14 matches found
USN-6455-2 exim4 regression
USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117 introduced a regression on Ubuntu 22.04 LTS that resulted in certain connections logging a Taint mismatch error. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered tha...
Fedora: Security Advisory (FEDORA-2023-0abcfebecd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-42119
CVE-2023-42119 affects Exim’s dnsdb Out-Of-Bounds Read Information Disclosure via the smtpd path (TCP port 25). Root cause: improper validation leads to reading past allocated buffer, enabling network-adjacent information disclosure; exploitation could be combined with other vulnerabilities to en...
openSUSE Security Advisory (openSUSE-SU-2024:0007-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for exim (openSUSE-SU-2023:0303-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for exim (openSUSE-SU-2023:0304-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-f1c8e4c1cc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6455-1: Exim vulnerabilities
It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2023-42117 It was discovered that Exim incorrectly handled validation of user-supplied data, whic...
Exim < 4.96.2 Multiple Vulnerabilities
According to its banner, the version of Exim running on the remote host is prior to 4.96.2. It is, therefore, potentially affected by multiple vulnerabilities: - Improper Neutralization of Special Elements CVE-2023-42117 - dnsdb Out-Of-Bounds Read CVE-2023-42119 Note that Nessus has not tested fo...
openSUSE 15 Security Update : exim (openSUSE-SU-2023:0303-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0303-1 advisory. - Improper Neutralization of Special Elements Remote Code Execution Vulnerability fedora-all CVE-2023-42117 - dnsdb Out-Of-Bounds Read Informatio...
openSUSE 15 Security Update : exim (openSUSE-SU-2023:0304-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0304-1 advisory. - Improper Neutralization of Special Elements Remote Code Execution Vulnerability fedora-all CVE-2023-42117 - dnsdb Out-Of-Bounds Read Informatio...
Fedora 38 : exim (2023-42313af0de)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-42313af0de advisory. This is exim update fixing several security problems. Tenable has extracted the preceding description block directly from the Fedora security...
CVE-2023-42119
An out-of-bounds read flaw was found in Exim which exists within the smtp service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer, leading to disclosure of some sensitive information. An attacker can...
Exim < 4.96.2 Multiple Vulnerabilities (Sep 2023)
Exim is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:exim:exim"; if description...