Showing 1 - 2 of 2

CVE-2023-42119

Status Candidate

Overview

Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-17643.

Related Files

Gentoo Linux Security Advisory 202402-18: Posted Feb 19, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2023-42114, CVE-2023-42115, CVE-2023-42116, CVE-2023-42117, CVE-2023-42119, CVE-2023-51766; SHA-256 | baabebed21673e40b564e5721f4a8c2ad8b2d62a34a694a4ab0c3fd9b9eddfdc; Download | Favorite | View

Ubuntu Security Notice USN-6455-1: Posted Oct 30, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6455-1 - It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-42117, CVE-2023-42119; SHA-256 | 323c6ff2a013a77f6d6aa929e97a11a9e629fa736c7266c0bfa1231fe81b46e8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
Ubuntu 88 files
indoushka 67 files
Jasper Nota 25 files
Willem Westerhof 19 files
Gentoo 18 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,093)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,547)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,665)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,730)
UNIX (9,433)
UnixWare (187)
Windows (6,671)
Other

CVE-2023-42119

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems