Skip to main content

CVE-2005-0021

Severity High
Score 7.2/10

Summary

Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.

  • LOW
  • LOCAL
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

References

Advisory Timeline

  • Published