Vulnerability CVE-2014-2957 - CERT Civis.Net

Vulnerability Name:

CVE-2014-2957 (CCN-93502)

Assigned:

2014-05-28

Published:

2014-05-28

Updated:

2021-05-04

Summary:

The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2014-2957

Source: CONFIRM
Type: UNKNOWN
http://git.exim.org/exim.git/commitdiff/5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0

Source: CCN
Type: oss-security Mailing List, Wed 28 May 2014
Fwd: [exim-announce] Exim 4.82.1 Security Release

Source: CCN
Type: Exim Web site
Exim

Source: MLIST
Type: UNKNOWN
[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim

Source: CCN
Type: BID-67695
Exim 'dmarc.c' Remote Code Execution Vulnerability

Source: XF
Type: UNKNOWN
exim-cve20142957-code-exec(93502)

Source: MLIST
Type: Patch, Vendor Advisory
[exim-announce] 20140528 [exim] Exim 4.82.1 Security Release

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-2957

Vulnerable Configuration:

Configuration 1:

cpe:/a:exim:exim:4.77:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.76:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.75:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.74:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.60:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.54:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.53:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.52:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.24:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.23:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.22:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.21:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.20:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.80.1:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.72:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.70:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.65:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.63:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.61:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.51:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.44:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.32:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.30:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.12:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.10:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.01:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.69:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.68:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.67:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.66:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.42:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.41:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.40:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.34:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.05:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.04:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.03:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.02:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:*:*:*:*:*:*:*:* (Version <= 4.82)

OR cpe:/a:exim:exim:4.80:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.73:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.71:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.64:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.62:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.50:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.43:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.33:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.31:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.14:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.11:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.00:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:exim:exim:4.82:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20142957	V	CVE-2014-2957	2022-06-30
oval:org.opensuse.security:def:112206	P	exim-4.86.2-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105737	P	exim-4.86.2-2.2 on GA media (Moderate)	2021-10-01
oval:com.ubuntu.precise:def:20142957000	V	CVE-2014-2957 on Ubuntu 12.04 LTS (precise) - negligible.	2014-09-04
oval:com.ubuntu.trusty:def:20142957000	V	CVE-2014-2957 on Ubuntu 14.04 LTS (trusty) - negligible.	2014-09-04