Vulnerability-Lookup

CVE-2019-10149 (GCVE-0-2019-10149)

Vulnerability from cvelistv5 – Published: 2019-06-05 00:00 – Updated: 2025-10-21 23:45

CISA KEV

Summary

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Severity ?

9 (Critical)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-78

Assigner

redhat

References

20 references

URL	Tags
http://www.openwall.com/lists/oss-security/2019/06/05/2	mailing-list
https://usn.ubuntu.com/4010-1/	vendor-advisory
http://www.openwall.com/lists/oss-security/2019/06/05/3	mailing-list
http://www.openwall.com/lists/oss-security/2019/06/05/4	mailing-list
https://www.debian.org/security/2019/dsa-4456	vendor-advisory
https://seclists.org/bugtraq/2019/Jun/5	mailing-list
https://security.gentoo.org/glsa/201906-01	vendor-advisory
http://www.openwall.com/lists/oss-security/2019/06/06/1	mailing-list
http://www.securityfocus.com/bid/108679	vdb-entry
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
http://seclists.org/fulldisclosure/2019/Jun/16	mailing-list
http://www.openwall.com/lists/oss-security/2019/07/25/6	mailing-list
http://www.openwall.com/lists/oss-security/2019/07/25/7	mailing-list
http://www.openwall.com/lists/oss-security/2019/07/26/4	mailing-list
http://www.openwall.com/lists/oss-security/2021/05/04/7	mailing-list
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…
https://www.exim.org/static/doc/security/CVE-2019…
http://packetstormsecurity.com/files/153218/Exim-…
http://packetstormsecurity.com/files/153312/Exim-…
http://packetstormsecurity.com/files/154198/Exim-…

Impacted products

1 product

Vendor	Product	Version
exim	exim	Affected: 4.92

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: c8b77fa7-b1fd-4d6b-84d0-79681a29f56b

Vulnerability ID: CVE-2019-10149

Status: Confirmed

Status Updated: 2022-01-10 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-01-10

Asserted: 2022-01-10

Scope

Notes: KEV entry: Exim Mail Transfer Agent (MTA) Improper Input Validation | Affected: Exim / Mail Transfer Agent (MTA) | Description: Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-07-10 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2019-10149

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-78
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Mail Transfer Agent (MTA)
Due Date	2022-07-10
Date Added	2022-01-10
Vendorproject	Exim
Vulnerabilityname	Exim Mail Transfer Agent (MTA) Improper Input Validation
Knownransomwarecampaignuse	Unknown

