Vulnerabilities > CVE-2020-28026 - Unspecified vulnerability in Exim

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

exim

critical

NVD

Published: 2021-05-06

Updated: 2022-07-12

Summary

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.

Vulnerable Configurations

Part	Description	Count
Application	Exim Exim Exim 4.00 Exim Exim 4.01 Exim Exim 4.02 Exim Exim 4.03 Exim Exim 4.04 Exim Exim 4.05 Exim Exim 4.10 Exim Exim 4.11 Exim Exim 4.12 Exim Exim 4.14 Exim Exim 4.20 Exim Exim 4.21 Exim Exim 4.22 Exim Exim 4.23 Exim Exim 4.24 Exim Exim 4.30 Exim Exim 4.31 Exim Exim 4.32 Exim Exim 4.33 Exim Exim 4.34 Exim Exim 4.40 Exim Exim 4.41 Exim Exim 4.42 Exim Exim 4.43 Exim Exim 4.44 Exim Exim 4.50 Exim Exim 4.51 Exim Exim 4.52 Exim Exim 4.53 Exim Exim 4.54 Exim Exim 4.60 Exim Exim 4.61 Exim Exim 4.62 Exim Exim 4.63 Exim Exim 4.64 Exim Exim 4.65 Exim Exim 4.66 Exim Exim 4.67 Exim Exim 4.68 Exim Exim 4.69 Exim Exim 4.70 Exim Exim 4.71 Exim Exim 4.72 Exim Exim 4.73 Exim Exim 4.74 Exim Exim 4.75 Exim Exim 4.76 Exim Exim 4.77 Exim Exim 4.80 Exim Exim 4.80.1 Exim Exim 4.82 Exim Exim 4.82.1 Exim Exim 4.84.2 Exim Exim 4.85 Exim Exim 4.85.1 Exim Exim 4.85.2 Exim Exim 4.86 Exim Exim 4.86.1 Exim Exim 4.86.2 Exim Exim 4.87 Exim Exim 4.87.1 Exim Exim 4.88 Exim Exim 4.89 Exim Exim 4.89.1 Exim Exim 4.90 Exim Exim 4.90.0.22 Exim Exim 4.90.0.27 Exim Exim 4.90.1 Exim Exim 4.91 Exim Exim 4.92 Exim Exim 4.92.1 Exim Exim 4.92.2 Exim Exim 4.93 Exim Exim 4.93.0.4 Exim Exim 4.93.0.4-3.1 Exim Exim 4.94.1	116

References

https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt