CVE-2004-0400 — Improper Restriction of Operations within the Bounds of a Memory Buffer in OF Cambridge Exim

5 documents5 sources

Severity

7.5HIGHNVD

EPSS

6.4%

top 8.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Exim4 University OF Cambridge Exim

Timeline

PublishedJul 7

Latest updateApr 29

Description

Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶debiandebian/exim4< exim4 4.33-1 (bookworm)

▶NVDuniversity_of_cambridge/exim4.32

Patches

Patch: www.debian.org ↗Patch: www.debian.org ↗Patch: www.guninski.com ↗

🔴Vulnerability Details

GHSA

GHSA-qx32-c2q2-cgcr: Stack-based buffer overflow in Exim 4 before 4↗2022-04-29

▶

OSV

CVE-2004-0400: Stack-based buffer overflow in Exim 4 before 4↗2004-07-07

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation↗2007-01-29

▶

📋Vendor Advisories

Debian

CVE-2004-0400: exim4 - Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax...↗2004

▶