CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28023 – Ubuntu Security Notice USN-4934-1
https://notcve.org/view.php?id=CVE-2020-28023
04 May 2021 — Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client. Exim 4 versiones anteriores a 4.94.2, permite una lectura fuera de límites. La función smtp_setup_msg puede divulgar información confidencial de la memoria del proceso a un cliente SMTP no autenticado It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code r... • https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt • CWE-125: Out-of-bounds Read •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27216 – Ubuntu Security Notice USN-4934-1
https://notcve.org/view.php?id=CVE-2021-27216
04 May 2021 — Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options. Exim 4 versiones anteriores a 4.94.2, presenta una Ejecución con Privilegios Innecesarios. Al aprovechar una condición de carrera delete_pid_file, un usuario local puede eliminar archivos arbitrarios como root. • https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28015 – Ubuntu Security Notice USN-4934-1
https://notcve.org/view.php?id=CVE-2020-28015
04 May 2021 — Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character. Exim 4 versiones anteriores a 4.94.2, presenta Neutralización Inapropiada de Delimitadores de Línea. Los usuarios locales pueden alterar el comportamiento de los procesos root porque la dirección de un destinatario pueda tener un carácter newline It was discovered that Exim contained multiple security issues. An attacker could use... • https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28015-NLEND.txt •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28007 – Ubuntu Security Notice USN-4934-1
https://notcve.org/view.php?id=CVE-2020-28007
04 May 2021 — Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem. Exim 4 versiones anteriores a 4.94.2, permite una Ejecución con Privilegios Innecesarios. Debido a que Exim opera como root en el directorio de registro (propiedad para un usuario no root), un ataque de enlace simbólico o físico permite sobrescribir archivos... • https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2020-28019 – Ubuntu Security Notice USN-4934-1
https://notcve.org/view.php?id=CVE-2020-28019
04 May 2021 — Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA. Exim 4 versiones anteriores a 4.94.2, presenta una Inicialización Inapropiada que puede conllevar a un consumo de la pila basado en recursividad u otras consecuencias. Esto ocurre porque el uso de determinadas funciones getc es manejado inapropiadamente cuando un cliente usa BDA... • https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt • CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2020-12783 – Debian Security Advisory 4687-1
https://notcve.org/view.php?id=CVE-2020-12783
11 May 2020 — Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. Exim versiones hasta 4.93, presenta una lectura fuera de límites en el autenticador SPA lo que podría resultar en una omisión de la autenticación SPA/NTLM en los archivos auths/spa.c y auths/auth-spa.c. It was discovered that exim4, a mail transport agent, suffers from a authentication bypass vulnerability in the spa authentication driver. The spa auth... • http://www.openwall.com/lists/oss-security/2021/05/04/7 • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 1CVE-2020-8015 – Local privilege escalation in exim package from user mail to root
https://notcve.org/view.php?id=CVE-2020-8015
02 Apr 2020 — A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. Una vulnerabilidad de seguimiento de enlace simbólico (Symlink) de UNIX en el empaquetado de exim en openSUSE Factory, permite a atacantes locales escalar desde un correo de usuario a root. Este problema afecta: exim de openSUSE Factory versiones anteriores a 4.93.0.4-3.1. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 73%CPEs: 6EXPL: 2CVE-2019-16928 – Exim Out-of-bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2019-16928
27 Sep 2019 — Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. Exim versiones 4.92 hasta 4.92.2, permite una ejecución de código remota, una vulnerabilidad diferente de CVE-2019-15846. Se presenta un desbordamiento del buffer basado en memoria dinámica (heap) en la función string_vformat en el archivo string.c que implica un comando EHLO largo. It was discovered that Exim... • http://www.openwall.com/lists/oss-security/2019/09/28/1 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 40%CPEs: 4EXPL: 1CVE-2019-15846 – Ubuntu Security Notice USN-4124-2
https://notcve.org/view.php?id=CVE-2019-15846
06 Sep 2019 — Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. Exim versiones anteriores a 4.92.2, permite a atacantes remotos ejecutar código arbitrario como root por medio de una barra invertida al final de una URL. USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Exim incorrectly handled certain decoding operations. • https://github.com/synacktiv/Exim-CVE-2019-15846 •
CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 0CVE-2019-13917 – Ubuntu Security Notice USN-4075-1
https://notcve.org/view.php?id=CVE-2019-13917
25 Jul 2019 — Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). Exim versiones 4.85 hasta 4.92 (corregido en 4.92.1) permite la ejecución de código remota como root en algunas configuraciones inusuales que usan la expansión ${sort} para elementos que pueden ser controlados por un atacante (por ejemplo, $local_part o $domain). Jeremy Harris discovered th... • http://exim.org/static/doc/security/CVE-2019-13917.txt • CWE-19: Data Processing Errors •