[exim-cvs] Add CVE-2019-15846 document

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] Add CVE-2019-15846 document
Gitweb: https://git.exim.org/exim-website.git/commitdiff/3c78bd2faccc7516a63a0fc1dac75b8c5256adf6
Commit:     3c78bd2faccc7516a63a0fc1dac75b8c5256adf6
Parent:     ce104be851d2132a3a27c3e656030425eb6af74a
Author:     Heiko Schlittermann (HS12-RIPE) <hs@???>
AuthorDate: Thu Sep 5 18:37:58 2019 +0200
Committer:  Heiko Schlittermann (HS12-RIPE) <hs@???>
CommitDate: Thu Sep 5 18:39:05 2019 +0200


    Add CVE-2019-15846 document
---
 templates/static/doc/security/CVE-2019-15846.txt | 61 ++++++++++++++++++++++++
 1 file changed, 61 insertions(+)


diff --git a/templates/static/doc/security/CVE-2019-15846.txt b/templates/static/doc/security/CVE-2019-15846.txt
new file mode 100644
index 0000000..3a78aa5
--- /dev/null
+++ b/templates/static/doc/security/CVE-2019-15846.txt
@@ -0,0 +1,61 @@
+CVE ID:     CVE-2019-15846
+Date:       2019-09-02 (CVE assigned)
+Credits:    Zerons <sironhide0null@???> for the initial report
+            Qualys https://www.qualys.com/ for the analysis
+Version(s): all versions up to and including 4.92.1
+Issue:      A local or remote attacker can execute programs with root
+            privileges.
+
+Conditions to be vulnerable
+===========================
+
+If your Exim server accepts TLS connections, it is vulnerable. This does
+not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected.
+
+Details
+=======
+
+The vulnerability is exploitable by sending a SNI ending in a
+backslash-null sequence during the initial TLS handshake. The exploit
+exists as a POC.
+
+For more details see doc/doc-txt/cve-2019-15846/ in the source code
+repository.
+
+Mitigation
+==========
+
+Do not offer TLS. (This mitigation is not recommended.)
+
+Fix
+===
+
+Download and build a fixed version:
+
+    Tarballs: https://ftp.exim.org/pub/exim/exim4/
+    Git:      https://github.com/Exim/exim.git
+              - tag    exim-4.92.2
+              - branch exim-4.92.2+fixes
+
+The tagged commit is the officially released version. The +fixes branch
+isn't officially maintained, but contains the security fix *and* useful
+fixes.
+
+If you can't install the above versions, ask your package maintainer for
+a version containing the backported fix. On request and depending on our
+resources we will support you in backporting the fix.  (Please note,
+the Exim project officially doesn't support versions prior the current
+stable version.)
+
+Timeline
+--------
+
+2019-07-21  - Report from Zerons to security@???
+....-..-..  - Analysis by Qualys
+            - Fix and tests
+2019-09-02  - CVE assigned
+2019-09-03  - Details to distros@???, exim-maintainers@???
+            - Grant access to the security repo
+2019-09-04  - Heads-Up to oss-security@???, exim-users@???
+2019-09-06  - 10.00 UTC Coordinated Release Date
+            - Disclosure to oss-security, exim-users, public repositories


This message was posted to the following mailing lists:
exim-cvs
Mailing List Info | Nearby Messages		<-[exim-cvs] Add documents on CVE-2019-13917[exim-cvs] Update website index CVE-2019-15846->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)