"Dead.Letter" Exim Vulnerability Scanner

  • Thread starter NoCapital
  • Start date
  • Tagged users None
NoCapital

NoCapital

Premium Member
Joined
March 26, 2024
Messages
72
Reaction score
355
Points
53
  • Thread Author
  • #1
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.


To see this hidden content, you need to "Reply & React" with one of the following reactions: Like Like, Love Love, Haha Haha, Wow Wow
 
You must log in or register to reply here.

Similar threads

ObsidianOmen
PHP 8 Exploit + Vulnerability
Replies
0
Views
166
ObsidianOmen
ObsidianOmen
ObsidianOmen
MySQL Vulnerability (CVE-2026-21060)
Replies
0
Views
52
ObsidianOmen
ObsidianOmen
ApexWolf
T-Mobile vulnerability with open ports
Replies
0
Views
205
ApexWolf
ApexWolf
xn0ES
CPanel DNS Cluster MITM Vulnerability (CVE-2026-32992) — Improper TLS Certificate Validation Leads to Credential Exposure and DNS Hijacking
Replies
5
Views
545
Gentleman0101
G
RoyalZyko
How to Use Nessus Essentials for Vulnerability Scanning
Replies
0
Views
468
RoyalZyko
RoyalZyko
  • Tags
    cybersecurity dead exim letter scanner vulnerability vulnerability scanner
    • Top