The Exim mail server contains a buffer overflow that could allow a remote attacker to execute arbitrary code on an affected system.
Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. The internal string handling functions of the Exim software contain a function called string_format(). The version of this function included with Exim versions prior to 4.70 contains a flaw that can result in a buffer overflow. An attacker can exploit this vulnerability by crafting message headers that are subsequently supplied to Exim logging functions.
Note: this vulnerability has been reported being exploited in the wild.
A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the Exim server. A separate vulnerability in Exim could then allow the attacker to escalate privileges to root.
Apply an update
This vulnerability was discovered as a result of its exploitation in the wild. Sergey Kononenko provided confirmation and public analysis.
This document was written by Chad R Dougherty.
|Date First Published:||2010-12-13|
|Date Last Updated:||2010-12-13 14:29 UTC|