CVE-2005-0021

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.43

Description The issue is related to multiple buffer overflows that may allow attackers to execute arbitrary code. This can be triggered via an IPv6 address with more than 8 components using the -be command line option, which causes an overflow in the host aton function. Another trigger is through the -bh command line option or dnsdb PTR lookup, leading to an overflow in the dns build reverse function.

Recommendations For versions prior to 4.43, update to version 4.43 or later to resolve the issue. As a temporary workaround, consider restricting the use of the -be and -bh command line options until a patch is applied. Additionally, restrict dnsdb PTR lookup to minimize the risk of exploitation.