Lucene search
K

15 matches found

Redos
Redos
added 2024/03/13 12:0 a.m.21 views

ROS-2-1337

2.1337 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS10AI score0.61664EPSS
Exploits6
Redos
Redos
added 2021/12/24 12:0 a.m.25 views

ROS-2-905

2.905 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61664EPSS
Exploits6
Redos
Redos
added 2021/09/08 12:0 a.m.21 views

ROS-2-1006

2.1006 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61664EPSS
Exploits6
Redos
Redos
added 2021/09/08 12:0 a.m.30 views

ROS-2-1323

2.1323 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.2AI score0.61664EPSS
Exploits6
Redos
Redos
added 2021/09/08 12:0 a.m.18 views

ROS-2-1498

2.1498 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61664EPSS
Exploits9
Redos
Redos
added 2021/09/08 12:0 a.m.29 views

ROS-2-477

2.477 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61664EPSS
Exploits9
OSV
OSV
added 2021/05/20 8:51 a.m.16 views

OPENSUSE-SU-2021:0754-1 Security update for exim

This update for exim fixes the following issues: Exim was updated to exim-4.94.2 security update boo1185631 CVE-2020-28007: Link attack in Exim's log directory CVE-2020-28008: Assorted attacks in Exim's spool directory CVE-2020-28014: Arbitrary PID file creation CVE-2020-28011: Heap buffer overfl...

9.8CVSS8AI score0.82238EPSS
Exploits34References32
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/20 12:0 a.m.84 views

Security update for exim (critical)

openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2021:0753-1 Rating: critical References: 1079832 1136587 1142207 1154183 1160726 1171490 1171877 1173693 1185631 Cross-References: CVE-2017-1000369 CVE-2017-16943 CVE-2017-16944 CVE-2018-6789 CVE-2019-10149...

10CVSS7.4AI score0.99961EPSS
Exploits59References9
OpenVAS
OpenVAS
added 2021/05/08 12:0 a.m.29 views

openSUSE: Security Advisory for exim (openSUSE-SU-2021:0677-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.4AI score0.99961EPSS
Exploits58References4
NVD
NVD
added 2021/05/06 1:15 p.m.24 views

CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS0.00404EPSS
Exploits3References1
CVE
CVE
added 2021/05/06 3:7 a.m.366 views

CVE-2020-28008

CVE-2020-28008 affects Exim 4 before 4.94.2. The vulnerability allows local privilege escalation via a crafted recipient address that indirectly leads to command execution because Exim operates as root in the spool directory (owned by a non-root user) and an attacker can write to a /var/spool/exi...

7.8CVSS7.4AI score0.00404EPSS
Exploits3References1Affected Software1
OpenVAS
OpenVAS
added 2021/05/05 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-4934-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.61664EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2021/05/05 12:0 a.m.39 views

Exim < 4.94.2 Multiple Vulnerabilities (21Nails)

Exim is prone to multiple vulnerabilities dubbed SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:exim:exim"; if description...

9.8CVSS7.6AI score0.61664EPSS
Exploits6References2
Debian
Debian
added 2021/05/04 1:53 p.m.62 views

[SECURITY] [DSA 4912-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4912-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2021 https://www.debian.org/security/faq -...

9.3CVSS2.2AI score0.61664EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2021/05/04 1:30 p.m.63 views

CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS7.1AI score0.00404EPSS
Exploits3References3
Rows per page
Query Builder