CVE-2010-4344

KEV

Published: Dic 14, 2010 Last Modified: Ott 22, 2025

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

HIGH 9,3

Source: [email protected]

Access Vector: network

Access Complexity: medium

Authentication: none

Confidentiality: complete

Integrity: complete

Availability: complete

Description

AI Translation Available

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,6146

Percentile

1,0th

Updated

EPSS Score Trend (Last 91 Days)

787

Out-of-bounds Write

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Other

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State

Applicable Platforms

Languages: Assembly, C, C++, Memory-Unsafe

Technologies: ICS/OT

Likelihood of Exploit: High

View CWE Details

Exploit

Exim 4.63 - Remote Command Execution

Verified

Exim 4.63 - Remote Command Execution

Author: kingcope Published: Status: Verified

View Exploit Code →

Exploit

Exim4 < 4.69 - string_format Function Heap Buffer …

Verified Metasploit Framework (MSF)

Exim4 < 4.69 - string_format Function Heap Buffer Overflow (Metasploit)

Author: Metasploit Published: Status: Verified

View Exploit Code →

Operating System

Ubuntu Linux by Canonical

Product Information

Vendor Canonical

Product Ubuntu Linux

Version 6.06

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Opensuse by Opensuse

Product Information

Vendor Opensuse

Product Opensuse

Version 11.3

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Ubuntu Linux by Canonical

Product Information

Vendor Canonical

Product Ubuntu Linux

Version 8.04

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Exim by Exim

Product Information

Vendor Exim

Product Exim

Version Range Affected

To 4.70 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Debian Linux by Debian

Product Information

Vendor Debian

Product Debian Linux

Version 5.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Opensuse by Opensuse

Product Information

Vendor Opensuse

Product Opensuse

Version 11.2

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Ubuntu Linux by Canonical

Product Information

Vendor Canonical

Product Ubuntu Linux

Version 9.10

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Opensuse by Opensuse

Product Information

Vendor Opensuse

Product Opensuse

Version 11.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.cisa.gov/known-exploited-vulnerabilities-catalo…

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010…

ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70

http://atmail.com/blog/2010/atmail-6204-now-available/

http://bugs.exim.org/show_bug.cgi?id=787

http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c4…

http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b

http://lists.exim.org/lurker/message/20101210.164935.385e04…

http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html

http://lists.opensuse.org/opensuse-security-announce/2010-1…

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html

http://openwall.com/lists/oss-security/2010/12/10/1

https://bugzilla.redhat.com/show_bug.cgi?id=661756

http://secunia.com/advisories/40019

http://secunia.com/advisories/42576

http://secunia.com/advisories/42586

http://secunia.com/advisories/42587

http://secunia.com/advisories/42589

http://www.cpanel.net/2010/12/exim-remote-memory-corruption…

http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notif…

http://www.debian.org/security/2010/dsa-2131

http://www.exim.org/lurker/message/20101207.215955.bb32d4f2…

http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html

http://www.kb.cert.org/vuls/id/682457

http://www.metasploit.com/modules/exploit/unix/smtp/exim4_s…

http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format

http://www.openwall.com/lists/oss-security/2021/05/04/7

http://www.osvdb.org/69685

http://www.redhat.com/support/errata/RHSA-2010-0970.html

http://www.securityfocus.com/archive/1/515172/100/0/threaded

http://www.securityfocus.com/bid/45308

http://www.securitytracker.com/id?1024858

http://www.theregister.co.uk/2010/12/11/exim_code_execution…

http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/

http://www.ubuntu.com/usn/USN-1032-1

http://www.vupen.com/english/advisories/2010/3171

http://www.vupen.com/english/advisories/2010/3172

http://www.vupen.com/english/advisories/2010/3181

http://www.vupen.com/english/advisories/2010/3186

http://www.vupen.com/english/advisories/2010/3204

http://www.vupen.com/english/advisories/2010/3246

http://www.vupen.com/english/advisories/2010/3317

ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70

http://atmail.com/blog/2010/atmail-6204-now-available/

http://bugs.exim.org/show_bug.cgi?id=787

http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c4…

http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b

http://lists.exim.org/lurker/message/20101210.164935.385e04…

http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html

http://lists.opensuse.org/opensuse-security-announce/2010-1…

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html

http://openwall.com/lists/oss-security/2010/12/10/1

https://bugzilla.redhat.com/show_bug.cgi?id=661756

http://secunia.com/advisories/40019

http://secunia.com/advisories/42576

http://secunia.com/advisories/42586

http://secunia.com/advisories/42587

http://secunia.com/advisories/42589

http://www.cpanel.net/2010/12/exim-remote-memory-corruption…

http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notif…

http://www.debian.org/security/2010/dsa-2131

http://www.exim.org/lurker/message/20101207.215955.bb32d4f2…

http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html

http://www.kb.cert.org/vuls/id/682457

http://www.metasploit.com/modules/exploit/unix/smtp/exim4_s…

http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format

http://www.openwall.com/lists/oss-security/2021/05/04/7

http://www.osvdb.org/69685

http://www.redhat.com/support/errata/RHSA-2010-0970.html

http://www.securityfocus.com/archive/1/515172/100/0/threaded

http://www.securityfocus.com/bid/45308

http://www.securitytracker.com/id?1024858

http://www.theregister.co.uk/2010/12/11/exim_code_execution…

http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/

http://www.ubuntu.com/usn/USN-1032-1

http://www.vupen.com/english/advisories/2010/3171

http://www.vupen.com/english/advisories/2010/3172

http://www.vupen.com/english/advisories/2010/3181

http://www.vupen.com/english/advisories/2010/3186

http://www.vupen.com/english/advisories/2010/3204

http://www.vupen.com/english/advisories/2010/3246

http://www.vupen.com/english/advisories/2010/3317

CVE-2010-4344

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 91 Days)

Out-of-bounds Write

Common Consequences

Applicable Platforms

Exim 4.63 - Remote Command Execution

Exim4 < 4.69 - string_format Function Heap Buffer …

Ubuntu Linux by Canonical

Product Information

Opensuse by Opensuse

Product Information

Ubuntu Linux by Canonical

Product Information

Exim by Exim

Product Information

Debian Linux by Debian

Product Information

Opensuse by Opensuse

Product Information

Ubuntu Linux by Canonical

Product Information

Opensuse by Opensuse

Product Information

Iscriviti alla newsletter