Vulnerability detail
Enriched intelligence for a single CVE
Critical
CVE-2019-10149
PUBLISHEDA flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in...
- Vendor
- exim
- Product
- exim
- Published
- Jun 05, 2019
- EPSS
- —
Description
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
CVSS scores
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Exploitation status
Exploited in the wild
Recorded 2022-01-10 00:00:00 UTC · Source
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
References
- http://www.openwall.com/lists/oss-security/2019/06/05/2
- https://usn.ubuntu.com/4010-1/
- http://www.openwall.com/lists/oss-security/2019/06/05/3
- http://www.openwall.com/lists/oss-security/2019/06/05/4
- https://www.debian.org/security/2019/dsa-4456
- https://seclists.org/bugtraq/2019/Jun/5
- https://security.gentoo.org/glsa/201906-01
- http://www.openwall.com/lists/oss-security/2019/06/06/1
- http://www.securityfocus.com/bid/108679
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html
- http://seclists.org/fulldisclosure/2019/Jun/16
- http://www.openwall.com/lists/oss-security/2019/07/25/6
- http://www.openwall.com/lists/oss-security/2019/07/25/7
- http://www.openwall.com/lists/oss-security/2019/07/26/4
- http://www.openwall.com/lists/oss-security/2021/05/04/7
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149
- https://www.exim.org/static/doc/security/CVE-2019-10149.txt
- http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Jan 10, 2022 |
| CISA | Jan 10, 2022 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb | Apr 28, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2024-09-06 16:21:17 UTC · 0 stars
test POC for CVE-2019-10149
github · Created 2020-05-12 15:11:54 UTC · 0 stars
SNP Assignment on a Linux vulnerability
github · Created 2019-10-27 01:03:11 UTC · 16 stars
CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
github · Created 2019-10-21 08:13:27 UTC · 4 stars
Instructions for installing a vulnerable version of Exim and its expluatation
github · Created 2019-06-27 01:34:41 UTC · 9 stars
CVE-2019-10149 privilege escalation
github · Created 2019-06-14 14:02:43 UTC · 1 stars
Simple Bash shell quick fix CVE-2019-10149
github · Created 2019-06-13 23:21:53 UTC · 14 stars
PoC for CVE-2019-10149, this vulnerability could be xploited betwen 4-87 to 4.91 version of Exim server.
github · Created 2019-06-12 03:47:16 UTC · 13 stars
simple python socket connection to test if exim is vulnerable to CVE-2019-10149. The payload simply touch a file in /tmp/eximrce.
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Added to KEVIntel
-
Detected by Metasploit