CVE-2011-1407
published 2011-05-16CVE-2011-1407: The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
3.80%
88.7th percentile
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | exim4 | < exim4 4.76-1 (bookworm) | exim4 4.76-1 (bookworm) |
| exim | exim | — | — |
| exim | exim | — | — |
| exim | exim | — | — |
| exim | exim | — | — |
| exim | exim | — | — |
| exim | exim | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pq5j-h89p-xfxj: The DKIM implementation in Exim 4
ghsa_unreviewed·2022-05-17
CVE-2011-1407 [HIGH] CWE-20 GHSA-pq5j-h89p-xfxj: The DKIM implementation in Exim 4
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
OSV
CVE-2011-1407: The DKIM implementation in Exim 4
osv·2011-05-16·CVSS 7.5
CVE-2011-1407 [HIGH] CVE-2011-1407: The DKIM implementation in Exim 4
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
Ubuntu
Exim vulnerability
vendor_ubuntu·2011-05-25
CVE-2011-1407 Exim vulnerability
Title: Exim vulnerability
Summary: An attacker could send crafted input to Exim and cause it to run programs
as the Exim user.
It was discovered that the Exim daemon did not correctly handle certain
DKIM identities. A remote attacker could send specially crafted email to
run arbitrary code as the Exim user.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
exim: arbitrary code execution via improper DKIM signature matching
vendor_redhat·2011-05-09·CVSS 7.5
CVE-2011-1407 [HIGH] exim: arbitrary code execution via improper DKIM signature matching
exim: arbitrary code execution via improper DKIM signature matching
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
Statement: Not vulnerable. This issue did not affect the versions of exim as shipped with Red Hat Enterprise Linux 4 or 5 as they did not include support for DKIM.
Package: exim (Red Hat Enterprise Linux 4) - Not affected
Package: exim (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2011-1407: exim4 - The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM ident...
vendor_debian·2011·CVSS 7.5
CVE-2011-1407 [HIGH] CVE-2011-1407: exim4 - The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM ident...
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
Scope: local
bookworm: resolved (fixed in 4.76-1)
bullseye: resolved (fixed in 4.76-1)
forky: resolved (fixed in 4.76-1)
sid: resolved (fixed in 4.76-1)
trixie: resolved (fixed in 4.76-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-1407 CVE-2011-1764 exim various flaws [epel-6]
bugzilla·2011-05-17·CVSS 7.5
CVE-2011-1407 [HIGH] CVE-2011-1407 CVE-2011-1764 exim various flaws [epel-6]
CVE-2011-1407 CVE-2011-1764 exim various flaws [epel-6]
epel-6 tracking bug for exim: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Adding parent bug CVE-2011-1764
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=705446,702474
---
Hi, Mark.
It seems like there was some mis-naming of CVEs when you included exim-4.72-0003-CVE-2011-1407.patch in:
* Wed May 18 2011 Mark Chappell 4.72-2
See https://bugzilla.redhat.com/show_bug.cgi?id=702474#c5
It looks like, based on Ubuntu's CVE page, that the actual fix for CVE-2011-1407 is here:
http://git.exim.org/exim.git/blobdiff/337
Bugzilla
CVE-2011-1407 exim: arbitrary code execution via improper DKIM signature matching
bugzilla·2011-05-17·CVSS 7.5
CVE-2011-1407 [HIGH] CVE-2011-1407 exim: arbitrary code execution via improper DKIM signature matching
CVE-2011-1407 exim: arbitrary code execution via improper DKIM signature matching
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1407 to
the following vulnerability:
Name: CVE-2011-1407
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407
Assigned: 20110310
Reference: https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html
Reference: https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html
Reference: http://www.securityfocus.com/bid/47836
The DKIM implementation in Exim 4.7x before 4.76 permits matching for
DKIM identities to apply to lookup items, instead of only strings,
which allows remote attackers to execute arbitrary code or access a
filesystem via a crafted identity.
Statement:
Not vulnerable. This issue did not af
Bugzilla
CVE-2011-1764 exim: improper format string handling in DKIM signatures
bugzilla·2011-05-05·CVSS 7.5
CVE-2011-1764 [HIGH] CVE-2011-1764 exim: improper format string handling in DKIM signatures
CVE-2011-1764 exim: improper format string handling in DKIM signatures
It was reported [1],[2] that Exim would improperly interpret '%' in a DKIM (DomainKeys Identified Mail) signature, which would get logged to the paniclog. It is possible that using '%n' in the DKIM signature could be used to verwrite stack data, which could cause Exim to crash.
DKIM support has been in Exim since version 4.70.
A fix has been pushed upstream [3].
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670
[2] http://bugs.exim.org/show_bug.cgi?id=1106
[3] http://git.exim.org/exim.git/commitdiff/337e3505b0e6cd4309db6bf6062b33fa56e06cf8
Statement:
Not vulnerable. This issue did not affect the versions of exim as shipped with Red Hat Enterprise Linux 4 or 5 as they did not include support for DKIM.
Bugzilla
CVE-2011-1407 exim various flaws [fedora-all]
bugzilla·2011-05-05·CVSS 7.5
CVE-2011-1407 [HIGH] CVE-2011-1407 exim various flaws [fedora-all]
CVE-2011-1407 exim various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=702474
Please note: this issue affects multiple supported versions of Fedora
http://www.debian.org/security/2011/dsa-2236http://www.securityfocus.com/bid/47836http://www.ubuntu.com/usn/USN-1135-1https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.htmlhttps://lists.exim.org/lurker/message/20110512.102909.8136175a.en.htmlhttp://www.debian.org/security/2011/dsa-2236http://www.securityfocus.com/bid/47836http://www.ubuntu.com/usn/USN-1135-1https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.htmlhttps://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html
2011-05-16
Published