Shodan
Vulnerabilities
Vulnerable Software
Exim:  >> Exim  >> 4.72  Security Vulnerabilities
CVE-2016-9963
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
CVSS Score
5.9
EPSS Score
0.017
Published
2017-02-01
CVE-2016-1531
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
CVSS Score
7.0
EPSS Score
0.568
Published
2016-04-07
CVE-2014-2957
The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
CVSS Score
6.8
EPSS Score
0.018
Published
2014-09-04
CVE-2014-2972
expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
CVSS Score
4.6
EPSS Score
0.002
Published
2014-09-04
CVE-2012-5671
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
CVSS Score
6.8
EPSS Score
0.357
Published
2012-10-31
CVE-2011-1764
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
CVSS Score
7.5
EPSS Score
0.047
Published
2011-10-05
CVE-2011-1407
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
CVSS Score
7.5
EPSS Score
0.007
Published
2011-05-16
CVE-2011-0017
The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
CVSS Score
6.9
EPSS Score
0.001
Published
2011-02-02
CVE-2010-4345
Known exploited
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
CVSS Score
7.8
EPSS Score
0.069
Published
2010-12-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved