Multiple vulnerabilities have been discovered in Exim, the most severe of which could allow for remote code execution. Exim is a mail transfer agent used to deploy mail servers on Unix-like systems. Successful exploitation of the most severe of these vulnerabilities will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Category Archives: Advisories
Multiple Vulnerabilities in Exim Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Exim, the most severe of which could allow for remote code execution. Exim is a mail transfer agent used to deploy mail servers on Unix-like systems. Successful exploitation of the most severe of these vulnerabilities will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Backdoor.Win32.Guptachar.20 / Insecure Credential Storage
Posted by malvuln on Aug 08
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Guptachar.20
Vulnerability: Insecure Credential Storage
Description: The malware runs a web server on TCP port 2015 (default) and
uses BASIC authentication. The credentials “hacker01:imchampgr8” get stored
in a…
FreeBSD-EN-22:19.pam_exec
FreeBSD-EN-22:18.wifi
FreeBSD-EN-22:17.cam
FreeBSD-EN-22:16.kqueue
DSA-5204 gst-plugins-good1.0 – security update
Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins
to demux Mastroska and AVI files which could result in denial of service
or the execution of arbitrary code.
rubygem-tzinfo-1.2.10-1.el7
FEDORA-EPEL-2022-55ddc1978f
Packages in this update:
rubygem-tzinfo-1.2.10-1.el7
Update description:
Security fix for CVE-2022-31163 ; Update to 1.2.10 (#2110552)
fzf-0.29.0-2.fc35
FEDORA-2022-30c5ed5625
Packages in this update:
fzf-0.29.0-2.fc35
Update description:
Rebuilt for CVE-2022-1705, CVE-2022-1962, CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-28131, CVE-2022-29526, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148 in Golang