Download
| Alert*
oval:org.secpod.oval:def:200197
Exim is a mail transport agent developed at the University of Cambridge for use on Unix systems connected to the Internet. A buffer overflow flaw was discovered in Exim"s internal string_vformat function. A remote attacker could use this flaw to execute arbitrary code on the mail server running Exi ... oval:org.secpod.oval:def:700184 Sergey Kononenko and Eugene Bujak discovered that Exim did not correctly truncate string expansions. A remote attacker could send specially crafted email traffic to run arbitrary code as the Exim user, which could also lead to root privileges. oval:org.secpod.oval:def:600128 Several vulnerabilities have been found in exim4 that allow a remote attacker to execute arbitrary code as root user. Exploits for these issues have been seen in the wild. This update fixes a memory corruption issue that allows a remote attacker to execute arbitrary code as the Debian-exim user . A ... oval:org.secpod.oval:def:200203 Exim is a mail transport agent developed at the University of Cambridge for use on Unix systems connected to the Internet. A buffer overflow flaw was discovered in Exim"s internal string_vformat function. A remote attacker could use this flaw to execute arbitrary code on the mail server running Exi ... oval:org.secpod.oval:def:400028 The unprivileged user exim is running as could tell the exim daemon to read a different config file and leverage that to escalate privileges to root CVE-2010-4345. A buffer overflow in exim allowed remote attackers to execute arbitrary code CVE-2010-4344. openSUSE 11.3 is not affected by this flaw. oval:org.secpod.oval:def:500373 Exim is a mail transport agent developed at the University of Cambridge for use on Unix systems connected to the Internet. A buffer overflow flaw was discovered in Exim"s internal string_vformat function. A remote attacker could use this flaw to execute arbitrary code on the mail server running Exi ... |