CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0CVE-2016-9963
https://notcve.org/view.php?id=CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. Exim en versiones anteriores a 4.87.1 podrían permitir a atacantes remotos obtener la clave de firma DKIM privada a través de vectores relacionados con archivos de registro y mensajes de devolución. • http://www.debian.org/security/2016/dsa-3747 http://www.exim.org/static/doc/CVE-2016-9963.txt http://www.securityfocus.com/bid/94947 http://www.securitytracker.com/id/1037484 http://www.ubuntu.com/usn/USN-3164-1 https://bugs.exim.org/show_bug.cgi?id=1996 • CWE-320: Key Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 5CVE-2016-1531 – Exim - 'perl_startup' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-1531
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument. Exim en versiones anteriores a 4.86.2, cuando está instalado setuid root, permite a usuarios locales obtener privilegios a través del argumento perl_startup. Exim versions 4.84-3 and below suffer from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/39702 https://www.exploit-db.com/exploits/39535 https://www.exploit-db.com/exploits/39549 https://github.com/N3rdyN3xus/CVE-2016-1531 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html http://www.debian.org/security/2016/dsa-3517 http://www.exim.org/static/doc/CVE-2016-1531.txt http://www.rapid7.com/db/modules/exploit/u • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 5%CPEs: 51EXPL: 0CVE-2014-2957
https://notcve.org/view.php?id=CVE-2014-2957
The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function. La función dmarc_process en dmarc.c en Exim anterior a 4.82.1, cuando EXPERIMENTAL_DMARC está habilitado, permite a atacantes remotos ejecutar código arbitrario a través de la cabecera Desde en un email, lo cual es pasado a la función expand_string. • http://git.exim.org/exim.git/commitdiff/5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0 http://www.openwall.com/lists/oss-security/2021/05/04/7 https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 52EXPL: 0CVE-2014-2972
https://notcve.org/view.php?id=CVE-2014-2972
expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value. expand.c en Exim anterior a 4.83 expande las comparaciones matemáticas dos veces, lo que permite a usuarios locales ganar privilegios y ejecutar comandos arbitrarios a través de un valor lookup maniulado. • http://git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44 http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136251.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136264.html http://www.ubuntu.com/usn/USN-2933-1 https://bugzilla.redhat.com/show_bug.cgi?id=1122552 https://lists.exim.org/lurker/message/20140722.145949.42c043f5.en.html https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html https://security.gentoo.org/gls • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 70%CPEs: 9EXPL: 0CVE-2012-5671
https://notcve.org/view.php?id=CVE-2012-5671
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server. Desbordamiento de búfer basado en memoria dinámica en la función dkim_exim_query_dns_txt en dkim.c en Exim v4.70 hasta v4.80, cuando el soporte DKIM está habilitado y acl_smtp_connect y acl_smtp_rcpt no están establecidos en "warn control = dkim_disable_verify", permite a atacantes remotos ejecutar código arbitrario a través de un correo electrónico de un servidor DNS malicioso. • http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091664.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090900.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090963.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00018.html http://osvdb.org/86616 http://secunia.com/advisories/51098 http://secunia.com/advisories/51115 http://secunia.com/advisories/51153 http://secunia.com/advisories/51155 http://w • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •