SMTP: Vulnerable Exim Version (3.0 through 4.20)
This signature detects EXIM MTA SMTP server versions 3.0 through 4.20, which contain buffer overflow vulnerabilities. Attackers can remotely execute malicious code on the server.
Extended Description
A heap corruption vulnerability has been discovered in Exim. The problem occurs due to insufficient bounds checking when handling user-supplied SMTP EHLO/HELO data. As a result, it may be possible to overrun the bounds of a heap memory buffer. Although it is believed to be unlikely, this could theoretically be exploited to execute arbitrary code with the privileges of Exim. It may also be possible to trigger a denial of service condition.
Affected Products
University_of_cambridge exim
References
BugTraq: 8518
CVE: CVE-2003-0743
URL: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000735 http://www.debian.org/security/2003/dsa-376
Short Name
SMTP:VULN:EXIM-4-20
Severity
Info
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
(3.0 4.20) CVE-2003-0743 Exim Version Vulnerable bid:8518 through
Release Date
01/25/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
University_of_cambridge
CVSS Score
7.5