CVE-2010-4345: Exim Privilege Escalation Vulnerability
First published: Fri Dec 10 2010(Updated: )
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Exim Exim | =2.11 | |
| Exim Exim | =4.70 | |
| Exim Exim | =4.69 | |
| Exim Exim | =4.66 | |
| Exim Exim | =4.10 | |
| Exim Exim | =3.16 | |
| Exim Exim | =3.21 | |
| Exim Exim | =3.01 | |
| Exim Exim | =3.31 | |
| Exim Exim | =4.24 | |
| Exim Exim | =3.33 | |
| Exim Exim | =3.30 | |
| Exim Exim | <=4.72 | |
| Exim Exim | =4.30 | |
| Exim Exim | =4.21 | |
| Exim Exim | =4.03 | |
| Exim Exim | =4.51 | |
| Exim Exim | =4.71 | |
| Exim Exim | =4.67 | |
| Exim Exim | =4.63 | |
| Exim Exim | =4.00 | |
| Exim Exim | =4.43 | |
| Exim Exim | =4.22 | |
| Exim Exim | =3.10 | |
| Exim Exim | =4.40 | |
| Exim Exim | =4.52 | |
| Exim Exim | =3.36 | |
| Exim Exim | =3.15 | |
| Exim Exim | =4.60 | |
| Exim Exim | =4.61 | |
| Exim Exim | =2.12 | |
| Exim Exim | =4.68 | |
| Exim Exim | =4.54 | |
| Exim Exim | =4.02 | |
| Exim Exim | =4.23 | |
| Exim Exim | =4.01 | |
| Exim Exim | =3.34 | |
| Exim Exim | =3.00 | |
| Exim Exim | =4.62 | |
| Exim Exim | =3.02 | |
| Exim Exim | =3.03 | |
| Exim Exim | =3.12 | |
| Exim Exim | =3.20 | |
| Exim Exim | =4.12 | |
| Exim Exim | =3.22 | |
| Exim Exim | =4.32 | |
| Exim Exim | =4.11 | |
| Exim Exim | =4.42 | |
| Exim Exim | =4.05 | |
| Exim Exim | =4.31 | |
| Exim Exim | =3.14 | |
| Exim Exim | =3.11 | |
| Exim Exim | =3.35 | |
| Exim Exim | =4.44 | |
| Exim Exim | =4.14 | |
| Exim Exim | =4.64 | |
| Exim Exim | =4.04 | |
| Exim Exim | =4.41 | |
| Exim Exim | =4.20 | |
| Exim Exim | =2.10 | |
| Exim Exim | =4.65 | |
| Exim Exim | =4.53 | |
| Exim Exim | =4.33 | |
| Exim Exim | =3.13 | |
| Exim Exim | =4.50 | |
| Exim Exim | =3.32 | |
| Exim Exim | =4.34 | |
| openSUSE openSUSE | =11.1 | |
| openSUSE openSUSE | =11.2 | |
| openSUSE openSUSE | =11.3 | |
| Debian Debian Linux | =5.0 | |
| Canonical Ubuntu Linux | =6.06 | |
| Canonical Ubuntu Linux | =8.04 | |
| Canonical Ubuntu Linux | =9.10 | |
| Canonical Ubuntu Linux | =10.04 | |
| Canonical Ubuntu Linux | =10.10 | |
| Exim Exim | ||
| <=4.72 | ||
| =11.1 | ||
| =11.2 | ||
| =11.3 | ||
| =5.0 | ||
| =6.06 | ||
| =8.04 | ||
| =9.10 | ||
| =10.04 | ||
| =10.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://openwall.com/lists/oss-security/2010/12/10/1
- http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html
- https://bugzilla.redhat.com/show_bug.cgi?id=662012
- http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
- http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/
- http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html
- http://bugs.exim.org/show_bug.cgi?id=1044
- http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html
- http://www.vupen.com/english/advisories/2010/3204
- http://www.kb.cert.org/vuls/id/758489
- http://www.vupen.com/english/advisories/2010/3171
- http://www.debian.org/security/2010/dsa-2131
- http://secunia.com/advisories/42576
- http://www.cpanel.net/2010/12/critical-exim-security-update.html
- http://www.securityfocus.com/bid/45341
- http://www.securitytracker.com/id?1024859
- http://www.vupen.com/english/advisories/2011/0135
- http://secunia.com/advisories/42930
- http://www.redhat.com/support/errata/RHSA-2011-0153.html
- http://www.vupen.com/english/advisories/2011/0245
- http://secunia.com/advisories/43128
- http://www.debian.org/security/2011/dsa-2154
- http://www.ubuntu.com/usn/USN-1060-1
- http://secunia.com/advisories/43243
- http://www.vupen.com/english/advisories/2011/0364
- http://www.securityfocus.com/archive/1/515172/100/0/threaded
