DEBIAN-CVE-2023-51766

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but...

Debian DLA-2650-1 : exim4 security update

The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution. Details can be found in the Qualys advisory at https://www.qualys.com/2021/05/04/21nails/21nails.txt For Debian 9 stretch, these...

DEBIAN-CVE-2019-19920

sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature. This issue is similar to CVE-2018-11805...

exim 4.90 - Remote Code Execution

exim 4.90 - Remote Code Execution Exploit Title: exim 4.90 - Remote Code Execution Date: 2018-10-24 Exploit Author: hackk.gr Vendor Homepage: exim.org Version: exim -1: authplainavailable = True if test: if lenl 70: sys.stdout.writel:70 + " ...\n" sys.stdout.flush else: print l.strip"\r".strip"\n...

Debian Exim Spool Local Root Privilege Escalation

/ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello List, This is just a minor issue in Exim, no replies so far, so publication should be OK. Introduction: ============ Exim4 in some variants is started as root but switches to uid/gid Debian-exim/Debian-exim. But as Exim might need to store...

Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation

Exploit for linux platform in category local exploits / -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello List, This is just a minor issue in Exim, no replies so far, so publication should be OK. Introduction: ============ Exim4 in some variants is started as root but switches to uid/gid...

Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation

/ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello List, This is just a minor issue in Exim, no replies so far, so publication should be OK. Introduction: ============ Exim4 in some variants is started as root but switches to uid/gid Debian-exim/Debian-exim. But as Exim might need to store...

Ubuntu Update for exim4 vulnerabilities USN-1060-1

Ubuntu Update for Linux kernel vulnerabilities USN-1060-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10601.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for exim4 vulnerabilities USN-1060-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : exim4 vulnerabilities (USN-1060-1)

It was discovered that Exim contained a design flaw in the way it processed alternate configuration files. An attacker that obtained privileges of the 'Debian-exim' user could use an alternate configuration file to obtain root privileges. CVE-2010-4345 It was discovered that Exim incorrectly...

[SECURITY] [DSA-2154-1] exim4 security update

------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...

DSA-2154-1 exim4 - privilege escalation

Bulletin has no description...

DSA-2131-1 exim4 - remote code execution

Bulletin has no description...