| VID |
18126 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
According to its banner, the version of Exim running on the remote host is prior to 4.94.2. It is, therefore, potentially affected by multiple vulnerabilities that can lead to remote code execution.
* Note: This check solely relied on the banner of the remote SMTP server to assess this vulnerability, so this might be a false positive.
* References:
https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server
https://www.qualys.com/2021/05/04/21nails/21nails.txt
https://www.exim.org/static/doc/security/CVE-2020-qualys/
* Platforms Affected:
Cambridge University, Exim versions prior to 4.94.2
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest exim package (4.94.2 or later), available from the Exim Internet Mailer Web site at http://www.exim.org/ |
| Related URL |
CVE-2020-28007,CVE-2020-28008,CVE-2020-28009,CVE-2020-28010,CVE-2020-28011,CVE-2020-28012,CVE-2020-28013,CVE-2020-28014,CVE-2020-28015 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
