Debian Security Advisory
DSA-502-1 exim-tls -- buffer overflow
- Date Reported:
- 11 May 2004
- Affected Packages:
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 10290, BugTraq ID 10291.
In Mitre's CVE dictionary: CVE-2004-0399, CVE-2004-0400.
- More information:
Georgi Guninski discovered two stack-based buffer overflows in exim and exim-tls. They cannot be exploited with the default configuration from the Debian system, though. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update:
When "sender_verify = true" is configured in exim.conf a buffer overflow can happen during verification of the sender. This problem is fixed in exim 4.
When headers_check_syntax is configured in exim.conf a buffer overflow can happen during the header check. This problem does also exist in exim 4.
For the stable distribution (woody) these problems have been fixed in version 3.35-3woody2.
The unstable distribution (sid) does not contain exim-tls anymore. The functionality has been incorporated in the main exim versions which have these problems fixed in version 3.36-11 for exim 3 and in version 4.33-1 for exim 4.
We recommend that you upgrade your exim-tls package.
- Fixed in:
Debian GNU/Linux 3.0 (woody)
- Intel IA-32:
- Intel IA-64:
- Motorola 680x0:
- Big endian MIPS:
- Little endian MIPS:
- IBM S/390:
- Sun Sparc:
MD5 checksums of the listed files are available in the original advisory.