Exim < 4.83 Math Comparison Functions Data Insertion

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote mail server is potentially affected by a data insertion
vulnerability.

Description :

According to its banner, the version of Exim running on the remote
host is prior to 4.83. It is, therefore, potentially affected by a
data insertion vulnerability. A flaw exists in the expansion of
arguments to math comparison functions which can cause values to be
expanded twice. This could permit a local attacker to insert arbitrary
data.

See also :

ftp://ftp.exim.org/pub/exim/exim4/
https://lists.exim.org/lurker/message/20140722.160524.be7e58a9.en.html
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.83

Solution :

Upgrade to Exim 4.83 or later.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 1.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 77055 ()

Bugtraq ID: 68857

CVE ID: CVE-2014-2972