GLSA-200405-07 : Exim verify=header_syntax buffer overflow

high Nessus Plugin ID 14493

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200405-07 (Exim verify=header_syntax buffer overflow)

When the option 'verify = header_syntax' is used in an ACL in the configuration file, Exim is vulnerable to a buffer overflow attack that can be triggered remotely by sending malicious headers in an email message.
Note that this option is not enabled in Exim's default configuration file.
Impact :

This vulnerability can be exploited to trigger a denial of service attack and potentially execute arbitrary code with the rights of the user used by the Exim daemon (by default this is the 'mail' user in Gentoo Linux).
Workaround :

Make sure the verify=header_syntax option is not used in your exim.conf file.

Solution

All users of Exim should upgrade to the latest stable version:
# emerge sync # emerge -pv '>=mail-mta/exim-4.33-r1' # emerge '>=mail-mta/exim-4.33-r1'

See Also

https://security.gentoo.org/glsa/200405-07

Plugin Details

Severity: High

ID: 14493

File Name: gentoo_GLSA-200405-07.nasl

Version: 1.13

Type: local

Published: 8/30/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:exim, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 5/14/2004

Reference Information

CVE: CVE-2004-0400

GLSA: 200405-07