rpm package
suse/libspf2&distro=SUSE Package Hub 15 SP1
pkg:rpm/suse/libspf2&distro=SUSE%20Package%20Hub%2015%20SP1
Vulnerabilities (31)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-28007 | — | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | May 6, 2021 | Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem. | ||
| CVE-2020-12783 | — | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | May 11, 2020 | Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. | ||
| CVE-2020-8015 | — | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Apr 2, 2020 | A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. | ||
| CVE-2019-16928 | — | KEV | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Sep 27, 2019 | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. | |
| CVE-2019-15846 | — | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Sep 6, 2019 | Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. | ||
| CVE-2019-13917 | — | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Jul 25, 2019 | Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). | ||
| CVE-2019-10149 | — | KEV | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Jun 5, 2019 | A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. | |
| CVE-2018-6789 | Cri | 9.8 | KEV | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Feb 8, 2018 | An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. |
| CVE-2017-16944 | Hig | 7.5 | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Nov 25, 2017 | The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content | |
| CVE-2017-16943 | Cri | 9.8 | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Nov 25, 2017 | The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands. | |
| CVE-2017-1000369 | Med | 4.0 | < 1.2.10-bp151.4.1 | 1.2.10-bp151.4.1 | Jun 19, 2017 | Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream ha |
- CVE-2020-28007May 6, 2021affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.
- CVE-2020-12783May 11, 2020affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
- CVE-2020-8015Apr 2, 2020affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
- affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
- CVE-2019-15846Sep 6, 2019affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
- CVE-2019-13917Jul 25, 2019affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
- affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
- affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
- affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content
- affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
- affected < 1.2.10-bp151.4.1fixed 1.2.10-bp151.4.1
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream ha
Page 2 of 2