Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2005:025
HistoryFeb 15, 2005 - 12:00 a.m.

(RHSA-2005:025) exim security update

2005-02-1500:00:00
access.redhat.com
12

EPSS

0.002

Percentile

56.3%

JSON

Exim is a mail transport agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet.

A buffer overflow was discovered in the spa_base64_to_bits function in
Exim, as originally obtained from Samba code. If SPA authentication is
enabled, a remote attacker may be able to exploit this vulnerability to
execute arbitrary code as the ‘exim’ user. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0022 to
this issue. Please note that SPA authentication is not enabled by default
in Red Hat Enterprise Linux 4.

Buffer overflow flaws were discovered in the host_aton and
dns_build_reverse functions in Exim. A local user can trigger these flaws
by executing exim with carefully crafted command line arguments and may be
able to gain the privileges of the ‘exim’ account. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0021 to this issue.

Users of Exim are advised to update to these erratum packages which contain
backported patches to correct these issues.

Related

nessus 9
openvas 9
gentoo 1
freebsd 1
ubuntu 1
securityvulns 2
nvd 2
exploitdb 2
cve 2
ubuntucve 2
cert 1
debian 4
debiancve 2
cvelist 2
checkpoint_advisories 1
nessus
nessus
Ubuntu 4.10 : exim4 vulnerabilities (USN-56-1)
2006-01-15 00:00:00
GLSA-200501-23 : Exim: Two buffer overflows
2005-02-14 00:00:00
FreeBSD : exim -- two buffer overflow vulnerabilities (ca9ce879-5ebb-11d9-a01c-0050569f0001)
2005-07-13 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200501-23 (exim)
2008-09-24 00:00:00
exim -- two buffer overflow vulnerabilities
2008-09-04 00:00:00
exim -- two buffer overflow vulnerabilities
2008-09-04 00:00:00
gentoo
gentoo
Exim: Two buffer overflows
2005-01-12 00:00:00
freebsd
freebsd
exim -- two buffer overflow vulnerabilities
2005-01-05 00:00:00
ubuntu
ubuntu
exim4 vulnerabilities
2005-01-07 00:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory [IDEF0725] Exim host_aton() Buffer Overflow Vulnerability
2005-01-08 00:00:00
iDEFENSE Security Advisory [IDEF0731] Exim auth_spa_server() Buffer Overflow Vulnerability
2005-01-08 00:00:00
nvd
nvd
CVE-2005-0021
2005-05-02 04:00:00
CVE-2005-0022
2005-05-02 04:00:00
exploitdb
exploitdb
Exim 4.41 - 'dns_build_reverse' Local Read Emails
2005-05-25 00:00:00
Exim 4.41 - 'dns_build_reverse' Local Buffer Overflow
2005-01-15 00:00:00
cve
cve
CVE-2005-0022
2005-05-02 04:00:00
CVE-2005-0021
2005-05-02 04:00:00
ubuntucve
ubuntucve
CVE-2005-0021
2005-05-02 00:00:00
CVE-2005-0022
2005-05-02 00:00:00
cert
cert
Exim vulnerable to buffer overflow via the dns_build_reverse() routine
2005-01-27 00:00:00
debian
debian
[SECURITY] [DSA 637-1] New exim-tls packages fix arbitrary code execution
2005-01-13 07:27:57
[SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution
2005-01-12 07:47:42
[SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution
2005-01-12 07:47:42
debiancve
debiancve
CVE-2005-0021
2005-05-02 04:00:00
CVE-2005-0022
2005-05-02 04:00:00
cvelist
cvelist
CVE-2005-0021
2005-01-06 05:00:00
CVE-2005-0022
2005-01-06 05:00:00
checkpoint_advisories
checkpoint_advisories
Exim SPA Authentication Buffer Overflow (CVE-2005-0022)
2009-11-10 00:00:00

EPSS

0.002

Percentile

56.3%

JSON
Related for RHSA-2005:025
nessus9openvas9gentoo1freebsd1ubuntu1securityvulns2nvd2exploitdb2cve2ubuntucve2cert1debian4debiancve2cvelist2checkpoint_advisories1