Joined: 12 May 2004
|Posted: Tue May 04, 2021 8:26 pm Post subject: [ GLSA 202105-01 ] Exim
|Gentoo Linux Security Advisory
Title: Exim: Multiple vulnerabilities (GLSA 202105-01)
Exploitable: local, remote
Multiple vulnerabilities have been found in Exim, the worst of
which allows remote attackers to execute arbitrary code.
Exim is a message transfer agent (MTA) designed to be a a highly
configurable, drop-in replacement for sendmail.
Vulnerable: < 4.94.2
Unaffected: >= 4.94.2
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Exim. Please review the
CVE identifiers referenced below for details.
A remote attacker, by connecting to the SMTP listener daemon, could
possibly execute arbitrary code with the privileges of the process or
cause a Denial of Service condition. Furthermore, a local attacker could
perform symlink attacks to overwrite arbitrary files with the privileges
of the user running the application or escalate privileges.
There is no known workaround at this time.
All Exim users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/exim-4.94.2"
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum