CVE Vulnerabilities

CVE-2010-4345

Published: Dec 14, 2010 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

Affected Software

Name Vendor Start Version End Version
Exim Exim 2.11 2.11
Exim Exim 4.70 4.70
Exim Exim 4.69 4.69
Exim Exim 4.66 4.66
Exim Exim 4.10 4.10
Exim Exim 3.16 3.16
Exim Exim 3.21 3.21
Exim Exim 3.01 3.01
Exim Exim 3.31 3.31
Exim Exim 4.24 4.24
Exim Exim 3.33 3.33
Exim Exim 3.30 3.30
Exim Exim * 4.72
Exim Exim 4.30 4.30
Exim Exim 4.21 4.21
Exim Exim 4.03 4.03
Exim Exim 4.51 4.51
Exim Exim 4.71 4.71
Exim Exim 4.67 4.67
Exim Exim 4.63 4.63
Exim Exim 4.00 4.00
Exim Exim 4.43 4.43
Exim Exim 4.22 4.22
Exim Exim 3.10 3.10
Exim Exim 4.40 4.40
Exim Exim 4.52 4.52
Exim Exim 3.36 3.36
Exim Exim 3.15 3.15
Exim Exim 4.60 4.60
Exim Exim 4.61 4.61
Exim Exim 2.12 2.12
Exim Exim 4.68 4.68
Exim Exim 4.54 4.54
Exim Exim 4.02 4.02
Exim Exim 4.23 4.23
Exim Exim 4.01 4.01
Exim Exim 3.34 3.34
Exim Exim 3.00 3.00
Exim Exim 4.62 4.62
Exim Exim 3.02 3.02
Exim Exim 3.03 3.03
Exim Exim 3.12 3.12
Exim Exim 3.20 3.20
Exim Exim 4.12 4.12
Exim Exim 3.22 3.22
Exim Exim 4.32 4.32
Exim Exim 4.11 4.11
Exim Exim 4.42 4.42
Exim Exim 4.05 4.05
Exim Exim 4.31 4.31
Exim Exim 3.14 3.14
Exim Exim 3.11 3.11
Exim Exim 3.35 3.35
Exim Exim 4.44 4.44
Exim Exim 4.14 4.14
Exim Exim 4.64 4.64
Exim Exim 4.04 4.04
Exim Exim 4.41 4.41
Exim Exim 4.20 4.20
Exim Exim 2.10 2.10
Exim Exim 4.65 4.65
Exim Exim 4.53 4.53
Exim Exim 4.33 4.33
Exim Exim 3.13 3.13
Exim Exim 4.50 4.50
Exim Exim 3.32 3.32
Exim Exim 4.34 4.34

References