Back to search

ELSA-2011-0153 Moderate: Oracle Linux 4 exim security update

Severity CVSS Published Added Modified
7 (AV:L/AC:M/Au:N/C:C/I:C/A:C) December 14, 2010 December 20, 2011 September 01, 2012

Available Exploits 

Description

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

Related Vulnerabilities