FreeBSD Local Security Checks : exim -- two buffer overflow vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52252

Categoría: FreeBSD Local Security Checks

Título: exim -- two buffer overflow vulnerabilities

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

exim, exim-ldap, exim-ldap2, exim-mysql, exim-postgresql, exim-sa-exim

CVE-2005-0021
Multiple buffer overflows in Exim before 4.43 may allow attackers to
execute arbitrary code via (1) an IPv6 address with more than 8
components, as demonstrated using the -be command line option, which
triggers an overflow in the host_aton function, or (2) the -bh command
line option or dnsdb PTR lookup, which triggers an overflow in the
dns_build_reverse function.

CVE-2005-0022
Buffer overflow in the spa_base64_to_bits function in Exim before
4.43, as originally obtained from Samba code, and as called by the
auth_spa_client function, may allow attackers to execute arbitrary
code during SPA authentication.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0021
CERT/CC vulnerability note: VU#132992
http://www.kb.cert.org/vuls/id/132992
Debian Security Information: DSA-635 (Google Search)
http://www.debian.org/security/2005/dsa-635
Debian Security Information: DSA-637 (Google Search)
http://www.debian.org/security/2005/dsa-637
http://security.gentoo.org/glsa/glsa-200501-23.xml
http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347
http://www.redhat.com/support/errata/RHSA-2005-025.html
Common Vulnerability Exposure (CVE) ID: CVE-2005-0022
BugTraq ID: 12188
http://www.securityfocus.com/bid/12188
Bugtraq: 20050212 exim auth_spa_server() PoC exploit (Google Search)
http://marc.info/?l=bugtraq&m=110824870908614&w=2
http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52252
Categoría:	FreeBSD Local Security Checks
Título:	exim -- two buffer overflow vulnerabilities
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: exim, exim-ldap, exim-ldap2, exim-mysql, exim-postgresql, exim-sa-exim CVE-2005-0021 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. CVE-2005-0022 Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0021 CERT/CC vulnerability note: VU#132992 http://www.kb.cert.org/vuls/id/132992 Debian Security Information: DSA-635 (Google Search) http://www.debian.org/security/2005/dsa-635 Debian Security Information: DSA-637 (Google Search) http://www.debian.org/security/2005/dsa-637 http://security.gentoo.org/glsa/glsa-200501-23.xml http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347 http://www.redhat.com/support/errata/RHSA-2005-025.html Common Vulnerability Exposure (CVE) ID: CVE-2005-0022 BugTraq ID: 12188 http://www.securityfocus.com/bid/12188 Bugtraq: 20050212 exim auth_spa_server() PoC exploit (Google Search) http://marc.info/?l=bugtraq&m=110824870908614&w=2 http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293
Copyright	Copyright (C) 2008 E-Soft Inc.