CVE-2004-0399

Exim <4 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.

Exploits (1)

exploitdb WORKING POC VERIFIED

by newroot · cremotelinux

https://www.exploit-db.com/exploits/24093

View Code ZIP pw:eip

References (6)

[Patch, Vendor Advisory] http://www.debian.org/security/2004/dsa-502

[Patch, Vendor Advisory] http://www.debian.org/security/2004/dsa-501

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021015.html

[Third Party Advisory] http://secunia.com/advisories/11558

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16079

[Exploit, Patch, Vendor Advisory] http://www.guninski.com/exim1.html

Scores

EPSS 0.4208

EPSS Percentile 97.5%

Details

Status published

Products (2)

university_of_cambridge/exim

university_of_cambridge/exim 3.35

Published Jul 07, 2004

Tracked Since Feb 18, 2026