182.48.56.71
{
"scan_id": 1764431206,
"ip": "182.48.56.71",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.48.0.0/18",
"postal_code": "",
"coordinates": {
"latitude": "35.69",
"longitude": "139.69"
},
"geo_point": "35.69, 139.69",
"locale_code": "en",
"continent": "Asia",
"country_code": "JP",
"country_name": "Japan",
"city": ""
},
"location_updated_at": "2025-11-30T00:43:55Z",
"asn": {
"number": "AS9371",
"organization": "SAKURA Internet Inc.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.48.56.0/24",
"organization": "SAKURA Internet Inc.",
"descr": "SAKURA Internet Inc.",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-10T12:44:28Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-11-30T00:43:55Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-11-30T05:16:28Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-11-30T00:43:55Z"
}
],
"hostnames": [
{
"name": "sakura01.malmodeler.com",
"last_updated_at": "2025-11-30T14:31:15.726265135Z"
}
],
"services": [
{
"port": 25,
"protocol": "tcp",
"name": "smtp",
"version": "4.92",
"product": "Exim smtpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:exim:exim:4.92",
"part": "a",
"vendor": "exim",
"product": "exim",
"version": "4\\.92",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"smtp": {
"banner": "220 sakura01.malmodeler.com ESMTP Exim 4.92 Sun, 30 Nov 2025 20:01:47 +0900\r\n"
}
},
"cve": [
{
"id": "CVE-2019-13917",
"score": 9.8,
"severity": "critical"
},
{
"id": "CVE-2019-15846",
"score": 9.8,
"severity": "critical"
},
{
"id": "CVE-2019-16928",
"score": 9.8,
"severity": "critical"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-30T11:10:43.768Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "1.14.2",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:1.14.2",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "1\\.14\\.2",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html>\n<head>\n<title>Welcome to nginx!</title>\n<style>\n body {\n width: 35em;\n margin: 0 auto;\n font-family: Tahoma, Verdana, Arial, sans-serif;\n }\n</style>\n</head>\n<body>\n<h1>Welcome to nginx!</h1>\n<p>If you see this page, the nginx web server is successfully installed and\nworking. Further configuration is required.</p>\n\n<p>For online documentation and support please refer to\n<a href=\"http://nginx.org/\">nginx.org</a>.<br/>\nCommercial support is available at\n<a href=\"http://nginx.com/\">nginx.com</a>.</p>\n\n<p><em>Thank you for using nginx.</em></p>\n</body>\n</html>\n",
"body_murmur": 1651973090,
"body_sha256": "38ffd4972ae513a0c79a8be4573403edcd709f0f572105362b08ff50cf6de521",
"component": [
"Nginx:1.14.2"
],
"content_length": -1,
"headers": {
"connection": [
"keep-alive"
],
"content_type": [
"text/html"
],
"date": [
"Wed, 26 Nov 2025 10:59:59 GMT"
],
"etag": [
"W/\"627aa9c4-264\""
],
"last_modified": [
"Tue, 10 May 2022 18:07:00 GMT"
],
"server": [
"nginx/1.14.2"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.48.56.71",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "Welcome to nginx!",
"transfer_encoding": [
"chunked"
]
}
},
"url": "http://182.48.56.71/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-26T11:08:53.634Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "1.14.2",
"product": "nginx",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:1.14.2",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "1\\.14\\.2",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html>\n<head>\n<title>Welcome to nginx!</title>\n<style>\n body {\n width: 35em;\n margin: 0 auto;\n font-family: Tahoma, Verdana, Arial, sans-serif;\n }\n</style>\n</head>\n<body>\n<h1>Welcome to nginx!</h1>\n<p>If you see this page, the nginx web server is successfully installed and\nworking. Further configuration is required.</p>\n\n<p>For online documentation and support please refer to\n<a href=\"http://nginx.org/\">nginx.org</a>.<br/>\nCommercial support is available at\n<a href=\"http://nginx.com/\">nginx.com</a>.</p>\n\n<p><em>Thank you for using nginx.</em></p>\n</body>\n</html>\n",
"body_murmur": 1651973090,
"body_sha256": "38ffd4972ae513a0c79a8be4573403edcd709f0f572105362b08ff50cf6de521",
"component": [
"Nginx:1.14.2"
],
"content_length": -1,
"headers": {
"connection": [
"keep-alive"
],
"content_type": [
"text/html"
],
"date": [
"Sun, 30 Nov 2025 11:16:11 GMT"
],
"etag": [
"W/\"5c0694a8-264\""
],
"last_modified": [
"Tue, 04 Dec 2018 14:52:24 GMT"
],
"server": [
"nginx/1.14.2"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.48.56.71",
"path": "",
"scheme": "https"
}
},
"status_code": 200,
"title": "Welcome to nginx!",
"transfer_encoding": [
"chunked"
]
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://r11.i.lencr.org/"
],
"ocsp_urls": [
"http://r11.o.lencr.org"
]
},
"authority_key_id": "c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:\n 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08\n Timestamp : Oct 30 00:10:20.875 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:20:71:1C:2C:DB:6D:0F:FC:ED:2A:35:E6:23:\n 03:47:59:57:3F:0C:9E:7B:49:00:81:98:5B:3A:D9:26:\n 71:8D:CD:57:02:21:00:FE:5D:51:1C:7C:DC:F5:C7:CB:\n 07:50:B8:74:C7:F0:FA:F6:96:A0:C4:68:4C:4C:3C:BF:\n 73:DA:D5:41:3C:06:2C\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:\n 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22\n Timestamp : Oct 30 00:10:23.008 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:20:4A:25:2A:0E:36:0C:A1:44:3D:24:C6:B8:\n 35:2B:0E:5F:0E:88:8E:73:0E:47:72:E2:3B:04:8F:FE:\n 8D:53:73:FF:02:21:00:80:E6:2A:52:6F:61:C4:DA:04:\n 44:39:4A:7A:41:C9:A2:90:0B:9F:A1:BF:8E:59:04:40:\n 85:2B:65:E0:D3:14:36",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"www.misocream.org"
]
},
"subject_key_id": "cf7e47786990d1be365f381c399fb56d99283647"
},
"fingerprint_md5": "48B91FFDED8FFC7DAD50008B0BEFC44A",
"fingerprint_sha1": "365D8E6543349C68909CEFB643189CD0DC635A68",
"fingerprint_sha256": "A22D895456DA5D9DEB066B52221C73AFB2208BAFE7F93F76EC93ED7F3F48FFD1",
"issuer": {
"common_name": [
"R11"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"issuer_dn": "/C=US/O=Let's Encrypt/CN=R11",
"jarm": "21d19d00021d21d21c21d19d21d21dd63eb481052cd655ca2b1b4e0f7740c9",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "378628000578592028296545840380283972911893",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "MTUxMTQyMzY2YWY2ZDMyYTk3Yjg4ODNhMGJlMDI0OWU3YTgyOWM4MzY5YjQzYjBjODRmYTFlOTQzZDAzNTAxYjVjYmI3OGNiOGM0MjgzZDRlMzA0NzQyNTgxNmVhZjdjOTE1ZTk5ZDU3MWI5NmY5OWJlZmQwN2NiYzg2MDczMDRlYWM5OGE3YzM5MzMwMTcyZDEzYzNiMmI2ZWUxMjc3MTBlMTA0ZTIxNmRhNjM5ZmEyYWI5MWI2NzQzZTNiMGE3MDA5Y2Y5ZDkxNmVlZDhjZWViYjZiYmZjYTJkY2FlNTMwNDkzMTMyODc3MTY1ZTMyMmQ2YjJjMmQ4NGM3MzVmNTJmMDZkMmFmNjA5ZmY1NjBmMDkwZGQ0ZjJkMzg5YTM1YmRlNzRhYmY4OWJhZGYxMjRiOTZiZDllZmEyN2IzNmZhMTZlOTQ3NDEyZWM2ZGY0MmVhZjU2ODNmNDhhMDUzYTcyMWU4NTBmZjhhNWVjM2MzYmRlYzgzYjdjZWRjZjVmZDg0NzU4ZDQxMDM2MTU4MDIyMDU1NGNkMDVjYTk0MDY5OTM1MzZiNmFkM2MyNmRmZTdmMzY0ZjdhYzQ2NDZkNDk0M2E2NDIxNTdkN2JlMWViNzI2NTZlNDE1N2UxNDM2YjU4ZTk2NTcyNTc0OGMxOWNhNTE4MzkzMjAzOTkxMDA="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b08",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30450220711c2cdb6d0ffced2a35e623034759573f0c9e7b490081985b3ad926718dcd57022100fe5d511c7cdcf5c7cb0750b874c7f0faf696a0c4684c4c3cbf73dad5413c062c"
},
"timestamp": "2024-10-30T00:10:20.875000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "134adf1ab5984209780c6fef4c7a91a416b72349ce58576adfaedaa7c2abe022",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304502204a252a0e360ca1443d24c6b8352b0e5f0e888e730e4772e23b048ffe8d5373ff02210080e62a526f61c4da0444394a7a41c9a2900b9fa1bf8e590440852b65e0d31436"
},
"timestamp": "2024-10-30T00:10:23.008000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"www.misocream.org"
