|
|
CVE Reference: CVE-2005-0021 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0021 |
|
|
Description: Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. |
|
|
CVE Status: Candidate |
|
|
References: REDHAT http://www.redhat.com/support/errata/RHSA-2005-025.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10347 MLIST http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html IDEFENSE http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities GENTOO http://security.gentoo.org/glsa/glsa-200501-23.xml DEBIAN http://www.debian.org/security/2005/dsa-637 http://www.debian.org/security/2005/dsa-635 CONFIRM http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44 CERT-VN 132992 |
|
| Return to the previous page. |
