Vulnerability CVE-2010-2024

Vulnerability Name:

CVE-2010-2024 (CCN-59042)

Assigned:

2010-05-26

Published:

2010-05-26

Updated:

2018-10-10

Summary:

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

2.6 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P)
2.3 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-362

Vulnerability Consequences:

File Manipulation

References:

Source: FULLDISC
Type: UNKNOWN
20100603 Multiple vulnerabilities in Exim

Source: CCN
Type: Exim Bugzilla Bug 989
CVE-2010-2024 - MBX locking race condition

Source: CONFIRM
Type: Patch
http://bugs.exim.org/show_bug.cgi?id=989

Source: MITRE
Type: CNA
CVE-2010-2024

Source: MLIST
Type: UNKNOWN
[exim-dev] 20100524 Security issues in exim4 local delivery

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-9506

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-9524

Source: SUSE
Type: UNKNOWN
SUSE-SR:2010:014

Source: CCN
Type: SA40019
exim Hardlink Handling and MBX Locking Two Weaknesses

Source: SECUNIA
Type: Vendor Advisory
40019

Source: SECUNIA
Type: UNKNOWN
40123

Source: SECUNIA
Type: UNKNOWN
43243

Source: CONFIRM
Type: UNKNOWN
http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2

Source: CONFIRM
Type: Patch
http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26

Source: CCN
Type: Exim Web site
exim Internet Mailer

Source: CCN
Type: OSVDB ID: 65159
Exim transports/appendfile.c MBX Locking Race Condition Permission Modification

Source: BUGTRAQ
Type: UNKNOWN
20100603 Multiple vulnerabilities in Exim

Source: BID
Type: UNKNOWN
40454

Source: CCN
Type: BID-40454
Exim MBX Locking Insecure Temporary File Creation Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-1060-1

Source: VUPEN
Type: UNKNOWN
ADV-2010-1402

Source: VUPEN
Type: UNKNOWN
ADV-2011-0364

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=600097

Source: XF
Type: UNKNOWN
exim-mbx-symlink(59042)

Source: XF
Type: UNKNOWN
exim-mbx-symlink(59042)

Vulnerable Configuration:

Configuration 1:

cpe:/a:exim:exim:4.10:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.20:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.21:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.22:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.23:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.24:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.30:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.31:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.32:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.33:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.34:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.40:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.41:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.42:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.43:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.44:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.50:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.51:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.52:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.53:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.54:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.60:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.61:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.62:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.63:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.64:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.65:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.66:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.67:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.68:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.69:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:4.70:*:*:*:*:*:*:*

OR cpe:/a:exim:exim:*:*:*:*:*:*:*:* (Version <= 4.71)

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20102024	V	CVE-2010-2024	2022-06-30
oval:org.opensuse.security:def:112206	P	exim-4.86.2-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105737	P	exim-4.86.2-2.2 on GA media (Moderate)	2021-10-01
oval:org.mitre.oval:def:13736	P	USN-1060-1 -- exim4 vulnerabilities	2014-06-30

BACK