Lucene search
PRIOn knowledge basePRION:CVE-2014-2972HistorySep 04, 2014 - 5:55 p.m.
Design/Logic Flaw
2014-09-0417:55:00
PRIOn knowledge base
www.prio-n.com
5
expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
References
git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44
www.ubuntu.com/usn/USN-2933-1
bugzilla.redhat.com/show_bug.cgi?id=1122552
lists.exim.org/lurker/message/20140722.145949.42c043f5.en.html
lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html
lists.fedoraproject.org/pipermail/package-announce/2014-August/136251.html
lists.fedoraproject.org/pipermail/package-announce/2014-August/136264.html
security.gentoo.org/glsa/201607-12
Related
nessus
nessus
Amazon Linux AMI : exim (ALAS-2014-395)
2014-10-12 00:00:00
Exim < 4.83 Math Comparison Functions Data Insertion
2014-08-07 00:00:00
Fedora 20 : exim-4.80.1-7.fc20 (2014-8865)
2014-08-04 00:00:00
amazon
amazon
Low: exim
2014-08-21 11:19:00
fedora
fedora
[SECURITY] Fedora 20 Update: exim-4.80.1-7.fc20
2014-08-01 23:56:50
[SECURITY] Fedora 19 Update: exim-4.80.1-4.fc19
2014-08-01 23:55:20
cve
cve
CVE-2014-2972
2014-09-04 17:55:05
nvd
nvd
CVE-2014-2972
2014-09-04 17:55:05
ubuntucve
ubuntucve
CVE-2014-2972
2014-09-04 00:00:00
gentoo
gentoo
Exim: Arbitrary code execution
2016-07-20 00:00:00
openvas
openvas
Fedora Update for exim FEDORA-2014-8803
2014-08-05 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-395)
2015-09-08 00:00:00
Fedora Update for exim FEDORA-2014-8865
2014-08-05 00:00:00
cvelist
cvelist
CVE-2014-2972
2014-09-04 17:00:00
debiancve
debiancve
CVE-2014-2972
2014-09-04 17:55:05
ubuntu
ubuntu
Exim vulnerabilities
2016-03-15 00:00:00