Intrusion Prevention

Exim.Verification.Header.Buffer.Overflow

Description

Exim has a stack-based buffer overflow. A remote attacker can execute arbitrary code on the system of the service with the system privilege via malicious e-mail. It is dependent on setting ?verify = header_syntax? in the exim.conf configuration file, which is not the default setting.

Affected Products

Exim 3.35, and other versions before 4

Impact

Gain unauthorised access to the victim system.

Recommended Actions

Upgrade to the latest version of exim (3.35-3woody2 or later).

CVE References

CVE-2004-0399 CVE-2005-1987