Summary
The remote host is missing an update to exim
announced via advisory DSA 058-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20058-1
Insight
Megyer Laszlo found a printf format bug in the exim mail transfer agent. The code that checks the header syntax of an email logs an error without protecting itself against printf format attacks.
This problem has been fixed in version 3.12-10.1. Since that code is not turned on by default a standard installation is not vulnerable, but we still recommend to upgrade your exim package.
Severity
Classification
-
CVE CVE-2001-0690 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities