The version of Exim on the remote host is affected by a remote command execution vulnerability in the deliver_message() function of ā/src/deliver.cā. An unauthenticated remote attacker can exploit this, via a crafted message, to execute arbitrary command. Nessus was able to cause the remote host to ping the scanner.
Binary data exim_deliver_message_cmd_exec.nbin