Summary
Detail | |||
---|---|---|---|
Vendor | Exim | First view | 2019-07-25 |
Product | Exim | Last view | 2020-05-11 |
Version | 4.92 | Type | Application |
Update | rc5 | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:exim:exim |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2020-05-11 | CVE-2020-12783 | Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. |
7.8 | 2020-04-02 | CVE-2020-8015 | A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. |
9.8 | 2019-09-27 | CVE-2019-16928 | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. |
9.8 | 2019-09-06 | CVE-2019-15846 | Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. |
9.8 | 2019-07-25 | CVE-2019-13917 | Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
25% (1) | CWE-125 | Out-of-bounds Read |
25% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
25% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
25% (1) | CWE-19 | Data Handling |
Snort® IPS/IDS
Date | Description |
---|---|
2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53378 - Type : SERVER-OTHER - Revision : 1 |
2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53377 - Type : SERVER-OTHER - Revision : 1 |
2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53376 - Type : SERVER-OTHER - Revision : 1 |
2018-06-12 | EHLO user overflow attempt RuleID : 46610 - Type : SERVER-MAIL - Revision : 3 |