References

CVE-2019-10149

Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:09.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
          },
          {
            "name": "USN-4010-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4010-1/"
          },
          {
            "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
          },
          {
            "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
          },
          {
            "name": "DSA-4456",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4456"
          },
          {
            "name": "20190605 [SECURITY] [DSA 4456-1] exim4 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/5"
          },
          {
            "name": "GLSA-201906-01",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201906-01"
          },
          {
            "name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
          },
          {
            "name": "108679",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108679"
          },
          {
            "name": "openSUSE-SU-2019:1524",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
          },
          {
            "name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
          },
          {
            "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
          },
          {
            "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
          },
          {
            "name": "[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
          },
          {
            "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-10149",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T13:31:13.268223Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:35.245Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-01-10T00:00:00.000Z",
            "value": "CVE-2019-10149 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "exim",
          "vendor": "exim",
          "versions": [
            {
              "status": "affected",
              "version": "4.92"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
        },
        {
          "name": "USN-4010-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://usn.ubuntu.com/4010-1/"
        },
        {
          "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
        },
        {
          "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
        },
        {
          "name": "DSA-4456",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4456"
        },
        {
          "name": "20190605 [SECURITY] [DSA 4456-1] exim4 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/5"
        },
        {
          "name": "GLSA-201906-01",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/201906-01"
        },
        {
          "name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
        },
        {
          "name": "108679",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/108679"
        },
        {
          "name": "openSUSE-SU-2019:1524",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
        },
        {
          "name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
        },
        {
          "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
        },
        {
          "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
        },
        {
          "name": "[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
        },
        {
          "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
        },
        {
          "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
        },
        {
          "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10149",
    "datePublished": "2019-06-05T00:00:00.000Z",
    "dateReserved": "2019-03-27T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:35.245Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2019-10149",
      "cwes": "[\"CWE-78\"]",
      "dateAdded": "2022-01-10",
      "dueDate": "2022-07-10",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-10149",
      "product": "Mail Transfer Agent (MTA)",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.",
      "vendorProject": "Exim",
      "vulnerabilityName": "Exim Mail Transfer Agent (MTA) Improper Input Validation"
    },
    "epss": {
      "cve": "CVE-2019-10149",
      "date": "2026-05-24",
      "epss": "0.93918",
      "percentile": "0.99882"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-07-10",
      "cisaExploitAdd": "2022-01-10",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Exim Mail Transfer Agent (MTA) Improper Input Validation",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.87\", \"versionEndIncluding\": \"4.91\", \"matchCriteriaId\": \"EC82DBB1-F6AA-445B-9D2C-12393656A5D4\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 un defecto Exim versiones  4.87 a  la 4.91 (incluida). Una validaci\\u00f3n incorrecta de la direcci\\u00f3n del recipiente en la funci\\u00f3n deliver_message() en  /src/deliver.c puede llevar a ejecutar comandos remotos\"}]",
      "id": "CVE-2019-10149",
      "lastModified": "2024-11-21T04:18:31.237",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.0, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-06-05T14:29:11.293",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Jun/16\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/3\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/4\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/06/1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/6\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/7\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/26/4\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/04/7\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/108679\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/5\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201906-01\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4010-1/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4456\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exim.org/static/doc/security/CVE-2019-10149.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Jun/16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/06/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/26/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/04/7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/108679\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201906-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4010-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4456\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exim.org/static/doc/security/CVE-2019-10149.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-10149\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-06-05T14:29:11.293\",\"lastModified\":\"2025-11-06T14:49:48.047\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un defecto Exim versiones  4.87 a  la 4.91 (incluida). Una validaci\u00f3n incorrecta de la direcci\u00f3n del recipiente en la funci\u00f3n deliver_message() en  /src/deliver.c puede llevar a ejecutar comandos remotos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-01-10\",\"cisaActionDue\":\"2022-07-10\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Exim Mail Transfer Agent (MTA) Improper Input Validation\",\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.87\",\"versionEndIncluding\":\"4.91\",\"matchCriteriaId\":\"EC82DBB1-F6AA-445B-9D2C-12393656A5D4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jun/16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/05/2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/05/3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/05/4\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/06/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/25/6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/25/7\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/26/4\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/04/7\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108679\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/5\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201906-01\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4010-1/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4456\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exim.org/static/doc/security/CVE-2019-10149.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jun/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/05/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/05/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/05/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/06/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/25/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/25/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/26/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/04/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201906-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4010-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exim.org/static/doc/security/CVE-2019-10149.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/2\", \"name\": \"[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4010-1/\", \"name\": \"USN-4010-1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/3\", \"name\": \"[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/4\", \"name\": \"[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4456\", \"name\": \"DSA-4456\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/5\", \"name\": \"20190605 [SECURITY] [DSA 4456-1] exim4 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201906-01\", \"name\": \"GLSA-201906-01\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/06/1\", \"name\": \"[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/108679\", \"name\": \"108679\", \"tags\": [\"vdb-entry\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html\", \"name\": \"openSUSE-SU-2019:1524\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Jun/16\", \"name\": \"20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/6\", \"name\": \"[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/7\", \"name\": \"[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/26/4\", \"name\": \"[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/04/7\", \"name\": \"[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.exim.org/static/doc/security/CVE-2019-10149.txt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T22:10:09.944Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-10149\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T13:31:13.268223Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-01-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-01-10T00:00:00.000Z\", \"value\": \"CVE-2019-10149 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T13:22:30.306Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"exim\", \"product\": \"exim\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.92\"}]}], \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/2\", \"name\": \"[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://usn.ubuntu.com/4010-1/\", \"name\": \"USN-4010-1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/3\", \"name\": \"[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/05/4\", \"name\": \"[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4456\", \"name\": \"DSA-4456\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/5\", \"name\": \"20190605 [SECURITY] [DSA 4456-1] exim4 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/201906-01\", \"name\": \"GLSA-201906-01\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/06/1\", \"name\": \"[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.securityfocus.com/bid/108679\", \"name\": \"108679\", \"tags\": [\"vdb-entry\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html\", \"name\": \"openSUSE-SU-2019:1524\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Jun/16\", \"name\": \"20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/6\", \"name\": \"[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/25/7\", \"name\": \"[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/07/26/4\", \"name\": \"[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/05/04/7\", \"name\": \"[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149\"}, {\"url\": \"https://www.exim.org/static/doc/security/CVE-2019-10149.txt\"}, {\"url\": \"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\"}, {\"url\": \"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html\"}, {\"url\": \"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2022-10-07T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-10149\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:45:35.245Z\", \"dateReserved\": \"2019-03-27T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2019-06-05T00:00:00.000Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2019-ALE-009

