44 matches found
EUVD-2020-20505
Malware in sbrugna...
EUVD-2020-20508
Malware in sbrugna...
EUVD-2020-20513
Malware in sbrugna...
CVE-2020-28017
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receiveaddrecipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption...
Exim 4 远程代码执行漏洞(CVE-2020-28018)
CVE-2020-28018: Exim Use-after-free UAF leading to RCE Introduction There exists a Use-after-free UAF vulnerability in tls-openssl.c that allow remote unauthenticated attackers to corrupt internal memory data, thus finally achieving remote code execution. Primitives: - x Memory Leakage - x...
CVE-2020-28009
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because getstdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow multiple days...
CVE-2020-28010
Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...
CVE-2020-28018
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...
CVE-2020-28007
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory owned by a non-root user, a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem...
CVE-2020-28014
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten...
CVE-2020-28017
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receiveaddrecipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption...
Design/Logic Flaw
Exim 4 before 4.94.2 allows Use After Free in smtpreset in certain situations that may be common for builds with OpenSSL...
Design/Logic Flaw
Exim 4 before 4.94.2 allows Out-of-bounds Read. smtpsetupmsg may disclose sensitive information from process memory to an unauthenticated SMTP client...
Design/Logic Flaw
Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parsefixphrase...
Integer overflow
Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because getstdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow multiple days...
Design/Logic Flaw
Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...
Design/Logic Flaw
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...
Design/Logic Flaw
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...
CVE-2021-27216
Exim 4 before 4.94.2 is affected by an Execution with Unnecessary Privileges vulnerability triggered by a delete_pid_file race condition. A local user can delete arbitrary files as root by exploiting -oP/-oPX options, due to Exim operating as root in the log directory (owned by non-root). Connect...
CVE-2020-28025
Exim 4 prior to 4.94.2 is affected by CVE-2020-28025 (Out-of-bounds Read). The flaw is due to pdkim_finish_bodyhash not validating the relationship between sig->bodyhash.len and b->bh.len, which can allow leakage of sensitive information from process memory via a crafted DKIM-Signature head...