Lucene search
K

8 matches found

Amazon
Amazon
added 2023/06/06 12:0 a.m.30 views

Medium: exim

Issue Overview: Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc. CVE-2022-37451 Affected Packages: exim Issue Correction: Run yum update exim or yum update --advisory ALAS-2023-1753 to update your system. New Packages: i686: ...

7.5CVSS8AI score0.02551EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.41 views

Amazon Linux AMI : exim (ALAS-2023-1753)

The version of exim installed on the remote host is prior to 4.92-1.37. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1753 advisory. Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc. CVE-2022-3745...

7.5CVSS7.5AI score0.02551EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2022/08/24 12:0 a.m.39 views

Exim < 4.96 DoS

According to its banner, the version of Exim running on the remote host is prior to 4.96. It is, therefore, potentially affected by an invalid free error which can be exploited by a remote, unauthenticated attacker. Successful exploitation may result in a denial of service. This vulnerability...

7.5CVSS7.5AI score0.02551EPSS
Exploits2References3
CloudLinux
CloudLinux
added 2022/08/17 6:41 p.m.160 views

Fixed CVEs in exim: CVE-2022-37451, CVE-2022-37452

CVE-2022-37452: fix heap-based buffer overflow for the alias list in hostnamelookup - CVE-2022-37451: fix invalid free in pamconverse...

9.8CVSS3.8AI score0.0292EPSS
Exploits3References1
NVD
NVD
added 2022/08/06 6:15 p.m.17 views

CVE-2022-37451

Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc...

7.5CVSS0.02551EPSS
Exploits2References10
ATTACKERKB
ATTACKERKB
added 2022/08/06 6:15 p.m.2 views

CVE-2022-37451

Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc...

7.5CVSS7.1AI score0.02551EPSS
Exploits2References13
UbuntuCve
UbuntuCve
added 2022/08/06 6:15 p.m.146 views

CVE-2022-37451

Exim before 4.96 has an invalid free in pamconverse in auths/callpam.c because storefree is not used after storemalloc...

7.5CVSS7.1AI score0.02551EPSS
Exploits2References4
CVE
CVE
added 2022/08/06 5:2 p.m.919 views

CVE-2022-37451

Exim before 4.96 is vulnerable to an invalid free in pam_converse (auths/call_pam.c) because store_free is not used after store_malloc. The flaw is memory-management related and, per sources, can lead to denial of service. Affected product: Exim MTA; root cause: missing deallocation after allocat...

7.5CVSS7.5AI score0.02551EPSS
Exploits2References10Affected Software1
Rows per page
Query Builder