From: Andrew Aitchison Date: Mon, 20 Mar 2023 10:13:22 +0000 (+0100) Subject: add: CVE-2021-38371 X-Git-Url: https://git.exim.org/exim-website.git/commitdiff_plain/2fae8e2e6a9d5606ac7eb7c94003d59756a1281a add: CVE-2021-38371 --- diff --git a/templates/static/doc/security/CVE-2021-38371.txt b/templates/static/doc/security/CVE-2021-38371.txt new file mode 100644 index 0000000..dfb748b --- /dev/null +++ b/templates/static/doc/security/CVE-2021-38371.txt @@ -0,0 +1,39 @@ +CVE ID: CVE-2021-38371 +Date: 2021-08-10 +Version(s): up to and including 4.94.2 +Reporter: Damian Poddebniak, Fabian Ising, Hanno Böck, and Sebastian Schinzel +Reference: https://nostarttls.secvuln.info/ +Issue: Possible MitM attack on STARTTLS when Exim is *sending* email. + + +Conditions to be vulnerable +=========================== + +Versions up to (and including) 4.94.2 are vulnerable when +*sending* emails via a connection encrypted via STARTTLS. + + +Details +======= + +When Exim acting as a mail client wishes to send a message, +a Meddler-in-the-Middle (MitM) may respond to the STARTTLS command +by also sending a response to the *next* command, which Exim will +erroneously treat as a trusted response. + +Source fixed by +https://git.exim.org/exim.git/commit/1b9ab35f323121aabf029f0496c7227818efad14 +commit 1b9ab35f323121aabf029f0496c7227818efad14 +Author: Jeremy Harris +Date: Thu Jul 30 20:16:01 2020 +0100 + +Mitigation +========== + +There is - beside updating the server - no known mitigation. + +Fix +=== + +Download and build the fixed version 4.95 or a later version +(4.96 was released in June 2022).