CVE-2020-28022
published 2021-05-06CVE-2020-28022: Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within…
PriorityP351critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.96%
85.5th percentile
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | exim4 | < exim4 4.94.2-1 (bookworm) | exim4 4.94.2-1 (bookworm) |
| exim | exim | >= 4.00 < 4.94.2 | 4.94.2 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_ubuntu9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2021-05-06·CVSS 9.8
CVE-2020-28011 [CRITICAL] Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
USN-4934-1 fixed several vulnerabilities in Exim. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
CVE-2020-28026 only affected Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Exim vulnerabilities
vendor_ubuntu·2021-05-04
CVE-2020-28022 Exim vulnerabilities
Title: Exim vulnerabilities
Summary: Several security issues were fixed in Exim.
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2020-28022: exim4 - Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bou...
vendor_debian·2020·CVSS 9.8
CVE-2020-28022 [CRITICAL] CVE-2020-28022: exim4 - Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bou...
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
Scope: local
bookworm: resolved (fixed in 4.94.2-1)
bullseye: resolved (fixed in 4.94.2-1)
forky: resolved (fixed in 4.94.2-1)
sid: resolved (fixed in 4.94.2-1)
trixie: resolved (fixed in 4.94.2-1)
GHSA
GHSA-j453-4grx-f82g: Exim 4 before 4
ghsa_unreviewed·2022-05-24
CVE-2020-28022 [CRITICAL] CWE-119 GHSA-j453-4grx-f82g: Exim 4 before 4
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
OSV
CVE-2020-28022: Exim 4 before 4
osv·2021-05-06·CVSS 9.8
CVE-2020-28022 [CRITICAL] CVE-2020-28022: Exim 4 before 4
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
No detection rules found.
No public exploits indexed.
Qualys
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
blogs_qualys·2021-05-04
21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
## Table of Contents
About Exim
Exim Vulnerabilities
Proof of Concept
Vulnerability Summary
Technical Details
Qualys Coverage
Discover Vulnerable Exim Servers Using Qualys VMDR
Dashboard
Free 30-Day VMDR Service
Disclosure Timeline
Vendor References
Frequently Asked Questions (FAQs)
Update May 7, 2021 : Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. See the CISA announcement .
Original Post : The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. Qualys recommends security teams to apply patches for these vulnerabilities as soon as possible.
## About Exim
arXiv
A Survey on Data-driven Software Vulnerability Assessment and Prioritization
arxiv_fulltext·2022-04-04
A Survey on Data-driven Software Vulnerability Assessment and Prioritization
[A Survey on Data-driven Software Vulnerability Assessment and Prioritization]A Survey on Data-driven Software Vulnerability Assessment and Prioritization
Triet H. M. Le
[email protected]
Huaming Chen
[email protected]
CREST - The Centre for Research on Engineering Software Technologies, The University of Adelaide
Adelaide
Australia
M. Ali Babar
[email protected]
CREST - The Centre for Research on Engineering Software Technologies, The University of Adelaide
Adelaide
Australia
Cyber Security Cooperative Research Centre
Australia
## Abstract
Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners
2021-05-06
Published