CVE-2005-0021
EPSS 2.8%exim-tls - buffer overflow
Published: 5/2/2005Modified: 4/28/2026
Description
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
Affected packages (3)
- Debian/eximfrom 0, < 3.35-1woody4
- Debian/exim4from 0, < 4.34-10
- Debian/exim-tlsfrom 0, < 3.35-3woody3