exim

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Message Transfer Agent
Version 4.92-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-982 4.91-1 4.92-1 Critical Fixed
AVG-608 4.90-3 4.90.1-1 High Fixed
AVG-518 4.89-1 4.89.1-1 Critical Fixed FS#56478
AVG-153 4.87-1 4.88-1 Medium Fixed FS#52221
Issue Group Severity Remote Type Description
CVE-2019-10149 AVG-982 Critical Yes Arbitrary code execution
A flaw was found in the way exim validated recipient addresses. A remote attacker could use this flaw to execute arbitrary commands on the exim server with...
CVE-2018-6789 AVG-608 High Yes Arbitrary code execution
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen....
CVE-2017-1000369 AVG-518 Medium No Denial of service
An uncontrolled resource consumption flaw has been discovered in Exim before 4.89.1. The use of multiple "-p" command line arguments which are malloc()'ed...
CVE-2017-16944 AVG-518 High Yes Denial of service
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack...
CVE-2017-16943 AVG-518 Critical Yes Arbitrary code execution
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2017-10140 AVG-518 Medium No Information disclosure
It was found that Berkeley DB reads the DB_CONFIG configuration file from the current working directory by default. This happens when calling db_create()...
CVE-2016-9963 AVG-153 Medium Yes Information disclosure
It was found that Exim leaked DKIM signing private keys to the "mainlog" log file. As a result, an attacker with access to system log files could...

Advisories

Date Advisory Group Severity Description
12 Feb 2018 ASA-201802-6 AVG-608 High arbitrary code execution
30 Nov 2017 ASA-201711-32 AVG-518 Critical multiple issues