Vulnerability from certfr_alerte - Published: - Updated:

Le CERT-FR a connaissance de cas d'exploitation de la vulnérabilité CVE-2019-10149 qui affecte Exim et permet une exécution de commande arbitraire à distance.

Cette vulnérabilité est triviale à exploiter, d'autant plus que du code d'attaque est disponible publiquement sur internet.

Le CERT-FR recommande donc fortement l'application du correctif sorti le 05 juin 2019, et ce dans les plus brefs délais.

La commande suivante peut servir à détecter des tentatives d'exploitation en cherchant dans les journaux d'activités. Elle a été testée sur un système Debian avec une configuration par défaut.

[pastacode lang="bash" manual="grep%20'%24%7Brun'%20%2Fvar%2Flog%2Fexim4%2Fmainlog" message="" highlight="" provider="manual"/]

Exemples de sortie:

[pastacode lang="bash" manual="2019-06-11%2014%3A01%3A29%201hal5N-0001Hx-3T%20**%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A02%3A14%201hal66-0001I7-MN%20**%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A03%3A11%201hal70-0001IH-VN%20**%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A07%3A44%201halBQ-0001Ij-2D%20**%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop" message="" highlight="" provider="manual"/]

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Exim	N/A	Exim versions antérieures à 4.92

References

Title

Publication Time

Tags

Bulletin de sécurité Exim CVE-2019-10149 du 05 juin 2019	None	vendor-advisory
Avis CERT-FR CERTFR-2019-AVI-252 du 06 juin 2019	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Exim versions ant\u00e9rieures \u00e0 4.92",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Exim",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2019-07-23",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-10149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10149"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2019-AVI-252 du 06 juin 2019",
      "url": "https://cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-252/"
    }
  ],
  "reference": "CERTFR-2019-ALE-009",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-06-11T00:00:00.000000"
    },
    {
      "description": "Ajout de la commande de recherche dans les journaux.",
      "revision_date": "2019-06-12T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2019-07-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de commande arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le CERT-FR a connaissance de cas d\u0027exploitation de la\nvuln\u00e9rabilit\u00e9\u00a0CVE-2019-10149 qui affecte Exim et permet une ex\u00e9cution de\ncommande arbitraire \u00e0 distance.\n\nCette vuln\u00e9rabilit\u00e9 est triviale \u00e0 exploiter, d\u0027autant plus que du code\nd\u0027attaque est disponible publiquement sur internet.\n\nLe CERT-FR recommande donc fortement l\u0027application du correctif sorti le\n05 juin 2019, et ce dans les plus brefs d\u00e9lais.\n\nLa commande suivante peut servir \u00e0 d\u00e9tecter des tentatives\nd\u0027exploitation en cherchant dans les journaux d\u0027activit\u00e9s. Elle a \u00e9t\u00e9\ntest\u00e9e sur un syst\u00e8me Debian avec une configuration par d\u00e9faut.\n\n\\[pastacode lang=\"bash\"\nmanual=\"grep%20\u0027%24%7Brun\u0027%20%2Fvar%2Flog%2Fexim4%2Fmainlog\" message=\"\"\nhighlight=\"\" provider=\"manual\"/\\]\n\nExemples de sortie:\n\n\\[pastacode lang=\"bash\"\nmanual=\"2019-06-11%2014%3A01%3A29%201hal5N-0001Hx-3T%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A02%3A14%201hal66-0001I7-MN%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A03%3A11%201hal70-0001IH-VN%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A07%3A44%201halBQ-0001Ij-2D%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop\"\nmessage=\"\" highlight=\"\" provider=\"manual\"/\\]\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Exim",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Exim CVE-2019-10149 du 05 juin 2019",
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    }
  ]
}

