22 matches found
boulder.co.networkofcare.org Cross Site Scripting vulnerability OBB-3691533
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GLSA-202003-47 : Exim: Heap-based buffer overflow
The remote host is affected by the vulnerability described in GLSA-202003-47 Exim: Heap-based buffer overflow It was discovered that Exim incorrectly handled certain string operations. Impact : A remote attacker, able to connect to a vulnerable Exim instance, could possibly execute arbitrary code...
Amazon Linux AMI : exim (ALAS-2019-1310)
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846 . There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command.CVE-2019-16928 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
Critical: exim
Issue Overview: Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command.CVE-2019-16928 Affected Packages: exim Issue Correction: Run yum update exim or yu...
Fedora 29 : exim (2019-d778bd4137)
This is an update fixing CVE-2019-16928. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 31 : exim (2019-e080507ba5)
This is an update fixing CVE-2019-16928. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for exim FEDORA-2019-006dfc94cd
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : exim (2019-006dfc94cd)
This is an update fixing CVE-2019-16928. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Critical Exim Flaw Opens Servers to Remote Code Execution
A patch has been issued for a critical flaw in the Exim email server software, which could potentially open Exim-based servers up to denial of service or remote code execution attacks. Exim, which is free software used on Unix-like operating systems including Linux or Mac OSX, serves as a mail...
New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released
A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers. Exim maintainers today released an urgent security update—Exim...
CVE-2019-16928
A heap-based buffer overflow flaw was found in Exim. The overflow can be triggered via specially crafted SMTP-protocol EHLO message, which may lead to unauthenticated remote code execution. It is thought that the execution of the remote code would be at the exim user level although execution as t...
Ubuntu 19.04 : Exim vulnerability (USN-4141-1)
It was discovered that Exim incorrectly handled certain string operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly...
Exim 4.92.x < 4.92.3 Heap Buffer Overflow
According to its banner, the version of Exim running on the remote host is 4.92.x prior to 4.92.3. It is, therefore, potentially affected by a remote code execution vulnerability allowing unauthenticated, remote attackers to execute arbitrary code via a heap buffer overflow in stringvformat...
CVE-2019-16928
creationtimestamp| type| source ---|---|--- 2019-09-29 14:20:11+00:00| published-proof-of-concept| https://t.me/antichat/6642 2019-09-30 13:06:40+00:00| seen| https://t.me/SecLabNews/5895 2019-09-30 14:26:39+00:00| seen| https://t.me/thehackernews/483 2019-09-30 14:42:41+00:00| seen|...
[SECURITY] [DSA 4536-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4536-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 28, 2019 https://www.debian.org/security/faq -...
CVE-2019-16928
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...
CVE-2019-16928
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...
CVE-2019-16928
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...
CVE-2019-16928
Exim CVE-2019-16928 is a heap-based buffer overflow in string_vformat (string.c) triggered by a long EHLO command in Exim 4.92–4.92.2, enabling remote code execution. Several sources confirm the vulnerable path via smtp_in.c and related string formatting code (e.g., string_vformat, string_fmt_app...
Exim EHLO crash bug
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command. Recent assessments: wchen-r7 at October 04, 2019 10:50pm UTC reported: CVE-2019-16928: Exim EHLO...