Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Exim < 4.76 dkim_exim_verify_finish Remote Format String Vulnerability



The remote mail server is vulnerable to a command execution attack.


The remote host is running Exim, a message transfer agent.

Versions of Exim earlier than 4.76 are potentially affected by a format string vulnerability in logging DKIM information from an inbound email. By sending a specially crafted message to the server, a remote attacker can leverage this vulnerability to execute arbitrary code on the server subject to the privileges of the user running the affected application.


Upgrade to Exim 4.76 or later.