CERTFR-2019-ALE-009

Vulnerability from certfr_alerte - Published: - Updated:

Le CERT-FR a connaissance de cas d'exploitation de la vulnérabilité CVE-2019-10149 qui affecte Exim et permet une exécution de commande arbitraire à distance.

Cette vulnérabilité est triviale à exploiter, d'autant plus que du code d'attaque est disponible publiquement sur internet.

Le CERT-FR recommande donc fortement l'application du correctif sorti le 05 juin 2019, et ce dans les plus brefs délais.

[pastacode lang="bash" manual="grep%20'%24%7Brun'%20%2Fvar%2Flog%2Fexim4%2Fmainlog" message="" highlight="" provider="manual"/]

Exemples de sortie:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Exim	N/A	Exim versions antérieures à 4.92

References

Title

Publication Time

Tags

Bulletin de sécurité Exim CVE-2019-10149 du 05 juin 2019	None	vendor-advisory
Avis CERT-FR CERTFR-2019-AVI-252 du 06 juin 2019	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Exim versions ant\u00e9rieures \u00e0 4.92",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Exim",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2019-07-23",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-10149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10149"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2019-AVI-252 du 06 juin 2019",
      "url": "https://cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-252/"
    }
  ],
  "reference": "CERTFR-2019-ALE-009",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-06-11T00:00:00.000000"
    },
    {
      "description": "Ajout de la commande de recherche dans les journaux.",
      "revision_date": "2019-06-12T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2019-07-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de commande arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le CERT-FR a connaissance de cas d\u0027exploitation de la\nvuln\u00e9rabilit\u00e9\u00a0CVE-2019-10149 qui affecte Exim et permet une ex\u00e9cution de\ncommande arbitraire \u00e0 distance.\n\nCette vuln\u00e9rabilit\u00e9 est triviale \u00e0 exploiter, d\u0027autant plus que du code\nd\u0027attaque est disponible publiquement sur internet.\n\nLe CERT-FR recommande donc fortement l\u0027application du correctif sorti le\n05 juin 2019, et ce dans les plus brefs d\u00e9lais.\n\nLa commande suivante peut servir \u00e0 d\u00e9tecter des tentatives\nd\u0027exploitation en cherchant dans les journaux d\u0027activit\u00e9s. Elle a \u00e9t\u00e9\ntest\u00e9e sur un syst\u00e8me Debian avec une configuration par d\u00e9faut.\n\n\\[pastacode lang=\"bash\"\nmanual=\"grep%20\u0027%24%7Brun\u0027%20%2Fvar%2Flog%2Fexim4%2Fmainlog\" message=\"\"\nhighlight=\"\" provider=\"manual\"/\\]\n\nExemples de sortie:\n\n\\[pastacode lang=\"bash\"\nmanual=\"2019-06-11%2014%3A01%3A29%201hal5N-0001Hx-3T%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A02%3A14%201hal66-0001I7-MN%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A03%3A11%201hal70-0001IH-VN%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop%0A2019-06-11%2014%3A07%3A44%201halBQ-0001Ij-2D%20\\*\\*%20%24%7Brun%3C%5BCOMMANDE%20EXECUTEE%5D%3E%7D%40localhost%3A%20Too%20many%20%22Received%22%20headers%20-%20suspected%20mail%20loop\"\nmessage=\"\" highlight=\"\" provider=\"manual\"/\\]\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Exim",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Exim CVE-2019-10149 du 05 juin 2019",
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    }
  ]
}

