Rapid7 Vulnerability & Exploit Database

RHSA-2005:025: exim security update

Back to Search

RHSA-2005:025: exim security update

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
05/02/2005
Created
07/25/2018
Added
10/28/2005
Modified
07/12/2017

Description

Updated exim packages that resolve security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Exim is a mail transport agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. A buffer overflow was discovered in the spa_base64_to_bits function in Exim, as originally obtained from Samba code. If SPA authentication is enabled, a remote attacker may be able to exploit this vulnerability to execute arbitrary code as the 'exim' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0022 to this issue. Please note that SPA authentication is not enabled by default in Red Hat Enterprise Linux 4. Buffer overflow flaws were discovered in the host_aton and dns_build_reverse functions in Exim. A local user can trigger these flaws by executing exim with carefully crafted command line arguments and may be able to gain the privileges of the 'exim' account. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0021 to this issue. Users of Exim are advised to update to these erratum packages which contain backported patches to correct these issues.

Solution(s)

  • redhat-upgrade-exim
  • redhat-upgrade-exim-doc
  • redhat-upgrade-exim-mon
  • redhat-upgrade-exim-sa

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;