Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51635
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2005:025
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2005:025.

Exim is a mail transport agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet.

A buffer overflow was discovered in the spa_base64_to_bits function in
Exim, as originally obtained from Samba code. If SPA authentication is
enabled, a remote attacker may be able to exploit this vulnerability to
execute arbitrary code as the 'exim' user. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2005-0022 to
this issue. Please note that SPA authentication is not enabled by default
in Red Hat Enterprise Linux 4.

Buffer overflow flaws were discovered in the host_aton and
dns_build_reverse functions in Exim. A local user can trigger these flaws
by executing exim with carefully crafted command line arguments and may be
able to gain the privileges of the 'exim' account. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-0021 to this issue.

Users of Exim are advised to update to these erratum packages which contain
backported patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-025.html
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0022

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0021
CERT/CC vulnerability note: VU#132992
http://www.kb.cert.org/vuls/id/132992
Debian Security Information: DSA-635 (Google Search)
http://www.debian.org/security/2005/dsa-635
Debian Security Information: DSA-637 (Google Search)
http://www.debian.org/security/2005/dsa-637
http://security.gentoo.org/glsa/glsa-200501-23.xml
http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347
http://www.redhat.com/support/errata/RHSA-2005-025.html
Common Vulnerability Exposure (CVE) ID: CVE-2005-0022
BugTraq ID: 12188
http://www.securityfocus.com/bid/12188
Bugtraq: 20050212 exim auth_spa_server() PoC exploit (Google Search)
http://marc.info/?l=bugtraq&m=110824870908614&w=2
http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.