FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
61db9b88-d091-11e9-8d41-97657151f8c2	Exim -- RCE with root privileges in TLS SNI handler Exim developers report: If your Exim server accepts TLS connections, it is vulnerable. This does not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected. The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake. The exploit exists as a POC. For more details see the document qualys.mbx Discovery 2019-09-02 Entry 2019-09-06 exim < 4.92.2 https://git.exim.org/exim.git/blob_plain/2600301ba6dbac5c9d640c87007a07ee6dcea1f4:/doc/doc-txt/cve-2019-15846/cve.txt

VuXML ID

Description

61db9b88-d091-11e9-8d41-97657151f8c2

Exim -- RCE with root privileges in TLS SNI handler

Exim developers report:

If your Exim server accepts TLS connections, it is vulnerable. This does not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected.

The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake. The exploit exists as a POC. For more details see the document qualys.mbx

Discovery 2019-09-02
Entry 2019-09-06
exim

< 4.92.2

https://git.exim.org/exim.git/blob_plain/2600301ba6dbac5c9d640c87007a07ee6dcea1f4:/doc/doc-txt/cve-2019-15846/cve.txt