This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote mail server is potentially affected by a format string
Based on its response to a specially formatted mail message, the Exim
mail server listening on this port appears to be affected by a format
string vulnerability. The vulnerability is due to a failure in the
dkim_exim_verify_finish() function to properly sanitize format string
specifiers in the DKIM-Signature header. A remote attacker can exploit
this by sending a specially crafted email, resulting in the execution
of arbitrary code as the Exim run-time user.
See also :
Upgrade to Exim 4.76 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false
Family: SMTP problems
Nessus Plugin ID: 53856 ()
Bugtraq ID: 4773647836
CVE ID: CVE-2011-1407CVE-2011-1764
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.