Vulnerability Name: | CVE-2010-4345 (CCN-63967) | ||||||||||||||||||||||||||||||||||||||||||||
Assigned: | 2010-12-07 | ||||||||||||||||||||||||||||||||||||||||||||
Published: | 2010-12-07 | ||||||||||||||||||||||||||||||||||||||||||||
Updated: | 2023-02-13 | ||||||||||||||||||||||||||||||||||||||||||||
Summary: | Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive. | ||||||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C) 5.4 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
5.3 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-78 | ||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||||||||||||||||||||||
References: | Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: MITRE Type: CNA CVE-2010-4345 Source: CCN Type: Exim GIT Repository Buffer overrun fix. fixes: bug #787 Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: Packet Storm Web site 4.69 string_format Function Heap Buffer Overflow Source: CCN Type: RHSA-2011-0153 Moderate: exim security update Source: CCN Type: SA42625 cPanel Exim Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1024859 Exim Configuration File Capability Lets Local Users Gain Elevated Privileges Source: CCN Type: cPanel Web Site Critical: Exim security update (CVE-2010-4345) Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: DEBIAN Type: DSA-2154 exim4 -- privilege escalation Source: CCN Type: Exim Web site exim Internet Mailer Source: CCN Type: exim-dev Remote root vulnerability in Exim Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: CCN Type: US-CERT VU#758489 Exim alternate configuration privilege escalation vulnerability Source: secalert@redhat.com Type: US Government Resource secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: OSVDB ID: 69860 Exim exim User Account Configuration File Directive Local Privilege Escalation Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: BID-45341 Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: XF Type: UNKNOWN exim-config-file-priv-escalation(63967) Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [12-11-2010] Source: SUSE Type: SUSE-SA:2010:059 exim remote code execution | ||||||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1:![]() | ||||||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||
BACK |