Debian Exim4 vulnerabilities

63 known vulnerabilities affecting debian/exim4.

Total CVEs

63

CISA KEV

5

actively exploited

Public exploits

9

Exploited in wild

6

Severity breakdown

CRITICAL16HIGH26MEDIUM11LOW10

Vulnerabilities

Page 4 of 4

CVE-2004-0400HIGHCVSS 7.5fixed in exim4 4.33-1 (bookworm)2004

CVE-2004-0400 [HIGH] CVE-2004-0400: exim4 - Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax... Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check. Scope: local bookworm: resolved (fixed in 4.33-1) bullseye: resolved (fixed in 4.33-1) forky: resolved (fixed in 4.33-1) sid: resolved (fixed in 4.33-1) trixi

CVE-2004-0399HIGHCVSS 7.5PoCfixed in exim4 4.33-1 (bookworm)2004

CVE-2004-0399 [HIGH] CVE-2004-0399: exim4 - Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the ... Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. Scope: local bookworm: resolved (fixed in 4.33-1) bullseye: resolved (fixed in 4.33-1) forky: resolved (fixed in 4.33-1) sid: resolved (fixed in

CVE-2002-1381HIGHCVSS 7.2PoCfixed in exim4 4.11-0.0.1 (bookworm)2002

CVE-2002-1381 [HIGH] CVE-2002-1381: exim4 - Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x throu... Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value. Scope: local bookworm: resolved (fixed in 4.11-0.0.1) bullseye: resolved (fixed in 4.11-0.0.1) forky: resolved (fixed in 4.11-0.0.1) sid: resolved (fixed in 4.11-0.0.1) trixie: resolved

← Previous4 / 4