Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-ALE-008
Vulnerability from certfr_alerte - Published: 2021-05-05 - Updated: 2021-06-10
Le 5 mai 2021, Qualys a publié un bulletin de sécurité contenant 21
vulnérabilités affectant le serveur mail Exim. Quatre de ces
vulnérabilités permettent une élévation de privilège et trois une
exécution de code arbitraire. Ces vulnérabilités affectent toutes les
versions de Exim antérieures à 4.94 et permettent in fine à un attaquant non
authentifié de prendre le contrôle du serveur mail avec les privilèges du compte
root.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Exim versions ant\u00e9rieures \u00e0 4.94",
"product": {
"name": "N/A",
"vendor": {
"name": "Exim",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2021-06-10",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-27216",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27216"
},
{
"name": "CVE-2020-28013",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28013"
},
{
"name": "CVE-2020-28026",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28026"
},
{
"name": "CVE-2020-28009",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28009"
},
{
"name": "CVE-2020-28023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28023"
},
{
"name": "CVE-2020-28011",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28011"
},
{
"name": "CVE-2020-28022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28022"
},
{
"name": "CVE-2020-28008",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28008"
},
{
"name": "CVE-2020-28021",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28021"
},
{
"name": "CVE-2020-28024",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28024"
},
{
"name": "CVE-2020-28018",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28018"
},
{
"name": "CVE-2020-28010",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28010"
},
{
"name": "CVE-2020-28017",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28017"
},
{
"name": "CVE-2020-28012",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28012"
},
{
"name": "CVE-2020-28007",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28007"
},
{
"name": "CVE-2020-28020",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28020"
},
{
"name": "CVE-2020-28015",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28015"
},
{
"name": "CVE-2020-28016",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28016"
},
{
"name": "CVE-2020-28025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28025"
},
{
"name": "CVE-2020-28014",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28014"
},
{
"name": "CVE-2020-28019",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28019"
}
],
"initial_release_date": "2021-05-05T00:00:00",
"last_revision_date": "2021-06-10T00:00:00",
"links": [
{
"title": "BlogPost de Qualys concernant les vuln\u00e9rabilit\u00e9s",
"url": "https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server"
}
],
"reference": "CERTFR-2021-ALE-008",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-05-05T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
"revision_date": "2021-06-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "Le 5 mai 2021, Qualys a publi\u00e9 un bulletin de s\u00e9curit\u00e9 contenant 21\nvuln\u00e9rabilit\u00e9s affectant le serveur mail Exim. Quatre de ces\nvuln\u00e9rabilit\u00e9s permettent une \u00e9l\u00e9vation de privil\u00e8ge et trois une\nex\u00e9cution de code arbitraire. Ces vuln\u00e9rabilit\u00e9s affectent toutes les\nversions de Exim ant\u00e9rieures \u00e0 4.94 et permettent *in fine*\u003cspan\nclass=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\nclass=\"mx_EventTile_body markdown-body\" dir=\"auto\"\u003e \u00e0 un attaquant non\nauthentifi\u00e9 de prendre le contr\u00f4le du serveur mail \u003cspan\nclass=\"mx_EventTile_body\" dir=\"auto\"\u003eavec les privil\u00e8ges du compte\n*root*.\u003c/span\u003e \n\u003c/span\u003e\u003c/span\u003e\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Exim",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Exim du 5 mai 2021",
"url": null
}
]
}
CVE-2020-28017 (GCVE-0-2020-28017)
Vulnerability from cvelistv5 – Published: 2021-05-06 03:55 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T03:55:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28017",
"datePublished": "2021-05-06T03:55:44.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28018 (GCVE-0-2020-28018)
Vulnerability from cvelistv5 – Published: 2021-05-06 03:58 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/05/11/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/05/11/6 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/05/12/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/05/12/3 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt"
},
{
"name": "[oss-security] 20210511 [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/5"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/6"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/17"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/15"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/14"
},
{
"name": "[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/12/2"
},
{
"name": "[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/12/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-13T02:06:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt"
},
{
"name": "[oss-security] 20210511 [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/5"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/6"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/17"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/15"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/14"
},
{
"name": "[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/12/2"
},
{
"name": "[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/12/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt"
},
{
"name": "[oss-security] 20210511 [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/5"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/6"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/17"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/15"
},
{
"name": "[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/14"
},
{
"name": "[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/12/2"
},
{
"name": "[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/12/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28018",
"datePublished": "2021-05-06T03:58:59.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28019 (GCVE-0-2020-28019)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:03 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:03:48.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28019",
"datePublished": "2021-05-06T04:03:48.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28020 (GCVE-0-2020-28020)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:10 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/07/25/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2021/08/03/1 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:43.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt"
},
{
"name": "[oss-security] 20210725 CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/07/25/1"
},
{
"name": "[oss-security] 20210802 Re: CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/03/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-03T02:06:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt"
},
{
"name": "[oss-security] 20210725 CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/07/25/1"
},
{
"name": "[oss-security] 20210802 Re: CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/03/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt"
},
{
"name": "[oss-security] 20210725 CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/07/25/1"
},
{
"name": "[oss-security] 20210802 Re: CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/08/03/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28020",
"datePublished": "2021-05-06T04:10:36.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:43.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28021 (GCVE-0-2020-28021)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:16 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:16:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28021",
"datePublished": "2021-05-06T04:16:38.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28022 (GCVE-0-2020-28022)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:20 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:20:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28022",
"datePublished": "2021-05-06T04:20:58.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28023 (GCVE-0-2020-28023)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:24 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:24:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28023",
"datePublished": "2021-05-06T04:24:16.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28024 (GCVE-0-2020-28024)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:31 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:51:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28024",
"datePublished": "2021-05-06T04:31:25.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:44.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28025 (GCVE-0-2020-28025)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:36 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:43.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig-\u003ebodyhash.len and b-\u003ebh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:36:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig-\u003ebodyhash.len and b-\u003ebh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28025",
"datePublished": "2021-05-06T04:36:18.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:43.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28026 (GCVE-0-2020-28026)
Vulnerability from cvelistv5 – Published: 2021-05-06 04:41 – Updated: 2024-08-04 16:25
VLAI
EPSS
Summary
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exim.org/static/doc/security/CVE-2020… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:43.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-06T04:41:12.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt",
"refsource": "MISC",
"url": "https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28026",
"datePublished": "2021-05-06T04:41:12.000Z",
"dateReserved": "2020-10-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:25:43.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…