Latest Security News about exim 4 92

Remote Code Execution in Exim from (4.92 through 4.92.2)

Overview : Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. Affected Product(s) : Exim 4.92 through 4.92.2 Vulnerability Details : CVE ID : CVE-2019-16928 Heap-based buffer overflow in string_vformat, remote code execution seems to be […]

cPanel before 84.0.20 allows a demo account to achieve remote code execution

Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544). Vulnerability Details : CVE ID : CVE-2020-10119 Skip to end of metadata Created by Documentation, last modified yesterday at 3:08 PM Go to start of metadata 84.0.22 2020-03-16 [security] Fixed case SEC-505: Bandwidth suspensions can be triggered [...]

Exim Privilege Escalation Vulnerability

Exim was found to be prone to a privilege escalation vulnerability. An attacker can make use of this vulnerability to execute programs with root privilege. CVE-2019-13917 Affected versions :- Exim Exim 4.92 Exim Exim 4.91 Exim Exim 4.90 Exim Exim 4.89 Exim Exim 4.88 Exim Exim 4.87