AVG-518

Package exim
Status Fixed
Severity Critical
Type multiple issues
Affected 4.89-1
Fixed 4.89.1-1
Current 4.92-1 [community]
Ticket FS#56478
Created Mon Nov 27 07:35:20 2017
Issue Severity Remote Type Description
CVE-2017-1000369 Medium No Denial of service
An uncontrolled resource consumption flaw has been discovered in Exim before 4.89.1. The use of multiple "-p" command line arguments which are malloc()'ed...
CVE-2017-16944 High Yes Denial of service
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack...
CVE-2017-16943 Critical Yes Arbitrary code execution
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2017-10140 Medium No Information disclosure
It was found that Berkeley DB reads the DB_CONFIG configuration file from the current working directory by default. This happens when calling db_create()...
Date Advisory Package Description
30 Nov 2017 ASA-201711-32 exim multiple issues