Vulnerability CVE-2022-37452

Vulnerability Name:

CVE-2022-37452 (CCN-233012)

Assigned:

2021-08-06

Published:

2021-08-06

Updated:

2022-10-28

Summary:

Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-787

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2022-37452

Source: XF
Type: UNKNOWN
exim-cve202237452-bo(233012)

Source: CCN
Type: Exim GIT Repository
Fix host_name_lookup (Close 2747)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743

Source: MISC
Type: Patch, Release Notes, Third Party Advisory
https://github.com/Exim/exim/compare/exim-4.94...exim-4.95

Source: MISC
Type: Release Notes, Third Party Advisory
https://github.com/Exim/exim/wiki/EximSecurity

Source: MISC
Type: Exploit, Patch, Third Party Advisory
https://github.com/ivd38/exim_overflow

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20220827 [SECURITY] [DLA 3082-1] exim4 security update

Source: CCN
Type: Exim Web site
Exim

Source: MISC
Type: Vendor Advisory
https://www.exim.org/static/doc/security/

Source: CCN
Type: oss-sec Mailing List, Sat, 6 Aug 2022 22:46:42 +0300
Exim < 4.95 heap overflow

Source: MISC
Type: Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/08/06/8

Vulnerable Configuration:

Configuration 1:

cpe:/a:exim:exim:*:*:*:*:*:*:*:* (Version < 4.95)

Configuration 2:

cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK