CVE-2004-0399 | Vulnerability Database | Aqua Security

Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.

Affected Software

Name	Vendor	Start Version	End Version
Exim	University_of_cambridge	*	*
Exim	University_of_cambridge	3.35 (including)	3.35 (including)
Exim	Ubuntu	dapper	*
Exim	Ubuntu	edgy	*
Exim	Ubuntu	feisty	*

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021015.html
http://secunia.com/advisories/11558
http://www.debian.org/security/2004/dsa-501
http://www.debian.org/security/2004/dsa-502
http://www.guninski.com/exim1.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16079
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021015.html
http://secunia.com/advisories/11558
http://www.debian.org/security/2004/dsa-501
http://www.debian.org/security/2004/dsa-502
http://www.guninski.com/exim1.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16079

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0399
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html