#VU45039 Input validation error in Exim - CVE-2011-1407

Cybersecurity Help s.r.o.

Published: 2011-05-16 | Updated: 2020-08-11

Vulnerability identifier: #VU45039

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-1407

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Exim
Server applications / Mail servers

Vendor: Exim

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Exim: 4.70 - 4.75

External links
https://www.debian.org/security/2011/dsa-2236
https://www.securityfocus.com/bid/47836
https://www.ubuntu.com/usn/USN-1135-1
https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html
https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Fedora EPEL 6 update for exim

Input validation error in Exim