Exim.Verification.Header.Buffer.Overflow
Description
Exim has a stack-based buffer overflow. A remote attacker can execute arbitrary code on the system of the service with the system privilege via malicious e-mail. It is dependent on setting ?verify = header_syntax? in the exim.conf configuration file, which is not the default setting.
Affected Products
Exim 3.35, and other versions before 4
Impact
Gain unauthorised access to the victim system.
Recommended Actions
Upgrade to the latest version of exim (3.35-3woody2 or later).
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |