CVE-2020-28014
published 2021-05-06CVE-2020-28014: Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because…
PriorityP426medium6.1CVSS 3.1
AVLACLPRLUINSUCNILAH
EPSS
0.95%
56.7th percentile
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | exim4 | < exim4 4.94.2-1 (bookworm) | exim4 4.94.2-1 (bookworm) |
| exim | exim | >= 4.00 < 4.94.2 | 4.94.2 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
nvdv2.05.6MEDIUMAV:L/AC:L/Au:N/C:N/I:P/A:C
osv6.1MEDIUM
vendor_ubuntu9.8CRITICAL
vendor_debian6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2021-05-06·CVSS 9.8
CVE-2020-28011 [CRITICAL] Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
USN-4934-1 fixed several vulnerabilities in Exim. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
CVE-2020-28026 only affected Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2021-05-04
CVE-2020-28022 Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2020-28014: exim4 - Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP optio...
vendor_debian·2020·CVSS 6.1
CVE-2020-28014 [MEDIUM] CVE-2020-28014: exim4 - Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP optio...
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
Scope: local
bookworm: resolved (fixed in 4.94.2-1)
bullseye: resolved (fixed in 4.94.2-1)
forky: resolved (fixed in 4.94.2-1)
sid: resolved (fixed in 4.94.2-1)
trixie: resolved (fixed in 4.94.2-1)
GHSA
GHSA-8rq7-g7j7-m3rf: Exim 4 before 4
ghsa_unreviewed·2022-05-24
CVE-2020-28014 [MEDIUM] GHSA-8rq7-g7j7-m3rf: Exim 4 before 4
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
OSV
CVE-2020-28014: Exim 4 before 4
osv·2021-05-06·CVSS 6.1
CVE-2020-28014 [MEDIUM] CVE-2020-28014: Exim 4 before 4
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
No detection rules found.
No public exploits indexed.
Qualys
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
blogs_qualys·2021-05-04
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
## Table of Contents
About Exim
Exim Vulnerabilities
Proof of Concept
Vulnerability Summary
Technical Details
Qualys Coverage
Discover Vulnerable Exim Servers Using Qualys VMDR
Dashboard
Free 30-Day VMDR Service
Disclosure Timeline
Vendor References
Frequently Asked Questions (FAQs)
Update May 7, 2021 : Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement .
Original Post : The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. Qualys recommends security teams to apply patches for these vulnerabilities as soon as possible.
## About Exim
Qualys
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server | Qualys
blogs_qualys·2021-05-04
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server | Qualys
#### Table of Contents
- About Exim
- Exim Vulnerabilities
- Proof of Concept
- Vulnerability Summary
- Technical Details
- Qualys Coverage
- Discover Vulnerable Exim Servers Using Qualys VMDR
- Dashboard
- Free 30-Day VMDR Service
- Disclosure Timeline
- Vendor References
- Frequently Asked Questions (FAQs)
Update May 7, 2021: Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement.
Original Post: The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. Qualys recommends security teams to apply patches for these vulnerabilities as soon as possible.
#
2021-05-06
Published