Lucene search

[email protected]CVE-2001-0690

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0690

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0690

exim

format string vulnerability

remote code execution

smtp

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.196 Low

EPSS

Percentile

96.3%

JSON

Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.

Affected configurations

NVD

Node

university_of_cambridgeeximRange≤3.22

conectivalinux

Node

debiandebian_linuxMatch4.0

redhatlinux

CPENameOperatorVersion
university_of_cambridge:eximuniversity of cambridge eximle3.22
conectiva:linuxconectiva linuxeq*

CPE	Name	Operator	Version
university_of_cambridge:exim	university of cambridge exim	le	3.22
conectiva:linux	conectiva linux	eq	*

References

archives.neohapsis.com/archives/bugtraq/2001-06/0041.html

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000402

www.debian.org/security/2001/dsa-058

www.redhat.com/support/errata/RHSA-2001-078.html

www.securityfocus.com/bid/2828

exchange.xforce.ibmcloud.com/vulnerabilities/6671

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.196 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2001-0690

cvelist1 nessus1 nvd1 openvas2