exim -- two buffer overflow vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory.
Update your system with the appropriate patches or software upgrades. http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377 http://www.vuxml.org/freebsd/ca9ce879-5ebb-11d9-a01c-0050569f0001.html
The following packages are affected: exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim CVE-2005-0021 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. CVE-2005-0022 Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.