]
},
"subject_alt_name": {
"dns_names": [
"www.misocream.org"
],
"extended_dns_names": [
{
"domain": "misocream",
"fld": "misocream.org",
"subdomain": "www",
"tld": "org"
}
]
},
"subject_dn": "/CN=www.misocream.org",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "326d0cb7068ddbbcf0d906891f207cf851123ef341ff5f14d36d1a78007daea8",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhjMGJkMWY4YTQ5MTMwMjUxZjc5MDEyZjkxMmJkZjQ4NGE4YjA1ODU4NTUwMDVlZDNiYzhkYjkwNzM3N2E5M2RkYjQ1MTkxMWNkYTRhYmNjYjI5MTc2ZjYyZDZmODVjYzM3NWEwNGY4OTdhODhkYzE4NTUzMGRhZmQ1ZmFiMGM2NTZmZGQ2M2Y3M2NhMTBmMGUwOGZlZDVmODg0NzBjNmRlZGJhNjYxZGMyYmM4YTRlMmFmN2M5ZDI1NGZjYTYzMTNmYzc0ZjljY2QzZDBkMzU2Mjc3NmFlYmYyMjFhZmM5M2JlOTIzZTI4OTNjODc2ZTI5YjVkZmNlMjQ4ZmE2OTA4ZTBhNGY3ZDRjNWMwZGY0YjE1MTZmMWM3N2M3ZWQ4MTQ0N2FkNjM1Yjg2ZTA1NjMzZmQzMzVkM2RmMzdmMTAyMWQzODFiMGM0MzEyZDI2MGUzMmVkOGJkMmIwNjY0ZmU4YjQ2ODk3ZTc4YzQ2Yzc1ZThjMzdjMGJmMGI5YzUxMmY2NGZkYTViY2ZhNTRkZjNjZmZiYTg3NzJiZGZiNGZkZTM3ZGI3N2YxNzFkYTk2YjZiNDU4M2I0OTliMTY4YzY5OWZkOTgxZjU2MDkxYTVmNzhhYjdjNDlhYWFlMzI2NTgwMGU1ZDJlYzJjZjMxNTZmODhlZmJiYjBlNWMxZjBmZg=="
}
},
"tbs_fingerprint": "c8e67b0aa50ab4c3d23327d528bb5ff67259f1ef6b8c734b08c470732c4ada8a",
"tbs_noct_fingerprint": "d8fe79792a471b29d2fcf3e6686a9ab2aa7b9738b14bccfc9c75dbad7f169273",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2025-01-27T23:11:49",
"not_before": "2024-10-29T23:11:50"
},
"version": 2
},
"fingerprint_sha256": "A22D895456DA5D9DEB066B52221C73AFB2208BAFE7F93F76EC93ED7F3F48FFD1",
"precert": false,
"raw": "MIIE8jCCA9qgAwIBAgISBFiwDGjnMr7dqCorkKXPVoMVMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTEwHhcNMjQxMDI5MjMxMTUwWhcNMjUwMTI3MjMxMTQ5WjAcMRowGAYDVQQDExF3d3cubWlzb2NyZWFtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMC9H4pJEwJR95AS+RK99ISosFhYVQBe07yNuQc3epPdtFGRHNpKvMspF29i1vhcw3WgT4l6iNwYVTDa/V+rDGVv3WP3PKEPDgj+1fiEcMbe26Zh3CvIpOKvfJ0lT8pjE/x0+czT0NNWJ3auvyIa/JO+kj4ok8h24ptd/OJI+mkI4KT31MXA30sVFvHHfH7YFEetY1uG4FYz/TNdPfN/ECHTgbDEMS0mDjLti9KwZk/otGiX54xGx16MN8C/C5xRL2T9pbz6VN88/7qHcr37T94323fxcdqWtrRYO0mbFoxpn9mB9WCRpfeKt8SaquMmWADl0uws8xVviO+7sOXB8P8CAwEAAaOCAhUwggIRMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUz35HeGmQ0b42XzgcOZ+1bZkoNkcwHwYDVR0jBBgwFoAUxc9GpOr0w8B6bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRwOi8vcjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVuY3Iub3JnLzAcBgNVHREEFTATghF3d3cubWlzb2NyZWFtLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABktrCUUsAAAQDAEcwRQIgcRws220P/O0qNeYjA0dZVz8MnntJAIGYWzrZJnGNzVcCIQD+XVEcfNz1x8sHULh0x/D69pagxGhMTDy/c9rVQTwGLAB2ABNK3xq1mEIJeAxv70x6kaQWtyNJzlhXat+u2qfCq+AiAAABktrCWaAAAAQDAEcwRQIgSiUqDjYMoUQ9JMa4NSsOXw6IjnMOR3LiOwSP/o1Tc/8CIQCA5ipSb2HE2gREOUp6QcmikAufob+OWQRAhStl4NMUNjANBgkqhkiG9w0BAQsFAAOCAQEAFRFCNmr20yqXuIg6C+AknnqCnINptDsMhPoelD0DUBtcu3jLjEKD1OMEdCWBbq98kV6Z1XG5b5m+/QfLyGBzBOrJinw5MwFy0Tw7K27hJ3EOEE4hbaY5+iq5G2dD47CnAJz52Rbu2M7rtrv8otyuUwSTEyh3Fl4yLWssLYTHNfUvBtKvYJ/1YPCQ3U8tOJo1vedKv4m63xJLlr2e+iezb6FulHQS7G30Lq9Wg/SKBTpyHoUP+KXsPDveyDt87c9f2EdY1BA2FYAiBVTNBcqUBpk1NratPCbf5/Nk96xGRtSUOmQhV9e+HrcmVuQVfhQ2tY6WVyV0jBnKUYOTIDmRAA==",
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://182.48.56.71/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-30T13:21:10.377Z"
}
],
"services_hash": "e237101c450c81eef1d23bea39505e9a711cf16738a3f213bcc77e4dc6c78850",
"last_updated_at": "2025-11-30T13:21:10.377Z",
"banner": [
"smtp",
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-2019-13917": {
"id": "CVE-2019-13917",
"references": [
"http://exim.org/static/doc/security/CVE-2019-13917.txt",
"http://www.openwall.com/lists/oss-security/2019/07/26/5",
"https://seclists.org/bugtraq/2019/Jul/51",
"https://security.gentoo.org/glsa/201909-06",
"https://www.debian.org/security/2019/dsa-4488",
"http://exim.org/static/doc/security/CVE-2019-13917.txt",
"http://www.openwall.com/lists/oss-security/2019/07/26/5",
"https://seclists.org/bugtraq/2019/Jul/51",
"https://security.gentoo.org/glsa/201909-06",
"https://www.debian.org/security/2019/dsa-4488"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-19"
},
"CVE-2019-15846": {
"id": "CVE-2019-15846",
"references": [
"http://exim.org/static/doc/security/CVE-2019-15846.txt",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html",
"http://www.openwall.com/lists/oss-security/2019/09/06/2",
"http://www.openwall.com/lists/oss-security/2019/09/06/4",
"http://www.openwall.com/lists/oss-security/2019/09/06/5",
"http://www.openwall.com/lists/oss-security/2019/09/06/6",
"http://www.openwall.com/lists/oss-security/2019/09/06/8",
"http://www.openwall.com/lists/oss-security/2019/09/07/1",
"http://www.openwall.com/lists/oss-security/2019/09/07/2",
"http://www.openwall.com/lists/oss-security/2019/09/08/1",
"http://www.openwall.com/lists/oss-security/2019/09/09/1",
"https://exim.org/static/doc/security/CVE-2019-15846.txt",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/",
"https://seclists.org/bugtraq/2019/Sep/13",
"https://security.gentoo.org/glsa/201909-06",
"https://usn.ubuntu.com/4124-1/",
"https://usn.ubuntu.com/4124-2/",
"https://www.debian.org/security/2019/dsa-4517",
"https://www.kb.cert.org/vuls/id/672565",
"https://www.openwall.com/lists/oss-security/2019/09/06/1",
"http://exim.org/static/doc/security/CVE-2019-15846.txt",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html",
"http://www.openwall.com/lists/oss-security/2019/09/06/2",
"http://www.openwall.com/lists/oss-security/2019/09/06/4",
"http://www.openwall.com/lists/oss-security/2019/09/06/5",
"http://www.openwall.com/lists/oss-security/2019/09/06/6",
"http://www.openwall.com/lists/oss-security/2019/09/06/8",
"http://www.openwall.com/lists/oss-security/2019/09/07/1",
"http://www.openwall.com/lists/oss-security/2019/09/07/2",
"http://www.openwall.com/lists/oss-security/2019/09/08/1",
"http://www.openwall.com/lists/oss-security/2019/09/09/1",
"https://exim.org/static/doc/security/CVE-2019-15846.txt",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/",
"https://seclists.org/bugtraq/2019/Sep/13",
"https://security.gentoo.org/glsa/201909-06",
"https://usn.ubuntu.com/4124-1/",
"https://usn.ubuntu.com/4124-2/",
"https://www.debian.org/security/2019/dsa-4517",
"https://www.kb.cert.org/vuls/id/672565",
"https://www.openwall.com/lists/oss-security/2019/09/06/1"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-16928": {
"id": "CVE-2019-16928",
"references": [
"http://www.openwall.com/lists/oss-security/2019/09/28/1",
"http://www.openwall.com/lists/oss-security/2019/09/28/2",
"http://www.openwall.com/lists/oss-security/2019/09/28/3",
"http://www.openwall.com/lists/oss-security/2019/09/28/4",
"https://bugs.exim.org/show_bug.cgi?id=2449",
"https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f",
"https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/",
"https://seclists.org/bugtraq/2019/Sep/60",
"https://security.gentoo.org/glsa/202003-47",
"https://usn.ubuntu.com/4141-1/",
"https://www.debian.org/security/2019/dsa-4536",
"http://www.openwall.com/lists/oss-security/2019/09/28/1",
"http://www.openwall.com/lists/oss-security/2019/09/28/2",
"http://www.openwall.com/lists/oss-security/2019/09/28/3",
"http://www.openwall.com/lists/oss-security/2019/09/28/4",
"https://bugs.exim.org/show_bug.cgi?id=2449",
"https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f",
"https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/",
"https://seclists.org/bugtraq/2019/Sep/60",
"https://security.gentoo.org/glsa/202003-47",
"https://usn.ubuntu.com/4141-1/",
"https://www.debian.org/security/2019/dsa-4536"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-12783": {
"id": "CVE-2020-12783",
"references": [
"http://www.openwall.com/lists/oss-security/2021/05/04/7",
