| VID |
18115 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
The Exim SMTP server, according to its version number, is vulnerable to multiple buffer overflows.
Exim, developed by the University of Cambridge, is an open-source Mail Transfer Agent for various Unix platforms.
According to its banner, the version of Exim running on the remote host is between 4.70 and 4.80 inclusive. It therefore is potentially affected by a remote, heap-based buffer overflow vulnerability when decoding DKIM (DomainKeys Identified Mail) DNS records that can be triggered by a specially crafted email sent from a domain under the attacker's control.
By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
* Note: This check solely relied on the banner of the remote SMTP server to assess this vulnerability, so this might be a false positive.
* References:
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.80.1
https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
* Platforms Affected:
Cambridge University, Exim versions between 4.70 and 4.80
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest exim package (4.80.1 or later), available from the Exim Internet Mailer Web site at http://www.exim.org/ |
| Related URL |
CVE-2012-5671 (CVE) |
| Related URL |
56285 (SecurityFocus) |
| Related URL |
(ISS) |
|
