Rapid7 Vulnerability & Exploit Database

CESA-2005:025: exim security update

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

CESA-2005:025: exim security update



Updated exim packages that resolve security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the CentOS Security Response Team.

Exim is a mail transport agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. A buffer overflow was discovered in the spa_base64_to_bits function in Exim, as originally obtained from Samba code. If SPA authentication is enabled, a remote attacker may be able to exploit this vulnerability to execute arbitrary code as the 'exim' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0022 to this issue. Please note that SPA authentication is not enabled by default in CentOS Linux 4. Buffer overflow flaws were discovered in the host_aton and dns_build_reverse functions in Exim. A local user can trigger these flaws by executing exim with carefully crafted command line arguments and may be able to gain the privileges of the 'exim' account. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0021 to this issue. Users of Exim are advised to update to these erratum packages which contain backported patches to correct these issues.


  • centos-upgrade-exim
  • centos-upgrade-exim-doc
  • centos-upgrade-exim-mon
  • centos-upgrade-exim-sa

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center