"https://bugs.exim.org/show_bug.cgi?id=2571",
"https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86",
"https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0",
"https://lists.debian.org/debian-lts-announce/2020/05/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6IQQ2SERFUD4WMRSX6XYDNK7Q4GPT7Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7Z5UG6ZIG32V7M4PP3BCC65C27EWK7G/",
"https://usn.ubuntu.com/4366-1/",
"https://www.debian.org/security/2020/dsa-4687",
"http://www.openwall.com/lists/oss-security/2021/05/04/7",
"https://bugs.exim.org/show_bug.cgi?id=2571",
"https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86",
"https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0",
"https://lists.debian.org/debian-lts-announce/2020/05/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6IQQ2SERFUD4WMRSX6XYDNK7Q4GPT7Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7Z5UG6ZIG32V7M4PP3BCC65C27EWK7G/",
"https://usn.ubuntu.com/4366-1/",
"https://www.debian.org/security/2020/dsa-4687"
],
"score": 7.5,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2020-28007": {
"id": "CVE-2020-28007",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-59"
},
"CVE-2020-28008": {
"id": "CVE-2020-28008",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28008-SPDIR.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28008-SPDIR.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-269"
},
"CVE-2020-28009": {
"id": "CVE-2020-28009",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28009-STDIN.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28009-STDIN.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2020-28010": {
"id": "CVE-2020-28010",
"references": [
"http://www.openwall.com/lists/oss-security/2021/07/22/7",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28010-SLCWD.txt",
"http://www.openwall.com/lists/oss-security/2021/07/22/7",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28010-SLCWD.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small (on some common platforms).",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-28011": {
"id": "CVE-2020-28011",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28011-SPRSS.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28011-SPRSS.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-28012": {
"id": "CVE-2020-28012",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28012-CLOSE.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28012-CLOSE.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2020-28013": {
"id": "CVE-2020-28013",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28013-PFPSN.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28013-PFPSN.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles \"-F '.('\" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-28014": {
"id": "CVE-2020-28014",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28014-PIDFP.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28014-PIDFP.txt"
],
"score": 6.1,
"services": [
"25/smtp"
],
"severity": "medium",
"summary": "Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"weakness": "CWE-269"
},
"CVE-2020-28015": {
"id": "CVE-2020-28015",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28015-NLEND.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28015-NLEND.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2020-28016": {
"id": "CVE-2020-28016",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28016-PFPZA.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28016-PFPZA.txt"
],
"score": 7.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because \"-F ''\" is mishandled by parse_fix_phrase.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-28017": {
"id": "CVE-2020-28017",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2020-28018": {
"id": "CVE-2020-28018",
"references": [
