Debian Security Advisory 637-1 - Philip Hazel announced a buffer overflow in the host_aton function in exim-tls, the SSL-enabled version of the default mail-tranport-agent in Debian, which can lead to the execution of arbitrary code via an illegal IPv6 address.
2112b135f500dfd415c1aa19e2509da559b170355b88154dfb638bfe051ee169
iDEFENSE Security Advisory IDEF0725 - Local exploitation of a buffer overflow vulnerability in Exim 4.41 may allow execution of arbitrary commands with elevated privileges. The problem specifically exists in the host_aton function. The function fails to check the number of elements it stores in a fixed size array. The elements come from a user-controlled string and are passed into the program from a command line option.
7c0cd7036f28d3c7e849872d9ef7b92e03c20512b1b2af8c6787af85d4cd56bc