what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Exim 4.91 Local Privilege Escalation
Posted Jun 17, 2019
Authored by Marco Ivaldi

Exim versions 4.87 through 4.91 suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2019-10149
SHA-256 | f66d7f3a31ac18712c80085004dbe2a60269462f0ed94217c0afa6f03a4f8107

Related Files

Debian Security Advisory 4488-1
Posted Jul 30, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4488-1 - Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default (and unusual) configurations where ${sort } expansion is used for items that can be controlled by an attacker.

tags | advisory, remote, root
systems | linux, debian
advisories | CVE-2019-13917
SHA-256 | 5bd894cb502f0a1c6aee91997321470689edd511f79126588a1120bddff4d630
Ubuntu Security Notice USN-4075-1
Posted Jul 26, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4075-1 - Jeremy Harris discovered that Exim incorrectly handled sort expansions. In environments where sort expansions are used, a remote attacker could possibly use this issue to execute arbitrary code as root.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2019-13917
SHA-256 | af9a5c43a6ba001d6f9f739c96c14a1101ba928e6aaf880efbaa5758c3abbddc
Exim 4.9.1 Remote Command Execution
Posted Jun 6, 2019
Authored by Qualys Security Advisory

Qualys discovered a remote command execution vulnerability in Exim versions 4.87 to 4.91.

tags | advisory, remote
advisories | CVE-2019-10149
SHA-256 | ccf81b809451dabd0ae35b330095955b9998319116314052fc75a06a7dd5e3e8
Gentoo Linux Security Advisory 201906-01
Posted Jun 6, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201906-1 - A vulnerability in Exim could allow a remote attacker to execute arbitrary commands. Versions less than 4.92 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2019-10149
SHA-256 | a3da7ce79662c13585cde53abd610ea317462f97afc3099957d04af79577eaa6
Ubuntu Security Notice USN-4010-1
Posted Jun 5, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4010-1 - It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10149
SHA-256 | e254ca1fcd34d1dbc6122ae985d24828cd5607f4d4eb3a341f82838dfa7cd5b3
Debian Security Advisory 4456-1
Posted Jun 5, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4456-1 - The Qualys Research Labs reported a flaw in Exim, a mail transport agent. Improper validation of the recipient address in the deliver_message() function may result in the execution of arbitrary commands.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-10149
SHA-256 | 0cd1d0a2bc006718e3f130c1b1c0b5a56897616f1aabae70b5dba7ad89aedea3
Exim 4.90 Remote Code Execution
Posted Oct 24, 2018
Authored by hackk.gr

Exim version 4.90 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-6789
SHA-256 | 19a743e6423b65998debf24be560524e381d039e1cadcd20d9257dd956d9b4a1
Exim base64d Remote Code Execution
Posted May 3, 2018
Authored by straight_blast

Exim versions prior to 4.90.1 suffer from a base64d remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-6789
SHA-256 | 7ca9d4d2ad8a8f94f402c2a0986a1bcb33596bff697621e2afcde815f2f4b0d8
Gentoo Linux Security Advisory 201803-01
Posted Mar 6, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201803-1 - Multiple vulnerabilities have been found in Exim, the worst of which allows remote attackers to execute arbitrary code. Versions less than 4.90.1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-16943, CVE-2017-16944, CVE-2018-6789
SHA-256 | fae08f3a967abdc43a1c026ad3ce23d707d739eacf930009ae729881c47b4e5c
Ubuntu Security Notice USN-3565-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3565-1 - Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-6789
SHA-256 | af6290b7d81b5f37c8718f3ea211ac9f5fe0e3ba2706920599cde51286c5524b
Debian Security Advisory 4110-1
Posted Feb 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4110-1 - Meh Chang discovered a buffer overflow flaw in a utility function used in the SMTP listener of Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code via a specially crafted message.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2018-6789
SHA-256 | 177e2fda59e9e6ba3a12f1c8d564ad42a8ca0e3bef74df674862b69bd02f1f54
Ubuntu Security Notice USN-3499-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3499-1 - It was discovered that Exim incorrectly handled certain BDAT data headers. A remote attacker could possibly use this issue to cause Exim to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16944
SHA-256 | 84f6e7318add2363801a7c087f557e0bfddc5858647315c8653fcfcb594b870e
Exim 4.89 Denial Of Service
Posted Nov 27, 2017
Authored by meh

Exim version 4.89 suffers from a denial of service vulnerability while parsing the BDAT data header.

tags | exploit, denial of service
advisories | CVE-2017-16944
SHA-256 | 06400f3e55ff24c12a728e79c0653462e865d8c5b296a559adff089a0a57f067
Ubuntu Security Notice USN-3493-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3493-1 - It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16943
SHA-256 | b682ce23a365c9f0c1a12f999ea8890678e6432dec8406a563bfa963c428342c
Gentoo Linux Security Advisory 201709-19
Posted Sep 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201709-19 - A vulnerability in Exim may allow local users to gain root privileges. Versions less than 4.89-r1 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-1000369
SHA-256 | e4e8753acd88314f65a96fcfa803a6925a200130dc25cc90535c49d136149011
Ubuntu Security Notice USN-3322-1
Posted Jun 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3322-1 - It was discovered that Exim did not properly deallocate memory when processing certain command line arguments. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code and gain administrative privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-1000369
SHA-256 | 91dac33c04bf4f77abf899743cfd413b34537fcac33053883f9d554f431ee119
WordPress PHPMailer Host Header Command Injection
Posted May 17, 2017
Authored by Dawid Golunski, wvu | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in WordPress version 4.6 with Exim as an MTA via a spoofed Host header to PHPMailer, a mail-sending library that is bundled with WordPress. A valid WordPress username is required to exploit the vulnerability. Additionally, due to the altered Host header, exploitation is limited to the default virtual host, assuming the header isn't mangled in transit. If the target is running Apache 2.2.32 or 2.4.24 and later, the server may have HttpProtocolOptions set to Strict, preventing a Host header containing parens from passing through, making exploitation unlikely.

tags | exploit, spoof
advisories | CVE-2016-10033
SHA-256 | 928eb6125df4b025be7b68270b411eb5dfb58e8b71a32b25b6ed380ce5e0f241
Ubuntu Security Notice USN-3164-1
Posted Jan 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3164-1 - Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain configurations, private DKIM signing keys could be leaked to the log files.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-9963
SHA-256 | c2586094b5f6fd1850c04f8c9df8ab3a7d0dd8e5752195fd1f23018fceb24c5d
Debian Exim Spool Local Root Privilege Escalation
Posted Jul 4, 2016
Authored by halfdog

Exim4 in some variants is started as root but switches to uid/gid Debian-exim/Debian-exim. But as Exim might need to store received messages in user mailboxes, it has to have the ability to regain privileges. This is also true when Exim is started as "sendmail". During internal operation, sendmail (Exim) will manipulate message spool files in directory structures owned by user "Debian-exim" without caring about symlink attacks. Thus execution of code as user "Debian-exim" can be used to gain root privileges by invoking "sendmail" as user "Debian-exim".

tags | exploit, root
systems | linux, debian
SHA-256 | bd74c62b27f39b7f46709bc09cd8804cada21ce8799966cc4bc67706ff142d5b
Exim perl_startup Privilege Escalation
Posted Apr 14, 2016
Authored by Dawid Golunski, wvu | Site metasploit.com

This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.

tags | exploit, perl
SHA-256 | 9244d1a56ca1a0b4187fc7d9232dd5485fbbf380c0bdb9f35ea79df0019c335a
Ubuntu Security Notice USN-2933-1
Posted Mar 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2933-1 - It was discovered that Exim incorrectly filtered environment variables when used with the perl_startup configuration option. If the perl_startup option was enabled, a local attacker could use this issue to escalate their privileges to the root user. This issue has been fixed by having Exim clean the complete execution environment by default on startup, including any subprocesses such as transports that call other programs. This change in behaviour may break existing installations and can be adjusted by using two new configuration options, keep_environment and add_environment. Various other issues were also addressed.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2014-2972, CVE-2016-1531
SHA-256 | 4d1c0664786aa724ab53583f3fef9a7abd6f25ae6008251ecde90b82fec34351
Exim Local Privilege Escalation
Posted Mar 10, 2016
Authored by Dawid Golunski

Exim versions prior to 4.86.2 suffer from a local root privilege escalation vulnerability. When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges.

tags | exploit, local, root, perl
advisories | CVE-2016-1531
SHA-256 | c8b37f6ba0c1a3bd66f5d17781dd1c98a33edc213484ca6db8095fef81937ebc
Exim 4.84-3 Local Root / Privilege Escalation
Posted Mar 8, 2016
Authored by Hacker Fantastic

Exim versions 4.84-3 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2016-1531
SHA-256 | 338e278d54bff0fcb3160902a0f4e6e04e509da47b831229d06ee56563a1ce5c
Exim GHOST (glibc gethostbyname) Buffer Overflow
Posted Mar 24, 2015
Authored by Qualys Security Advisory | Site metasploit.com

This Metasploit module remotely exploits CVE-2015-0235 (a.k.a. GHOST, a heap-based buffer overflow in the GNU C Library's gethostbyname functions) on x86 and x86_64 GNU/Linux systems that run the Exim mail server.

tags | exploit, overflow, x86
systems | linux
advisories | CVE-2015-0235
SHA-256 | a904662b081b766808bd7e6e1ad410a102718e996535c406d1a81766eee34d73
Exim ESMTP GHOST Denial Of Service
Posted Jan 29, 2015

Exim ESTMP denial of service exploit that leverages the GHOST glibc gethostbyname buffer overflow.

tags | exploit, denial of service, overflow
advisories | CVE-2015-0235
SHA-256 | 5ecc35645890c0c48e753cb63b2c03579f6cc942a311b5aad37e578368a54b58
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close