This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Exim First view 2018-02-08
Product Exim Last view 2020-05-11
Version 4.90 Type Application
Update rc2  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:exim:exim

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2020-05-11 CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

7.8 2020-04-02 CVE-2020-8015

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.

9.8 2019-09-27 CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

9.8 2019-09-06 CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

9.8 2019-07-25 CVE-2019-13917

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

9.8 2019-06-05 CVE-2019-10149

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

9.8 2018-02-08 CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

CWE : Common Weakness Enumeration

%idName
16% (1) CWE-125 Out-of-bounds Read
16% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
16% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
16% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
16% (1) CWE-20 Improper Input Validation
16% (1) CWE-19 Data Handling

SAINT Exploits

Description Link
Exim SMTP listener base64d function one-character buffer overflow More info here

Snort® IPS/IDS

Date Description
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53378 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53377 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53376 - Type : SERVER-OTHER - Revision : 1
2019-07-09 Exim remote command execution attempt
RuleID : 50356 - Type : SERVER-MAIL - Revision : 1
2018-09-18 EHLO user overflow attempt
RuleID : 47541 - Type : SERVER-MAIL - Revision : 2
2018-06-12 EHLO user overflow attempt
RuleID : 46610 - Type : SERVER-MAIL - Revision : 3
2014-01-10 AUTH user overflow attempt
RuleID : 3824 - Type : SERVER-MAIL - Revision : 16

Nessus® Vulnerability Scanner

id Description
2018-03-09 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-970.nasl - Type: ACT_GATHER_INFO
2018-03-07 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201803-01.nasl - Type: ACT_GATHER_INFO
2018-03-06 Name: The remote mail server is potentially affected by a buffer overflow vulnerabi...
File: exim_4_90_1.nasl - Type: ACT_GATHER_INFO
2018-02-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-25a7ba3cb6.nasl - Type: ACT_GATHER_INFO
2018-02-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5aec14e125.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote Debian host is missing a security update.
File: debian_DLA-1274.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4110.nasl - Type: ACT_GATHER_INFO
2018-02-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_316b3c3e0e9811e88d4197657151f8c2.nasl - Type: ACT_GATHER_INFO