Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisa_kevCISACISA-KEV-CVE-2010-4345
HistoryMar 25, 2022 - 12:00 a.m.

Exim Privilege Escalation Vulnerability

2022-03-2500:00:00
CISA
www.cisa.gov
13
exim
privilege escalation
user account
vulnerability
arbitrary commands

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.011

Percentile

84.8%

JSON

Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

Related

prion 1
openvas 20
nvd 1
veracode 1
attackerkb 1
nessus 13
checkpoint_advisories 1
freebsd 1
seebug 1
centos 1
cvelist 1
cve 1
debian 7
debiancve 1
redhat 1
oraclelinux 1
cert 1
ubuntucve 2
exploitdb 1
securityvulns 4
suse 1
osv 3
packetstorm 1
metasploit 1
nmap 1
ubuntu 1
thn 1
gentoo 1
prion
prion
Design/Logic Flaw
2010-12-14 16:00:00
openvas
openvas
CentOS Update for exim CESA-2011:0153 centos4 i386
2011-01-31 00:00:00
CentOS Update for exim CESA-2011:0153 centos4 i386
2011-01-31 00:00:00
CentOS Update for exim CESA-2011:0153 centos4 x86_64
2012-07-30 00:00:00
nvd
nvd
CVE-2010-4345
2010-12-14 16:00:04
veracode
veracode
Privilege Escalation
2020-04-10 00:53:13
attackerkb
attackerkb
CVE-2010-4345
2010-12-14 00:00:00
nessus
nessus
Oracle Linux 4 / 5 : exim (ELSA-2011-0153)
2013-07-12 00:00:00
Scientific Linux Security Update : exim on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 / 5 : exim (RHSA-2011:0153)
2011-01-18 00:00:00
checkpoint_advisories
checkpoint_advisories
Exim Remote Code Execution (CVE-2010-4345)
2022-05-02 00:00:00
freebsd
freebsd
exim -- local privilege escalation
2010-12-10 00:00:00
seebug
seebug
Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
2014-07-01 00:00:00
centos
centos
exim security update
2011-01-27 09:23:09
cvelist
cvelist
CVE-2010-4345
2010-12-14 15:00:00
cve
cve
CVE-2010-4345
2010-12-14 16:00:04
debian
debian
[BSA-016] Security Update for exim4
2011-01-06 14:20:03
[SECURITY] [DSA-2154-1] exim4 security update
2011-01-30 10:41:58
[SECURITY] [DSA-2154-2] exim4 regression fix
2011-01-30 22:04:57
debiancve
debiancve
CVE-2010-4345
2010-12-14 16:00:04
redhat
redhat
(RHSA-2011:0153) Moderate: exim security update
2011-01-17 00:00:00
oraclelinux
oraclelinux
exim security update
2011-01-17 00:00:00
cert
cert
Exim alternate configuration privilege escalation vulnerability
2010-12-13 00:00:00
ubuntucve
ubuntucve
CVE-2010-4345
2010-12-14 00:00:00
CVE-2011-0017
2011-02-01 00:00:00
exploitdb
exploitdb
Exim4 &lt; 4.69 - string_format Function Heap Buffer Overflow (Metasploit)
2010-12-16 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution
2010-12-12 00:00:00
[SECURITY] [DSA-2154-1] exim4 security update
2011-02-03 00:00:00
Exim memory corruption and remote code execution
2011-02-03 00:00:00
suse
suse
remote code execution in exim
2010-12-13 10:39:26
osv
osv
exim4 - remote code execution
2010-12-10 00:00:00
exim4 - privilege escalation
2011-01-30 00:00:00
exim-4.86.2-2.2 on GA media
2024-06-15 00:00:00
packetstorm
packetstorm
Exim4 <= 4.69 string_format Function Heap Buffer Overflow
2010-12-11 00:00:00
metasploit
metasploit
Exim4 string_format Function Heap Buffer Overflow
2010-12-11 10:55:24
nmap
nmap
smtp-vuln-cve2010-4344 NSE Script
2011-06-24 15:37:53
ubuntu
ubuntu
Exim vulnerabilities
2011-02-10 00:00:00
thn
thn
Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6
2011-07-01 11:41:00
gentoo
gentoo
Exim: Multiple vulnerabilities
2014-01-27 00:00:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.011

Percentile

84.8%

JSON
Related for CISA-KEV-CVE-2010-4345
prion1openvas20nvd1veracode1attackerkb1nessus13checkpoint_advisories1freebsd1seebug1centos1cvelist1cve1debian7debiancve1redhat1oraclelinux1cert1ubuntucve2exploitdb1securityvulns4suse1osv3packetstorm1metasploit1nmap1ubuntu1thn1gentoo1