Exim < 4.98.1 SQL injection

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Exim does not adequately validate user input thereby allow execution of arbitrary commands

Overview Under certain configurations, Exim may execute commands embedded in a mail message's From address. Description Exim is an open-source mail transport agent distributed by the University of Cambridge. Exim can be configured to route all incoming mail or mail to particular addresses through...