CVE-2019-10149

Description from NVD

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Information Acquisition Date:2022-01-15T11:36Z
CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://www.exim.org/static/doc/security/CVE-2019-10149.txt
     source:CONFIRM
     tags:Vendor Advisory    
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149
     source:CONFIRM
     tags:Issue Tracking    Third Party Advisory    
 USN-4010-1
     source:UBUNTU
     tags:Third Party Advisory    
 [oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
     source:MLIST
     tags:Mailing List    Patch    Third Party Advisory    
 [oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
     source:MLIST
     tags:Exploit    Mailing List    
 DSA-4456
     source:DEBIAN
     tags:Third Party Advisory    
 20190605 [SECURITY] [DSA 4456-1] exim4 security update
     source:BUGTRAQ
     tags:Mailing List    Third Party Advisory    
 GLSA-201906-01
     source:GENTOO
     tags:Third Party Advisory    
 [oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
     source:MLIST
     tags:Exploit    Mailing List    Third Party Advisory    
 108679
     source:BID
     tags:Broken Link    
 openSUSE-SU-2019:1524
     source:SUSE
     tags:Mailing List    Third Party Advisory    
 http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)
     source:FULLDISC
     tags:Mailing List    Third Party Advisory    
 http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 [oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 [oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim
     source:MLIST
     tags:Mailing List    

Description from Forti

exim4 vulnerability

This indicates an attack attempt to exploit a Command Injection Vulnerability in Exim Project Exim.A remote attacker can exploit this vulnerability by sending a message with a crafted recipient or sender. Successful exploitation results in the execution of arbitrary commands as the root user.

Information Acquisition Date:2020/05/30

Affected Products

Exim Project Exim 4.87 to 4.91

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://exim.org/static/doc/security/CVE-2019-10149.txt

References

None

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Linux(3 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://twitter.com/Andrew___Morris/status/12660670036405125147
https://www.cbronline.com/6
https://www.nsa.gov/News-Features/News-Stories/Article-View...4
https://www.helpnetsecurity.com/2020/05/29/sandworm-cve-201...4
https://media.defense.gov/2020/May/28/2002306626/-1/-1/0/CS...3

Information from Twitter

User URL Info Source Date
WolfgangSesin http://www.sesin.at Source WolfgangSesin    1625344217827487744 2023/02/14
WolfgangSesin https://www.sesin.at/2023/02/14/prevent-the-impact-of-a-lin... Source WolfgangSesin    1625344217827487744 2023/02/14
www_sesin_at http://www.sesin.at Source www_sesin_at     1625344219828174850 2023/02/14
www_sesin_at https://www.sesin.at/2023/02/14/prevent-the-impact-of-a-lin... Source www_sesin_at     1625344219828174850 2023/02/14
SasStu https://bit.ly/3TjbvmA Source SasStu           1635290758046687232 2023/03/13

List of frequently cited URLs

URLNum of Times Referred to
twitter.com7
www.cbronline.com6
www.nsa.gov4
www.helpnetsecurity.com4
media.defense.gov3

Information from Twitter

User URL Info Source
WolfgangSesin sesin.at Show Tweet
WolfgangSesin sesin.at Show Tweet
www_sesin_at sesin.at Show Tweet
www_sesin_at sesin.at Show Tweet
SasStu bit.ly Show Tweet

GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2023/03/13 Score : 0
Added Har-sia Database : 2020/02/22
Last Modified : 2023/03/13
Highest Scored Date : 2020/05/29
Highest Score : 42