ASA-2019-00534 – Exim: Buffer overflow by sending a SNI ending in a backslash-null sequence during the initial TLS handshake

The SMTP Delivery process in all versions up to and  including Exim 4.92.1 has a Buffer Overflow. In the default runtime configuration, this is exploitable with crafted Server Name Indication (SNI) data during a TLS negotiation. In other configurations, it is exploitable with a crafted client TLS certificate. A local or remote attacker can execute programs with root privileges. The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake.