Strike ID:
E19-7mv91
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
3
Year:
2019

Description

A remote command execution exists in Exim versions 4.87 to 4.91, due to lack of user input sanitization when processing RCPT TO and MAIL FROM commands. Successful attack results in remote command execution with root privileges.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}