A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
This indicates an attack attempt to exploit a Command Injection Vulnerability in Exim Project Exim.A remote attacker can exploit this vulnerability by sending a message with a crafted recipient or sender. Successful exploitation results in the execution of arbitrary commands as the root user.
Exim Project Exim 4.87 to 4.91
System Compromise: Remote attackers can gain control of vulnerable systems.
Apply the most recent upgrade or patch from the vendor.
https://exim.org/static/doc/security/CVE-2019-10149.txt
CVE Infomation | Exploits or more Infomation |
---|---|
mitre | EXPLOIT DATABASE |
NVD | 0day.today |
vulmon.com | github |
CVE Details | |
JVN ENG JPN | |
Reconshell |
Software Tag: Linux(3 tweets)
List of frequently cited URLs
User | URL | Info Source | Date |
---|---|---|---|
WolfgangSesin | http://www.sesin.at | Source WolfgangSesin 1625344217827487744 | 2023/02/14 |
WolfgangSesin | https://www.sesin.at/2023/02/14/prevent-the-impact-of-a-lin... | Source WolfgangSesin 1625344217827487744 | 2023/02/14 |
www_sesin_at | http://www.sesin.at | Source www_sesin_at 1625344219828174850 | 2023/02/14 |
www_sesin_at | https://www.sesin.at/2023/02/14/prevent-the-impact-of-a-lin... | Source www_sesin_at 1625344219828174850 | 2023/02/14 |
SasStu | https://bit.ly/3TjbvmA | Source SasStu 1635290758046687232 | 2023/03/13 |
List of frequently cited URLs
URL | Num of Times Referred to |
---|---|
twitter.com | 7 |
www.cbronline.com | 6 |
www.nsa.gov | 4 |
www.helpnetsecurity.com | 4 |
media.defense.gov | 3 |
User | URL | Info Source |
---|---|---|
WolfgangSesin | sesin.at | Show Tweet |
WolfgangSesin | sesin.at | Show Tweet |
www_sesin_at | sesin.at | Show Tweet |
www_sesin_at | sesin.at | Show Tweet |
SasStu | bit.ly | Show Tweet |
Name | URL |
---|---|
No Data |
Name | URL |
---|---|
No Data |