First published: Thu Sep 28 2023(Updated: )
[Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability]
Credit: zdi-disclosures@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Exim Exim | ||
ubuntu/exim4 | <4.96.2 | 4.96.2 |
ubuntu/exim4 | <4.96-17ubuntu2.1 | 4.96-17ubuntu2.1 |
ubuntu/exim4 | <4.90.1-1ubuntu1.10+ | 4.90.1-1ubuntu1.10+ |
ubuntu/exim4 | <4.93-13ubuntu1.9 | 4.93-13ubuntu1.9 |
ubuntu/exim4 | <4.95-4ubuntu2.4 | 4.95-4ubuntu2.4 |
ubuntu/exim4 | <4.96-14ubuntu1.3 | 4.96-14ubuntu1.3 |
ubuntu/exim4 | <4.82-3ubuntu2.4+ | 4.82-3ubuntu2.4+ |
ubuntu/exim4 | <4.86.2-2ubuntu2.6+ | 4.86.2-2ubuntu2.6+ |
debian/exim4 | <=4.92-8+deb10u6<=4.92-8+deb10u9<=4.94.2-7+deb11u2 | 4.96-15+deb12u4 4.97-5 4.97-8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-42119.
The severity of CVE-2023-42119 is low, with a severity value of 3.1.
CVE-2023-42119 allows network-adjacent attackers to disclose sensitive information on affected installations of Exim.
No, authentication is not required to exploit CVE-2023-42119.
The recommended remedy for CVE-2023-42119 is to update Exim to version 4.96.2 or apply the respective patches provided by the vendor.