8 matches found
Medium: exim
Issue Overview: Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc. CVE-2022-37451 Affected Packages: exim Issue Correction: Run yum update exim or yum update --advisory ALAS-2023-1753 to update your system. New Packages: i686: ...
Amazon Linux AMI : exim (ALAS-2023-1753)
The version of exim installed on the remote host is prior to 4.92-1.37. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1753 advisory. Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc. CVE-2022-3745...
Exim < 4.96 DoS
According to its banner, the version of Exim running on the remote host is prior to 4.96. It is, therefore, potentially affected by an invalid free error which can be exploited by a remote, unauthenticated attacker. Successful exploitation may result in a denial of service. This vulnerability...
Fixed CVEs in exim: CVE-2022-37451, CVE-2022-37452
CVE-2022-37452: fix heap-based buffer overflow for the alias list in hostnamelookup - CVE-2022-37451: fix invalid free in pamconverse...
CVE-2022-37451
Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc...
CVE-2022-37451
Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc...
CVE-2022-37451
Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc...
CVE-2022-37451
Exim before 4.96 is vulnerable to an invalid free in pam_converse (auths/call_pam.c) because store_free is not used after store_malloc. The flaw is memory-management related and, per sources, can lead to denial of service. Affected product: Exim MTA; root cause: missing deallocation after allocat...