SMTP: Exim4 Malformed Header
This signature detects attempts to exploit a known remote code-execution vulnerability in Exim4. Attackers can exploit this issue to execute code as the"exim" user and can leverage this issue to launch further attacks. Versions prior to Exim 4.70 are vulnerable.
Extended Description
Exim is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute code as the 'exim' user. Attackers can leverage this issue to launch further attacks. Versions prior to Exim 4.70 are vulnerable.
Affected Products
Debian linux
References
BugTraq: 45308
CVE: CVE-2010-4344
URL: http://www.kb.cert.org/vuls/id/682457 http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html http://www.exim.org/ http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html http://twitter.com/#!/hdmoore/status/12912834514001920
Short Name
SMTP:MAL:EXIM4-HEADER
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2010-4344 Exim4 Header Malformed bid:45308
Release Date
01/06/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Avaya
Cpanel
University_of_cambridge
Debian
CVSS Score
9.3