15 matches found
ROS-2-1337
2.1337 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-905
2.905 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1006
2.1006 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1323
2.1323 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1498
2.1498 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-477
2.477 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
OPENSUSE-SU-2021:0754-1 Security update for exim
This update for exim fixes the following issues: Exim was updated to exim-4.94.2 security update boo1185631 CVE-2020-28007: Link attack in Exim's log directory CVE-2020-28008: Assorted attacks in Exim's spool directory CVE-2020-28014: Arbitrary PID file creation CVE-2020-28011: Heap buffer overfl...
Security update for exim (critical)
openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2021:0753-1 Rating: critical References: 1079832 1136587 1142207 1154183 1160726 1171490 1171877 1173693 1185631 Cross-References: CVE-2017-1000369 CVE-2017-16943 CVE-2017-16944 CVE-2018-6789 CVE-2019-10149...
openSUSE: Security Advisory for exim (openSUSE-SU-2021:0677-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-28008
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...
CVE-2020-28008
CVE-2020-28008 affects Exim 4 before 4.94.2. The vulnerability allows local privilege escalation via a crafted recipient address that indirectly leads to command execution because Exim operates as root in the spool directory (owned by a non-root user) and an attacker can write to a /var/spool/exi...
Ubuntu: Security Advisory (USN-4934-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exim < 4.94.2 Multiple Vulnerabilities (21Nails)
Exim is prone to multiple vulnerabilities dubbed SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:exim:exim"; if description...
[SECURITY] [DSA 4912-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4912-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2021 https://www.debian.org/security/faq -...
CVE-2020-28008
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...