Vulnerability Note VU#682457
Exim string_format() buffer overflow
The Exim mail server contains a buffer overflow that could allow a remote attacker to execute arbitrary code on an affected system.
Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. The internal string handling functions of the Exim software contain a function called string_format(). The version of this function included with Exim versions prior to 4.70 contains a flaw that can result in a buffer overflow. An attacker can exploit this vulnerability by crafting message headers that are subsequently supplied to Exim logging functions.
Note: this vulnerability has been reported being exploited in the wild.
A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the Exim server. A separate vulnerability in Exim could then allow the attacker to escalate privileges to root.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||-||10 Dec 2010|
|SUSE Linux||Affected||-||13 Dec 2010|
|Ubuntu||Affected||-||13 Dec 2010|
CVSS Metrics (Learn More)
This vulnerability was discovered as a result of its exploitation in the wild. Sergey Kononenko provided confirmation and public analysis.
This document was written by Chad R Dougherty.
- CVE IDs: CVE-2010-4344
- Date Public: 07 Dec 2010
- Date First Published: 13 Dec 2010
- Date Last Updated: 13 Dec 2010
- Severity Metric: 19.77
- Document Revision: 8
If you have feedback, comments, or additional information about this vulnerability, please send us email.