"http://www.openwall.com/lists/oss-security/2021/05/11/14",
"http://www.openwall.com/lists/oss-security/2021/05/11/15",
"http://www.openwall.com/lists/oss-security/2021/05/11/17",
"http://www.openwall.com/lists/oss-security/2021/05/11/5",
"http://www.openwall.com/lists/oss-security/2021/05/11/6",
"http://www.openwall.com/lists/oss-security/2021/05/12/2",
"http://www.openwall.com/lists/oss-security/2021/05/12/3",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt",
"http://www.openwall.com/lists/oss-security/2021/05/11/14",
"http://www.openwall.com/lists/oss-security/2021/05/11/15",
"http://www.openwall.com/lists/oss-security/2021/05/11/17",
"http://www.openwall.com/lists/oss-security/2021/05/11/5",
"http://www.openwall.com/lists/oss-security/2021/05/11/6",
"http://www.openwall.com/lists/oss-security/2021/05/12/2",
"http://www.openwall.com/lists/oss-security/2021/05/12/3",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28018-OCORK.txt"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2020-28019": {
"id": "CVE-2020-28019",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt"
],
"score": 7.5,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-665"
},
"CVE-2020-28021": {
"id": "CVE-2020-28021",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt"
],
"score": 8.8,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2020-28022": {
"id": "CVE-2020-28022",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-28023": {
"id": "CVE-2020-28023",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt"
],
"score": 7.5,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2020-28024": {
"id": "CVE-2020-28024",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2020-28025": {
"id": "CVE-2020-28025",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt"
],
"score": 7.5,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2020-28026": {
"id": "CVE-2020-28026",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2020-8015": {
"id": "CVE-2020-8015",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html",
"https://bugzilla.suse.com/show_bug.cgi?id=1154183",
"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html",
"https://bugzilla.suse.com/show_bug.cgi?id=1154183"
],
"score": 8.4,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-59"
},
"CVE-2021-27216": {
"id": "CVE-2021-27216",
"references": [
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt",
"https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt"
],
"score": 6.3,
"services": [
"25/smtp"
],
"severity": "medium",
"summary": "Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"weakness": "CWE-362"
},
"CVE-2021-38371": {
"id": "CVE-2021-38371",
"references": [
"https://nostarttls.secvuln.info",
"https://www.exim.org",
"https://www.exim.org/static/doc/security/CVE-2021-38371.txt",
"https://nostarttls.secvuln.info",
"https://www.exim.org",
"https://www.exim.org/static/doc/security/CVE-2021-38371.txt"
],
"score": 7.5,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-74"
},
"CVE-2022-37451": {
"id": "CVE-2022-37451",
"references": [
"https://cwe.mitre.org/data/definitions/762.html",
"https://github.com/Exim/exim/commit/51be321b27825c01829dffd90f11bfff256f7e42",
"https://github.com/Exim/exim/compare/exim-4.95...exim-4.96",
"https://github.com/Exim/exim/wiki/EximSecurity",
"https://github.com/ivd38/exim_invalid_free",
"https://lists.exim.org/lurker/message/20220625.141825.d6de6074.en.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LETR5CVDPFOFQHXCJP6NFLG52JZHQYDY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XSWDF4QEXD4TDWQLYQOWCHBJKTDQR4Z7/",
"https://www.exim.org/static/doc/security/",
"https://www.openwall.com/lists/oss-security/2022/08/06/1",
"https://cwe.mitre.org/data/definitions/762.html",
"https://github.com/Exim/exim/commit/51be321b27825c01829dffd90f11bfff256f7e42",
