CVE-2019-10149

This Metasploit module exploits CVE-2019-10149, a local privilege escalation vulnerability in Exim versions 4.87 to 4.91. It leverages improper validation in the deliver_message() function to execute commands with root privileges via a crafted RCPT TO field.

This exploit leverages CVE-2019-10149, a local privilege escalation vulnerability in Exim versions 4.87 to 4.91, by injecting a malicious recipient address to execute arbitrary commands as root. It supports two methods: creating a setuid shell or spawning a netcat reverse shell.

This is a detailed security advisory from Qualys describing CVE-2019-10149, a remote command execution vulnerability in Exim versions 4.87 to 4.91. The vulnerability allows arbitrary command execution as root via the `${run{...}}` expansion in recipient addresses, exploitable locally by default and remotely under certain configurations.

The repository contains a malicious script disguised as a fix for CVE-2019-10149 (Exim RCE). The 'malware_do_not_run.sh' script attempts to download and execute payloads from .onion domains via Tor2Web, while the 'exim_rce_fixer.sh' script pretends to patch Exim but includes suspicious cleanup routines.

The repository contains a functional exploit for CVE-2019-10149, targeting Exim versions 4.87 to 4.91. The exploit leverages improper validation in the deliver_message() function to achieve remote command execution via a crafted RCPT TO command.

This repository contains a functional Python exploit for CVE-2019-10149, a remote command execution vulnerability in Exim. The PoC leverages a crafted SMTP RCPT TO command to execute arbitrary commands as root by exploiting a flaw in Exim's string expansion logic.

This repository contains a functional exploit for CVE-2019-10149, a remote code execution vulnerability in Exim. The exploit includes a Python script for remote testing and a Bash script for local vulnerability checks, both of which attempt to create a file in /root/lweximtest to confirm exploitation.

This repository contains a functional exploit for CVE-2019-10149, a privilege escalation vulnerability in Exim. The exploit leverages a command injection flaw in the SMTP service to execute arbitrary commands as root via a crafted RCPT TO field.

This repository provides a functional exploit for CVE-2019-10149, a remote command execution vulnerability in Exim versions 4.87 to 4.91. The exploit leverages the `${run{...}}` expansion in the SMTP `rcpt to:` command to execute arbitrary shell commands.

This repository contains a functional Python exploit for CVE-2019-10149, targeting Exim versions 4.87 to 4.91. The exploit leverages a remote command execution vulnerability via a crafted RCPT TO command, delivering a reverse shell payload.

This repository provides a collection of data and references related to Exim vulnerabilities, specifically CVE-2019-10149. It includes links to exploit details, advisories, and reports but does not contain functional exploit code.

This repository contains a script to detect and log exploitation attempts of CVE-2019-10149 in Exim mail servers. It parses Exim logs for specific strings indicating exploit attempts and generates abuse reports for the attacking IPs.

This exploit leverages CVE-2019-10149, a remote command execution vulnerability in Exim (4.87-4.91), by injecting a malicious payload into the RCPT TO field during an SMTP session. The payload spawns a netcat shell on port 31415 as root, allowing the attacker to gain remote access.

This repository contains a Bash script that automates the installation of vulnerable Exim versions to exploit CVE-2019-10149, a remote command execution vulnerability in Exim mail servers. The script checks for root privileges, identifies the Linux distribution, and installs or reinstalls Exim and curl to create a vulnerable environment.

This repository contains a functional local privilege escalation exploit for CVE-2019-10149 in Exim versions 4.87 to 4.91. The exploit leverages a vulnerability in Exim's SMTP service to execute arbitrary commands as root by injecting a malicious payload into the RCPT TO field.

This repository contains a functional exploit for CVE-2019-10149, a remote command execution vulnerability in Exim. The PoC leverages the vulnerability by sending a crafted SMTP command with an encoded payload to execute arbitrary commands on the target system.

This repository contains a functional exploit for CVE-2019-10149, an RCE vulnerability in Exim versions 4.87 to 4.91. The exploit leverages a command injection flaw in the Exim SMTP service by sending a crafted RCPT TO command with a malicious payload that executes a reverse shell.

The repository contains only a minimal README with no functional exploit code or technical details. It lacks any meaningful content to demonstrate or analyze the vulnerability.

This repository provides a functional exploit for CVE-2019-10149, a remote command execution vulnerability in Exim versions 4.87 to 4.91. The exploit leverages the `${run{...}}` expansion in the SMTP `rcpt to:` command to execute arbitrary shell commands, demonstrated by downloading and executing a reverse shell script.

The repository contains only a README with a placeholder image and no functional exploit code or technical details. It appears to be a setup guide for educational purposes but lacks substance.

The repository contains only a minimal README with no exploit code or technical details. It appears to be a placeholder for an assignment on CVE-2019-10149.

This Python script exploits CVE-2019-10149, a remote command execution vulnerability in Exim versions 4.87-4.91. It sends a crafted email with a malicious payload in the RCPT TO field, which spawns a netcat shell on port 31415 as root.

This repository contains functional exploit code for CVE-2019-10149, a local privilege escalation vulnerability in Exim. The exploit leverages the 'Return of the WIZard' bug to gain root access.

This Metasploit module exploits CVE-2019-10149, a local privilege escalation vulnerability in Exim versions 4.87 to 4.91. It leverages improper validation in the deliver_message() function to execute commands with root privileges via a crafted RCPT TO field.