CVE-2005-0021
EPSS 2.8%exim-tls - buffer overflow
發布日:2005/5/2修改日:2026/4/28
描述
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
受影響套件(3)
- Debian/eximfrom 0, < 3.35-1woody4
- Debian/exim4from 0, < 4.34-10
- Debian/exim-tlsfrom 0, < 3.35-3woody3