This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Exim First view 2011-05-16
Product Exim Last view 2020-05-11
Version 4.73 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:exim:exim

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2020-05-11 CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

7.8 2020-04-02 CVE-2020-8015

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.

9.8 2019-09-27 CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

9.8 2019-09-06 CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

9.8 2019-07-25 CVE-2019-13917

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

9.8 2019-06-05 CVE-2019-10149

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

9.8 2018-02-08 CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

4 2017-06-19 CVE-2017-1000369

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

5.9 2017-02-01 CVE-2016-9963

Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.

7 2016-04-07 CVE-2016-1531

Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.

4.6 2014-09-04 CVE-2014-2972

expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.

6.8 2014-09-04 CVE-2014-2957

The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.

6.8 2012-10-31 CVE-2012-5671

Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.

7.5 2011-10-04 CVE-2011-1764

Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.

7.5 2011-05-16 CVE-2011-1407

The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.

CWE : Common Weakness Enumeration

%idName
21% (3) CWE-20 Improper Input Validation
14% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (1) CWE-404 Improper Resource Shutdown or Release
7% (1) CWE-320 Key Management Errors
7% (1) CWE-264 Permissions, Privileges, and Access Controls
7% (1) CWE-189 Numeric Errors
7% (1) CWE-134 Uncontrolled Format String
7% (1) CWE-125 Out-of-bounds Read
7% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
7% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
7% (1) CWE-19 Data Handling

SAINT Exploits

Description Link
Exim SMTP listener base64d function one-character buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
72642 Exim DKIM Identity Lookup Item Remote Code Execution
72156 Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Form...

OpenVAS Exploits

id Description
2012-12-13 Name : SuSE Update for exim openSUSE-SU-2012:1404-1 (exim)
File : nvt/gb_suse_2012_1404_1.nasl
2012-11-02 Name : Fedora Update for exim FEDORA-2012-17044
File : nvt/gb_fedora_2012_17044_exim_fc17.nasl
2012-11-02 Name : Fedora Update for exim FEDORA-2012-17085
File : nvt/gb_fedora_2012_17085_exim_fc16.nasl
2012-10-29 Name : Debian Security Advisory DSA 2566-1 (exim4)
File : nvt/deb_2566_1.nasl
2012-10-29 Name : FreeBSD Ports: exim
File : nvt/freebsd_exim4.nasl
2012-10-29 Name : Ubuntu Update for exim4 USN-1618-1
File : nvt/gb_ubuntu_USN_1618_1.nasl
2011-08-03 Name : Debian Security Advisory DSA 2232-1 (exim4)
File : nvt/deb_2232_1.nasl
2011-08-03 Name : Debian Security Advisory DSA 2236-1 (exim4)
File : nvt/deb_2236_1.nasl
2011-08-03 Name : FreeBSD Ports: exim
File : nvt/freebsd_exim3.nasl
2011-06-03 Name : Ubuntu Update for exim4 USN-1135-1
File : nvt/gb_ubuntu_USN_1135_1.nasl
2011-05-23 Name : Fedora Update for exim FEDORA-2011-7047
File : nvt/gb_fedora_2011_7047_exim_fc14.nasl
2011-05-23 Name : Fedora Update for exim FEDORA-2011-7059
File : nvt/gb_fedora_2011_7059_exim_fc13.nasl
2011-05-17 Name : Ubuntu Update for exim4 USN-1130-1
File : nvt/gb_ubuntu_USN_1130_1.nasl

Snort® IPS/IDS

Date Description
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53378 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53377 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53376 - Type : SERVER-OTHER - Revision : 1
2019-07-09 Exim remote command execution attempt
RuleID : 50356 - Type : SERVER-MAIL - Revision : 1
2018-09-18 EHLO user overflow attempt
RuleID : 47541 - Type : SERVER-MAIL - Revision : 2
2018-06-12 EHLO user overflow attempt
RuleID : 46610 - Type : SERVER-MAIL - Revision : 3
2014-01-10 AUTH user overflow attempt
RuleID : 3824 - Type : SERVER-MAIL - Revision : 16
2014-01-10 Exim DKIM decoding buffer overflow attempt
RuleID : 25333 - Type : PROTOCOL-DNS - Revision : 7

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-03-09 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-970.nasl - Type: ACT_GATHER_INFO
2018-03-07 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201803-01.nasl - Type: ACT_GATHER_INFO
2018-03-06 Name: The remote mail server is potentially affected by a buffer overflow vulnerabi...
File: exim_4_90_1.nasl - Type: ACT_GATHER_INFO
2018-02-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5aec14e125.nasl - Type: ACT_GATHER_INFO
2018-02-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-25a7ba3cb6.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_316b3c3e0e9811e88d4197657151f8c2.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4110.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote Debian host is missing a security update.
File: debian_DLA-1274.nasl - Type: ACT_GATHER_INFO
2017-10-23 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa_10826.nasl - Type: ACT_GATHER_INFO
2017-09-25 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201709-19.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Fedora host is missing a security update.
File: fedora_2017-f5177f3a16.nasl - Type: ACT_GATHER_INFO
2017-08-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-980.nasl - Type: ACT_GATHER_INFO
2017-06-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-714.nasl - Type: ACT_GATHER_INFO
2017-06-26 Name: The remote Debian host is missing a security update.
File: debian_DLA-1001.nasl - Type: ACT_GATHER_INFO
2017-06-22 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_8c1a271d56cf11e7b9fec13eb7bcbf4f.nasl - Type: ACT_GATHER_INFO
2017-06-20 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3322-1.nasl - Type: ACT_GATHER_INFO
2017-06-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3888.nasl - Type: ACT_GATHER_INFO
2017-03-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-804.nasl - Type: ACT_GATHER_INFO
2017-01-06 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3164-1.nasl - Type: ACT_GATHER_INFO
2016-12-27 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_e7002b26caaa11e6a76a9f7324e5534e.nasl - Type: ACT_GATHER_INFO
2016-12-27 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3747.nasl - Type: ACT_GATHER_INFO
2016-12-27 Name: The remote Debian host is missing a security update.
File: debian_DLA-762.nasl - Type: ACT_GATHER_INFO
2016-07-21 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201607-12.nasl - Type: ACT_GATHER_INFO
2016-03-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2933-1.nasl - Type: ACT_GATHER_INFO
2016-03-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3517.nasl - Type: ACT_GATHER_INFO