Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-2023HistoryJun 07, 2010 - 5:12 p.m.
CVE-2010-2023
2010-06-0717:12:48
Debian Security Bug Tracker
security-tracker.debian.org
13
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
10.1%
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user’s file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 11 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 999 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 13 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2010-2023
2010-06-07 00:00:00
cvelist
cvelist
CVE-2010-2023
2010-06-07 14:00:00
cve
cve
CVE-2010-2023
2010-06-07 17:12:48
prion
prion
Hardcoded credentials
2010-06-07 17:12:00
nvd
nvd
CVE-2010-2023
2010-06-07 17:12:48
nessus
nessus
Fedora 12 : exim-4.72-1.fc12 (2010-9506)
2010-07-01 00:00:00
Exim < 4.72 Multiple Vulnerabilities
2010-06-02 00:00:00
Fedora 14 : exim-4.72-2.fc14 (2010-12375)
2011-04-13 00:00:00
openvas
openvas
Fedora Update for exim FEDORA-2010-12375
2011-04-19 00:00:00
Fedora Update for exim FEDORA-2010-9506
2010-06-11 00:00:00
Exim < 4.72 RC2 Multiple Vulnerabilities
2010-06-03 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: exim-4.72-2.fc14
2011-04-12 21:26:15
[SECURITY] Fedora 12 Update: exim-4.72-1.fc12
2010-06-08 19:34:34
[SECURITY] Fedora 13 Update: exim-4.72-1.fc13
2010-06-08 19:39:49
securityvulns
securityvulns
Exim hard links vulnerability
2010-06-08 00:00:00
Multiple vulnerabilities in Exim
2010-06-08 00:00:00
Exim security issue in historical release
2010-12-13 00:00:00
ubuntu
ubuntu
Exim vulnerabilities
2011-02-10 00:00:00
gentoo
gentoo
Exim: Multiple vulnerabilities
2014-01-27 00:00:00
osv
osv
exim-4.86.2-2.2 on GA media
2024-06-15 00:00:00
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
10.1%
Related for DEBIANCVE:CVE-2010-2023