Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2020-28017

Published: 06/05/2021 Updated: 04/10/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Exim

Vulnerability Summary

Exim 4 prior to 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

exim exim

Vendor Advisories

Debian Security Advisories: DSA-4912-1 exim4 -- security update
The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution Details can be found in the Qualys advisory at wwwqualyscom/2021/05/04/21nails/21nailstxt For the stable distribution (buster), these problems have been fixed in version 4 ...
Amazon Linux AMI: ALAS-2021-1497
Prior versions of Exim 4 have Improper Neutralization of Line Delimiters Local users can alter the behavior of root processes because a recipient address can have a newline character (<a href="nvdnistgov/vuln/detail/CVE%2D2020-28015">CVE-2020-28015</a>) Prior versions of Exim 4 allowed Integer Overflow to Buffer Overflow in ...
Arch Linux Issues:
An integer overflow in receive_add_recipient() has been found in Exim before version 4942 ...

Github Repositories

https://github.com/edsonjt81/Script_Nmap

NMAP vulnerability scanning scripts A collection of nmap vulnerability scanning scripts to aid afforable detection and remediation Background These scripts use the Nmap Scripting Engine (NSE) to implement checks for various vulnerabilities References: nmaporg/book/man-nsehtml nmaporg/nsedoc/indexhtml Scripts Exim mailserver CVE-2020-28017 through CVE-20

https://github.com/nccgroup/nmap-nse-vulnerability-scripts

NMAP Vulnerability Scanning Scripts

NMAP vulnerability scanning scripts A collection of nmap vulnerability scanning scripts to aid afforable detection and remediation Background These scripts use the Nmap Scripting Engine (NSE) to implement checks for various vulnerabilities References: nmaporg/book/man-nsehtml nmaporg/nsedoc/indexhtml Scripts Exim mailserver CVE-2020-28017 through CVE-20

References

CWE-190https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txthttps://www.debian.org/security/2021/dsa-4912https://nvd.nist.govhttps://github.com/nccgroup/nmap-nse-vulnerability-scripts
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook