Download
| Alert*
|
oval:org.secpod.oval:def:1601068
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846 . There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. oval:org.secpod.oval:def:117169 Exim is a message transfer agent developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal of fle ... oval:org.secpod.oval:def:1801622 There is a heap-based buffer overflow in string_vformat . The currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is receiving the message. While at this mode of operation Exim already dropped its privileges, other paths to reach the vulnerable code may exist ... oval:org.secpod.oval:def:604547 A buffer overflow flaw was discovered in Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code. oval:org.secpod.oval:def:705222 exim4: Exim is a mail transport agent Exim could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:69763 A buffer overflow flaw was discovered in Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code. |
