CVE Vulnerabilities

CVE-2005-0022

Published: May 02, 2005 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.

Affected Software

Name Vendor Start Version End Version
Exim University_of_cambridge * 4.40
Exim University_of_cambridge 4.41 4.41
Exim University_of_cambridge 4.42 4.42
Red Hat Enterprise Linux 4 RedHat exim-0:4.43-1.RHEL4.3 *
Exim4 Ubuntu dapper *
Exim4 Ubuntu devel *
Exim4 Ubuntu edgy *
Exim4 Ubuntu feisty *

References