13 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-1000369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exim supports the use of multiple -p command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cau...
[ASA-201711-32] exim: multiple issues
Arch Linux Security Advisory ASA-201711-32 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-1000369 CVE-2017-10140 CVE-2017-16943 CVE-2017-16944 Package : exim Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-518 Summar...
Juniper Junos Space < 17.1R1 Multiple Vulnerabilities (JSA10826)
According to its self-reported version number, the version of Junos Space running on the remote device is 17.1R1, and is therefore affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid104100; scriptversion"1.7";...
openSUSE Security Update : exim (openSUSE-2017-980) (Stack Clash)
This update for exim fixes the following issues : Changes in exim : - specify users with ref:mail, to make them dynamic. boo1046971 - CVE-2017-1000369: Fixed memory leaks that could be exploited to 'stack crash' local privilege escalation boo1044692 - Require usermail groupmail to meet new users...
Security update for exim (important)
This update for exim fixes the following issues: Changes in exim: - specify users with ref:mail, to make them dynamic. boo1046971 - CVE-2017-1000369: Fixed memory leaks that could be exploited to "stack crash" local privilege escalation boo1044692 - Require usermail groupmail to meet new users...
openSUSE Security Update : exim (openSUSE-2017-714) (Stack Clash)
This update for exim fixes the following issues : - CVE-2017-1000369: Fixed a memory leak in exim commandline handling, which could be used to exhaust memory and make 'stack crash' attacks likely. boo1044692 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Debian DSA-3888-1 : exim4 - security update (Stack Clash)
The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. For the full details, please refer to their advisory published at:...
CVE-2017-1000369
Exim supports the use of multiple "-p" command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch...
CVE-2017-1000369
CVE-2017-1000369 affects Exim 4.89 and earlier. A memory leak caused by multiple -p arguments malloc()’ed without free() can enable a stack-clash path, potentially allowing privilege escalation. Upstream patched in 4.89.1 (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21); Arch Linux notes upgrade...
CVE-2017-1000369
Exim supports the use of multiple "-p" command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch...
[SECURITY] [DSA 3888-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3888-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 19, 2017 https://www.debian.org/security/faq -...
UBUNTU-CVE-2017-1000369
Exim supports the use of multiple "-p" command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch...
Debian Security Advisory DSA 3888-1 (exim4 - security update)
The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. OpenVAS Vulnerability Test $Id: deb3888.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generate...