PT-2020-6046 · Exim+3 · Exim+3

Published

2020-10-20

Updated

2024-06-15

CVE-2020-28020

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.92

Description The issue is related to an integer overflow to buffer overflow, where an unauthenticated remote attacker can execute arbitrary code. This is due to the mishandling of continuation lines during header-length restriction. The vulnerable function is receive msg(), which is part of the Exim message relay agent.

Recommendations For versions prior to 4.92, update to version 4.92 or later to resolve the issue. As a temporary workaround, consider restricting access to the receive msg() function until a patch is available.

Exploit

Fix

Integer Overflow

Argument Injection

Integer Underflow

Out of bounds Read

Buffer Overflow

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-88CWE-191CWE-125CWE-119CWE-20

Related Identifiers

BDU:2021-02761

BDU:2021-02763

BDU:2021-02764

BDU:2021-02767

BDU:2021-02769

CVE-2020-28020

DLA-2650-1

OPENSUSE-SU-2021:0677-1

OPENSUSE-SU-2021:0753-1

OPENSUSE-SU-2021:0754-1

OPENSUSE-SU-2021_0677-1

OPENSUSE-SU-2024:10746-1

USN-4934-1

USN-4934-2

Affected Products

Exim

Linuxmint

Suse

Ubuntu

PT-2020-6046 · Exim+3 · Exim+3

CVE-2020-28020

Weakness Enumeration

Related Identifiers

Affected Products

References · 127