Bug 888520 (CVE-2014-2972) - VUL-0: CVE-2014-2972: exim: remote code execution
Summary: VUL-0: CVE-2014-2972: exim: remote code execution
Status: RESOLVED FIXED
Alias: CVE-2014-2972
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other openSUSE 13.1
: P3 - Medium : Major
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/103952/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-07-23 09:56 UTC by Victor Pereira
Modified: 2014-08-14 13:33 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2014-07-23 09:56:36 UTC 
CVE-2014-2972

Exim update to 4.83 

CVE-2014-2972. This is not a remote exploit, but if
content that is searched by the above math comparison functions is under
the control of an attacker, specially crafted data can be inserted that
will cause the Exim mail server to perform various file-system functions
as the exim user.

References:
http://seclists.org/oss-sec/2014/q3/214
Comment 1 Lars Müller 2014-07-23 13:31:58 UTC 
I've updated server:mail/exim to 4.83 and filed http://bugs.exim.org/show_bug.cgi?id=1506

I'd like to wait till we get some feedback if this is a false positive cached by the openSUSE Build Service or if this is a bug before we publish 4.83 for openSUSE 12.3 and 13.1.
Comment 2 Lars Müller 2014-07-23 18:58:34 UTC 
It was a false positive catched by the no-return-in-nonvoid-function build root policy check.

https://build.opensuse.org/request/show/242061  openSUSE:Maintenance 13.1
https://build.opensuse.org/request/show/242062  openSUSE:Maintenance 12.3

I'm handing over this issue to the openSUSE maintenance group.
Comment 3 Swamp Workflow Management 2014-07-23 22:00:11 UTC 
bugbot adjusting priority
Comment 4 Bernhard Wiedemann 2014-07-24 11:00:12 UTC 
This is an autogenerated message for OBS integration:
This bug (888520) was mentioned in
https://build.opensuse.org/request/show/242189 13.1 / exim
https://build.opensuse.org/request/show/242191 12.3 / exim
Comment 5 Bernhard Wiedemann 2014-07-25 12:00:34 UTC 
This is an autogenerated message for OBS integration:
This bug (888520) was mentioned in
https://build.opensuse.org/request/show/242363 Factory / exim
Comment 6 Bernhard Wiedemann 2014-07-25 14:00:40 UTC 
This is an autogenerated message for OBS integration:
This bug (888520) was mentioned in
https://build.opensuse.org/request/show/242388 Factory / exim
Comment 7 Swamp Workflow Management 2014-08-11 08:11:51 UTC 
openSUSE-SU-2014:0983-1: An update that fixes four vulnerabilities is now available.

Category: security (moderate)
Bug References: 694798,695144,888520
CVE References: CVE-2011-1407,CVE-2012-5671,CVE-2014-2957,CVE-2014-2972
Sources used:
openSUSE 13.1 (src):    exim-4.83-6.4.1
openSUSE 12.3 (src):    exim-4.83-3.4.1
Comment 8 Swamp Workflow Management 2014-08-11 10:10:21 UTC 
openSUSE-SU-2014:0986-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 764120,888520
CVE References: CVE-2012-5671,CVE-2014-2957,CVE-2014-2972
Sources used:
openSUSE 11.4 (src):    exim-4.83-27.1
Comment 9 Lars Müller 2014-08-14 13:33:22 UTC 
4.83 got release.  Thanks!