU

http://openwall.com/lists/oss-security/2018/02/10/2

x_refsource_CONFIRM

1040461

vdb-entry

x_refsource_SECTRACK

DSA-4110

vendor-advisory

x_refsource_DEBIAN

44571

exploit

x_refsource_EXPLOIT-DB

[debian-lts-announce] 20180210 [SECURITY] [DLA 1274-1] exim4 security update

mailing-list

x_refsource_MLIST

https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1

x_refsource_CONFIRM

https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/

x_refsource_MISC

103049

vdb-entry

x_refsource_BID

45671

exploit

x_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-6789

Description

Affected Products

References