16 matches found
Exploit for Out-of-bounds Write in Exim
CVE-2023-42115: Exploit and Payload Generator Scripts This r...
Fedora: Security Advisory (FEDORA-2023-0abcfebecd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Out-of-bounds Write in Exim
CVE-2023-42115: Exploit and Payload Generator Scripts This r...
CVE-2023-42115 vulnerabilities
Vulnerabilities for packages: exim...
CVE-2023-42115 vulnerabilities
Vulnerabilities for packages: exim...
CVE-2023-42115
Exim’s SMTP service (port 25) is affected by CVE-2023-42115: an AUTH-less out-of-bounds write that enables remote code execution via improper validation of user-supplied data, allowing code execution under the service account. The vulnerability details and impact are stated in multiple sources (E...
CVE-2023-42115 Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens ...
openSUSE Security Advisory (openSUSE-SU-2024:0007-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2023-f1c8e4c1cc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exim < 4.96.1 Multiple Vulnerabilities
According to its banner, the version of Exim running on the remote host is prior to 4.96.1. It is, therefore, potentially affected by multiple vulnerabilities: - NTLM Challenge Out-Of-Bounds Read CVE-2023-42114 - AUTH Out-Of-Bounds Write CVE-2023-42115 - SMTP Challenge Stack-based Buffer Overflow...
Fedora 38 : exim (2023-42313af0de)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-42313af0de advisory. This is exim update fixing several security problems. Tenable has extracted the preceding description block directly from the Fedora security...
Exim finally fixes 3 out of 6 vulnerabilities
Exim is a message transfer agent MTA originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million serve...
USN-6411-1: Exim vulnerabilities
It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly use this issue to perform out-of-bounds reads, resulting in information leakage. CVE-2023-42114 It was discovered that Exim incorrectly handled validation of user-supplied data. A remote...
Exim Vulnerable to Zero-Day Remote Code Execution Attacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Six zero-day vulnerabilities have been discovered in the Exim Internet Mailer, potentially putting thousands of email servers worldwide at risk. These vulnerabilities, if successfully exploited,...
Critical and high severity Exim vulnerabilities: everything you need to know
Detect and mitigate CVE-2023-42115, and 5 more vulnerabilities in Exim. Organizations using affected configurations should mitigate and patch the vulnerabilities urgently...
New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks
Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 CVSS...