On Mon, 26 Aug 2002, Michael Scott Shappe wrote:
> Nessus is telling me that exim-4.10 has a HELO overflow vunerability. I can
> find no other reference to this being a current, known problem. Is nessus on
> crack?
I don't know of a problem, and simple tests show that Exim returns "500
unrecognized command" when its buffer gets full (buffer size is 512).
It is true that it then goes on to read more input, but I don't see how
that can produce a vulnerability. In any case, after too many
unrecognized commands it will close the connection.
So, it is up to Nessus to provide more details of what it is on about, I
think.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.