CERTFR-2019-AVI-252

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Exim. Elle permet à un attaquant de provoquer une exécution de commande arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Exim	N/A	Exim versions 4.87 à 4.91

References

Title

Publication Time

Tags

Bulletin de sécurité Exim CVE-2019-10149 du 05 juin 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Exim versions 4.87 \u00e0 4.91",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Exim",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-10149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10149"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-252",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-06-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de commande arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Exim. Elle permet \u00e0 un attaquant\nde provoquer une ex\u00e9cution de commande arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Exim",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Exim CVE-2019-10149 du 05 juin 2019",
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    }
  ]
}

CERTFR-2019-AVI-252

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Exim. Elle permet à un attaquant de provoquer une exécution de commande arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Exim	N/A	Exim versions 4.87 à 4.91

References

Title

Publication Time

Tags

Bulletin de sécurité Exim CVE-2019-10149 du 05 juin 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Exim versions 4.87 \u00e0 4.91",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Exim",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-10149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10149"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-252",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-06-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de commande arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Exim. Elle permet \u00e0 un attaquant\nde provoquer une ex\u00e9cution de commande arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Exim",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Exim CVE-2019-10149 du 05 juin 2019",
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    }
  ]
}

BDU:2019-02827

Vulnerability from fstec - Published: 05.06.2019

Title

Уязвимость функции deliver_message() (/src/deliver.c) почтового сервера Exim, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость функции deliver_message() (/src/deliver.c) почтового сервера Exim связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Canonical Ltd., ООО «РусБИТех-Астра», GNU General Public License, Сообщество свободного программного обеспечения, ООО «Ред Софт»

Software Name

Ubuntu, Astra Linux Special Edition (запись в едином реестре российских программ №369), exim, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156)

Software Version

18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), от 4.87 до 4.91 включительно (exim), до 4.89-2+deb9u4 (Debian GNU/Linux), 7.1 МУРОМ (РЕД ОС), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»)

Possible Mitigations

Использование рекомендаций: Для Exim: https://www.exim.org/static/doc/security/CVE-2019-10149.txt Для Ubuntu: https://usn.ubuntu.com/4010-1/ Для Debian: GNU/Linux: https://www.debian.org/security/2019/dsa-4456 Для РЕД ОС: Проверить версию применяемого сервера exim. Если версия в пределах от 4.87 до 4.91, то уязвимость существует Для Astra Linux использование рекомендаций, приведенных в бюллетенях № 20181229SE16 и № 20191225SE81: https://wiki.astralinux.ru/pages/viewpage.action?pageId=44892734 https://wiki.astralinux.ru/pages/viewpage.action?pageId=67111271 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81

Reference

https://access.redhat.com/security/cve/cve-2019-10149 https://nvd.nist.gov/vuln/detail/CVE-2019-10149 https://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html https://usn.ubuntu.com/4010-1/ https://www.debian.org/security/2019/dsa-4456 https://www.exim.org/static/doc/security/CVE-2019-10149.txt https://wiki.astralinux.ru/pages/viewpage.action?pageId=44892734 https://wiki.astralinux.ru/pages/viewpage.action?pageId=67111271

