CVE-2019-16928: Critical Buffer Overflow Flaw in Exim is Remotely Exploitable

October 1, 2019

Exim Internet Mailer, the popular message transfer agent (MTA) for Unix hosts found on nearly 5 million systems, is back in the news. Earlier this month, CVE-2019-15846, a critical remote code execution (RCE) flaw, was patched in Exim 4.92.2. In June, Tenable blogged about CVE-2019-10149, another RCE, which saw exploit attempts within a week of public disclosure. On September 28, Exim maintainers published an advance notice concerning a new vulnerability in Exim 4.92 up to and including 4.92.2. From our analysis of Shodan results, over 3.5 million systems may be affected.

 

CVE-2019-16928 is a heap-based buffer overflow vulnerability due to a flaw in string_vformat() found in string.c. As noted in the bug report, the flaw was a simple coding error where the length of the string was not properly accounted for, leading to a buffer overflow condition. The flaw can be exploited by an unauthenticated remote attacker who could use a large crafted Extended HELO (EHLO) string to crash the Exim process that receives the message. This could potentially be further exploited to execute arbitrary code on the host. The flaw was found internally by the QAX A-Team, who submitted the patch. However, the bug is trivial to exploit, and it’s likely attackers will begin actively probing for and attacking vulnerable Exim MTA systems in the near future.

 

The Exim team released version 4.92.3 on September 29 to address CVE-2019-16928. Administrators are encouraged to upgrade as soon as possible. No mitigations exist at this time.

 

To read the full analysis by Tenable click here.

 

Advertisements

R&M presents new optical cabling solution and DCIM software for Data Center and Edge at Data Centre World

October 1, 2019

Introduction distribution platform Netscale 72 and infrastructure management with inteliPhy net at Stand O35

WETZIKON, Switzerland / BENGALURU, India – October 1, 2019 – R&M, the globally active developer and provider of cabling systems for high-quality network infrastructures is showing its latest innovative fiber optic platform, Netscale 72. This offers RFID-based automated port documentation and visual guidance of work orders. R&M’s next generation of infrastructure management software, inteliPhy net, is part of the solution is. It is an easy-to-use DCIM solution for asset, capacity and change management.

The new fiber optic distribution platform Netscale 72 natively supports the two parallel optical cabling types BASE8 and BASE12. This means that distribution modules for both applications fit into the same drawers of the system. Data centers can customize trunk cabling within existing racks and enclosures, simply by changing or adding cassettes. In this way, Netscale 72 facilitates rapid migration to new network generations. A typical case is the step from a 10 Gigabit network to a 40 or 100 Gigabit network. Netscale 72 can also be used to build large Spine-Leaf network architectures in cloud data centers. R&M’s Netscale program offers the industry’s highest density of fiber optic ports in 19” cabinets.

With inteliPhy net, R&M is launching an easy-to-use DCIM solution for asset, capacity and change management. R&M deliberately attaches importance to simplified presentation and intuitive, web-based operation. With inteliPhy net, users digitally organize and document the entire network infrastructure. The program bundles and visualizes all information on capacities, cabling, patch panels, racks, PDUs and IT equipment in a single database. Component representations can be added and moved using drag & drop. In combination with the RFID-based R&MinteliPhy monitoring system, the program monitors all ports and leased cables in real time. Predefined graphics show the connections and their status down to the port level. inteliPhy net can also be used to plan and control migrations, workflows, maintenance and patch orders. With the reporting function, network managers can prove that they are utilizing the resources and meeting quality, compliance and service requirements.

# # #

About R&M

R&M (Reichle & De-Massari AG) is a leading global producer of future-proof products and systems for communication and data networks. The company’s close collaboration with certified partners results in pioneering connectivity solutions in the sectors LAN, Public and Telecom Networks as well as Data Centers. The Swiss family company stands for innovation, quality, and proximity to customers. More information is available at www.rdm.com


%d bloggers like this: