Intrusion Prevention

Exim.SMTP.Server.BDAT.Command.Memory.Corruption

Description

This indicates an attack attempt to exploit a Memory Corruption Vulnerability in Exim SMTP server.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted message. A remote attacker may be able to exploit this to execute arbitrary code within the context of the system.

Affected Products

Exim 4 version 4.94.1 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2022-11-08	22.435	Modified	Default_action:pass:drop
2022-10-10	22.410	New

References

https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt

ID	52106
Created	Sep 14, 2022
Updated	Nov 07, 2022
CVE ID
Risk
Exploit Prediction Score	1.68%
Default Action	drop
Active
Affected OS	Linux, BSD, MacOS
Affected App	Other
Profile Type	Buffer Errors

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Exim.SMTP.Server.BDAT.Command.Memory.Corruption

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Exim.SMTP.Server.BDAT.Command.Memory.Corruption

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

References

Threat Intelligence
Center