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, GNU General Public License, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), \u043e\u0442 4.87 \u0434\u043e 4.91 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (exim), \u0434\u043e 4.89-2+deb9u4 (Debian GNU/Linux), 7.1 \u041c\u0423\u0420\u041e\u041c (\u0420\u0415\u0414 \u041e\u0421), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Exim: https://www.exim.org/static/doc/security/CVE-2019-10149.txt\n\u0414\u043b\u044f Ubuntu: https://usn.ubuntu.com/4010-1/\n\u0414\u043b\u044f Debian:\u00a0GNU/Linux: https://www.debian.org/security/2019/dsa-4456\n\u0414\u043b\u044f \u0420\u0415\u0414 \u041e\u0421: \u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 exim. \u0415\u0441\u043b\u0438 \u0432\u0435\u0440\u0441\u0438\u044f \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043e\u0442 4.87 \u0434\u043e 4.91, \u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442\n\u0414\u043b\u044f Astra Linux \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439, \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0445 \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u0445 \u2116 20181229SE16 \u0438 \u2116 20191225SE81:\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=44892734\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=67111271\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.06.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.08.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-02827",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-10149",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), exim, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 18.10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux \u0434\u043e 4.89-2+deb9u4 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.1 \u041c\u0423\u0420\u041e\u041c  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 deliver_message() (/src/deliver.c) \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Exim, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 deliver_message() (/src/deliver.c) \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Exim \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2019-10149\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-10149\n\nhttps://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html\n\nhttps://usn.ubuntu.com/4010-1/\nhttps://www.debian.org/security/2019/dsa-4456\n\nhttps://www.exim.org/static/doc/security/CVE-2019-10149.txt\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=44892734\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=67111271",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CNVD-2019-16594

Vulnerability from cnvd - Published: 2019-06-06

Title

Exim远程代码执行漏洞

Description

Exim是一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。 Exim中存在远程代码执行漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞获取Exim服务器控制权。

Severity

高

Patch Name

Exim远程代码执行漏洞的补丁

Patch Description

Exim是一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。 Exim中存在远程代码执行漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞获取Exim服务器控制权。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://exim.org/static/doc/security/CVE-2019-10149.txt

Reference

https://vigilance.fr/vulnerability/Exim-code-execution-29463 https://www.exploitalert.com/view-details.html?id=33319

Impacted products

Name
Exim Exim >=4.87，<=4.91

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10149",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149"
    }
  },
  "description": "Exim\u662f\u4e00\u4e2a\u8fd0\u884c\u4e8eUnix\u7cfb\u7edf\u4e2d\u7684\u5f00\u6e90\u6d88\u606f\u4f20\u9001\u4ee3\u7406\uff08MTA\uff09\uff0c\u5b83\u4e3b\u8981\u8d1f\u8d23\u90ae\u4ef6\u7684\u8def\u7531\u3001\u8f6c\u53d1\u548c\u6295\u9012\u3002\n\nExim\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6Exim\u670d\u52a1\u5668\u63a7\u5236\u6743\u3002",
  "discovererName": "Pedro Sampaio",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://exim.org/static/doc/security/CVE-2019-10149.txt",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-16594",
  "openTime": "2019-06-06",
  "patchDescription": "Exim\u662f\u4e00\u4e2a\u8fd0\u884c\u4e8eUnix\u7cfb\u7edf\u4e2d\u7684\u5f00\u6e90\u6d88\u606f\u4f20\u9001\u4ee3\u7406\uff08MTA\uff09\uff0c\u5b83\u4e3b\u8981\u8d1f\u8d23\u90ae\u4ef6\u7684\u8def\u7531\u3001\u8f6c\u53d1\u548c\u6295\u9012\u3002\r\n\r\nExim\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6Exim\u670d\u52a1\u5668\u63a7\u5236\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Exim\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Exim Exim \u003e=4.87\uff0c\u003c=4.91"
  },
  "referenceLink": "https://vigilance.fr/vulnerability/Exim-code-execution-29463\r\nhttps://www.exploitalert.com/view-details.html?id=33319",
  "serverity": "\u9ad8",
  "submitTime": "2019-06-04",
  "title": "Exim\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CNVD-2020-59206

Vulnerability from cnvd - Published: 2020-10-28

Title

Exim输入验证错误漏洞

Description

Exim是一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。 Exim 4.87版本至4.91版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。目前没有详细漏洞细节提供。

Severity

高

Patch Name

Exim输入验证错误漏洞的补丁

Patch Description

Exim是一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。 Exim 4.87版本至4.91版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。目前没有详细漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://exim.org/static/doc/security/CVE-2019-10149.txt

