[please upgrade if you use Exim < v4.21 -- Raju] This is an RFC 1153 digest. (1 message) ----------------------------------------------------------------------
Message-ID: <[EMAIL PROTECTED]> From: Nick Cleaton <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: exim remote heap overflow, probably not exploitable Date: Mon, 1 Sep 2003 07:00:34 +0100 Exim (www.exim.org) is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. There's a heap overflow in all versions of exim3 and exim4 prior to version 4.21. It can be exercised by anyone who can make an SMTP connection to the exim daemon. The overflow is very limited, and in my opinion it's probably not exploitable. However, it's possible that this will prove to be exploitable for arbitrary command execution on some platforms in some circumstances. Patches: http://www.exim.org/pipermail/exim-announce/2003q3/000094.html Full details coming soon to vuln-dev. -- Nick Cleaton [EMAIL PROTECTED] ------------------------------ End of this Digest ****************** -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
