CVE-2020-28013
published 2021-05-06CVE-2020-28013: Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any…
PriorityP340high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.40%
31.5th percentile
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | exim4 | < exim4 4.94.2-1 (bookworm) | exim4 4.94.2-1 (bookworm) |
| exim | exim | >= 4.00 < 4.94.2 | 4.94.2 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_ubuntu9.8CRITICAL
vendor_debian7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2021-05-06·CVSS 9.8
CVE-2020-28011 [CRITICAL] Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
USN-4934-1 fixed several vulnerabilities in Exim. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
CVE-2020-28026 only affected Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2021-05-04
CVE-2020-28022 Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2020-28013: exim4 - Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F...
vendor_debian·2020·CVSS 7.8
CVE-2020-28013 [HIGH] CVE-2020-28013: exim4 - Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F...
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
Scope: local
bookworm: resolved (fixed in 4.94.2-1)
bullseye: resolved (fixed in 4.94.2-1)
forky: resolved (fixed in 4.94.2-1)
sid: resolved (fixed in 4.94.2-1)
trixie: resolved (fixed in 4.94.2-1)
GHSA
GHSA-vfqg-p6x8-w5f4: Exim 4 before 4
ghsa_unreviewed·2022-05-24
CVE-2020-28013 [HIGH] CWE-787 GHSA-vfqg-p6x8-w5f4: Exim 4 before 4
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
OSV
CVE-2020-28013: Exim 4 before 4
osv·2021-05-06·CVSS 7.8
CVE-2020-28013 [HIGH] CVE-2020-28013: Exim 4 before 4
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
No detection rules found.
No public exploits indexed.
2021-05-06
Published