FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-29 10:45:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
36594c54-7be7-11e0-9838-0022156e8794	Exim -- remote code execution and information disclosure Release notes for Exim 4.76 says: Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a format-string attack -- SECURITY: remote arbitrary code execution. DKIM signature header parsing was double-expanded, second time unintentionally subject to list matching rules, letting the header cause arbitrary Exim lookups (of items which can occur in lists, not arbitrary string expansion). This allowed for information disclosure. Also, impact assessment was redone shortly after the original announcement: Further analysis revealed that the second security was more severe than I realised at the time that I wrote the announcement. The second security issue has been assigned CVE-2011-1407 and is also a remote code execution flaw. For clarity: both issues were introduced with 4.70. Discovery 2011-05-10 Entry 2011-05-14 exim ge 4.70 lt 4.76 CVE-2011-1764 CVE-2011-1407 https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html http://bugs.exim.org/show_bug.cgi?id=1106
7d09b9ee-e0ba-11e5-abc4-6fb07af136d2	exim -- local privillege escalation The Exim development team reports: All installations having Exim set-uid root and using 'perl_startup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim (and this is normally any user) can gain root privileges. If you do not use 'perl_startup' you should be safe. Discovery 2016-02-26 Entry 2016-03-02 exim < 4.86.2 < 4.85.2 < 4.84.2 CVE-2016-1531 https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html
44ccfab0-3564-11e0-8e81-0022190034c0	exim -- local privilege escalation exim.org reports: CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files. Discovery 2011-01-31 Entry 2011-02-10 exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim < 4.74 CVE-2011-0017 ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74
7d09b9ee-e0ba-11e5-abc4-6fb07af136d2	exim -- local privillege escalation The Exim development team reports: All installations having Exim set-uid root and using 'perl_startup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim (and this is normally any user) can gain root privileges. If you do not use 'perl_startup' you should be safe. Discovery 2016-02-26 Entry 2016-03-02 exim < 4.86.2 < 4.85.2 < 4.84.2 CVE-2016-1531 https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html
e7002b26-caaa-11e6-a76a-9f7324e5534e	exim -- DKIM private key leak The Exim project reports: Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTAL_DSN_INFO=yes is used, the key material is included in the bounce message. Discovery 2016-12-15 Entry 2016-12-25 exim gt 4.69 lt 4.87.1 https://exim.org/static/doc/CVE-2016-9963.txt CVE-2016-9963
8c1a271d-56cf-11e7-b9fe-c13eb7bcbf4f	exim -- Privilege escalation via multiple memory leaks Qualsys reports: Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time. Discovery 2017-06-19 Entry 2017-06-21 exim < 4.89_1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369
7d09b9ee-e0ba-11e5-abc4-6fb07af136d2	exim -- local privillege escalation The Exim development team reports: All installations having Exim set-uid root and using 'perl_startup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim (and this is normally any user) can gain root privileges. If you do not use 'perl_startup' you should be safe. Discovery 2016-02-26 Entry 2016-03-02 exim < 4.86.2 < 4.85.2 < 4.84.2 CVE-2016-1531 https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html
e4fcf020-0447-11e0-becc-0022156e8794	exim -- local privilege escalation David Woodhouse reports: Secondly a privilege escalation where the trusted 'exim' user is able to tell Exim to use arbitrary config files, in which further ${run ...} commands will be invoked as root. Discovery 2010-12-10 Entry 2011-01-08 exim < 4.73 CVE-2010-4345 http://www.exim.org/lurker/message/20101209.022730.dbb6732d.en.html https://bugzilla.redhat.com/show_bug.cgi?id=661756#c3
b0f3ab1f-1f3b-11e2-8fe9-0022156e8794	Exim -- remote code execution This vulnerability affects Exim instances built with DKIM enabled (this is the default for FreeBSD Exim port) and running verification of DKIM signatures on the incoming mail messages. Phil Penncock reports: This is a SECURITY release, addressing a CRITICAL remote code execution flaw in versions of Exim between 4.70 and 4.80 inclusive, when built with DKIM support (the default). This security vulnerability can be exploited by anyone who can send email from a domain for which they control the DNS. You are not vulnerable if you built Exim with DISABLE_DKIM or if you put this at the start of an ACL plumbed into acl_smtp_connect or acl_smtp_rcpt: warn control = dkim_disable_verify Discovery 2012-10-25 Entry 2012-10-26 exim ge 4.70 lt 4.80.1 CVE-2012-5671 https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
316b3c3e-0e98-11e8-8d41-97657151f8c2	exim -- a buffer overflow vulnerability, remote code execution Exim developers report: There is a buffer overflow in base64d(), if some pre-conditions are met. Using a handcrafted message, remote code execution seems to be possible. Discovery 2018-02-05 Entry 2018-02-10 exim < 4.90.1 https://exim.org/static/doc/security/CVE-2018-6789.txt
61db9b88-d091-11e9-8d41-97657151f8c2	Exim -- RCE with root privileges in TLS SNI handler Exim developers report: If your Exim server accepts TLS connections, it is vulnerable. This does not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected. The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake. The exploit exists as a POC. For more details see the document qualys.mbx Discovery 2019-09-02 Entry 2019-09-06 exim < 4.92.2 https://git.exim.org/exim.git/blob_plain/2600301ba6dbac5c9d640c87007a07ee6dcea1f4:/doc/doc-txt/cve-2019-15846/cve.txt