Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2005-0022

Published: 02/05/2005 Updated: 11/10/2017
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Exim

Vulnerability Summary

Buffer overflow in the spa_base64_to_bits function in Exim prior to 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow malicious users to execute arbitrary code during SPA authentication.

Vulnerable Product Search on Vulmon Subscribe to Product

university of cambridge exim

university of cambridge exim 4.41

university of cambridge exim 4.42

Vendor Advisories

Red Hat: exim security update
Synopsis exim security update Type/Severity Security Advisory: Moderate Topic Updated exim packages that resolve security issues are now available for RedHat Enterprise Linux 4This update has been rated as having moderate security impact by the Red HatSecurity Response Team Description Ex ...
Ubuntu Security Notice: exim4 vulnerabilities
A flaw has been found in the host_aton() function, which can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components When supplying certain command line parameters, the input was not checked, so that a local attacker could possibly exploit the buffer overflow to run arbitrary code with the privileges of th ...

References

NVD-CWE-Otherhttp://www.idefense.com/application/poi/display?id=178&type=vulnerabilitieshttp://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.htmlhttp://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44http://security.gentoo.org/glsa/glsa-200501-23.xmlhttp://www.redhat.com/support/errata/RHSA-2005-025.htmlhttp://www.securityfocus.com/bid/12188http://marc.info/?l=bugtraq&m=110824870908614&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293https://access.redhat.com/errata/RHSA-2005:025https://usn.ubuntu.com/56-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook