Download
| Alert*
|
oval:org.secpod.oval:def:1601026
Exim allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker oval:org.secpod.oval:def:57817 exim4: Exim is a mail transport agent Exim could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:57797 Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default configurations where ${sort } expansion is used for items that can be controlled by an ... oval:org.secpod.oval:def:705087 exim4: Exim is a mail transport agent Exim could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:59747 A flaw was found in exim, in which if the server configuration uses the ${sort } expansion, then this could be controlled by the remote attacker , resulting in the attacker able to execute programs with root privileges. Note: The default config, as shipped by exim upstream, does not contain ${sort } ... oval:org.secpod.oval:def:69894 Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default configurations where ${sort } expansion is used for items that can be controlled by an ... oval:org.secpod.oval:def:604463 Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default configurations where ${sort } expansion is used for items that can be controlled by an ... |