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-10149

Impacted products

Name
Exim Exim >=4.87，<=4.91

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "108679"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10149"
    }
  },
  "description": "Exim\u662f\u4e00\u4e2a\u8fd0\u884c\u4e8eUnix\u7cfb\u7edf\u4e2d\u7684\u5f00\u6e90\u6d88\u606f\u4f20\u9001\u4ee3\u7406\uff08MTA\uff09\uff0c\u5b83\u4e3b\u8981\u8d1f\u8d23\u90ae\u4ef6\u7684\u8def\u7531\u3001\u8f6c\u53d1\u548c\u6295\u9012\u3002\n\nExim 4.87\u7248\u672c\u81f34.91\u7248\u672c\u4e2d\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://exim.org/static/doc/security/CVE-2019-10149.txt",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-59206",
  "openTime": "2020-10-28",
  "patchDescription": "Exim\u662f\u4e00\u4e2a\u8fd0\u884c\u4e8eUnix\u7cfb\u7edf\u4e2d\u7684\u5f00\u6e90\u6d88\u606f\u4f20\u9001\u4ee3\u7406\uff08MTA\uff09\uff0c\u5b83\u4e3b\u8981\u8d1f\u8d23\u90ae\u4ef6\u7684\u8def\u7531\u3001\u8f6c\u53d1\u548c\u6295\u9012\u3002\r\n\r\nExim 4.87\u7248\u672c\u81f34.91\u7248\u672c\u4e2d\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Exim\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Exim Exim \u003e=4.87\uff0c\u003c=4.91"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-10149",
  "serverity": "\u9ad8",
  "submitTime": "2020-10-28",
  "title": "Exim\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

FKIE_CVE-2019-10149

Vulnerability from fkie_nvd - Published: 2019-06-05 14:29 - Updated: 2025-11-06 14:49

CISA KEV

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html	Exploit, Third Party Advisory, VDB Entry
secalert@redhat.com	http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
secalert@redhat.com	http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
secalert@redhat.com	http://seclists.org/fulldisclosure/2019/Jun/16	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/06/05/2	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/06/05/3	Mailing List, Patch, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/06/05/4	Exploit, Mailing List
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/06/06/1	Exploit, Mailing List, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/07/25/6	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/07/25/7	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2019/07/26/4	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2021/05/04/7	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/108679	Broken Link, Third Party Advisory, VDB Entry
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149	Issue Tracking, Third Party Advisory
secalert@redhat.com	https://seclists.org/bugtraq/2019/Jun/5	Mailing List, Third Party Advisory
secalert@redhat.com	https://security.gentoo.org/glsa/201906-01	Third Party Advisory
secalert@redhat.com	https://usn.ubuntu.com/4010-1/	Third Party Advisory
secalert@redhat.com	https://www.debian.org/security/2019/dsa-4456	Third Party Advisory
secalert@redhat.com	https://www.exim.org/static/doc/security/CVE-2019-10149.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Jun/16	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/06/05/2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/06/05/3	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/06/05/4	Exploit, Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/06/06/1	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/07/25/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/07/25/7	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/07/26/4	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2021/05/04/7	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108679	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/Jun/5	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201906-01	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4010-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2019/dsa-4456	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exim.org/static/doc/security/CVE-2019-10149.txt	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149	US Government Resource

Impacted products

Vendor	Product	Version
exim	exim	*
canonical	ubuntu_linux	18.04
canonical	ubuntu_linux	18.10
debian	debian_linux	9.0

JSON

To clipboard

{
  "cisaActionDue": "2022-07-10",
  "cisaExploitAdd": "2022-01-10",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Exim Mail Transfer Agent (MTA) Improper Input Validation",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC82DBB1-F6AA-445B-9D2C-12393656A5D4",
              "versionEndIncluding": "4.91",
              "versionStartIncluding": "4.87",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution."
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 un defecto Exim versiones  4.87 a  la 4.91 (incluida). Una validaci\u00f3n incorrecta de la direcci\u00f3n del recipiente en la funci\u00f3n deliver_message() en  /src/deliver.c puede llevar a ejecutar comandos remotos"
    }
  ],
  "id": "CVE-2019-10149",
  "lastModified": "2025-11-06T14:49:48.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 6.0,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-05T14:29:11.293",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108679"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Jun/5"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201906-01"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4010-1/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4456"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Jun/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201906-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4010-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-5R7W-XVRP-RG22

