CVE-2001-0690

EXPLOITED

Exim < 3.22 - Remote Code Execution via Format String in SMTP Mail Headers

Title source: llm

Exploitation Summary

CVE-2001-0690 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Megyer Laszlo.

AI-analyzed exploit summary This exploit demonstrates a format string vulnerability in Exim when syntax checking is enabled. By crafting a malicious 'From:' header, an attacker can leak memory addresses, potentially leading to arbitrary code execution with root privileges.

Description

Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Megyer Laszlo · textlocallinux

https://www.exploit-db.com/exploits/20900

View Code ZIP pw:eip

This exploit demonstrates a format string vulnerability in Exim when syntax checking is enabled. By crafting a malicious 'From:' header, an attacker can leak memory addresses, potentially leading to arbitrary code execution with root privileges.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Exim (version not specified, likely older versions)

No auth needed

Prerequisites: Exim with syntax checking mode enabled

MITRE ATT&CK