Back to KEVs

CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may...

Basic Information

CVE State
PUBLISHED
Reserved Date
February 06, 2018
Published Date
February 08, 2018
Last Updated
February 07, 2025
Vendor
Exim
Product
Exim
Description
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
Tags
cisa malware ransomware

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2023-08-05 11:28:49 UTC) Source
Used in Malware
Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://exim.org/static/doc/security/CVE-2018-6789.txt http://www.openwall.com/lists/oss-security/2018/02/07/2 https://usn.ubuntu.com/3565-1/ http://openwall.com/lists/oss-security/2018/02/10/2 http://www.securitytracker.com/id/1040461 https://www.debian.org/security/2018/dsa-4110 https://www.exploit-db.com/exploits/44571/ https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1 https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/ http://www.securityfocus.com/bid/103049 https://www.exploit-db.com/exploits/45671/ http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

thistehneisen/CVE-2018-6789-Python3

Type: github • Created: 2023-08-05 11:28:49 UTC • Stars: 1

Exim < 4.90.1 RCE Vulnerability remake for Python3 with arguments passed from CLI

synacktiv/Exim-CVE-2018-6789

Type: github • Created: 2019-10-10 09:36:03 UTC • Stars: 9

PoC materials to exploit CVE-2018-6789

beraphin/CVE-2018-6789

Type: github • Created: 2018-11-08 08:25:42 UTC • Stars: 2

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel

  • Proof of Concept Exploit Available