Summary: Exim is prone to an remote code execution vulnerability.
Detection Method: Checks if a vulnerable version is present on the target host.
Technical Details: There is a heap-based buffer overflow in string_vformat (string.c).
The currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is
receiving the message. While at this mode of operation Exim already dropped its privileges, other
paths to reach the vulnerable code may exist.
Impact: A local or remote attacker can execute programs.
Affected Versions: Exim version 4.92 up to and including 4.92.2.
Recommendations: Update to version 4.92.3 or later.
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition