Trending CVEs for the Week of June 10th, 2019

CVE-2019-10149 – Remote Command Execution Flaw in Exim

The BlueKeep vulnerability is still the number one trending vulnerability on social media. This week, we will cover the runner-up, CVE-2019-10149. A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the “root” user.

Description

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Affected Products

Remote *Command* Execution vulnerability in versions 4.87 to 4.91 (inclusive).

Exploitation and Risk

Successful exploitation of this vulnerability will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Fixes

There is no good workaround at this time. NopSec suggests you patch it immediately.  

References

Exim

National Vulnerability Database