CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
28.8%
Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This
vulnerability allows network-adjacent attackers to disclose sensitive
information on affected installations of Exim. Authentication is not
required to exploit this vulnerability. The specific flaw exists within the
smtp service, which listens on TCP port 25 by default. The issue results
from the lack of proper validation of user-supplied data, which can result
in a read past the end of an allocated buffer. An attacker can leverage
this in conjunction with other vulnerabilities to execute arbitrary code in
the context of the service account. Was ZDI-CAN-17643.
Author | Note |
---|---|
allenpthuang | fixes published, see ZDI’s note. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | exim4 | < 4.90.1-1ubuntu1.10+esm2 | UNKNOWN |
ubuntu | 20.04 | noarch | exim4 | < 4.93-13ubuntu1.9 | UNKNOWN |
ubuntu | 22.04 | noarch | exim4 | < 4.95-4ubuntu2.4 | UNKNOWN |
ubuntu | 23.04 | noarch | exim4 | < 4.96-14ubuntu1.3 | UNKNOWN |
ubuntu | 23.10 | noarch | exim4 | < 4.96-17ubuntu2.1 | UNKNOWN |
ubuntu | 14.04 | noarch | exim4 | < 4.82-3ubuntu2.4+esm7 | UNKNOWN |
ubuntu | 16.04 | noarch | exim4 | < 4.86.2-2ubuntu2.6+esm5 | UNKNOWN |
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
28.8%