"https://github.com/Exim/exim/compare/exim-4.95...exim-4.96",
"https://github.com/Exim/exim/wiki/EximSecurity",
"https://github.com/ivd38/exim_invalid_free",
"https://lists.exim.org/lurker/message/20220625.141825.d6de6074.en.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LETR5CVDPFOFQHXCJP6NFLG52JZHQYDY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XSWDF4QEXD4TDWQLYQOWCHBJKTDQR4Z7/",
"https://www.exim.org/static/doc/security/",
"https://www.openwall.com/lists/oss-security/2022/08/06/1"
],
"score": 7.5,
"services": [
"25/smtp"
],
"severity": "high",
"summary": "Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-763"
},
"CVE-2022-37452": {
"id": "CVE-2022-37452",
"references": [
"https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743",
"https://github.com/Exim/exim/compare/exim-4.94...exim-4.95",
"https://github.com/Exim/exim/wiki/EximSecurity",
"https://github.com/ivd38/exim_overflow",
"https://lists.debian.org/debian-lts-announce/2022/08/msg00014.html",
"https://www.exim.org/static/doc/security/",
"https://www.openwall.com/lists/oss-security/2022/08/06/8",
"https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743",
"https://github.com/Exim/exim/compare/exim-4.94...exim-4.95",
"https://github.com/Exim/exim/wiki/EximSecurity",
"https://github.com/ivd38/exim_overflow",
"https://lists.debian.org/debian-lts-announce/2022/08/msg00014.html",
"https://www.exim.org/static/doc/security/",
"https://www.openwall.com/lists/oss-security/2022/08/06/8"
],
"score": 9.8,
"services": [
"25/smtp"
],
"severity": "critical",
"summary": "Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2023-51766": {
"id": "CVE-2023-51766",
"references": [
"http://www.openwall.com/lists/oss-security/2023/12/24/1",
"http://www.openwall.com/lists/oss-security/2023/12/25/1",
"http://www.openwall.com/lists/oss-security/2023/12/29/2",
"http://www.openwall.com/lists/oss-security/2024/01/01/1",
"http://www.openwall.com/lists/oss-security/2024/01/01/2",
"http://www.openwall.com/lists/oss-security/2024/01/01/3",
"https://bugs.exim.org/show_bug.cgi?id=3063",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255852",
"https://exim.org/static/doc/security/CVE-2023-51766.txt",
"https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html",
"https://git.exim.org/exim.git/commit/5bb786d5ad568a88d50d15452aacc8404047e5ca",
"https://git.exim.org/exim.git/commit/cf1376206284f2a4f11e32d931d4aade34c206c5",
"https://github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/",
"https://lwn.net/Articles/956533/",
"https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/",
"https://www.openwall.com/lists/oss-security/2023/12/23/2",
"https://www.youtube.com/watch?v=V8KPV96g1To",
"http://www.openwall.com/lists/oss-security/2023/12/24/1",
"http://www.openwall.com/lists/oss-security/2023/12/25/1",
"http://www.openwall.com/lists/oss-security/2023/12/29/2",
"http://www.openwall.com/lists/oss-security/2024/01/01/1",
"http://www.openwall.com/lists/oss-security/2024/01/01/2",
"http://www.openwall.com/lists/oss-security/2024/01/01/3",
"https://bugs.exim.org/show_bug.cgi?id=3063",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255852",
"https://exim.org/static/doc/security/CVE-2023-51766.txt",
"https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html",
"https://git.exim.org/exim.git/commit/5bb786d5ad568a88d50d15452aacc8404047e5ca",
"https://git.exim.org/exim.git/commit/cf1376206284f2a4f11e32d931d4aade34c206c5",
"https://github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/",
"https://lwn.net/Articles/956533/",
"https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/",
"https://www.openwall.com/lists/oss-security/2023/12/23/2",
"https://www.youtube.com/watch?v=V8KPV96g1To"
],
"score": 5.3,
"services": [
"25/smtp"
],
"severity": "medium",
"summary": "Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-345"
}
}
}