Security
Headlines
HeadlinesLatestCVEs

Headline

Debian Security Advisory 5512-1

Debian Linux Security Advisory 5512-1 - Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticators are used.

Packet Storm
#vulnerability#linux#debian#rce#auth
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5512-1                   [email protected]://www.debian.org/security/                     Salvatore BonaccorsoOctober 02, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : exim4CVE ID         : CVE-2023-42114 CVE-2023-42115 CVE-2023-42116Several vulnerabilities were discovered in Exim, a mail transport agent,which could result in remote code execution if the EXTERNAL or SPA/NTLMauthenticators are used.For the oldstable distribution (bullseye), these problems have been fixedin version 4.94.2-7+deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 4.96-15+deb12u2.We recommend that you upgrade your exim4 packages.For the detailed security status of exim4 please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/exim4Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUa1ApfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0TGThAAlhXEHvEOP7MfFaNN2Nh6Dl6wtFkPjYKB7wljZajtIkmk7IgsxREOMDC+In+344UwfMJyZB49uvO15EV1dcHwUlOAIaDrFMN4SyMVWP+OllFEDMnexQ0+UyuPm0AGMdvokXQq+5tgaRjP7ThOVM0z3+hbPzRr4tQi2tjB/0k1/p9vC4aDJuuf1i8MiVDvtF4s38zlB1f6oCezulgb+wd53VGjL6vk8nzCxWe6RNtpsxzZGdRnA30tDGaBPvdMSbDEcx85U7DViAtXzVvJe+1IdSTBxu8rrUqR9Md1V1zLf8PPyblENwZlc/zJ9ad+EuQnYwsiYUnE72pFYO1mR0b8aE7W8V1t96ijOr323oCN2aWI4HWiteEHcGt8UlE9CT1OG+c5caf7s0L984wEigJxYzc9gTtjX1Y5kh2CAjmvjxPO3v+jRQkPqP9i/x/ax0IvXXeffEUtru1qFscXsgsNru53yRHoGGCo1vwNNwBLuNyD48yFukNFc8rxKK+fjJrCOeSuM21k97T86k9B6sA26IFz/eQJtPXrSC6lzyU75RBWmbPrjEsnqv7GsGUtz1RLLqELhorv+u2SChWsxHMd5rOsZ46bDGoIe+SW7A568blD5P/fv36HYPPXPjFRU7XLS7SUE08cxMUkLHJWMJ/fwIIyEtjoL26oW7r60ITaljg==+Ajg-----END PGP SIGNATURE-----

Related news

Gentoo Linux Security Advisory 202402-18

Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.

Exim finally fixes 3 out of 6 vulnerabilities

Categories: Business Categories: News Tags: Exim Tags: mta Tags: cla Tags: spf Tags: nltm Tags: cvss Tags: cve-2023-42115 Tags: cve-2023-42116 Tags: cve-2023-42117 Tags: cve-2023-42118 Tags: cve-2023-42119 Tags: cve-2023-42114 Tags: dbs spa Six vulnerabilities in the Exim message transfer agent have been fixed—over a year after they were reported. (Read more...) The post Exim finally fixes 3 out of 6 vulnerabilities appeared first on Malwarebytes Labs.

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution