17 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-0017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to appen...
RHEL 5 : exim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exim: out-of-bounds access in stringinterpretescape leading to buffer overflow in the SMTP delivery proce...
openSUSE Security Update : exim (openSUSE-SU-2011:0105-1)
Exim was updated to verify the return value of the setuid/setgid calls now. CVE-2011-0017: CVSS v2 Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C: Link Following CWE-59 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
openSUSE Security Update : exim (openSUSE-SU-2011:0105-1)
Exim was updated to verify the return value of the setuid/setgid calls now. CVE-2011-0017: CVSS v2 Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C: Link Following CWE-59 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
exim -- local privilege escalation
The remote host is missing an update to the system as announced in the referenced advisory. VID 44ccfab0-3564-11e0-8e81-0022190034c0 OpenVAS Vulnerability Test $ Description: Auto generated from VID 44ccfab0-3564-11e0-8e81-0022190034c0 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
FreeBSD : exim -- local privilege escalation (44ccfab0-3564-11e0-8e81-0022190034c0)
exim.org reports : CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
Ubuntu Update for exim4 vulnerabilities USN-1060-1
Ubuntu Update for Linux kernel vulnerabilities USN-1060-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10601.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for exim4 vulnerabilities USN-1060-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-1060-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA-2154-1] exim4 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...
CVE-2011-0017
Exim has a local-privilege-attack vulnerability (CVE-2011-0017) in open_log() for Exim 4.72 and earlier, where return values from setuid/setgid are not checked, enabling a local user to append log data to arbitrary files via a symlink attack. Public advisories and patch notes indicate this was ad...
Debian DSA-2154-1 : exim4 - privilege escalation
A design flaw CVE-2010-4345 in exim4 allowed the local Debian-exim user to obtain root privileges by specifying an alternate configuration file using the -C option or by using the macro override facility -D option. Unfortunately, fixing this vulnerability is not possible without some changes in...
exim -- local privilege escalation
exim.org reports: CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files...
[SECURITY] [DSA-2154-2] exim4 regression fix
------------------------------------------------------------------------ Debian Security Advisory DSA-2154-2 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA-2154-2] exim4 regression fix
------------------------------------------------------------------------ Debian Security Advisory DSA-2154-2 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA-2154-1] exim4 security update
------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA-2154-1] exim4 security update
------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...
DSA-2154-1 exim4 - privilege escalation
Bulletin has no description...