Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.
{ "vanir_signatures": [ { "target": { "file": "src/src/smtp_in.c", "function": "bdat_ungetc" }, "digest": { "function_hash": "85807556721849417698167290800033609961", "length": 86.0 }, "signature_type": "Function", "source": "https://github.com/exim/exim/commit/919111edac911ba9c15422eafd7c5bf14d416d26", "deprecated": false, "id": "CVE-2020-28011-a5b97121", "signature_version": "v1" }, { "target": { "file": "src/src/smtp_in.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "2970847905863908930961351479348962244", "259127508678304675853565838131490768076", "16856440449629165604374376294870505588", "21031574626938302228709321949938569854", "66694532801356984293692391694813765468", "228435147706632689035739186300622821874", "137018139142916213668559470023354199721", "262955889687131153967951266340364206508", "122233694988885115887188843215612136724", "55546132595750780137850156557040648213", "178043897109541241882122479475000937559", "311496951671523793228361465075141960070" ] }, "signature_type": "Line", "source": "https://github.com/exim/exim/commit/919111edac911ba9c15422eafd7c5bf14d416d26", "deprecated": false, "id": "CVE-2020-28011-f33c15e3", "signature_version": "v1" } ] }