Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5597-1:F2A5B
HistoryJan 04, 2024 - 10:01 p.m.

[SECURITY] [DSA 5597-1] exim4 security update

2024-01-0422:01:39
lists.debian.org
51
cve-2023-51766
debian security tracker
debian bug 1059387
stable distribution
oldstable distribution
security update
exim mail transport agent

AI Score

5.1

Confidence

High

EPSS

0.003

Percentile

68.3%

JSON

Debian Security Advisory DSA-5597-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
January 04, 2024 https://www.debian.org/security/faq

Package : exim4
CVE ID : CVE-2023-51766
Debian Bug : 1059387

It was discovered that Exim, a mail transport agent, can be induced to
accept a second message embedded as part of the body of a first message
in certain configurations where PIPELINING or CHUNKING on incoming
connections is offered.

For the oldstable distribution (bullseye), this problem has been fixed
in version 4.94.2-7+deb11u2.

For the stable distribution (bookworm), this problem has been fixed in
version 4.96-15+deb12u4.

We recommend that you upgrade your exim4 packages.

For the detailed security status of exim4 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/exim4

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian12allexim4< 4.96-15+deb12u4exim4_4.96-15+deb12u4_all.deb
Debian12allexim4-daemon-light< 4.96-15+deb12u4exim4-daemon-light_4.96-15+deb12u4_all.deb
Debian12alleximon4< 4.96-15+deb12u4eximon4_4.96-15+deb12u4_all.deb
Debian11allexim4-config< 4.94.2-7+deb11u2exim4-config_4.94.2-7+deb11u2_all.deb
Debian11allexim4-daemon-heavy< 4.94.2-7+deb11u2exim4-daemon-heavy_4.94.2-7+deb11u2_all.deb
Debian11allexim4-dev< 4.94.2-7+deb11u2exim4-dev_4.94.2-7+deb11u2_all.deb
Debian11allexim4-base< 4.94.2-7+deb11u2exim4-base_4.94.2-7+deb11u2_all.deb
Debian12allexim4-dev< 4.96-15+deb12u4exim4-dev_4.96-15+deb12u4_all.deb
Debian11alleximon4< 4.94.2-7+deb11u2eximon4_4.94.2-7+deb11u2_all.deb
Debian12allexim4-config< 4.96-15+deb12u4exim4-config_4.96-15+deb12u4_all.deb
Rows per page:
1-10 of 141

Related

veracode 1
cvelist 1
nessus 7
alpinelinux 1
openvas 7
ubuntu 1
prion 1
osv 6
amazon 1
fedora 2
debiancve 1
ubuntucve 1
debian 1
cve 1
redos 1
nvd 1
cgr 1
wolfi 1
cert 1
gentoo 1
veracode
veracode
Insufficient Verification Of Data Authenticity
2023-12-26 12:49:28
cvelist
cvelist
CVE-2023-51766
2023-12-24 00:00:00
nessus
nessus
Fedora 39 : exim (2024-1ef6197a49)
2024-01-11 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Exim vulnerability (USN-6611-1)
2024-01-29 00:00:00
Fedora 38 : exim (2024-e0841c83bb)
2024-01-11 00:00:00
alpinelinux
alpinelinux
CVE-2023-51766
2023-12-24 06:15:07
openvas
openvas
Debian: Security Advisory (DSA-5597-1)
2024-01-12 00:00:00
Exim < 4.97.1 SMTP Smuggling Vulnerability (Dec 2023)
2024-01-10 00:00:00
Ubuntu: Security Advisory (USN-6611-1)
2024-01-30 00:00:00
ubuntu
ubuntu
Exim vulnerability
2024-01-29 00:00:00
prion
prion
Code injection
2023-12-24 06:15:00
osv
osv
exim4 vulnerability
2024-01-29 10:52:45
CVE-2023-51766
2023-12-24 06:15:07
exim-4.97.1-1.1 on GA media
2024-06-15 00:00:00
amazon
amazon
Important: exim
2024-01-19 01:19:00
fedora
fedora
[SECURITY] Fedora 39 Update: exim-4.97.1-1.fc39
2024-01-12 01:12:17
[SECURITY] Fedora 38 Update: exim-4.97.1-1.fc38
2024-01-12 01:00:14
debiancve
debiancve
CVE-2023-51766
2023-12-24 06:15:07
ubuntucve
ubuntucve
CVE-2023-51766
2023-12-24 00:00:00
debian
debian
[SECURITY] [DLA 3708-1] exim4 security update
2024-01-05 22:08:00
cve
cve
CVE-2023-51766
2023-12-24 06:15:07
redos
redos
ROS-20240408-20
2024-04-08 00:00:00
nvd
nvd
CVE-2023-51766
2023-12-24 06:15:07
cgr
cgr
CVE-2023-51766 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2023-51766 vulnerabilities
2024-09-30 03:53:08
cert
cert
SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies
2024-01-16 00:00:00
gentoo
gentoo
Exim: Multiple Vulnerabilities
2024-02-18 00:00:00

AI Score

5.1

Confidence

High

EPSS

0.003

Percentile

68.3%

JSON
Related for DEBIAN:DSA-5597-1:F2A5B
veracode1cvelist1nessus7alpinelinux1openvas7ubuntu1prion1osv6amazon1fedora2debiancve1ubuntucve1debian1cve1redos1nvd1cgr1wolfi1cert1gentoo1