|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA376] DSA-376-2 exim Vulnerability Assessment Details
|
[DSA376] DSA-376-2 exim |
||
|
DSA-376-2 exim Detailed Explanation for this Vulnerability Assessment A buffer overflow exists in exim, which is the standard mail transport agent in Debian. By supplying a specially crafted HELO or EHLO command, a possible hacker could cause a constant string to be written past the end of a buffer allocated on the heap. This vulnerability is not believed at this time to be exploitable to execute arbitrary code. For the stable distribution (woody) this problem has been fixed in exim version 3.35-1woody2 and exim-tls version 3.35-3woody1. For the unstable distribution (sid) this problem has been fixed in exim version 3.36-8. The unstable distribution does not contain an exim-tls package. We recommend that you update your exim or exim-tls package. Solution : http://www.debian.org/security/2003/dsa-376 Network Security Threat Level: High Networks Security ID: 8518 Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi |
||
|
Mainframe, DEC, VAX, AS 400 |
|
||
|
No Discussions have been posted on this vulnerability. |