CVSS: 9.8EPSS: 67%CPEs: 6EXPL: 2CVE-2019-16928 – Exim Out-of-bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2019-16928
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. Exim versiones 4.92 hasta 4.92.2, permite una ejecución de código remota, una vulnerabilidad diferente de CVE-2019-15846. Se presenta un desbordamiento del buffer basado en memoria dinámica (heap) en la función string_vformat en el archivo string.c que implica un comando EHLO largo. Exim contains an out-of-bounds write vulnerability which can allow for remote code execution. • http://www.openwall.com/lists/oss-security/2019/09/28/1 http://www.openwall.com/lists/oss-security/2019/09/28/2 http://www.openwall.com/lists/oss-security/2019/09/28/3 http://www.openwall.com/lists/oss-security/2019/09/28/4 https://bugs.exim.org/show_bug.cgi?id=2449 https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html https://lists.fedoraproject.org/archives/list/package- • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 25%CPEs: 4EXPL: 1CVE-2019-15846
https://notcve.org/view.php?id=CVE-2019-15846
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. Exim versiones anteriores a 4.92.2, permite a atacantes remotos ejecutar código arbitrario como root por medio de una barra invertida al final de una URL. • https://github.com/synacktiv/Exim-CVE-2019-15846 http://exim.org/static/doc/security/CVE-2019-15846.txt http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html http://www.openwall.com/lists/oss-security/2019/09/06/2 http://www.openwall.com/lists/oss-security/2019/09/06/4 http://www.openwall.com/lists/oss-security/2019/09/06/5 http://www.openwall.com/lists/oss-security/2019/09/06/6 http://www.openwall.com/lists/oss-security/2019/09/ •
CVSS: 10.0EPSS: 7%CPEs: 3EXPL: 0CVE-2019-13917
https://notcve.org/view.php?id=CVE-2019-13917
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). Exim versiones 4.85 hasta 4.92 (corregido en 4.92.1) permite la ejecución de código remota como root en algunas configuraciones inusuales que usan la expansión ${sort} para elementos que pueden ser controlados por un atacante (por ejemplo, $local_part o $domain). • http://exim.org/static/doc/security/CVE-2019-13917.txt http://www.openwall.com/lists/oss-security/2019/07/26/5 https://seclists.org/bugtraq/2019/Jul/51 https://security.gentoo.org/glsa/201909-06 https://www.debian.org/security/2019/dsa-4488 • CWE-19: Data Processing Errors •
CVSS: 10.0EPSS: 97%CPEs: 4EXPL: 17CVE-2019-10149 – Exim Mail Transfer Agent (MTA) Improper Input Validation
https://notcve.org/view.php?id=CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. Se descubrió un defecto Exim versiones 4.87 a la 4.91 (incluida). Una validación incorrecta de la dirección del recipiente en la función deliver_message() en /src/deliver.c puede llevar a ejecutar comandos remotos Exim versions 4.87 through 4.91 suffer from a local privilege escalation vulnerability. Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. • https://www.exploit-db.com/exploits/46996 https://www.exploit-db.com/exploits/47307 https://www.exploit-db.com/exploits/46974 https://github.com/cowbe0x004/eximrce-CVE-2019-10149 https://github.com/Diefunction/CVE-2019-10149 https://github.com/AzizMea/CVE-2019-10149-privilege-escalation https://github.com/darsigovrustam/CVE-2019-10149 https://github.com/aishee/CVE-2019-10149-quick https://github.com/hyim0810/CVE-2019-10149 https://github.com/Stick-U235/CVE-2019-10149-Exploit& • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 95%CPEs: 7EXPL: 4CVE-2018-6789 – Exim Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2018-6789
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. Se ha descubierto un problema en la función base64d en el escuchador SMTP en Exim, en versiones anteriores a la 4.90.1. Al enviar un mensaje manipulado, podría ocurrir un desbordamiento de búfer. • https://www.exploit-db.com/exploits/45671 https://www.exploit-db.com/exploits/44571 https://github.com/synacktiv/Exim-CVE-2018-6789 https://github.com/beraphin/CVE-2018-6789 http://openwall.com/lists/oss-security/2018/02/10/2 http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html http://www.openwall.com/lists/oss-security/2018/02/07/2 http://www.securityfocus.com/bid/103049 http://www.securitytracker.com/id/1040461 https://devco.re/blog/201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •