SMTP.MailFrom.Command.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Exim mail transfer agent.
The vulnerability is the result of an unchecked buffer in the sender verification code. A remote attacker could send a specially crafted email to cause a buffer overflow, possibly resulting in a denial of service or execution of arbitrary code. For this attack to be possible, sender_verify in exim.conf must be enabled.
Affected Products
University of Cambridge Exim 3.35.
University of Cambridge Exim 4.32.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to exim 4.33-1 or later.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |