CVE-2003-0743
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-09-04 CVE Reserved
- 2003-09-06 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=106252015820395&w=2 | Mailing List | |
| http://marc.info/?l=vuln-dev&m=106264740820334&w=2 | Mailing List | |
| http://packages.debian.org/changelogs/pool/main/e/exim/exim_3.36-13/changelog | X_refsource_confirm | |
| http://packages.debian.org/changelogs/pool/main/e/exim4/exim4_4.34-10/changelog | X_refsource_confirm | |
| http://www.exim.org/pipermail/exim-announce/2003q3/000094.html | X_refsource_confirm | |
| http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030811/057720.html | Mailing List | |
| http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030811/057809.html | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2003/dsa-376 | 2016-10-18 |
| URL | Date | SRC |
|---|---|---|
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000735 | 2016-10-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.0 Search vendor "University Of Cambridge" for product "Exim" and version "3.0" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.3 Search vendor "University Of Cambridge" for product "Exim" and version "3.3" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.3.1 Search vendor "University Of Cambridge" for product "Exim" and version "3.3.1" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.3.2 Search vendor "University Of Cambridge" for product "Exim" and version "3.3.2" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.11 Search vendor "University Of Cambridge" for product "Exim" and version "3.11" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.12 Search vendor "University Of Cambridge" for product "Exim" and version "3.12" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.13 Search vendor "University Of Cambridge" for product "Exim" and version "3.13" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.14 Search vendor "University Of Cambridge" for product "Exim" and version "3.14" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.15 Search vendor "University Of Cambridge" for product "Exim" and version "3.15" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.16 Search vendor "University Of Cambridge" for product "Exim" and version "3.16" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.17 Search vendor "University Of Cambridge" for product "Exim" and version "3.17" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.18 Search vendor "University Of Cambridge" for product "Exim" and version "3.18" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.19 Search vendor "University Of Cambridge" for product "Exim" and version "3.19" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.20 Search vendor "University Of Cambridge" for product "Exim" and version "3.20" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.21 Search vendor "University Of Cambridge" for product "Exim" and version "3.21" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.22 Search vendor "University Of Cambridge" for product "Exim" and version "3.22" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.30 Search vendor "University Of Cambridge" for product "Exim" and version "3.30" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.31 Search vendor "University Of Cambridge" for product "Exim" and version "3.31" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.32 Search vendor "University Of Cambridge" for product "Exim" and version "3.32" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.33 Search vendor "University Of Cambridge" for product "Exim" and version "3.33" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.34 Search vendor "University Of Cambridge" for product "Exim" and version "3.34" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.35 Search vendor "University Of Cambridge" for product "Exim" and version "3.35" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 3.36 Search vendor "University Of Cambridge" for product "Exim" and version "3.36" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 4.10 Search vendor "University Of Cambridge" for product "Exim" and version "4.10" | - |
Affected
| ||||||
| University Of Cambridge Search vendor "University Of Cambridge" | Exim Search vendor "University Of Cambridge" for product "Exim" | 4.20 Search vendor "University Of Cambridge" for product "Exim" and version "4.20" | - |
Affected
| ||||||