vulnerability
Ubuntu: USN-4075-1 (CVE-2019-13917): Exim vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jul 25, 2019 | Jul 26, 2019 | Mar 22, 2023 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jul 25, 2019
Added
Jul 26, 2019
Modified
Mar 22, 2023
Description
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
Solutions
ubuntu-upgrade-exim4-daemon-heavyubuntu-upgrade-exim4-daemon-light
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.