7.8

CVE-2010-4345

Warnung
Medienbericht
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EximExim Version <= 4.72
OpensuseOpensuse Version11.1
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04 SwEdition-
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Exim Privilege Escalation Vulnerability

Schwachstelle

Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 17.79% 0.968
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

http://secunia.com/advisories/43243
Broken Link
http://www.ubuntu.com/usn/USN-1060-1
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0364
Broken Link
http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/10/1
Mailing List
http://secunia.com/advisories/42576
Vendor Advisory
Broken Link
http://www.debian.org/security/2010/dsa-2131
Third Party Advisory
Mailing List
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
Vendor Advisory
Mailing List
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/05/04/7
Mailing List
http://www.securityfocus.com/archive/1/515172/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/
Third Party Advisory
Press/Media Coverage
http://www.vupen.com/english/advisories/2010/3171
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2010/3204
Vendor Advisory
Broken Link
http://bugs.exim.org/show_bug.cgi?id=1044
Patch
Issue Tracking
http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html
Patch
Mailing List
http://secunia.com/advisories/42930
Broken Link
http://secunia.com/advisories/43128
Broken Link
http://www.cpanel.net/2010/12/critical-exim-security-update.html
Broken Link
http://www.debian.org/security/2011/dsa-2154
Third Party Advisory
Mailing List
http://www.kb.cert.org/vuls/id/758489
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2011-0153.html
Broken Link
http://www.securityfocus.com/bid/45341
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1024859
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2011/0135
Broken Link
http://www.vupen.com/english/advisories/2011/0245
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=662012
Patch
Issue Tracking
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4345
US Government Resource