Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

Gentoo FoundationGLSA-201401-32

HistoryJan 27, 2014 - 12:00 a.m.

Exim: Multiple vulnerabilities

2014-01-2700:00:00

Gentoo Foundation

security.gentoo.org

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.931 High

EPSS

Percentile

99.0%

JSON

Background

Exim is a highly configurable, drop-in replacement for sendmail.

Description

Multiple vulnerabilities have been discovered in Exim. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could possibly execute arbitrary code with root privileges, or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Exim users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=mail-mta/exim-4.80.1"

OSVersionArchitecturePackageVersionFilename
Gentooanyallmail-mta/exim< 4.80.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	mail-mta/exim	< 4.80.1	UNKNOWN

nessus 48

openvas 56

securityvulns 8

fedora 9

suse 2

ubuntu 5

freebsd 4

debian 12

osv 5

packetstorm 2

ubuntucve 6

nmap 1

checkpoint_advisories 3

prion 6

debiancve 6

altlinux 2

cve 6

centos 2

oraclelinux 2

attackerkb 2

canvas 1

veracode 2

redhat 2

cert 2

cisa_kev 2

thn 1

seebug 1

metasploit 1

nessus

GLSA-201401-32 : Exim: Multiple vulnerabilities

2014-01-28 00:00:00

openSUSE Security Update : exim (openSUSE-SU-2012:1404-1)

2014-06-13 00:00:00

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : exim4 vulnerabilities (USN-1060-1)

2011-02-11 00:00:00

openvas

Gentoo Security Advisory GLSA 201401-32

2015-09-29 00:00:00

Fedora Update for exim FEDORA-2011-7059

2011-05-23 00:00:00

Fedora Update for exim FEDORA-2011-7059

2011-05-23 00:00:00

securityvulns

Exim memory corruption and remote code execution

2011-02-03 00:00:00

Exim security issue in historical release

2010-12-13 00:00:00

[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution

2010-12-12 00:00:00

fedora

[SECURITY] Fedora 13 Update: exim-4.76-1.fc13

2011-05-17 20:57:49

[SECURITY] Fedora 14 Update: exim-4.76-1.fc14

2011-05-17 20:56:10

[SECURITY] Fedora 15 Update: exim-4.76-2.fc15

2011-05-19 04:32:04

suse

exim: overflow in DKIM handling fixed (critical)

2012-10-27 19:08:36

remote code execution in exim

2010-12-13 10:39:26

ubuntu

Exim vulnerabilities

2011-02-10 00:00:00

Exim vulnerability

2012-10-26 00:00:00

Exim vulnerability

2011-05-10 00:00:00

freebsd

Exim -- remote code execution and information disclosure

2011-05-10 00:00:00

Exim -- remote code execution

2012-10-25 00:00:00

exim -- local privilege escalation

2011-01-31 00:00:00

debian

[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution

2010-12-10 15:13:43

[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution

2010-12-10 15:13:43

[SECURITY] [DSA-2154-1] exim4 security update

2011-01-30 10:41:58

osv

exim4 - remote code execution

2010-12-10 00:00:00

exim4 - privilege escalation

2011-01-30 00:00:00

exim4 - heap overflow

2012-10-25 00:00:00

packetstorm

Exim4 <= 4.69 string_format Function Heap Buffer Overflow

2010-12-11 00:00:00

Exim 4.63 Remote Root Exploit

2010-12-11 00:00:00

ubuntucve

CVE-2011-0017

2011-02-01 00:00:00

CVE-2012-5671

2012-10-26 00:00:00

CVE-2011-1764

2011-05-10 00:00:00

nmap

smtp-vuln-cve2010-4344 NSE Script

2011-06-24 15:37:53

checkpoint_advisories

Exim DKIM DNS Decoding Buffer Overflow (CVE-2012-5671)

2012-12-16 00:00:00

Exim MTA string_format Remote Code Execution (CVE-2010-4344)

2010-12-22 00:00:00

Exim Remote Code Execution (CVE-2010-4345)

2022-05-02 00:00:00

prion

Heap overflow

2012-10-31 16:55:00

Format string

2011-10-05 02:56:00

Heap overflow

2010-12-14 16:00:00

debiancve

CVE-2012-5671

2012-10-31 16:55:00

CVE-2011-1764

2011-10-05 02:56:00

CVE-2011-1407

2011-05-16 18:55:00

altlinux

Security fix for the ALT Linux 7 package exim version 4.76-alt3

2013-03-19 00:00:00

Security fix for the ALT Linux 5 package exim version 4.76-alt0.M50P.1

2011-05-16 00:00:00

cve

CVE-2012-5671

2012-10-31 16:55:00

CVE-2011-1764

2011-10-05 02:56:00

CVE-2011-1407

2011-05-16 18:55:00

centos

exim security update

2011-01-27 09:07:54

exim security update

2011-01-27 09:23:09

oraclelinux

exim security update

2010-12-10 00:00:00

exim security update

2011-01-17 00:00:00

attackerkb

CVE-2010-4344

2010-12-14 00:00:00

CVE-2010-4345

2010-12-14 00:00:00

canvas

Immunity Canvas: CVE_2010_4344

2010-12-14 16:00:00

veracode

Arbitrary Code Execution

2020-04-10 00:56:02

Privilege Escalation

2020-04-10 00:53:13

redhat

(RHSA-2010:0970) Critical: exim security update

2010-12-10 00:00:00

(RHSA-2011:0153) Moderate: exim security update

2011-01-17 00:00:00

cert

Exim string_format() buffer overflow

2010-12-13 00:00:00

Exim alternate configuration privilege escalation vulnerability

2010-12-13 00:00:00

cisa_kev

Exim Heap-Based Buffer Overflow Vulnerability

2022-03-25 00:00:00

Exim Privilege Escalation Vulnerability

2022-03-25 00:00:00

thn

Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6

2011-07-01 11:41:00

seebug

Exim4 <= 4.69 - string_format Function Heap Buffer Overflow

2014-07-01 00:00:00

metasploit

Exim4 string_format Function Heap Buffer Overflow

2010-12-11 10:55:24

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.931 High

EPSS

Percentile

99.0%

JSON

Related for GLSA-201401-32