CVE-2018-6789 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-6789 Interim 1 18 2024-09-10T01:09:47Z current 2021-05-30T14:10:51Z 2024-09-10T01:09:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-6789 An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MF4OFJTH34Y3HV6NF2B7ZJNLJ7IH7HMS/#MF4OFJTH34Y3HV6NF2B7ZJNLJ7IH7HMS E-Mail link for openSUSE-SU-2018:0468-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4UGIR4NXSH3ADTQNJZHHL5EVSFNXRGTQ/ E-Mail link for openSUSE-SU-2021:0677-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UMX36VOLIS2TDKA3MXOUO365NDUK5WQ3/ E-Mail link for openSUSE-SU-2021:0753-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FZPX7R5ELKQM2EW7W2JYZ7EFIIDTT4E/ E-Mail link for openSUSE-SU-2021:0754-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 15 SP1 SUSE Package Hub 15 SP2 openSUSE Leap 15.2 openSUSE Tumbleweed exim-4.94.2-4.2 exim-4.94.2-bp151.2.4.1 exim-4.94.2-bp152.6.4.1 exim-4.94.2-lp152.8.3.1 eximon-4.94.2-4.2 eximon-4.94.2-bp151.2.4.1 eximon-4.94.2-bp152.6.4.1 eximon-4.94.2-lp152.8.3.1 eximstats-html-4.94.2-4.2 eximstats-html-4.94.2-bp151.2.4.1 eximstats-html-4.94.2-bp152.6.4.1 eximstats-html-4.94.2-lp152.8.3.1 libspf2-2-1.2.10-bp151.4.1 libspf2-2-1.2.10-bp152.5.1 libspf2-devel-1.2.10-bp151.4.1 libspf2-devel-1.2.10-bp152.5.1 libspf2-tools-1.2.10-bp151.4.1 libspf2-tools-1.2.10-bp152.5.1 exim-4.94.2-bp151.2.4.1 as a component of SUSE Package Hub 15 SP1 eximon-4.94.2-bp151.2.4.1 as a component of SUSE Package Hub 15 SP1 eximstats-html-4.94.2-bp151.2.4.1 as a component of SUSE Package Hub 15 SP1 libspf2-2-1.2.10-bp151.4.1 as a component of SUSE Package Hub 15 SP1 libspf2-devel-1.2.10-bp151.4.1 as a component of SUSE Package Hub 15 SP1 libspf2-tools-1.2.10-bp151.4.1 as a component of SUSE Package Hub 15 SP1 exim-4.94.2-bp152.6.4.1 as a component of SUSE Package Hub 15 SP2 eximon-4.94.2-bp152.6.4.1 as a component of SUSE Package Hub 15 SP2 eximstats-html-4.94.2-bp152.6.4.1 as a component of SUSE Package Hub 15 SP2 libspf2-2-1.2.10-bp152.5.1 as a component of SUSE Package Hub 15 SP2 libspf2-devel-1.2.10-bp152.5.1 as a component of SUSE Package Hub 15 SP2 libspf2-tools-1.2.10-bp152.5.1 as a component of SUSE Package Hub 15 SP2 exim-4.94.2-lp152.8.3.1 as a component of openSUSE Leap 15.2 eximon-4.94.2-lp152.8.3.1 as a component of openSUSE Leap 15.2 eximstats-html-4.94.2-lp152.8.3.1 as a component of openSUSE Leap 15.2 exim-4.94.2-4.2 as a component of openSUSE Tumbleweed eximon-4.94.2-4.2 as a component of openSUSE Tumbleweed eximstats-html-4.94.2-4.2 as a component of openSUSE Tumbleweed An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. CVE-2018-6789 SUSE Package Hub 15 SP1:exim-4.94.2-bp151.2.4.1 SUSE Package Hub 15 SP1:eximon-4.94.2-bp151.2.4.1 SUSE Package Hub 15 SP1:eximstats-html-4.94.2-bp151.2.4.1 SUSE Package Hub 15 SP1:libspf2-2-1.2.10-bp151.4.1 SUSE Package Hub 15 SP1:libspf2-devel-1.2.10-bp151.4.1 SUSE Package Hub 15 SP1:libspf2-tools-1.2.10-bp151.4.1 SUSE Package Hub 15 SP2:exim-4.94.2-bp152.6.4.1 SUSE Package Hub 15 SP2:eximon-4.94.2-bp152.6.4.1 SUSE Package Hub 15 SP2:eximstats-html-4.94.2-bp152.6.4.1 SUSE Package Hub 15 SP2:libspf2-2-1.2.10-bp152.5.1 SUSE Package Hub 15 SP2:libspf2-devel-1.2.10-bp152.5.1 SUSE Package Hub 15 SP2:libspf2-tools-1.2.10-bp152.5.1 openSUSE Leap 15.2:exim-4.94.2-lp152.8.3.1 openSUSE Leap 15.2:eximon-4.94.2-lp152.8.3.1 openSUSE Leap 15.2:eximstats-html-4.94.2-lp152.8.3.1 openSUSE Tumbleweed:exim-4.94.2-4.2 openSUSE Tumbleweed:eximon-4.94.2-4.2 openSUSE Tumbleweed:eximstats-html-4.94.2-4.2 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H