CVE-2005-0022

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.43

Description A buffer overflow issue exists in the spa base64 to bits function, which may allow attackers to execute arbitrary code during SPA authentication. This function is originally obtained from Samba code and is called by the auth spa client function.

Recommendations For versions prior to 4.43, update to version 4.43 or later to resolve the issue. As a temporary workaround, consider restricting the use of SPA authentication until a patch is applied.