Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 04:28
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive. |
02 Feb 2023, 17:17
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2010-4345 exim: privilege escalation | |
References |
|
04 May 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2010-12-14 16:00
Updated : 2023-12-10 11:03
NVD link : CVE-2010-4345
Mitre link : CVE-2010-4345
CVE.ORG link : CVE-2010-4345
JSON object : View
Products Affected
exim
- exim
CWE
CWE-264
Permissions, Privileges, and Access Controls