CVE-2018-6789 PoC — Exim SMTP listener 缓冲区错误漏洞

Source

https://github.com/synacktiv/Exim-CVE-2018-6789

Associated Vulnerability

Title:Exim SMTP listener 缓冲区错误漏洞 (CVE-2018-6789)
Description:Exim是英国剑桥大学开发的一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。SMTP listener是其中的一个SMTP（简单邮件传输协议）监听器。 Exim 4.90及之前版本中的SMTP listener存在缓冲区溢出漏洞。远程攻击者可通过发送特制的消息利用该漏洞执行代码。

Description

PoC materials to exploit CVE-2018-6789

Readme

Exim CVE-2018-6789
==================

PoC materials to exploit CVE-2018-6789. Blogpost explaining the PoC is
available on
[Synacktiv Blog](https://www.synacktiv.com/posts/exploit/scraps-of-notes-on-exploiting-exim-vulnerabilities.html).

This PoC connects to a vulnerable Exim server and exploits CVE-2018-6789.

Usage
-----

```
usage: exploit [-hv] <host> <port> <acl_pointer>

options:
    -h, --help        Print this help
    -v, --verbose     Enable verbose output
```

File Snapshot


 [4.0K]  /data/pocs/6d5caacda0361e2695a5f6215ee94282b9482718
├── [ 11K]  exploit.c
├── [   9]  Makefile
└── [ 476]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!