[3.7] exim: infinite loop and stack exhaustion in receive_msg function via vectors involving BDAT commands (CVE-2017-16944)
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88
and 4.89 allows remote
attackers to cause a denial of service (infinite loop and stack
exhaustion) via vectors involving BDAT
commands and an improper check for a ‘.’ character signifying the end of
the content, related to the bdat_getc function.
References:
http://openwall.com/lists/oss-security/2017/11/28/10
https://bugs.exim.org/show\_bug.cgi?id=2201
Patch:
https://git.exim.org/exim.git/commitdiff/178ecb70987f024f0e775d87c2f8b2cf587dd542
(from redmine: issue id 8288, created on 2017-12-13, closed on 2017-12-15)
- Relations:
- parent #8286 (closed)
- Changesets:
- Revision 3cf81f99 by Francesco Colista on 2017-12-15T03:00:27Z:
community/exim: security upgrade to 4.89.1 (CVE-2017-16944). Fixes #8288