Exim STMP Server Format String Vulnerability (CVE-2011-1764) Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


Exim STMP Server Format String Vulnerability (CVE-2011-1764) Scanner Detail

Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76.

Checks for a format string vulnerability in the Exim SMTP server (version 4.70 through 4.75) with DomainKeys Identified Mail (DKIM) support (CVE-2011-1764). The DKIM logging mechanism did not use format string specifiers when logging some parts of the DKIM-Signature header field. A remote attacker who is able to send emails, can exploit this vulnerability and execute arbitrary code with the privileges of the Exim daemon.



Some Advice for Common Problems

It is recommended to upgrade your Exim MTA to the latest patches.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service