This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Exim First view 2019-07-25
Product Exim Last view 2020-05-11
Version 4.92 Type Application
Update -  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:exim:exim

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2020-05-11 CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

7.8 2020-04-02 CVE-2020-8015

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.

9.8 2019-09-27 CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

9.8 2019-09-06 CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

9.8 2019-07-25 CVE-2019-13917

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-125 Out-of-bounds Read
25% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
25% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
25% (1) CWE-19 Data Handling

Snort® IPS/IDS

Date Description
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53378 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53377 - Type : SERVER-OTHER - Revision : 1
2020-04-02 Exim unauthenticated remote code execution attempt
RuleID : 53376 - Type : SERVER-OTHER - Revision : 1
2018-06-12 EHLO user overflow attempt
RuleID : 46610 - Type : SERVER-MAIL - Revision : 3