This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:exim:exim:4.05 |
| Detail | |||
|---|---|---|---|
| Vendor | Exim | First view | 2010-06-07 |
| Product | Exim | Last view | 2018-02-08 |
| Version | 4.05 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:exim:exim | ||
Activity : Overall
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.5 | 2018-02-08 | CVE-2018-6789 | Network | Low | None Requ... | |
| 2.1 | 2017-06-19 | CVE-2017-1000369 | Local | Low | None Requ... | |
| 2.6 | 2017-02-01 | CVE-2016-9963 | Network | High | None Requ... | |
| 6.9 | 2016-04-07 | CVE-2016-1531 | Local | Medium | None Requ... | |
| 4.6 | 2014-09-04 | CVE-2014-2972 | Local | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 6.8 | 2014-09-04 | CVE-2014-2957 | Network | Medium | None Requ... | |
| 7.5 | 2011-10-04 | CVE-2011-1764 | Network | Low | None Requ... | |
| 6.9 | 2011-02-01 | CVE-2011-0017 | Local | Medium | None Requ... | |
| 6.9 | 2010-12-14 | CVE-2010-4345 | Local | Medium | None Requ... | |
| 9.3 | 2010-12-14 | CVE-2010-4344 | Network | Medium | None Requ... | |
| 4.4 | 2010-06-07 | CVE-2010-2024 | Local | Medium | None Requ... | |
| 4.4 | 2010-06-07 | CVE-2010-2023 | Local | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 23% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 15% (2) | CWE-362 | Race Condition |
| 15% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 15% (2) | CWE-20 | Improper Input Validation |
| 7% (1) | CWE-320 | Key Management Errors |
| % | id | Name |
|---|---|---|
| 7% (1) | CWE-189 | Numeric Errors |
| 7% (1) | CWE-134 | Uncontrolled Format String |
| 7% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:12931 | DSA-2154-1 exim4 -- privilege escalation |
| oval:org.mitre.oval:def:12692 | DSA-2154-2 exim4 -- privilege escalation / regression |
| oval:org.mitre.oval:def:22059 | RHSA-2010:0970: exim security update (Critical) |
| oval:org.mitre.oval:def:13170 | USN-1032-1 -- exim4 vulnerability |
| oval:org.mitre.oval:def:23061 | ELSA-2010:0970: exim security update (Critical) |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:21735 | RHSA-2011:0153: exim security update (Moderate) |
| oval:org.mitre.oval:def:12720 | DSA-2131-1 exim4 -- arbitrary code execution |
| oval:org.mitre.oval:def:22839 | ELSA-2011:0153: exim security update (Moderate) |
| oval:org.mitre.oval:def:13736 | USN-1060-1 -- exim4 vulnerabilities |
| oval:org.mitre.oval:def:14030 | USN-1130-1 -- exim4 vulnerability |
| oval:org.mitre.oval:def:12038 | DSA-2232-1 exim4 -- format string vulnerability |
SAINT Exploits
| Description | Link |
|---|---|
| Exim SMTP listener base64d function one-character buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 72156 | Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Form... |
| 70696 | Exim log.c open_log() Function Local Privilege Escalation |
| 69860 | Exim exim User Account Configuration File Directive Local Privilege Escalation |
| 69685 | Exim string_format Function Remote Overflow |
| 65159 | Exim transports/appendfile.c MBX Locking Race Condition Permission Modification |
| id | Description |
|---|---|
| 65158 | Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite |
ExploitDB Exploits
| id | Description |
|---|---|
| 16925 | Exim4 <= 4.69 string_format Function Heap Buffer Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-13 | Name : SuSE Update for exim openSUSE-SU-2012:1404-1 (exim) File : nvt/gb_suse_2012_1404_1.nasl |
| 2012-07-30 | Name : CentOS Update for exim CESA-2011:0153 centos4 x86_64 File : nvt/gb_CESA-2011_0153_exim_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for exim CESA-2011:0153 centos5 x86_64 File : nvt/gb_CESA-2011_0153_exim_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for exim CESA-2010:0970 centos4 x86_64 File : nvt/gb_CESA-2010_0970_exim_centos4_x86_64.nasl |
| 2011-08-09 | Name : CentOS Update for exim CESA-2011:0153 centos5 i386 File : nvt/gb_CESA-2011_0153_exim_centos5_i386.nasl |
| id | Description |
|---|---|
| 2011-08-03 | Name : FreeBSD Ports: exim File : nvt/freebsd_exim3.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2232-1 (exim4) File : nvt/deb_2232_1.nasl |
| 2011-05-23 | Name : Fedora Update for exim FEDORA-2011-7047 File : nvt/gb_fedora_2011_7047_exim_fc14.nasl |
| 2011-05-23 | Name : Fedora Update for exim FEDORA-2011-7059 File : nvt/gb_fedora_2011_7059_exim_fc13.nasl |
| 2011-05-17 | Name : Ubuntu Update for exim4 USN-1130-1 File : nvt/gb_ubuntu_USN_1130_1.nasl |
