CVE-2020-12783

Published: May 11, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.exim.org/show_bug.cgi?id=2571

x_refsource_CONFIRM

https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86

x_refsource_CONFIRM

https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0

x_refsource_CONFIRM

DSA-4687

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20200518 [SECURITY] [DLA 2213-1] exim4 security update

mailing-list

x_refsource_MLIST

USN-4366-1

vendor-advisory

x_refsource_UBUNTU

FEDORA-2020-93d7305d71

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-2e084c987d

vendor-advisory

x_refsource_FEDORA

[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-12783

Description

Affected Products

References