CVE-1999-0971
published 1997-07-22CVE-1999-0971: Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
PriorityP423high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.69%
48.1th percentile
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| university_of_cambridge | exim | <= 1.62 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CAPEC
Overflow Variables and Tags
mitre_capec
[HIGH] Overflow Variables and Tags
CAPEC-46: Overflow Variables and Tags
This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The adversary crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
Execution Flow:
Step 1 [Explore]: [Identify target application] The adversary identifies a target application or program to perform the buffer overflow on. Adversaries look for applications or programs that accept formatted files, such as configuration files, as input.
Step 2 [Experiment]: [Find injection vector] The adversary identifies an injection vector to deliver the excessive content to the targeted application's buffer.
Technique: Knowing the type of file that an application takes as input, the adversar
1997-07-22
Published