[exim-cvs] add document about CVE-2023-* assigned by ZDI

Página Inicial
Delete this message
Reply to this message
Autor: Exim Git Commits Mailing List
Data:  
Para: exim-cvs
Assunto: [exim-cvs] add document about CVE-2023-* assigned by ZDI
Gitweb: https://git.exim.org/exim-website.git/commitdiff/a4f9684a3a1f32d07d318c525fc9f0c712063422
Commit:     a4f9684a3a1f32d07d318c525fc9f0c712063422
Parent:     a562d6fc6b9d0b7917a6fa0bea58eb568d21115e
Author:     Heiko Schlittermann (HS12-RIPE) <hs@???>
AuthorDate: Sun Oct 1 19:08:45 2023 +0200
Committer:  Heiko Schlittermann (HS12-RIPE) <hs@???>
CommitDate: Sun Oct 1 19:08:45 2023 +0200


    add document about CVE-2023-* assigned by ZDI
---
 templates/static/doc/security/CVE-2023-zdi.txt | 83 ++++++++++++++++++++++++++
 1 file changed, 83 insertions(+)


diff --git a/templates/static/doc/security/CVE-2023-zdi.txt b/templates/static/doc/security/CVE-2023-zdi.txt
new file mode 100644
index 0000000..a9dc538
--- /dev/null
+++ b/templates/static/doc/security/CVE-2023-zdi.txt
@@ -0,0 +1,83 @@
+Summary
+-------
+Six 0day exploits were filed against Exim.
+
+None of these issues is related to transport security (TLS) being
+on or off.
+
+* 3 of them are related to SPA/NTLM, and EXTERNAL auth. If you do not
+  use SPA/NTLM, or EXTERNAL authentication, you're not affected.  These
+  issues are fixed.
+
+* One issue is related to data received from a proxy-protocol proxy. If
+  you do not use a proxy in front of Exim, you're not affected. If your
+  proxy is trustworthy, you're not affected. We're working on a fix.
+
+* One is related to libspf2. If you do not use the `spf` lookup type or
+  the `spf` ACL condition, you are not affected.
+
+* The last one is related to DNS lookups. If you use a trustworthy
+  resolver (which does validation of the data it receives), you're not
+  affected. We're working on a fix.
+
+Schedule
+--------
+Currently we're in contact with the major distros and aim to release
+those fixes that are available as soon as possible. (Aiming Monday, Oct
+2nd.)
+
+
+More Details
+------------
+
+ZDI-23-1468 | ZDI-CAN-17433 | CVE-2023-42114 | Exim bug 3001
+------------------------------------------------------------
+Subject:    NTLM Challenge Out-Of-Bounds Read
+CVSS Score: 3.7
+Mitigation: Do not use SPA (NTLM) authentication
+Subsystem:  SPA auth
+Fixed:      04107e98d, 4.96.1, 4.97
+
+ZDI-23-1469 | ZDI-CAN-17434 | CVE-2023-42115 | Exim bug 2999
+------------------------------------------------------------
+Subject:    AUTH Out-Of-Bounds Write
+CVSS Score: 9.8
+Mitigation: Do not offer EXTERNAL authentication.
+Subsystem:  EXTERNAL auth
+Fixed:      7bb5bc2c6, 4.96.1, 4.97
+
+ZDI-23-1470 | ZDI-CAN-17515 | CVE-2023-42116 | Exim bug 3000
+------------------------------------------------------------
+Subject:    SMTP Challenge Stack-based Buffer Overflow
+CVSS Score: 8.1
+Mitigation: Do not use SPA (NTLM) authentication
+Subsystem:  SPA auth
+Fixed:      e17b8b0f1, 4.96.1, 4.97
+
+ZDI-23-1471 | ZDI-CAN-17554 | CVE-2023-42117 | Exim Bug 3031
+-------------------------------------------------------------
+Subject:    Improper Neutralization of Special Elements
+CVSS Score: 8.1
+Mitigation: Do not use Exim behind an untrusted proxy-protocol proxy
+Subsystem:  proxy protocol (not socks!)
+Fix:        not yet
+
+ZDI-23-1472 | ZDI-CAN-17578 | CVE-2023-42118 | Exim Bug 3032
+------------------------------------------------------------
+Subject:    libspf2 Integer Underflow
+CVSS Score: 7.5
+Mitigation: Do not use the `spf` condition in your ACL
+Subsystem:  spf
+Remark:     It is debatable if this should be filed against
+            libspf2.
+
+ZDI-23-1473 | ZDI-CAN-17643 | CVE-2023-42219 | Exim Bug 3033
+------------------------------------------------------------
+Subject:    dnsdb Out-Of-Bounds Read
+CVSS Score: 3.1
+Mitigation: Use a trustworthy DNS resolver which is able to
+            validate the data according to the DNS record types.
+Subsystem:  dns lookups
+Fix:        not yet
+Remark:     It is still under consideration.
+


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-cvs.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-cvs-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/