Vulnerability identifier: #VU45039
Vulnerability risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Exim
Server applications /
Mail servers
Vendor: Exim
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Exim: 4.70 - 4.75
External links
http://www.debian.org/security/2011/dsa-2236
http://www.securityfocus.com/bid/47836
http://www.ubuntu.com/usn/USN-1135-1
http://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html
http://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.