Heap Buffer Overflow Vulnerability in Exim Mail Transfer Agent
( Secunia Advisory SA40019, CVE-2010-4344 )
Summary
A heap buffer overflow vulnerability has been reported in the Exim Mail Transfer Agent. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system.
Details
The Exim email server is a full featured mail transfer agent (MTA) distributed under the GPL. It is used on Unix-like platforms such as Debian GNU/Linux and has also been ported to other operating systems such as Windows. It can function as an SMTP server for incoming messages, as well as a SMTP or LMTP client for outgoing messages. A large number of Exim installations exist, especially within Internet service providers and universities in the UK.
The vulnerability is due to a buffer overflow in the Exim MTA that fails to properly handle malformed email headers. A remote attacker may exploit this issue to execute arbitrary code on an Exim server by sending a specially crafted email to the vulnerable server. Successful exploitation of this vulnerability would allow the attacker to execute code within the security context of the affected server.
Affected Products
This issue affects Exim versions 4.69 and earlier.
Solution
Check Point recommends that the patch that fixes this issue be applied as soon as is practical. In the meantime, Check Point IPS Software Blade and IPS-1 provide immediate network protection against this vulnerability. For more information, see CPAI-2010-348.
Originally Published:
Last Updated: 11-Jan-2011