Detections
Analytics

Debian DSA-058-1 : exim - local printf format attack

high Nessus Plugin ID 14895

Synopsis

The remote Debian host is missing a security-related update.

Description

Megyer Laszlo found a printf format bug in the exim mail transfer agent. The code that checks the header syntax of an email logs an error without protecting itself against printf format attacks. It's only exploitable locally with the -bS switch (in batched SMTP mode).

Solution

This problem has been fixed in version 3.12-10.1. Since that code is not turned on by default a standard installation is not vulnerable, but we still recommend to upgrade your exim package.

See Also

http://www.debian.org/security/2001/dsa-058

Plugin Details

Severity: High

ID: 14895

File Name: debian_DSA-058.nasl

Version: 1.16

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:exim, cpe:/o:debian:debian_linux:2.2

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 6/10/2001

Reference Information

CVE: CVE-2001-0690

DSA: 058