Russian Vulnerability Scanner Database

Back to List

BDU:2019-03238

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

CVSS

10.0critical2.0
0246810

CVSS Score: 10.0/10

All CVSS Scores

CVSS 2.0
10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Description

Уязвимость почтового сервера Exim связана с ошибками обработки объектов в памяти. Эксплуатация уязвимости позволяет нарушителю, действующему удаленно, получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

bdu

Related Vulnerabilities

CVE-2019-15846

Exploits

Exploit ID: BDU:2019-03238

Source: bdu_exploit

URL: https://bdu.fstec.ru/vul

Exploit ID: CVE-2019-15846

Source: github-poc

URL: https://github.com/synacktiv/Exim-CVE-2019-15846

Reference Links

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-15846
http://exim.org/static/doc/security/CVE-2019-15846.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/166497
https://lists.fedoraproject.org/archives/list/package-announce
lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/
https://lists.fedoraproject.org/archives/list/package-announce
lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/
https://lists.fedoraproject.org/archives/list/package-announce
lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/
https://nvd.nist.gov/vuln/detail/CVE-2019-15846
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15846.html?_ga=2.138283187.2084122935.1568005322-1618695258.1547637860
https://security-tracker.debian.org/tracker/CVE-2019-15846
https://usn.ubuntu.com/4124-1/
https://usn.ubuntu.com/4124-2/
https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210611SE16
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81
https://www.debian.org/security/2019/dsa-4517
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023

Recommendations

Source: bdu

Использование рекомендаций:

Для exim:

http://exim.org/static/doc/security/CVE-2019-15846.txt

Для Debian GNU/Linux:

https://www.debian.org/security/2019/dsa-4517
https://security-tracker.debian.org/tracker/CVE-2019-15846

Для Ubuntu:

https://usn.ubuntu.com/4124-1/

https://usn.ubuntu.com/4124-2/



Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM

Для Astra Linux:
Обновление программного обеспечения (пакета exim4) до 4.89-2+deb9u6 или более поздней версии
Использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16

Для ОС ОН «Стрелец»:
Обновление программного обеспечения exim4 до версии 4.89-2+deb9u8

URL: https://bdu.fstec.ru/vul/2019-03238

Vulnerable Software (14)

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: ubuntu 18.04 LTS

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: fedora 29

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: ubuntu 19.04

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: fedora 30

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: debian gnu/linux 10

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: fedora 31

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: astra 8.1

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: astra 1.5

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: debian gnu/linux 9

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: ubuntu 14.04 ESM

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: debian gnu/linux 8

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: strelets *

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: astra 1.6

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

Type: Configuration

Vendor: gnu general public license

Product: exim

Operating System: ubuntu 16.04 LTS

Trait: 
{  "version_end_excluding": "4.92.2"}

Source: bdu

End of list