Shodan
Vulnerabilities
Vulnerable Software
Exim:  >> Exim  >> 4.12  Security Vulnerabilities
CVE-2020-28011
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28012
Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28013
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28014
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
CVSS Score
6.1
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28015
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28016
Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28017
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
CVSS Score
9.8
EPSS Score
0.048
Published
2021-05-06
CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.
CVSS Score
9.8
EPSS Score
0.041
Published
2021-05-06
CVE-2020-28021
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
CVSS Score
8.8
EPSS Score
0.021
Published
2021-05-06
CVE-2020-28022
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-05-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved