CVE-2010-4345

Severity

69%

Complexity

34%

Confidentiality

165%

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

CVSS 2.0 Base Score 6.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

University of Cambridge Exim

First reported 14 years ago

2010-12-14 16:00:00

Last updated 6 years ago

2018-10-10 20:08:00

Affected Software

University of Cambridge Exim 2.10

2.10

University of Cambridge Exim 2.11

2.11

University of Cambridge Exim 2.12

2.12

University of Cambridge Exim 3.00

3.00

University of Cambridge Exim 3.01

3.01

University of Cambridge Exim 3.02

3.02

University of Cambridge Exim 3.03

3.03

University of Cambridge Exim 3.10

3.10

University of Cambridge Exim 3.11

3.11

University of Cambridge Exim 3.12

3.12

University of Cambridge Exim 3.13

3.13

University of Cambridge Exim 3.14

3.14

University of Cambridge Exim 3.15

3.15

University of Cambridge Exim 3.16

3.16

University of Cambridge Exim 3.20

3.20

University of Cambridge Exim 3.21

3.21

University of Cambridge Exim 3.22

3.22

University of Cambridge Exim 3.30

3.30

University of Cambridge Exim 3.31

3.31

University of Cambridge Exim 3.32

3.32

University of Cambridge Exim 3.33

3.33

University of Cambridge Exim 3.34

3.34

University of Cambridge Exim 3.35

3.35

University of Cambridge Exim 3.36

3.36

University of Cambridge Exim 4.00

4.00

University of Cambridge Exim 4.01

4.01

University of Cambridge Exim 4.02

4.02

University of Cambridge Exim 4.03

4.03

University of Cambridge Exim 4.04

4.04

University of Cambridge Exim 4.05

4.05

University of Cambridge Exim 4.10

4.10

University of Cambridge Exim 4.11

4.11

University of Cambridge Exim 4.12

4.12

University of Cambridge Exim 4.14

4.14

University of Cambridge Exim 4.20

4.20

University of Cambridge Exim 4.21

4.21

University of Cambridge Exim 4.22

4.22

University of Cambridge Exim 4.23

4.23

University of Cambridge Exim 4.24

4.24

University of Cambridge Exim 4.30

4.30

University of Cambridge Exim 4.31

4.31

University of Cambridge Exim 4.32

4.32

University of Cambridge Exim 4.33

4.33

University of Cambridge Exim 4.34

4.34

University of Cambridge Exim 4.40

4.40

University of Cambridge Exim 4.41

4.41

University of Cambridge Exim 4.42

4.42

University of Cambridge Exim 4.43

4.43

University of Cambridge Exim 4.44

4.44

University of Cambridge Exim 4.50

4.50

University of Cambridge Exim 4.51

4.51

University of Cambridge Exim 4.52

4.52

University of Cambridge Exim 4.53

4.53

University of Cambridge Exim 4.54

4.54

University of Cambridge Exim 4.60

4.60

University of Cambridge Exim 4.61

4.61

University of Cambridge Exim 4.62

4.62

University of Cambridge Exim 4.63

4.63

University of Cambridge Exim 4.64

4.64

University of Cambridge Exim 4.65

4.65

University of Cambridge Exim 4.66

4.66

University of Cambridge Exim 4.67

4.67

University of Cambridge Exim 4.68

4.68

University of Cambridge Exim 4.69

4.69

University of Cambridge Exim 4.70

4.70

University of Cambridge Exim 4.71

4.71

References

http://bugs.exim.org/show_bug.cgi?id=1044

Patch

[exim-dev] 20101209 Re: [Exim-maintainers] Remote root vulnerability in Exim

Patch

[exim-dev] 20101210 Re: Remote root vulnerability in Exim

SUSE-SA:2010:059

[oss-security] 20101210 Exim remote root

42576

Vendor Advisory

42930

43128

43243

http://www.cpanel.net/2010/12/critical-exim-security-update.html

DSA-2131

DSA-2154

[exim-dev] 20101207 Remote root vulnerability in Exim

Vendor Advisory

VU#758489

US Government Resource

http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format

RHSA-2011:0153

20101213 Exim security issue in historical release

45341

1024859

http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/

USN-1060-1

ADV-2010-3171

Vendor Advisory

ADV-2010-3204

Vendor Advisory

ADV-2011-0135

ADV-2011-0245

ADV-2011-0364

https://bugzilla.redhat.com/show_bug.cgi?id=662012

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.