CVE-2012-5671: CVE-2012-5671

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-5671

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Exim DKIM DNS解码拒绝服务漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Exim是英国剑桥大学开发的一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。 Exim 4.70至4.80版本中存在漏洞，可被恶意攻击者利用从而控制受影响系统。该漏洞源于处理DNS记录时，‘dkim_exim_query_dns_txt()’函数(src/dkim.c)中存在错误。通过由自己控制的DNS域名下发送特制邮件，攻击者可利用该漏洞触发基于堆的缓冲区溢出。成功的利用可执行任意代码，但需要将程序设置为支持DKIM且‘acl_smtp_connect’或‘acl

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-5671

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-5671

Please Login to view more intelligence information

🔗 http://secunia.com/advisories/51098third-party-advisoryx_refsource_SECUNIA
🔗 http://secunia.com/advisories/51155third-party-advisoryx_refsource_SECUNIA
🔗 http://secunia.com/advisories/51153third-party-advisoryx_refsource_SECUNIA
🔗 http://www.securityfocus.com/bid/56285vdb-entryx_refsource_BID
🔗 http://osvdb.org/86616vdb-entryx_refsource_OSVDB
🔗 http://secunia.com/advisories/51115third-party-advisoryx_refsource_SECUNIA
🔗 http://www.debian.org/security/2012/dsa-2566vendor-advisoryx_refsource_DEBIAN
🔗 USN-1618-1: Exim vulnerability | Ubuntu security notices | Ubuntuvendor-advisoryx_refsource_UBUNTU
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090900.htmlvendor-advisoryx_refsource_FEDORA
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091664.htmlvendor-advisoryx_refsource_FEDORA
🔗 Oh noes!vendor-advisoryx_refsource_FEDORA
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00018.htmlvendor-advisoryx_refsource_SUSE
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/79615vdb-entryx_refsource_XF
https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.htmlmailing-listx_refsource_MLIST
🔗 http://www.openwall.com/lists/oss-security/2012/10/26/5mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2012-5671

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2012-5671

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2012-5671

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-5671

III. Intelligence Information for CVE-2012-5671

New Vulnerabilities

V. Comments for CVE-2012-5671

Leave a comment