Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exim
(Exim)Repositories | https://github.com/Exim/exim |
#Vulnerabilities | 49 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-05-06 | CVE-2021-27216 | Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options. | Exim | 6.3 | ||
2021-05-06 | CVE-2020-28007 | Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem. | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28008 | Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution. | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28009 | Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days). | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28011 | Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root. | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28013 | Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy. | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28015 | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character. | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28016 | Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase. | Exim | 7.8 | ||
2021-05-06 | CVE-2020-28019 | Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA. | Exim | 7.5 | ||
2021-05-06 | CVE-2020-28021 | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command. | Exim | 8.8 |