CVE-2022-37452 - OpenCVE

Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Exim	Exim

Configuration 1 [-]

cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743	Patch Third Party Advisory
https://github.com/Exim/exim/compare/exim-4.94...exim-4.95	Patch Release Notes Third Party Advisory
https://github.com/Exim/exim/wiki/EximSecurity	Release Notes Third Party Advisory
https://github.com/ivd38/exim_overflow	Exploit Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/08/msg00014.html	Mailing List Third Party Advisory
https://www.exim.org/static/doc/security/	Vendor Advisory
https://www.openwall.com/lists/oss-security/2022/08/06/8	Mailing List Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-07T17:06:55

Updated: 2022-08-27T18:06:15

Reserved: 2022-08-07T00:00:00

Link: CVE-2022-37452

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-07T18:15:08.343

Modified: 2022-10-28T12:52:47.180

Link: CVE-2022-37452

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-27T18:06:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/Exim/exim/wiki/EximSecurity"}, {"tags": ["x_refsource_MISC"], "url": "https://www.exim.org/static/doc/security/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/ivd38/exim_overflow"}, {"tags": ["x_refsource_MISC"], "url": "https://www.openwall.com/lists/oss-security/2022/08/06/8"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/Exim/exim/compare/exim-4.94...exim-4.95"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743"}, {"name": "[debian-lts-announce] 20220827 [SECURITY] [DLA 3082-1] exim4 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00014.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-37452", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/Exim/exim/wiki/EximSecurity", "refsource": "MISC", "url": "https://github.com/Exim/exim/wiki/EximSecurity"}, {"name": "https://www.exim.org/static/doc/security/", "refsource": "MISC", "url": "https://www.exim.org/static/doc/security/"}, {"name": "https://github.com/ivd38/exim_overflow", "refsource": "MISC", "url": "https://github.com/ivd38/exim_overflow"}, {"name": "https://www.openwall.com/lists/oss-security/2022/08/06/8", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2022/08/06/8"}, {"name": "https://github.com/Exim/exim/compare/exim-4.94...exim-4.95", "refsource": "MISC", "url": "https://github.com/Exim/exim/compare/exim-4.94...exim-4.95"}, {"name": "https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743", "refsource": "MISC", "url": "https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743"}, {"name": "[debian-lts-announce] 20220827 [SECURITY] [DLA 3082-1] exim4 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00014.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37452", "datePublished": "2022-08-07T17:06:55", "dateReserved": "2022-08-07T00:00:00", "dateUpdated": "2022-08-27T18:06:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "matchCriteriaId": "58E69558-B96C-4F4F-B8E1-15F3CA8443CA", "versionEndExcluding": "4.95", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set."}, {"lang": "es", "value": "Exim versiones anteriores a 4.95, presenta un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria para la lista de alias en la funci\u00f3n host_name_lookup en el archivo host.c cuando sender_host_name est\u00e1 establecido"}], "id": "CVE-2022-37452", "lastModified": "2022-10-28T12:52:47.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-07T18:15:08.343", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743"}, {"source": "cve@mitre.org", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://github.com/Exim/exim/compare/exim-4.94...exim-4.95"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/Exim/exim/wiki/EximSecurity"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/ivd38/exim_overflow"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00014.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.exim.org/static/doc/security/"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2022/08/06/8"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}