This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Exim First view 2017-06-19
Product Exim Last view 2020-05-11
Version 4.89 Type Application
Update -  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:exim:exim

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2020-05-11 CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

7.8 2020-04-02 CVE-2020-8015

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.

9.8 2019-09-27 CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

9.8 2019-09-06 CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

9.8 2019-07-25 CVE-2019-13917

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

9.8 2019-06-05 CVE-2019-10149

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

9.8 2018-02-08 CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

9.8 2017-11-25 CVE-2017-16943

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

4 2017-06-19 CVE-2017-1000369

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

CWE : Common Weakness Enumeration

%idName
12% (1) CWE-416 Use After Free
12% (1) CWE-404 Improper Resource Shutdown or Release
12% (1) CWE-125 Out-of-bounds Read
12% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
12% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
12% (1) CWE-20 Improper Input Validation
12% (1) CWE-19 Data Handling

SAINT Exploits

Description Link
Exim SMTP listener base64d function one-character buffer overflow More info here

Snort® IPS/IDS

Date Description
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53378 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53377 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53376 - Type : SERVER-OTHER - Revision : 1
2019-09-26 Exim malformed BDAT code execution attempt
RuleID : 51301 - Type : SERVER-OTHER - Revision : 1
2019-07-09 Exim remote command execution attempt
RuleID : 50356 - Type : SERVER-MAIL - Revision : 1
2018-09-18 EHLO user overflow attempt
RuleID : 47541 - Type : SERVER-MAIL - Revision : 2
2018-06-12 EHLO user overflow attempt
RuleID : 46610 - Type : SERVER-MAIL - Revision : 3
2018-01-03 Exim malformed BDAT code execution attempt
RuleID : 45046 - Type : SERVER-OTHER - Revision : 5
2014-01-10 AUTH user overflow attempt
RuleID : 3824 - Type : SERVER-MAIL - Revision : 16

Nessus® Vulnerability Scanner

id Description
2018-03-09 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-970.nasl - Type: ACT_GATHER_INFO
2018-03-07 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201803-01.nasl - Type: ACT_GATHER_INFO
2018-03-06 Name: The remote mail server is potentially affected by a buffer overflow vulnerabi...
File: exim_4_90_1.nasl - Type: ACT_GATHER_INFO
2018-02-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5aec14e125.nasl - Type: ACT_GATHER_INFO
2018-02-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-25a7ba3cb6.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_316b3c3e0e9811e88d4197657151f8c2.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4110.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote Debian host is missing a security update.
File: debian_DLA-1274.nasl - Type: ACT_GATHER_INFO
2018-01-15 Name: The remote Fedora host is missing a security update.
File: fedora_2017-0053bb9719.nasl - Type: ACT_GATHER_INFO
2017-12-26 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-932.nasl - Type: ACT_GATHER_INFO
2017-12-14 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1342.nasl - Type: ACT_GATHER_INFO
2017-12-13 Name: The remote Fedora host is missing a security update.
File: fedora_2017-0032baa7d7.nasl - Type: ACT_GATHER_INFO
2017-12-01 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4053.nasl - Type: ACT_GATHER_INFO
2017-11-29 Name: The remote mail server is potentially affected by a remote code execution flaw.
File: exim_bdat_chunk_uaf.nasl - Type: ACT_GATHER_INFO
2017-11-28 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3493-1.nasl - Type: ACT_GATHER_INFO
2017-10-23 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa_10826.nasl - Type: ACT_GATHER_INFO
2017-09-25 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201709-19.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Fedora host is missing a security update.
File: fedora_2017-f5177f3a16.nasl - Type: ACT_GATHER_INFO
2017-08-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-980.nasl - Type: ACT_GATHER_INFO
2017-06-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-714.nasl - Type: ACT_GATHER_INFO
2017-06-26 Name: The remote Debian host is missing a security update.
File: debian_DLA-1001.nasl - Type: ACT_GATHER_INFO
2017-06-22 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_8c1a271d56cf11e7b9fec13eb7bcbf4f.nasl - Type: ACT_GATHER_INFO
2017-06-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3888.nasl - Type: ACT_GATHER_INFO
2017-06-20 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3322-1.nasl - Type: ACT_GATHER_INFO