Test ID:	1.3.6.1.4.1.25623.1.0.892650
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-2650-1)
Summary:	The remote host is missing an update for the Debian 'exim4' package(s) announced via the DLA-2650-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'exim4' package(s) announced via the DLA-2650-1 advisory. Vulnerability Insight: The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution. Details can be found in the Qualys advisory at [link moved to references] For Debian 9 stretch, these problems have been fixed in version 4.89-2+deb9u8. We recommend that you upgrade your exim4 packages. For the detailed security status of exim4 please refer to its security tracker page at: [link moved to references] Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'exim4' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-28007 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28007-LFDIR.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28008 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28008-SPDIR.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28009 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28009-STDIN.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28011 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28011-SPRSS.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28012 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28012-CLOSE.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28013 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28013-PFPSN.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28014 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28014-PIDFP.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28015 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28015-NLEND.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28017 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28017-RCPTL.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28019 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28019-BDATA.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28020 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28020-HSIZE.txt http://www.openwall.com/lists/oss-security/2021/07/25/1 http://www.openwall.com/lists/oss-security/2021/08/03/1 Common Vulnerability Exposure (CVE) ID: CVE-2020-28021 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28021-MAUTH.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28022 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28022-EXOPT.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28023 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28023-SCHAD.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28024 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28024-UNGET.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28025 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28025-BHASH.txt Common Vulnerability Exposure (CVE) ID: CVE-2020-28026 https://www.exim.org/static/doc/security/CVE-2020-qualys/CVE-2020-28026-FGETS.txt
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.