• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Exim Illegal IPv6 Address Buffer Overflow Vulnerability

Solution:
The vendor has released patches, and a snapshot version of Exim to address this issue. These patches are for version 4.43 of Exim, but the vendor has reported that they may also work for previous versions.

The patches can be extracted from the referenced email message from Philip Hazel.

Debian has released an advisory (DSA 637-1) and updates to address this vulnerability in exim-tls. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.

RedHat has released two advisories called FEDORA-2005-001 to address this, and other issues for Fedora Core 2 and 3. Please see the referenced advisories for further information.

Ubuntu has released advisory USN-56-1 to address this issue. Please see the attached advisory for further information on obtaining and applying fixes.

Debian has released advisory DSA 635-1 to address this issue. Please see the attached advisory for further information on obtaining and applying fixes.

Gentoo has released an advisory GLSA 200501-23 to address issues in Exim. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:

emerge --sync
emerge --ask --oneshot --verbose ">=mail-mta/exim-4.43-r2"

SuSE Linux has released a security summary report (SUSE-SR:2005:002) that contains fixes to address this and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.

ALT Linux has released updates dealing with this and other issues. Please see the reference section for more information.


University of Cambridge Exim 4.10

• SuSE exim-4.12-130.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/exim-4.12-130.i58 6.rpm


• SuSE exim-4.12-130.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/exim-4.12-130.i58 6.rpm


• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.20

• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.21

• SuSE exim-4.22-143.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/exim-4.22-143.i58 6.rpm


• SuSE exim-4.22-143.x86_64.rpm
  ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/exim-4.22-143 .x86_64.rpm


• SuSE exim-4.30-25.4.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/exim-4.30-25.4.i5 86.rpm


• SuSE exim-4.30-25.4.x86_64.rpm
  ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/exim-4.30-25. 4.x86_64.rpm


• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.32

• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.33

• Fedora exim-4.43-1.FC2.1.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-4.43-1.FC2.1.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-debuginfo-4.43-1.FC2.1.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-debuginfo-4.43-1.FC2.1.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-doc-4.43-1.FC2.1.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-doc-4.43-1.FC2.1.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-mon-4.43-1.FC2.1.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-mon-4.43-1.FC2.1.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-sa-4.43-1.FC2.1.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora exim-sa-4.43-1.FC2.1.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.34

• Ubuntu exim4-base_4.34-5ubuntu1.1_amd64.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.34-5u buntu1.1_amd64.deb


• Ubuntu exim4-base_4.34-5ubuntu1.1_powerpc.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.34-5u buntu1.1_powerpc.deb


• Ubuntu exim4-config_4.34-5ubuntu1.1_all.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-config_4.34- 5ubuntu1.1_all.deb


• Ubuntu exim4-daemon-heavy_4.34-5ubuntu1.1_amd64.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy _4.34-5ubuntu1.1_amd64.deb


• Ubuntu exim4-daemon-heavy_4.34-5ubuntu1.1_i386.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy _4.34-5ubuntu1.1_i386.deb


• Ubuntu exim4-daemon-heavy_4.34-5ubuntu1.1_powerpc.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy _4.34-5ubuntu1.1_powerpc.deb


• Ubuntu exim4-daemon-light_4.34-5ubuntu1.1_amd64.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light _4.34-5ubuntu1.1_amd64.deb


• Ubuntu exim4-daemon-light_4.34-5ubuntu1.1_i386.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light _4.34-5ubuntu1.1_i386.deb


• Ubuntu exim4-daemon-light_4.34-5ubuntu1.1_powerpc.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light _4.34-5ubuntu1.1_powerpc.deb


• Ubuntu eximon4_4.34-5ubuntu1.1_amd64.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.34-5 ubuntu1.1_amd64.deb


• Ubuntu eximon4_4.34-5ubuntu1.1_i386.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.34-5 ubuntu1.1_i386.deb


• Ubuntu eximon4_4.34-5ubuntu1.1_powerpc.deb
  Ubuntu 4.10 (Warty Warthog)
  http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.34-5 ubuntu1.1_powerpc.deb


• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.40

• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.41

• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.42

• SuSE exim-4.42-3.2.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/exim-4.42-3.2.i58 6.rpm


• SuSE exim-4.42-3.2.x86_64.rpm
  ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/exim-4.42-3.2 .x86_64.rpm


• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz

University of Cambridge Exim 4.43

• Fedora exim-4.43-1.FC3.1.i386.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-4.43-1.FC3.1.x86_64.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-debuginfo-4.43-1.FC3.1.i386.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-debuginfo-4.43-1.FC3.1.x86_64.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-doc-4.43-1.FC3.1.i386.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-doc-4.43-1.FC3.1.x86_64.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-mon-4.43-1.FC3.1.i386.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-mon-4.43-1.FC3.1.x86_64.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-sa-4.43-1.FC3.1.i386.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• Fedora exim-sa-4.43-1.FC3.1.x86_64.rpm
  RedHat Fedora Core 3
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/


• University of Cambridge exim-snapshot.tar.gz
  ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot. tar.gz