• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Exim Illegal IPv6 Address Buffer Overflow Vulnerability

Exim is reported susceptible to a buffer overflow vulnerability when attempting to parse illegal IPv6 addresses. This issue is due to a failure of the application to properly bounds check user-supplied input prior to copying it to a fixed-size memory buffer.

The original reporter suggested that this vulnerability may be exploited to gain elevated privileges via calling Exim with unspecified command line arguments. Gaining elevated privileges would only be possible where the Exim binary is installed with setuid privileges.

It is conjectured that code paths other than those pertaining to command line processing may result in remotely exploitable buffer overflow vulnerabilities, but this is not confirmed at the present time.