CVE-2003-0743: CVE-2003-0743

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2003-0743

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Exim畸形EHLO/HELO命令远程堆破坏漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Exim[1]是一款流行的EMAIL服务器(MTA)。 Exim没有正确处理畸形EHLO/HELO消息，远程攻击者可以利用这个漏洞对Exim服务器进行基于堆的破坏，可导致拒绝服务攻击。问题存在于exim-4.20/src/smtp_in.c中： if (*smtp_data == 0) Ustrcpy(smtp_data， "(no argument given)"); 'smtp_data'是指向513字节的'cmd_buffer'堆缓冲区。精心构建HELO或者EHLO命令可以使'*smtp_data

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2003-0743

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2003-0743

Please Login to view more intelligence information

http://www.exim.org/pipermail/exim-announce/2003q3/000094.htmlx_refsource_CONFIRM
http://packages.debian.org/changelogs/pool/main/e/exim4/exim4_4.34-10/changelogx_refsource_CONFIRM
http://packages.debian.org/changelogs/pool/main/e/exim/exim_3.36-13/changelogx_refsource_CONFIRM
http://www.debian.org/security/2003/dsa-376vendor-advisoryx_refsource_DEBIAN
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000735vendor-advisoryx_refsource_CONECTIVA
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030811/057720.htmlmailing-listx_refsource_MLIST
http://marc.info/?l=bugtraq&m=106252015820395&w=2mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=vuln-dev&m=106264740820334&w=2mailing-listx_refsource_VULN-DEV
https://nvd.nist.gov/vuln/detail/CVE-2003-0743

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2003-0743

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2003-0743

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2003-0743

III. Intelligence Information for CVE-2003-0743

IV. Related Vulnerabilities

V. Comments for CVE-2003-0743

Leave a comment