13 matches found
SUSE CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
Fedora 27 : exim (2017-0053bb9719)
This is an update fixing denial of service CVE-2017-16944. ---- This is an update fixing use-after-free CVE-2017-16943. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Amazon Linux AMI : exim (ALAS-2017-932)
Use-after-free in receivemsg function via vectors involving BDAT commands The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via vectors involving BDAT commands. CVE-2017-16943...
Critical: exim
Issue Overview: Use-after-free in receivemsg function via vectors involving BDAT commands The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via vectors involving BDAT commands...
Fedora Update for exim FEDORA-2017-0032baa7d7
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201711-32] exim: multiple issues
Arch Linux Security Advisory ASA-201711-32 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-1000369 CVE-2017-10140 CVE-2017-16943 CVE-2017-16944 Package : exim Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-518 Summar...
Debian: Security Advisory (DSA-4053-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
CVE-2017-16944
creationtimestamp| type| source ---|---|--- 2017-11-27 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43184 2017-11-27 11:05:37+00:00| published-proof-of-concept| https://t.me/canyoupwnme/2741 2017-11-28 15:12:01+00:00| published-proof-of-concept|...
UBUNTU-CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
Exim Internet Mailer Found Vulnerable to RCE And DoS Bugs; Patch Now
A security researcher has discovered and publicly disclosed two critical vulnerabilities in the popular Internet mail message transfer agent Exim, one of which could allow a remote attacker to execute malicious code on the targeted server. Exim is an open source mail transfer agent MTA developed...
CVE-2017-16944
The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service infinite loop and stack exhaustion via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the...
CVE-2017-16944
CVE-2017-16944 affects Exim 4.88/4.89 where the receive_msg function in receive.c can be abused via BDAT command handling to cause a denial of service (infinite loop and stack exhaustion). Public references in advisories and security trackers confirm this as a BDAT data handling vulnerability in ...