Executive Summary

Informations
Name CVE-2003-0743 First vendor Publication 2003-10-20
Vendor Cve Last vendor Modification 2016-10-18

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0743

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 25

OpenVAS Exploits

Date Description
2008-01-17 Name : Debian Security Advisory DSA 376-1 (exim exim-tls)
File : nvt/deb_376_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
10877 Exim smtp_in.c HELO/EHLO Remote Overflow

Nessus® Vulnerability Scanner

Date Description
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-376.nasl - Type : ACT_GATHER_INFO
2003-09-02 Name : The remote SMTP server has a heap-based buffer overflow vulnerability.
File : exim_heap_overflow.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BUGTRAQ http://marc.info/?l=bugtraq&m=106252015820395&w=2
CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000735
CONFIRM http://packages.debian.org/changelogs/pool/main/e/exim/exim_3.36-13/changelog
http://packages.debian.org/changelogs/pool/main/e/exim4/exim4_4.34-10/changelog
http://www.exim.org/pipermail/exim-announce/2003q3/000094.html
DEBIAN http://www.debian.org/security/2003/dsa-376
MLIST http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030811/057720.html
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030811/057809.html
VULN-DEV http://marc.info/?l=vuln-dev&m=106264740820334&w=2

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2021-05-04 12:02:06
  • Multiple Updates
2021-04-22 01:02:15
  • Multiple Updates
2020-05-23 00:15:29
  • Multiple Updates
2016-10-18 12:01:13
  • Multiple Updates
2014-02-17 10:26:32
  • Multiple Updates
2013-05-11 11:52:38
  • Multiple Updates