CVE-2011-1764

Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.

Weakness

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Affected Software

Name	Vendor	Start Version	End Version
Exim	Exim	*	4.75 (including)
Exim	Exim	2.10 (including)	2.10 (including)
Exim	Exim	2.11 (including)	2.11 (including)
Exim	Exim	2.12 (including)	2.12 (including)
Exim	Exim	3.00 (including)	3.00 (including)
Exim	Exim	3.01 (including)	3.01 (including)
Exim	Exim	3.02 (including)	3.02 (including)
Exim	Exim	3.03 (including)	3.03 (including)
Exim	Exim	3.10 (including)	3.10 (including)
Exim	Exim	3.11 (including)	3.11 (including)
Exim	Exim	3.12 (including)	3.12 (including)
Exim	Exim	3.13 (including)	3.13 (including)
Exim	Exim	3.14 (including)	3.14 (including)
Exim	Exim	3.15 (including)	3.15 (including)
Exim	Exim	3.16 (including)	3.16 (including)
Exim	Exim	3.20 (including)	3.20 (including)
Exim	Exim	3.21 (including)	3.21 (including)
Exim	Exim	3.22 (including)	3.22 (including)
Exim	Exim	3.30 (including)	3.30 (including)
Exim	Exim	3.31 (including)	3.31 (including)
Exim	Exim	3.32 (including)	3.32 (including)
Exim	Exim	3.33 (including)	3.33 (including)
Exim	Exim	3.34 (including)	3.34 (including)
Exim	Exim	3.35 (including)	3.35 (including)
Exim	Exim	3.36 (including)	3.36 (including)
Exim	Exim	4.00 (including)	4.00 (including)
Exim	Exim	4.01 (including)	4.01 (including)
Exim	Exim	4.02 (including)	4.02 (including)
Exim	Exim	4.03 (including)	4.03 (including)
Exim	Exim	4.04 (including)	4.04 (including)
Exim	Exim	4.05 (including)	4.05 (including)
Exim	Exim	4.10 (including)	4.10 (including)
Exim	Exim	4.11 (including)	4.11 (including)
Exim	Exim	4.12 (including)	4.12 (including)
Exim	Exim	4.14 (including)	4.14 (including)
Exim	Exim	4.20 (including)	4.20 (including)
Exim	Exim	4.21 (including)	4.21 (including)
Exim	Exim	4.22 (including)	4.22 (including)
Exim	Exim	4.23 (including)	4.23 (including)
Exim	Exim	4.24 (including)	4.24 (including)
Exim	Exim	4.30 (including)	4.30 (including)
Exim	Exim	4.31 (including)	4.31 (including)
Exim	Exim	4.32 (including)	4.32 (including)
Exim	Exim	4.33 (including)	4.33 (including)
Exim	Exim	4.34 (including)	4.34 (including)
Exim	Exim	4.40 (including)	4.40 (including)
Exim	Exim	4.41 (including)	4.41 (including)
Exim	Exim	4.42 (including)	4.42 (including)
Exim	Exim	4.43 (including)	4.43 (including)
Exim	Exim	4.44 (including)	4.44 (including)
Exim	Exim	4.50 (including)	4.50 (including)
Exim	Exim	4.51 (including)	4.51 (including)
Exim	Exim	4.52 (including)	4.52 (including)
Exim	Exim	4.53 (including)	4.53 (including)
Exim	Exim	4.54 (including)	4.54 (including)
Exim	Exim	4.60 (including)	4.60 (including)
Exim	Exim	4.61 (including)	4.61 (including)
Exim	Exim	4.62 (including)	4.62 (including)
Exim	Exim	4.63 (including)	4.63 (including)
Exim	Exim	4.64 (including)	4.64 (including)
Exim	Exim	4.65 (including)	4.65 (including)
Exim	Exim	4.66 (including)	4.66 (including)
Exim	Exim	4.67 (including)	4.67 (including)
Exim	Exim	4.68 (including)	4.68 (including)
Exim	Exim	4.69 (including)	4.69 (including)
Exim	Exim	4.70 (including)	4.70 (including)
Exim	Exim	4.71 (including)	4.71 (including)
Exim	Exim	4.72 (including)	4.72 (including)
Exim	Exim	4.73 (including)	4.73 (including)
Exim	Exim	4.74 (including)	4.74 (including)
Exim4	Ubuntu	lucid	*
Exim4	Ubuntu	maverick	*
Exim4	Ubuntu	natty	*
Exim4	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1764
CWE	https://cwe.mitre.org/data/definitions/134.html

Use of Externally-Controlled Format String

Weakness

Affected Software

Potential Mitigations

References

CVE-2011-1764

Use of Externally-Controlled Format String

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References