Description
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
Product(s):
- University of Cambridge Exim 3.0
- University of Cambridge Exim 3.11
- University of Cambridge Exim 3.12
- University of Cambridge Exim 3.13
- University of Cambridge Exim 3.14
- University of Cambridge Exim 3.15
- University of Cambridge Exim 3.16
- University of Cambridge Exim 3.17
- University of Cambridge Exim 3.18
- University of Cambridge Exim 3.19
- University of Cambridge Exim 3.20
- University of Cambridge Exim 3.21
- University of Cambridge Exim 3.22
- University of Cambridge Exim 3.3.1
- University of Cambridge Exim 3.3.2
- University of Cambridge Exim 3.30
- University of Cambridge Exim 3.31
- University of Cambridge Exim 3.32
- University of Cambridge Exim 3.33
- University of Cambridge Exim 3.34
- University of Cambridge Exim 3.35
- University of Cambridge Exim 3.36
- University of Cambridge Exim 3.3
- University of Cambridge Exim 4.10
- University of Cambridge Exim 4.20
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2003-0743, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2003-0743 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.