CVE-2023-42114
published 2024-05-03CVE-2023-42114: Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on…
PriorityP344medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
28.08%
97.9th percentile
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account.
. Was ZDI-CAN-17433.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | exim4 | < exim4 4.96-15+deb12u2 (bookworm) | exim4 4.96-15+deb12u2 (bookworm) |
| exim | exim | < 4.96.1 | 4.96.1 |
| exim | exim | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv3.03.7LOWCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
vendor_redhat5.3MEDIUM
vendor_ubuntu5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2023-10-04·CVSS 5.3
CVE-2023-42115 [MEDIUM] Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
reads, resulting in information leakage. (CVE-2023-42114)
It was discovered that Exim incorrectly handled validation of user-supplied
data. A remote attacker could possibly use this issue to perform
out-of-bounds writes, resulting in arbitrary code execution. This issue
only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04.
(CVE-2023-42115)
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
writes, resulting in arbitrary code execution. (CVE-2023-42116
Red Hat
Exim: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
vendor_redhat·2023-09-27·CVSS 5.3
CVE-2023-42114 [MEDIUM] CWE-125 Exim: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
Exim: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account.
. Was ZDI-CAN-17433.
An out-of-bounds read vulnerability was found in Exim within the handling of NTLM challenge requests. The issue results f
Debian
CVE-2023-42114: exim4 - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. Thi...
vendor_debian·2023·CVSS 5.3
CVE-2023-42114 [MEDIUM] CVE-2023-42114: exim4 - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. Thi...
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. . Was ZDI-CAN-17433.
Scope: local
bookworm: resolved (fixed in 4.96-15+deb12u2)
bullseye: resolved (fixed in 4.94.2-7+deb11u1)
forky: resolved (fixed in 4.97~RC1-2)
sid: resolved (fixed in 4.97~RC1-2)
trixie: resolved (fi
GHSA
GHSA-h5j4-2q8w-q3q4: Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
ghsa_unreviewed·2024-05-03
CVE-2023-42114 [LOW] CWE-125 GHSA-h5j4-2q8w-q3q4: Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-17433.
OSV
CVE-2023-42114: Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
osv·2024-05-03·CVSS 5.3
CVE-2023-42114 [MEDIUM] CVE-2023-42114: Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. . Was ZDI-CAN-17433.
OSV
exim4 vulnerabilities
osv·2023-10-04·CVSS 5.3
CVE-2023-42114 [MEDIUM] exim4 vulnerabilities
exim4 vulnerabilities
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
reads, resulting in information leakage. (CVE-2023-42114)
It was discovered that Exim incorrectly handled validation of user-supplied
data. A remote attacker could possibly use this issue to perform
out-of-bounds writes, resulting in arbitrary code execution. This issue
only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04.
(CVE-2023-42115)
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
writes, resulting in arbitrary code execution. (CVE-2023-42116)
No detection rules found.
No public exploits indexed.
Wiz
Exim 0day Vulnerabilities: Everything You Need to Know | Wiz Blog
blogs_wiz·2023-10-02·CVSS 9.8
CVE-2023-42115 [CRITICAL] Exim 0day Vulnerabilities: Everything You Need to Know | Wiz Blog
Multiple vulnerabilities were publicly disclosed by the Zero Day Initiative (ZDI) in Exim Mail Transfer Agent (MTA), including CVE-2023-42115, which is a critical vulnerability enabling unauthenticated attackers to remotely execute code on publicly exposed Exim servers with “External” authentication enabled. This issue results from improper input validation that leads to writing arbitrary code past the end of the buffer. The recommendation is to update Exim to patched versions, or if not possible, restrict remote access to Exim mail servers if you have “External” authentication enabled, or to switch to a different authentication method.
## What is CVE-2023-42115?
Exim is a very prevalent mail server, due in part to being the default MTA preinstalled on Debian and other Linux distribution
Wiz
Exim 0day Vulnerabilities: Everything You Need to Know | Wiz Blog
blogs_wiz·2023-10-02·CVSS 9.8
CVE-2023-42115 [CRITICAL] Exim 0day Vulnerabilities: Everything You Need to Know | Wiz Blog
Multiple vulnerabilities were publicly disclosed by the Zero Day Initiative (ZDI) in Exim Mail Transfer Agent (MTA), including CVE-2023-42115, which is a critical vulnerability enabling unauthenticated attackers to remotely execute code on publicly exposed Exim servers with “External” authentication enabled. This issue results from improper input validation that leads to writing arbitrary code past the end of the buffer. The recommendation is to update Exim to patched versions, or if not possible, restrict remote access to Exim mail servers if you have “External” authentication enabled, or to switch to a different authentication method.
# What is CVE-2023-42115?
Exim is a very prevalent mail server, due in part to being the default MTA preinstalled on Debian and other Linux distributions
Bleepingcomputer
Exim patches three of six zero-day bugs disclosed last week
blogs_bleepingcomputer·2023-10-02·CVSS 5.3
CVE-2023-42115 [MEDIUM] Exim patches three of six zero-day bugs disclosed last week
## Exim patches three of six zero-day bugs disclosed last week
## Sergiu Gatlan
Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution.
Discovered by an anonymous security researcher, the security flaw (CVE-2023-42115) is due to an Out-of-bounds Write weakness found in the SMTP service and can be exploited by remote unauthenticated attackers to execute code in the context of the service account.
"The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer," ZDI's advisory exp
Checkpoint
2nd October – Threat Intelligence Report
blogs_checkpoint·2023-10-02
CVE-2023-5217 2nd October – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 2nd October – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 2nd October, please download our Threat_Intelligence Bulletin .
TOP ATTACKS AND BREACHES
Check Point researchers have detected a phishing campaign exploiting popular file-sharing program Dropbox. The threat actors use legitimate Dropbox pages to send official email messages to the victims, which will then redirect the recipients to credential stealing pages.
Japanese entertainment giant Sony, as well as major
Bleepingcomputer
Millions of Exim mail servers exposed to zero-day RCE attacks
blogs_bleepingcomputer·2023-09-29·CVSS 9.8
CVE-2023-42115 [CRITICAL] Millions of Exim mail servers exposed to zero-day RCE attacks
## Millions of Exim mail servers exposed to zero-day RCE attacks
## Sergiu Gatlan
A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers.
Found by an anonymous security researcher and disclosed through Trend Micro's Zero Day Initiative (ZDI), the security bug (CVE-2023-42115) is due to an Out-of-bounds Write weakness found in the SMTP service.
While this type of issue can lead to software crashes or corruption of data following successful exploitation, it can also be abused by attackers for code or command execution on vulnerable servers.
"The specific flaw exists within the smtp service, which listens on TCP port 25 by default," a ZDI security advisory
Bugzilla
CVE-2023-42114 Exim: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
bugzilla·2023-09-30·CVSS 5.3
CVE-2023-42114 [MEDIUM] CVE-2023-42114 Exim: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2023-42114 Exim: NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-23-1468/
Discussion:
Created exim tracking bugs for this issue:
Affects: epel-all [bug 2241540]
Affects: fedora-all [bug 2241539]
---
*** Bug 2241735 has been marked as a duplicate of this bug. ***
---
*** Bug 2241470 has been marked as a duplicate of this bug. ***
---
*** Bug 2241455 has been marked as a duplicate of this bug. ***
---
can we close this bug?
2024-05-03
Published