Shodan
Vulnerabilities
Vulnerable Software
Exim:  >> Exim  >> 3.10  Security Vulnerabilities
CVE-2023-51766
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
CVSS Score
5.3
EPSS Score
0.032
Published
2023-12-24
CVE-2022-37452
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVSS Score
9.8
EPSS Score
0.015
Published
2022-08-07
CVE-2022-37451
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
CVSS Score
7.5
EPSS Score
0.036
Published
2022-08-06
CVE-2021-38371
The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
CVSS Score
7.5
EPSS Score
0.019
Published
2021-08-10
CVE-2021-27216
Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.
CVSS Score
6.3
EPSS Score
0.001
Published
2021-05-06
CVE-2020-28017
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
CVSS Score
9.8
EPSS Score
0.047
Published
2021-05-06
CVE-2020-12783
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
CVSS Score
7.5
EPSS Score
0.046
Published
2020-05-11
CVE-2020-8015
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
CVSS Score
8.4
EPSS Score
0.0
Published
2020-04-02
CVE-2019-15846
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
CVSS Score
9.8
EPSS Score
0.631
Published
2019-09-06
CVE-2018-6789
Known exploited
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
CVSS Score
9.8
EPSS Score
0.721
Published
2018-02-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved