9.8

CVE-2010-4344

Warnung
Medienbericht
Exploit
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EximExim Version < 4.70
OpensuseOpensuse Version11.1
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04 SwEdition-
CanonicalUbuntu Linux Version9.10

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Exim Heap-Based Buffer Overflow Vulnerability

Schwachstelle

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 71.9% 0.994
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://secunia.com/advisories/40019
Vendor Advisory
Broken Link
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70
Broken Link
http://atmail.com/blog/2010/atmail-6204-now-available/
Broken Link
http://bugs.exim.org/show_bug.cgi?id=787
Patch
Issue Tracking
http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b
Patch
Mailing List
http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html
Patch
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/10/1
Third Party Advisory
Mailing List
http://secunia.com/advisories/42576
Vendor Advisory
Broken Link
http://secunia.com/advisories/42586
Vendor Advisory
Broken Link
http://secunia.com/advisories/42587
Vendor Advisory
Broken Link
http://secunia.com/advisories/42589
Vendor Advisory
Broken Link
http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html
Broken Link
http://www.debian.org/security/2010/dsa-2131
Third Party Advisory
Mailing List
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
Exploit
Mailing List
http://www.kb.cert.org/vuls/id/682457
Third Party Advisory
US Government Resource
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/05/04/7
Exploit
Mailing List
http://www.osvdb.org/69685
Patch
Exploit
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0970.html
Broken Link
http://www.securityfocus.com/archive/1/515172/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/45308
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1024858
Third Party Advisory
Broken Link
VDB Entry
http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/
Press/Media Coverage
http://www.ubuntu.com/usn/USN-1032-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3171
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3172
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3181
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3186
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3204
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3246
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3317
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=661756
Exploit
Issue Tracking
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4344
US Government Resource