- http://www.openwall.com/lists/oss-security/2021/05/04/7
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=661756
- http://lists.exim.org/lurker/message/20101212.031058.0a4ca7c2.en.html
- http://git.exim.org/users/dwmw2/exim.git
- http://git.exim.org/exim.git/commit/1e83d68b72d24d6255d2e78facbe01656515ab4f
- http://git.exim.org/exim.git/commit/fa32850be0d9e605da1b33305c122f7a59a24650
- http://git.exim.org/exim.git/commit/261dc43e32f6039781ca92535e56f5caaa68b809
- http://git.exim.org/exim.git/commit/cd25e41d2d044556e024f0292a17c5ec3cc7987b
- http://git.exim.org/exim.git/commit/e2f5dc151e2e79058e93924e6d35510557f0535d
- http://git.exim.org/exim.git/commit/c1d94452b1b7f3620ee3cc9aa197ad98821de79f
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=468682&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=468682&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=472064&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=472064&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=472066&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=472066&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=668078
- https://rhn.redhat.com/errata/RHSA-2011-0153.html
- https://nvd.nist.gov/vuln/detail/CVE-2010-4345
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/title
- agent/references
- agent/remedy
- agent/weakness
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-4345
- agent/author
- agent/severity
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- collector/nvd-cve
- vendor/exim
- canonical/exim exim
- version/exim exim/2.11
- version/exim exim/4.70
- version/exim exim/4.69
- version/exim exim/4.66
- version/exim exim/4.10
- version/exim exim/3.16
- version/exim exim/3.21
- version/exim exim/3.01
- version/exim exim/3.31
- version/exim exim/4.24
- version/exim exim/3.33
- version/exim exim/3.30
- version/exim exim/4.72
- version/exim exim/4.30
- version/exim exim/4.21
- version/exim exim/4.03
- version/exim exim/4.51
- version/exim exim/4.71
- version/exim exim/4.67
- version/exim exim/4.63
- version/exim exim/4.00
- version/exim exim/4.43
- version/exim exim/4.22
- version/exim exim/3.10
- version/exim exim/4.40
- version/exim exim/4.52
- version/exim exim/3.36
- version/exim exim/3.15
- version/exim exim/4.60
- version/exim exim/4.61
- version/exim exim/2.12
- version/exim exim/4.68
- version/exim exim/4.54
- version/exim exim/4.02
- version/exim exim/4.23
- version/exim exim/4.01
- version/exim exim/3.34
- version/exim exim/3.00
- version/exim exim/4.62
- version/exim exim/3.02
- version/exim exim/3.03
- version/exim exim/3.12
- version/exim exim/3.20
- version/exim exim/4.12
- version/exim exim/3.22
- version/exim exim/4.32
- version/exim exim/4.11
- version/exim exim/4.42
- version/exim exim/4.05
- version/exim exim/4.31
- version/exim exim/3.14
- version/exim exim/3.11
- version/exim exim/3.35
- version/exim exim/4.44
- version/exim exim/4.14
- version/exim exim/4.64
- version/exim exim/4.04
- version/exim exim/4.41
- version/exim exim/4.20
- version/exim exim/2.10
- version/exim exim/4.65
- version/exim exim/4.53
- version/exim exim/4.33
- version/exim exim/3.13
- version/exim exim/4.50
- version/exim exim/3.32
- version/exim exim/4.34
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/11.1
- version/opensuse opensuse/11.2
- version/opensuse opensuse/11.3
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/5.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/6.06
- version/canonical ubuntu linux/8.04
- version/canonical ubuntu linux/9.10
- version/canonical ubuntu linux/10.04
- version/canonical ubuntu linux/10.10