Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20221028-01
HistoryOct 28, 2022 - 12:00 a.m.

ROS-20221028-01

2022-10-2800:00:00
redos.red-soft.ru
23
exim
mail server
vulnerability
dmarc_dns_lookup
regex handler
remote attacker
sensitive data
unix

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

80.2%

JSON

Exim mail server vulnerability is related to the dmarc_dns_lookup function of the dmarc.c file of the DMARC handler
component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a
memory freeing and gain access to sensitive data

Exim mail server vulnerability is related to a bug in the Regex Handler component handler. Exploitation
the vulnerability could allow a remote attacker to send a special request to the application
and gain access to sensitive data

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64exim< 4.96-4UNKNOWN

Related

openvas 7
fedora 5
nessus 9
suse 2
veracode 2
osv 4
cve 2
ubuntucve 2
cloudlinux 1
prion 2
cvelist 2
amazon 1
nvd 2
ubuntu 1
debiancve 2
openvas
openvas
Fedora: Security Advisory for exim (FEDORA-2022-90e08c08e6)
2022-11-11 00:00:00
Ubuntu: Security Advisory (USN-5741-1)
2022-11-25 00:00:00
Exim 4.87 - 4.96 Use After Free Vulnerability
2022-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: exim-4.96-5.fc37
2022-11-10 22:57:16
[SECURITY] Fedora 35 Update: exim-4.96-4.fc35
2022-10-28 11:45:46
[SECURITY] Fedora 36 Update: exim-4.96-4.fc36
2022-10-28 11:16:14
nessus
nessus
Amazon Linux AMI : exim (ALAS-2023-1662)
2023-01-24 00:00:00
openSUSE 15 Security Update : exim (openSUSE-SU-2022:10168-1)
2022-11-01 00:00:00
Fedora 35 : exim (2022-ebb3db782c)
2022-12-22 00:00:00
suse
suse
Security update for exim (important)
2022-11-09 00:00:00
Security update for exim (important)
2022-10-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-16 23:58:58
Use After Free
2022-11-17 01:03:54
osv
osv
exim-4.96-3.1 on GA media
2024-06-15 00:00:00
exim4 vulnerability
2022-11-24 14:02:15
CGA-w822-fwh6-v73g
2024-06-06 12:29:42
cve
cve
CVE-2022-3559
2022-10-17 18:15:12
CVE-2022-3620
2022-10-20 20:15:09
ubuntucve
ubuntucve
CVE-2022-3559
2022-10-17 00:00:00
CVE-2022-3620
2022-10-20 00:00:00
cloudlinux
cloudlinux
exim: Fix of CVE-2022-3559
2023-11-13 20:42:23
prion
prion
Design/Logic Flaw
2022-10-17 18:15:00
Design/Logic Flaw
2022-10-20 20:15:00
cvelist
cvelist
CVE-2022-3559 Exim Regex use after free
2022-10-17 00:00:00
CVE-2022-3620 Exim DMARC dmarc.c dmarc_dns_lookup use after free
2022-10-20 00:00:00
amazon
amazon
Important: exim
2023-01-18 20:56:00
nvd
nvd
CVE-2022-3559
2022-10-17 18:15:12
CVE-2022-3620
2022-10-20 20:15:09
ubuntu
ubuntu
Exim vulnerability
2022-11-24 00:00:00
debiancve
debiancve
CVE-2022-3559
2022-10-17 18:15:12
CVE-2022-3620
2022-10-20 20:15:09

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

80.2%

JSON
Related for ROS-20221028-01
openvas7fedora5nessus9suse2veracode2osv4cve2ubuntucve2cloudlinux1prion2cvelist2amazon1nvd2ubuntu1debiancve2