12 matches found
USN-6455-2 exim4 regression
USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117 introduced a regression on Ubuntu 22.04 LTS that resulted in certain connections logging a Taint mismatch error. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered tha...
Debian dsa-6265 : exim4 - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6265 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6265-1 [email protected]...
[SECURITY] Fedora 42 Update: exim-4.99.2-1.fc42
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
DEBIAN-CVE-2023-42114
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
SUSE CVE-2020-28011
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queuerun via two sender options: -R and -S. This may cause privilege escalation from exim to root...
The vulnerability of the Exim message transfer agent, related to privilege management errors, allows a hacker to elevate their privileges within the system.
The vulnerability of the Exim message transfer agent is related to privilege management errors. Exploiting this vulnerability can allow an attacker to enhance their privileges within the system...
The vulnerability of the Exim message transfer agent, related to resource management errors, allows a attacker to perform denial-of-service attacks.
The vulnerability of the Exim message transfer agent is related to resource management errors. Exploiting this vulnerability allows a malicious actor to perform a Denial-of-Service attack by sending specially crafted data to the application...
Exim 缓冲区错误漏洞
Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. A heap buffer overflow vulnerability exists in queuerun in Exim, which can be exploited by an attacker to elevate privileges from exim to root via the two sender options -R and -...
UBUNTU-CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
Ghost glibc Vulnerability Patching and Exploits
There are some silver linings in the wake of yesterday’s disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability. First, the 15-year-old bug isn’t the showstopper that the Shellshock...
Exim vulnerable to buffer overflow via the dns_build_reverse() routine
Overview The Exim Mail Transfer Agent MTA contains a buffer overflow that allows a local attacker to execute arbitrary code. Description Exim MTA is an open-source mail transport agent distributed by the University of Cambridge. A lack of input validation on user supplied data may allow a buffer...
[SECURITY] [DSA-058-1] exim printf format attack
Package : exim Problem type : remote printf format attack Debian-specific: no Megyer Laszlo found a printf format bug in the exim mail transfer agent. The code that checks the header syntax of an email logs an error without protecting itself against printf format attacks. This problem has been...