CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27216
https://notcve.org/view.php?id=CVE-2021-27216
Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options. Exim 4 versiones anteriores a 4.94.2, presenta una Ejecución con Privilegios Innecesarios. Al aprovechar una condición de carrera delete_pid_file, un usuario local puede eliminar archivos arbitrarios como root. • https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2020-12783
https://notcve.org/view.php?id=CVE-2020-12783
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. Exim versiones hasta 4.93, presenta una lectura fuera de límites en el autenticador SPA lo que podría resultar en una omisión de la autenticación SPA/NTLM en los archivos auths/spa.c y auths/auth-spa.c. • http://www.openwall.com/lists/oss-security/2021/05/04/7 https://bugs.exim.org/show_bug.cgi?id=2571 https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86 https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0 https://lists.debian.org/debian-lts-announce/2020/05/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6IQQ2SERFUD4WMRSX6XYDNK7Q4GPT7Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 1CVE-2020-8015 – Local privilege escalation in exim package from user mail to root
https://notcve.org/view.php?id=CVE-2020-8015
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. Una vulnerabilidad de seguimiento de enlace simbólico (Symlink) de UNIX en el empaquetado de exim en openSUSE Factory, permite a atacantes locales escalar desde un correo de usuario a root. Este problema afecta: exim de openSUSE Factory versiones anteriores a 4.93.0.4-3.1. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html https://bugzilla.suse.com/show_bug.cgi?id=1154183 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 25%CPEs: 4EXPL: 1CVE-2019-15846
https://notcve.org/view.php?id=CVE-2019-15846
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. Exim versiones anteriores a 4.92.2, permite a atacantes remotos ejecutar código arbitrario como root por medio de una barra invertida al final de una URL. • https://github.com/synacktiv/Exim-CVE-2019-15846 http://exim.org/static/doc/security/CVE-2019-15846.txt http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html http://www.openwall.com/lists/oss-security/2019/09/06/2 http://www.openwall.com/lists/oss-security/2019/09/06/4 http://www.openwall.com/lists/oss-security/2019/09/06/5 http://www.openwall.com/lists/oss-security/2019/09/06/6 http://www.openwall.com/lists/oss-security/2019/09/ •
CVSS: 9.8EPSS: 95%CPEs: 7EXPL: 4CVE-2018-6789 – Exim Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2018-6789
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. Se ha descubierto un problema en la función base64d en el escuchador SMTP en Exim, en versiones anteriores a la 4.90.1. Al enviar un mensaje manipulado, podría ocurrir un desbordamiento de búfer. • https://www.exploit-db.com/exploits/45671 https://www.exploit-db.com/exploits/44571 https://github.com/synacktiv/Exim-CVE-2018-6789 https://github.com/beraphin/CVE-2018-6789 http://openwall.com/lists/oss-security/2018/02/10/2 http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html http://www.openwall.com/lists/oss-security/2018/02/07/2 http://www.securityfocus.com/bid/103049 http://www.securitytracker.com/id/1040461 https://devco.re/blog/201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •