GNU Glibc Remote Heap Buffer Overflow Vulnerability (Exim) Network Vulnerability

Summary

The remote exim is using a version of glibc which is prone to a heap-based buffer-overflow vulnerability.

Impact

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may crash the application, denying service to legitimate users.

Solution

Update you glibc and reboot.

Detection

Send a special crafted HELO request and check the response

References

http://www.gnu.org/software/libc/
http://www.securityfocus.com/bid/72325

Updated on 2015-03-25

Severity

Classification

CVE CVE-2015-0235

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Generic SMTP overflows
Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
MailCarrier SMTP Buffer Overflow Vulnerability
Sendmail 8.8.8 to 8.12.7 Double Pipe Access Validation Vulnerability
CMailServer ActiveX Control Multiple Buffer Overflow Vulnerabilities

GNU glibc Remote Heap Buffer Overflow Vulnerability (Exim)

Take action and discover your vulnerabilities