[exim-cvs] add document about CVE-2023-* assigned by ZDI |
|
This message is part of the following thread: | |
---|---|
![]() | the complete thread tree sorted by date |
Commit: a4f9684a3a1f32d07d318c525fc9f0c712063422 Parent: a562d6fc6b9d0b7917a6fa0bea58eb568d21115e Author: Heiko Schlittermann (HS12-RIPE) <hs@???> AuthorDate: Sun Oct 1 19:08:45 2023 +0200 Committer: Heiko Schlittermann (HS12-RIPE) <hs@???> CommitDate: Sun Oct 1 19:08:45 2023 +0200
add document about CVE-2023-* assigned by ZDI --- templates/static/doc/security/CVE-2023-zdi.txt | 83 ++++++++++++++++++++++++++ 1 file changed, 83 insertions(+)
diff --git a/templates/static/doc/security/CVE-2023-zdi.txt b/templates/static/doc/security/CVE-2023-zdi.txt new file mode 100644 index 0000000..a9dc538 --- /dev/null +++ b/templates/static/doc/security/CVE-2023-zdi.txt @@ -0,0 +1,83 @@ +Summary +------- +Six 0day exploits were filed against Exim. + +None of these issues is related to transport security (TLS) being +on or off. + +* 3 of them are related to SPA/NTLM, and EXTERNAL auth. If you do not + use SPA/NTLM, or EXTERNAL authentication, you're not affected. These + issues are fixed. + +* One issue is related to data received from a proxy-protocol proxy. If + you do not use a proxy in front of Exim, you're not affected. If your + proxy is trustworthy, you're not affected. We're working on a fix. + +* One is related to libspf2. If you do not use the `spf` lookup type or + the `spf` ACL condition, you are not affected. + +* The last one is related to DNS lookups. If you use a trustworthy + resolver (which does validation of the data it receives), you're not + affected. We're working on a fix. + +Schedule +-------- +Currently we're in contact with the major distros and aim to release +those fixes that are available as soon as possible. (Aiming Monday, Oct +2nd.) + + +More Details +------------ + +ZDI-23-1468 | ZDI-CAN-17433 | CVE-2023-42114 | Exim bug 3001 +------------------------------------------------------------ +Subject: NTLM Challenge Out-Of-Bounds Read +CVSS Score: 3.7 +Mitigation: Do not use SPA (NTLM) authentication +Subsystem: SPA auth +Fixed: 04107e98d, 4.96.1, 4.97 + +ZDI-23-1469 | ZDI-CAN-17434 | CVE-2023-42115 | Exim bug 2999 +------------------------------------------------------------ +Subject: AUTH Out-Of-Bounds Write +CVSS Score: 9.8 +Mitigation: Do not offer EXTERNAL authentication. +Subsystem: EXTERNAL auth +Fixed: 7bb5bc2c6, 4.96.1, 4.97 + +ZDI-23-1470 | ZDI-CAN-17515 | CVE-2023-42116 | Exim bug 3000 +------------------------------------------------------------ +Subject: SMTP Challenge Stack-based Buffer Overflow +CVSS Score: 8.1 +Mitigation: Do not use SPA (NTLM) authentication +Subsystem: SPA auth +Fixed: e17b8b0f1, 4.96.1, 4.97 + +ZDI-23-1471 | ZDI-CAN-17554 | CVE-2023-42117 | Exim Bug 3031 +------------------------------------------------------------- +Subject: Improper Neutralization of Special Elements +CVSS Score: 8.1 +Mitigation: Do not use Exim behind an untrusted proxy-protocol proxy +Subsystem: proxy protocol (not socks!) +Fix: not yet + +ZDI-23-1472 | ZDI-CAN-17578 | CVE-2023-42118 | Exim Bug 3032 +------------------------------------------------------------ +Subject: libspf2 Integer Underflow +CVSS Score: 7.5 +Mitigation: Do not use the `spf` condition in your ACL +Subsystem: spf +Remark: It is debatable if this should be filed against + libspf2. + +ZDI-23-1473 | ZDI-CAN-17643 | CVE-2023-42219 | Exim Bug 3033 +------------------------------------------------------------ +Subject: dnsdb Out-Of-Bounds Read +CVSS Score: 3.1 +Mitigation: Use a trustworthy DNS resolver which is able to + validate the data according to the DNS record types. +Subsystem: dns lookups +Fix: not yet +Remark: It is still under consideration. +
This message was posted to the following mailing lists: | ||||
---|---|---|---|---|
exim-cvs Mailing List Info | Nearby Messages | ![]() | [exim-cvs] fix: use stylesheet | [exim-cvs] fix style usage | ![]() |
Tahini and Hummus and Cumin Development Archives administrated by cumin Admins | Lurker (version 2.3) |