Vulnerability from github – Published: 2022-05-24 16:47 – Updated: 2025-10-22 00:31

Details

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-10149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-06-05T14:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.",
  "id": "GHSA-5r7w-xvrp-rg22",
  "modified": "2025-10-22T00:31:41Z",
  "published": "2022-05-24T16:47:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10149"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Jun/5"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201906-01"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4010-1"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-10149"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4456"
    },
    {
      "type": "WEB",
      "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108679"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2019-10149

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Aliases

CVE-2019-10149

Aliases

CVE-2019-10149

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-10149",
    "description": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.",
    "id": "GSD-2019-10149",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-10149.html",
      "https://www.debian.org/security/2019/dsa-4456",
      "https://ubuntu.com/security/CVE-2019-10149",
      "https://security.archlinux.org/CVE-2019-10149",
      "https://alas.aws.amazon.com/cve/html/CVE-2019-10149.html",
      "https://packetstormsecurity.com/files/cve/CVE-2019-10149"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-10149"
      ],
      "details": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.",
      "id": "GSD-2019-10149",
      "modified": "2023-12-13T01:23:57.363221Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2019-10149",
      "dateAdded": "2022-01-10",
      "dueDate": "2022-07-10",
      "product": "Mail Transfer Agent (MTA)",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.",
      "vendorProject": "Exim",
      "vulnerabilityName": "Exim Mail Transfer Agent (MTA) Improper Input Validation"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2019-10149",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "exim",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "4.92"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "exim"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution."
          }
        ]
      },
      "impact": {
        "cvss": [
          [
            {
              "vectorString": "9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.0"
            }
          ]
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-78"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
          },
          {
            "name": "USN-4010-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/4010-1/"
          },
          {
            "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
          },
          {
            "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
          },
          {
            "name": "DSA-4456",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2019/dsa-4456"
          },
          {
            "name": "20190605 [SECURITY] [DSA 4456-1] exim4 security update",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/Jun/5"
          },
          {
            "name": "GLSA-201906-01",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201906-01"
          },
          {
            "name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
          },
          {
            "name": "108679",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/108679"
          },
          {
            "name": "openSUSE-SU-2019:1524",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
          },
          {
            "name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
          },
          {
            "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
          },
          {
            "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
          },
          {
            "name": "[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
          },
          {
            "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
          },
          {
            "name": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt",
            "refsource": "CONFIRM",
            "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
          },
          {
            "name": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.91",
                "versionStartIncluding": "4.87",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10149"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"
            },
            {
              "name": "USN-4010-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://usn.ubuntu.com/4010-1/"
            },
            {
              "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3"
            },
            {
              "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2"
            },
            {
              "name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Mailing List"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
            },
            {
              "name": "DSA-4456",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2019/dsa-4456"
            },
            {
              "name": "20190605 [SECURITY] [DSA 4456-1] exim4 security update",
              "refsource": "BUGTRAQ",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://seclists.org/bugtraq/2019/Jun/5"
            },
            {
              "name": "GLSA-201906-01",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/201906-01"
            },
            {
              "name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
            },
            {
              "name": "108679",
              "refsource": "BID",
              "tags": [
                "Broken Link",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/108679"
            },
            {
              "name": "openSUSE-SU-2019:1524",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
            },
            {
              "name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
              "refsource": "FULLDISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2019/Jun/16"
            },
            {
              "name": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"
            },
            {
              "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6"
            },
            {
              "name": "[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7"
            },
            {
              "name": "[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4"
            },
            {
              "name": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"
            },
            {
              "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-11-07T19:12Z",
      "publishedDate": "2019-06-05T14:29Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-10149 (GCVE-0-2019-10149)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature