Scientific Linux Security Update : exim on SL4.x, SL5.x i386/x86_64

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

A buffer overflow flaw was discovered in Exim's internal
string_vformat() function. A remote attacker could use this flaw to
execute arbitrary code on the mail server running Exim.

Note: successful exploitation would allow a remote attacker to execute
arbitrary code as root on a Scientific Linux 4 or 5 system that is
running the Exim mail server. An exploit for this issue is known to

After installing this update, the Exim daemon will be restarted

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
Public Exploit Available : true

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60919 ()

Bugtraq ID:

CVE ID: CVE-2010-4344