Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim 4.42 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0022
Buffer overflow in the spa_base64_to_bits function in Exim prior to 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow malicious users to execute arbitrary code during SPA authentication.
University Of Cambridge Exim
University Of Cambridge Exim 4.41
University Of Cambridge Exim 4.42
NA
CVE-2005-0021
Multiple buffer overflows in Exim prior to 4.43 may allow malicious users to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command...
University Of Cambridge Exim
University Of Cambridge Exim 4.41
University Of Cambridge Exim 4.42
2 EDB exploits
NA
CVE-2010-2024
transports/appendfile.c in Exim prior to 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
Exim Exim
Exim Exim 4.70
Exim Exim 4.63
Exim Exim 4.62
Exim Exim 4.44
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 4.21
Exim Exim 4.10
Exim Exim 4.20
Exim Exim 4.69
Exim Exim 4.68
Exim Exim 4.61
Exim Exim 4.60
Exim Exim 4.54
Exim Exim 4.34
Exim Exim 4.33
Exim Exim 4.41
Exim Exim 4.42
Exim Exim 4.65
Exim Exim 4.64
Exim Exim 4.51
NA
CVE-2010-2023
transports/appendfile.c in Exim prior to 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user...
Exim Exim 4.10
Exim Exim 4.20
Exim Exim 4.68
Exim Exim 4.67
Exim Exim 4.60
Exim Exim 4.54
Exim Exim 4.34
Exim Exim 4.41
Exim Exim 4.42
Exim Exim
Exim Exim 4.64
Exim Exim 4.63
Exim Exim 4.51
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.62
Exim Exim 4.61
Exim Exim 4.44
Exim Exim 4.43
Exim Exim 4.21
Exim Exim 4.33
Exim Exim 4.50
NA
CVE-2014-2972
expand.c in Exim prior to 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
Exim Exim 4.77
Exim Exim 4.76
Exim Exim 4.69
Exim Exim 4.68
Exim Exim 4.61
Exim Exim 4.60
Exim Exim 4.42
Exim Exim 4.41
Exim Exim 4.24
Exim Exim 4.23
Exim Exim 4.10
Exim Exim 4.05
Exim Exim 4.75
Exim Exim 4.74
Exim Exim 4.67
Exim Exim 4.66
Exim Exim 4.54
Exim Exim 4.53
Exim Exim 4.40
Exim Exim 4.34
Exim Exim 4.22
Exim Exim 4.21
NA
CVE-2014-2957
The dmarc_process function in dmarc.c in Exim prior to 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote malicious users to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
Exim Exim 4.77
Exim Exim 4.76
Exim Exim 4.75
Exim Exim 4.74
Exim Exim 4.60
Exim Exim 4.54
Exim Exim 4.53
Exim Exim 4.52
Exim Exim 4.24
Exim Exim 4.23
Exim Exim 4.22
Exim Exim 4.21
Exim Exim 4.20
Exim Exim 4.80.1
Exim Exim 4.72
Exim Exim 4.70
Exim Exim 4.65
Exim Exim 4.63
Exim Exim 4.61
Exim Exim 4.51
Exim Exim 4.44
Exim Exim 4.32
NA
CVE-2010-4344
Heap-based buffer overflow in the string_vformat function in string.c in Exim prior to 4.70 allows remote malicious users to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to impro...
Exim Exim 2.11
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 3.10
Exim Exim 4.40
Exim Exim 4.52
2 EDB exploits
2 Nmap scripts
2 Github repositories
NA
CVE-2011-1764
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim prior to 4.76 might allow remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstra...
Exim Exim 4.50
Exim Exim 4.44
Exim Exim 4.63
Exim Exim 4.62
Exim Exim 4.61
Exim Exim 4.21
Exim Exim 4.22
Exim Exim 4.41
Exim Exim 4.40
Exim Exim 4.03
Exim Exim 4.02
Exim Exim 3.32
Exim Exim 3.31
Exim Exim 3.14
Exim Exim 3.13
Exim Exim 2.12
Exim Exim 2.11
Exim Exim 4.74
Exim Exim
Exim Exim 4.51
Exim Exim 4.30
Exim Exim 4.64
2 Nmap scripts
1 Github repository
NA
CVE-2011-0017
The open_log function in log.c in Exim 4.72 and previous versions does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
Exim Exim 4.43
Exim Exim 4.34
Exim Exim 4.61
Exim Exim 4.60
Exim Exim 4.42
Exim Exim 4.65
Exim Exim 4.32
Exim Exim 4.20
Exim Exim 4.02
Exim Exim 4.01
Exim Exim 3.30
Exim Exim 3.22
Exim Exim 3.12
Exim Exim 3.11
Exim Exim 2.11
Exim Exim 2.10
Exim Exim 4.69
Exim Exim 4.50
Exim Exim 4.44
Exim Exim 4.63
Exim Exim 4.62
Exim Exim 4.21
NA
CVE-2010-4345
Exim 4.72 and previous versions allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
Exim Exim 2.11
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
1 EDB exploit
2 Metasploit modules
2 Nmap scripts
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started