| 2011-04-19 | Name : Fedora Update for exim FEDORA-2010-12375 File : nvt/gb_fedora_2010_12375_exim_fc14.nasl |
| 2011-03-05 | Name : exim -- local privilege escalation File : nvt/freebsd_exim2.nasl |
| 2011-02-11 | Name : Ubuntu Update for exim4 vulnerabilities USN-1060-1 File : nvt/gb_ubuntu_USN_1060_1.nasl |
| 2011-01-31 | Name : CentOS Update for exim CESA-2011:0153 centos4 i386 File : nvt/gb_CESA-2011_0153_exim_centos4_i386.nasl |
| 2011-01-31 | Name : CentOS Update for exim CESA-2010:0970 centos4 i386 File : nvt/gb_CESA-2010_0970_exim_centos4_i386.nasl |
| 2011-01-24 | Name : FreeBSD Ports: exim File : nvt/freebsd_exim1.nasl |
| 2011-01-21 | Name : RedHat Update for exim RHSA-2011:0153-01 File : nvt/gb_RHSA-2011_0153-01_exim.nasl |
| 2011-01-04 | Name : SuSE Update for exim SUSE-SA:2010:059 File : nvt/gb_suse_2010_059.nasl |
| 2010-12-28 | Name : Ubuntu Update for exim4 vulnerability USN-1032-1 File : nvt/gb_ubuntu_USN_1032_1.nasl |
| 2010-12-28 | Name : RedHat Update for exim RHSA-2010:0970-01 File : nvt/gb_RHSA-2010_0970-01_exim.nasl |
| 2010-06-11 | Name : Fedora Update for exim FEDORA-2010-9506 File : nvt/gb_fedora_2010_9506_exim_fc12.nasl |
| 2010-06-11 | Name : Fedora Update for exim FEDORA-2010-9524 File : nvt/gb_fedora_2010_9524_exim_fc13.nasl |
| 2010-06-03 | Name : Exim < 4.72 RC2 Multiple Vulnerabilities File : nvt/gb_exim_4_72.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-06-12 | EHLO user overflow attempt RuleID : 46610 - Type : SERVER-MAIL - Revision : 2 |
| 2014-01-10 | AUTH user overflow attempt RuleID : 3824 - Type : SERVER-MAIL - Revision : 16 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2018-03-09 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-970.nasl - Type : ACT_GATHER_INFO |
| 2018-03-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201803-01.nasl - Type : ACT_GATHER_INFO |
| 2018-03-06 | Name : The remote mail server is potentially affected by a buffer overflow vulnerabi... File : exim_4_90_1.nasl - Type : ACT_GATHER_INFO |
| 2018-02-27 | Name : The remote Fedora host is missing a security update. File : fedora_2018-25a7ba3cb6.nasl - Type : ACT_GATHER_INFO |
| 2018-02-27 | Name : The remote Fedora host is missing a security update. File : fedora_2018-5aec14e125.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2018-02-12 | Name : The remote Debian host is missing a security update. File : debian_DLA-1274.nasl - Type : ACT_GATHER_INFO |
| 2018-02-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4110.nasl - Type : ACT_GATHER_INFO |
| 2018-02-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_316b3c3e0e9811e88d4197657151f8c2.nasl - Type : ACT_GATHER_INFO |
| 2017-10-23 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa_10826.nasl - Type : ACT_GATHER_INFO |
| 2017-09-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201709-19.nasl - Type : ACT_GATHER_INFO |
| 2017-09-01 | Name : The remote Fedora host is missing a security update. File : fedora_2017-f5177f3a16.nasl - Type : ACT_GATHER_INFO |
| 2017-08-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-980.nasl - Type : ACT_GATHER_INFO |
| 2017-06-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-714.nasl - Type : ACT_GATHER_INFO |
| 2017-06-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-1001.nasl - Type : ACT_GATHER_INFO |
| 2017-06-22 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8c1a271d56cf11e7b9fec13eb7bcbf4f.nasl - Type : ACT_GATHER_INFO |
| 2017-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3888.nasl - Type : ACT_GATHER_INFO |
| 2017-06-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3322-1.nasl - Type : ACT_GATHER_INFO |
| 2017-03-07 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-804.nasl - Type : ACT_GATHER_INFO |
| 2017-01-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3164-1.nasl - Type : ACT_GATHER_INFO |
| 2016-12-27 | Name : The remote Debian host is missing a security update. File : debian_DLA-762.nasl - Type : ACT_GATHER_INFO |
| 2016-12-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3747.nasl - Type : ACT_GATHER_INFO |
| 2016-12-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_e7002b26caaa11e6a76a9f7324e5534e.nasl - Type : ACT_GATHER_INFO |
| 2016-07-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201607-12.nasl - Type : ACT_GATHER_INFO |
| 2016-03-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2933-1.nasl - Type : ACT_GATHER_INFO |
| 2016-03-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3517.nasl - Type : ACT_GATHER_INFO |
