CVE-2019-10149

Description from NVD

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Information Acquisition Date:2022-01-15T11:36Z

CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://www.exim.org/static/doc/security/CVE-2019-10149.txt
source:CONFIRM
tags:Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149
source:CONFIRM
tags:Issue Tracking Third Party Advisory

USN-4010-1
source:UBUNTU
tags:Third Party Advisory

[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
source:MLIST
tags:Mailing List Patch Third Party Advisory

[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
source:MLIST
tags:Mailing List Third Party Advisory

[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
source:MLIST
tags:Exploit Mailing List

DSA-4456
source:DEBIAN
tags:Third Party Advisory

20190605 [SECURITY] [DSA 4456-1] exim4 security update
source:BUGTRAQ
tags:Mailing List Third Party Advisory

GLSA-201906-01
source:GENTOO
tags:Third Party Advisory

[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
source:MLIST
tags:Exploit Mailing List Third Party Advisory

108679
source:BID
tags:Broken Link

openSUSE-SU-2019:1524
source:SUSE
tags:Mailing List Third Party Advisory

http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html
source:MISC
tags:Exploit Third Party Advisory VDB Entry

20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)
source:FULLDISC
tags:Mailing List Third Party Advisory

http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html
source:MISC
tags:Exploit Third Party Advisory VDB Entry

[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2
source:MLIST
tags:Mailing List Third Party Advisory

[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2
source:MLIST
tags:Mailing List Third Party Advisory

http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html
source:MISC
tags:Exploit Third Party Advisory VDB Entry

[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim
source:MLIST
tags:Mailing List

Description from Forti

exim4 vulnerability

This indicates an attack attempt to exploit a Command Injection Vulnerability in Exim Project Exim.A remote attacker can exploit this vulnerability by sending a message with a crafted recipient or sender. Successful exploitation results in the execution of arbitrary commands as the root user.

Information Acquisition Date:2020/05/30

Affected Products

Exim Project Exim 4.87 to 4.91

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://exim.org/static/doc/security/CVE-2019-10149.txt

References

None

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Linux(3 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
https://twitter.com/Andrew___Morris/status/1266067003640512514	7
https://www.cbronline.com/	6
https://www.nsa.gov/News-Features/News-Stories/Article-View...	4
https://www.helpnetsecurity.com/2020/05/29/sandworm-cve-201...	4
https://media.defense.gov/2020/May/28/2002306626/-1/-1/0/CS...	3

Information from Twitter

User	URL	Info Source	Date
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1625344217827487744	2023/02/14
WolfgangSesin	https://www.sesin.at/2023/02/14/prevent-the-impact-of-a-lin...	Source WolfgangSesin 1625344217827487744	2023/02/14
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1625344219828174850	2023/02/14
www_sesin_at	https://www.sesin.at/2023/02/14/prevent-the-impact-of-a-lin...	Source www_sesin_at 1625344219828174850	2023/02/14
SasStu	https://bit.ly/3TjbvmA	Source SasStu 1635290758046687232	2023/03/13

List of frequently cited URLs

URL	Num of Times Referred to
twitter.com	7
www.cbronline.com	6
www.nsa.gov	4
www.helpnetsecurity.com	4
media.defense.gov	3

Information from Twitter

User	URL	Info Source
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
SasStu	bit.ly	Show Tweet

GitHub Search Results: Up to 10

Name	URL
No Data

GitHub Search Results: Up to 10

Name	URL
No Data

2023/03/13 Score : 0
Added Har-sia Database : 2020/02/22
Last Modified : 2023/03/13
Highest Scored Date : 2020/05/29
Highest Score : 42