Executive Summary
| Summary | |
|---|---|
| Title | exim4 security update |
| Informations | |||
|---|---|---|---|
| Name | DSA-2236 | First vendor Publication | 2011-05-12 |
| Vendor | Debian | Last vendor Modification | 2011-05-12 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| It was discovered that Exim, Debian's default mail transfer agent, is vulnerable to command injection attacks in its DKIM processing code, leading to arbitrary code execution. (CVE-2011-1407) The default configuration supplied by Debian does not expose this vulnerability. The oldstable distribution (lenny) is not affected by this problem. For the stable distribution (squeeze), this problem has been fixed in version 4.72-6+squeeze2. For the unstable distribution (sid), this problem has been fixed in version 4.76-1. We recommend that you upgrade your exim4 packages. |
Original Source
| Url : http://www.debian.org/security/2011/dsa-2236 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:12805 | |||
| Oval ID: | oval:org.mitre.oval:def:12805 | ||
| Title: | DSA-2236-1 exim4 -- command injection | ||
| Description: | It was discovered that Exim, Debian's default mail transfer agent, is vulnerable to command injection attacks in its DKIM processing code, leading to arbitrary code execution. The default configuration supplied by Debian does not expose this vulnerability. The oldstable distribution is not affected by this problem. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2236-1 CVE-2011-1407 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | exim4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13499 | |||
| Oval ID: | oval:org.mitre.oval:def:13499 | ||
| Title: | USN-1135-1 -- exim4 vulnerability | ||
| Description: | exim4: metapackage to ease Exim MTA installation an attacker could send crafted input to Exim and cause it to run programs as the Exim user. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1135-1 CVE-2011-1407 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | exim4 |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 6 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-03 | Name : Debian Security Advisory DSA 2236-1 (exim4) File : nvt/deb_2236_1.nasl |
| 2011-08-03 | Name : FreeBSD Ports: exim File : nvt/freebsd_exim3.nasl |
| 2011-06-03 | Name : Ubuntu Update for exim4 USN-1135-1 File : nvt/gb_ubuntu_USN_1135_1.nasl |
| 2011-05-23 | Name : Fedora Update for exim FEDORA-2011-7047 File : nvt/gb_fedora_2011_7047_exim_fc14.nasl |
| 2011-05-23 | Name : Fedora Update for exim FEDORA-2011-7059 File : nvt/gb_fedora_2011_7059_exim_fc13.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 72642 | Exim DKIM Identity Lookup Item Remote Code Execution |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-08-12 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-482.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_exim-110524.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_exim-110524.nasl - Type : ACT_GATHER_INFO |
| 2014-01-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-32.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1135-1.nasl - Type : ACT_GATHER_INFO |
| 2011-05-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7111.nasl - Type : ACT_GATHER_INFO |
| 2011-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7047.nasl - Type : ACT_GATHER_INFO |
| 2011-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7059.nasl - Type : ACT_GATHER_INFO |
| 2011-05-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_36594c547be711e098380022156e8794.nasl - Type : ACT_GATHER_INFO |
| 2011-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2236.nasl - Type : ACT_GATHER_INFO |
| 2011-05-10 | Name : The remote mail server is potentially affected by a format string vulnerability. File : exim_4_76.nasl - Type : ACT_ATTACK |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:30:09 |
|
