Lucene search

K
canvasImmunity CanvasEXIM_EXPANSION_RCE
HistoryJun 05, 2019 - 2:29 p.m.

Immunity Canvas: EXIM_EXPANSION_RCE

2019-06-0514:29:00
Immunity Canvas
exploitlist.immunityinc.com
393

EPSS

0.974

Percentile

99.9%

Name exim_expansion_rce
CVE CVE-2019-10149 Exploit Pack
VENDOR: Exim
NOTES: A vulnerability exists in Exim since version 4.85 that allows for the execution
of remote commands as the root user on a system. Current version of the exploit
installs wget if not present and then downloads a CANVAS mosdef callback from
the CANVAS host (must be reachable via HTTP). Webserver will bind on port 80
if CANVAS is run as root

VersionsAffected: Exim 4.85+
Repeatability: Infinite
References: https://www.qualys.com/2019/06/05/cve-2019-10149/return-wizard-rce-exim.txt
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149
Date public: 05/06/2019
CVSS: N/A