Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24365

HistoryApr 10, 2020 - 12:53 a.m.

Privilege Escalation

2020-04-1000:53:13

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

EPSS

0.011

Percentile

84.8%

exim is vulnerable to privilege escalation. If an attacker were able to gain access to the “exim” user, they could cause Exim to execute arbitrary commands as the root user.

References

bugs.exim.org/show_bug.cgi?id=1044

lists.exim.org/lurker/message/20101209.172233.abcba158.en.html

lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html

openwall.com/lists/oss-security/2010/12/10/1

secunia.com/advisories/42576

secunia.com/advisories/42930

secunia.com/advisories/43128

secunia.com/advisories/43243

www.cpanel.net/2010/12/critical-exim-security-update.html

www.debian.org/security/2010/dsa-2131

www.debian.org/security/2011/dsa-2154

www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html

www.kb.cert.org/vuls/id/758489

www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format

www.openwall.com/lists/oss-security/2021/05/04/7

www.redhat.com/support/errata/RHSA-2011-0153.html

www.securityfocus.com/archive/1/515172/100/0/threaded

www.securityfocus.com/bid/45341

www.securitytracker.com/id?1024859

www.theregister.co.uk/2010/12/11/exim_code_execution_peril/

www.ubuntu.com/usn/USN-1060-1

www.vupen.com/english/advisories/2010/3171

www.vupen.com/english/advisories/2010/3204

www.vupen.com/english/advisories/2011/0135

www.vupen.com/english/advisories/2011/0245

www.vupen.com/english/advisories/2011/0364

access.redhat.com/errata/RHSA-2011:0153

access.redhat.com/security/cve/CVE-2010-4345

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=662012

EPSS

0.011

Percentile

84.8%