The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377 http://www.vuxml.org/freebsd/ca9ce879-5ebb-11d9-a01c-0050569f0001.html

The following packages are affected: exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim CVE-2005-0021 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. CVE-2005-0022 Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.