Summary
Detail | |||
---|---|---|---|
Vendor | Exim | First view | 2018-02-08 |
Product | Exim | Last view | 2020-05-11 |
Version | 4.90 | Type | Application |
Update | rc3 | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:exim:exim |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2020-05-11 | CVE-2020-12783 | Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. |
7.8 | 2020-04-02 | CVE-2020-8015 | A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. |
9.8 | 2019-09-27 | CVE-2019-16928 | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. |
9.8 | 2019-09-06 | CVE-2019-15846 | Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. |
9.8 | 2019-07-25 | CVE-2019-13917 | Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). |
9.8 | 2019-06-05 | CVE-2019-10149 | A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. |
9.8 | 2018-02-08 | CVE-2018-6789 | An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
16% (1) | CWE-125 | Out-of-bounds Read |
16% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
16% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
16% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
16% (1) | CWE-20 | Improper Input Validation |
16% (1) | CWE-19 | Data Handling |
SAINT Exploits
Description | Link |
---|---|
Exim SMTP listener base64d function one-character buffer overflow | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53378 - Type : SERVER-OTHER - Revision : 1 |
2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53377 - Type : SERVER-OTHER - Revision : 1 |
2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53376 - Type : SERVER-OTHER - Revision : 1 |
2019-07-09 | Exim remote command execution attempt RuleID : 50356 - Type : SERVER-MAIL - Revision : 1 |
2018-09-18 | EHLO user overflow attempt RuleID : 47541 - Type : SERVER-MAIL - Revision : 2 |
2018-06-12 | EHLO user overflow attempt RuleID : 46610 - Type : SERVER-MAIL - Revision : 3 |
2014-01-10 | AUTH user overflow attempt RuleID : 3824 - Type : SERVER-MAIL - Revision : 16 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-03-09 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-970.nasl - Type: ACT_GATHER_INFO |
2018-03-07 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201803-01.nasl - Type: ACT_GATHER_INFO |
2018-03-06 | Name: The remote mail server is potentially affected by a buffer overflow vulnerabi... File: exim_4_90_1.nasl - Type: ACT_GATHER_INFO |
2018-02-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-25a7ba3cb6.nasl - Type: ACT_GATHER_INFO |
2018-02-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-5aec14e125.nasl - Type: ACT_GATHER_INFO |
2018-02-12 | Name: The remote Debian host is missing a security update. File: debian_DLA-1274.nasl - Type: ACT_GATHER_INFO |
2018-02-12 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4110.nasl - Type: ACT_GATHER_INFO |
2018-02-12 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_316b3c3e0e9811e88d4197657151f8c2.nasl - Type: ACT_GATHER_INFO |