---

CVE-2020-28024 - log back

CVE-2020-28024 edited at 06 May 2021 17:29:14
Severity	- Medium + High
Type	- Arbitrary code execution + Arbitrary command execution
Description	- A heap buffer underflow in smtp_ungetc() has been found in Exim before version 4.94.2. If exploitable, it would allow an unauthenticated remote attacker to execute arbitrary commands as the "exim" user (if TLS and either TLS-on-connect or X_PIPE_CONNECT are enabled). + Exim 4 before 4.94.2 allows buffer underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.

CVE-2020-28024 edited at 04 May 2021 14:49:56
Description	- A heap buffer underflow in smtp_ungetc() has been found in Exim before version 4.94.2. + A heap buffer underflow in smtp_ungetc() has been found in Exim before version 4.94.2. If exploitable, it would allow an unauthenticated remote attacker to execute arbitrary commands as the "exim" user (if TLS and either TLS-on-connect or X_PIPE_CONNECT are enabled).
References	https://www.openwall.com/lists/oss-security/2021/05/04/6 https://www.qualys.com/2021/05/04/21nails/21nails.txt + https://git.exim.org/exim.git/commitdiff/638f7ca75694bcbb70cfbe7db2ef52af4aca5c83
Notes

CVE-2020-28024 edited at 04 May 2021 14:05:48
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A heap buffer underflow in smtp_ungetc() has been found in Exim before version 4.94.2.
References	+ https://www.openwall.com/lists/oss-security/2021/05/04/6 + https://www.qualys.com/2021/05/04/21nails/21nails.txt

CVE-2020-28024 created at 04 May 2021 13:46:53