Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: [CVE-2020-28018] Use-After-Free on Exim Question

Related Vulnerabilities: CVE-2020-28018  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: [CVE-2020-28018] Use-After-Free on Exim Question

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Qualys Security Advisory &lt;qsa () qualys com&gt;

Date: Tue, 11 May 2021 22:22:19 +0000

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Hi,

On Tue, May 11, 2021 at 11:18:12PM +0200, null p0int3r wrote:
In the advisory it is mentioned the use of the name=value pair, but reading
the code I see just string based functions used for allocations.

One of the name=value parameters for MAIL FROM is special, because it
can allocate arbitrary (binary) characters (hint: we also used it to
exploit another vulnerability in the advisory)!

With best regards,

--
the Qualys Security Advisory team

[https://d1dejaj6dcqv24.cloudfront.net/asset/image/email-banner-384-2x.png]&lt;https://www.qualys.com/email-banner&gt;

This message may contain confidential and privileged information. If it has been sent to you in error, please reply to 
advise the sender of the error and then immediately delete it. If you are not the intended recipient, do not read, 
copy, disclose or otherwise use this message. The sender disclaims any liability for such unauthorized use. NOTE that 
all incoming emails sent to Qualys email accounts will be archived and may be scanned by us and/or by external service 
providers to detect and prevent threats to our systems, investigate illegal or inappropriate behavior, and/or eliminate 
unsolicited promotional emails (“spam”). If you have any concerns about this process, please contact us.

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

[CVE-2020-28018] Use-After-Free on Exim Question null p0int3r (May 11)

Re: [CVE-2020-28018] Use-After-Free on Exim Question Solar Designer (May 11)

Re: [CVE-2020-28018] Use-After-Free on Exim Question Qualys Security Advisory (May 11)

Re: [CVE-2020-28018] Use-After-Free on Exim Question null p0int3r (May 11)

Re: [CVE-2020-28018] Use-After-Free on Exim Question Qualys Security Advisory (May 11)
Re: [CVE-2020-28018] Use-After-Free on Exim Question harris.johnson.x (May 12)
Re: [CVE-2020-28018] Use-After-Free on Exim Question Qualys Security Advisory (May 12)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started