Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2011-0017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to appen...

6.9CVSS7.2AI score0.00379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 5 : exim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exim: out-of-bounds access in stringinterpretescape leading to buffer overflow in the SMTP delivery proce...

9.8CVSS8.9AI score0.82238EPSS
Exploits35References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.34 views

openSUSE Security Update : exim (openSUSE-SU-2011:0105-1)

Exim was updated to verify the return value of the setuid/setgid calls now. CVE-2011-0017: CVSS v2 Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C: Link Following CWE-59 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.9CVSS7.2AI score0.00379EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.31 views

openSUSE Security Update : exim (openSUSE-SU-2011:0105-1)

Exim was updated to verify the return value of the setuid/setgid calls now. CVE-2011-0017: CVSS v2 Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C: Link Following CWE-59 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.9CVSS7.2AI score0.00379EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/03/05 12:0 a.m.32 views

exim -- local privilege escalation

The remote host is missing an update to the system as announced in the referenced advisory. VID 44ccfab0-3564-11e0-8e81-0022190034c0 OpenVAS Vulnerability Test $ Description: Auto generated from VID 44ccfab0-3564-11e0-8e81-0022190034c0 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

6.9CVSS0.3AI score0.00379EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/02/14 12:0 a.m.35 views

FreeBSD : exim -- local privilege escalation (44ccfab0-3564-11e0-8e81-0022190034c0)

exim.org reports : CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

6.9CVSS7.2AI score0.00379EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/02/11 12:0 a.m.58 views

Ubuntu Update for exim4 vulnerabilities USN-1060-1

Ubuntu Update for Linux kernel vulnerabilities USN-1060-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10601.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for exim4 vulnerabilities USN-1060-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

6.9CVSS0.17794EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2011/02/11 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-1060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.17794EPSS
Exploits4References4
securityvulns
securityvulns
added 2011/02/03 12:0 a.m.62 views

[SECURITY] [DSA-2154-1] exim4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...

6.9CVSS0.6AI score0.17794EPSS
Exploits4
CVE
CVE
added 2011/02/02 12:0 a.m.94 views

CVE-2011-0017

Exim has a local-privilege-attack vulnerability (CVE-2011-0017) in open_log() for Exim 4.72 and earlier, where return values from setuid/setgid are not checked, enabling a local user to append log data to arbitrary files via a symlink attack. Public advisories and patch notes indicate this was ad...

6.9CVSS6.1AI score0.00379EPSS
Exploits0References15Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/01/31 12:0 a.m.64 views

Debian DSA-2154-1 : exim4 - privilege escalation

A design flaw CVE-2010-4345 in exim4 allowed the local Debian-exim user to obtain root privileges by specifying an alternate configuration file using the -C option or by using the macro override facility -D option. Unfortunately, fixing this vulnerability is not possible without some changes in...

7.8CVSS8.3AI score0.17794EPSS
Exploits4References5
FreeBSD
FreeBSD
added 2011/01/31 12:0 a.m.24 views

exim -- local privilege escalation

exim.org reports: CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files...

6.9CVSS2.9AI score0.00379EPSS
Exploits0References1
Debian
Debian
added 2011/01/30 10:4 p.m.33 views

[SECURITY] [DSA-2154-2] exim4 regression fix

------------------------------------------------------------------------ Debian Security Advisory DSA-2154-2 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...

6.9CVSS2.2AI score0.17794EPSS
Exploits4
Debian
Debian
added 2011/01/30 10:4 p.m.39 views

[SECURITY] [DSA-2154-2] exim4 regression fix

------------------------------------------------------------------------ Debian Security Advisory DSA-2154-2 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...

7.8CVSS9.5AI score0.17794EPSS
Exploits4
Debian
Debian
added 2011/01/30 10:41 a.m.43 views

[SECURITY] [DSA-2154-1] exim4 security update

------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...

6.9CVSS0.6AI score0.17794EPSS
Exploits4
Debian
Debian
added 2011/01/30 10:41 a.m.39 views

[SECURITY] [DSA-2154-1] exim4 security update

------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...

7.8CVSS9.9AI score0.17794EPSS
Exploits4
OSV
OSV
added 2011/01/30 12:0 a.m.49 views

DSA-2154-1 exim4 - privilege escalation

Bulletin has no description...

7.8CVSS7.4AI score0.17794EPSS
Exploits4
Rows per page
Query Builder