Back to search

USN-1060-1: Exim vulnerabilities

Severity CVSS Published Added Modified
7 (AV:L/AC:M/Au:N/C:C/I:C/A:C) February 01, 2011 May 06, 2013 August 28, 2013

Available Exploits 

Description

The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • exim4-daemon-heavy on Ubuntu Linux 10.04

    Upgrade exim4-daemon-heavy for Ubuntu 10.04 LTS

    Use `apt-get upgrade` to upgrade exim4-daemon-heavy to the latest version

  • exim4-daemon-custom on Ubuntu Linux 10.04

    Upgrade exim4-daemon-custom for Ubuntu 10.04 LTS

    Use `apt-get upgrade` to upgrade exim4-daemon-custom to the latest version

  • exim4-daemon-light on Ubuntu Linux 10.04

    Upgrade exim4-daemon-light for Ubuntu 10.04 LTS

    Use `apt-get upgrade` to upgrade exim4-daemon-light to the latest version

  • exim4-daemon-heavy on Ubuntu Linux 10.10

    Upgrade exim4-daemon-heavy for Ubuntu 10.10

    Use `apt-get upgrade` to upgrade exim4-daemon-heavy to the latest version

  • exim4-daemon-custom on Ubuntu Linux 10.10

    Upgrade exim4-daemon-custom for Ubuntu 10.10

    Use `apt-get upgrade` to upgrade exim4-daemon-custom to the latest version

  • exim4-daemon-light on Ubuntu Linux 10.10

    Upgrade exim4-daemon-light for Ubuntu 10.10

    Use `apt-get upgrade` to upgrade exim4-daemon-light to the latest version

  • exim4-daemon-heavy on Ubuntu Linux 8.04

    Upgrade exim4-daemon-heavy for Ubuntu 8.04 LTS

    Use `apt-get upgrade` to upgrade exim4-daemon-heavy to the latest version

  • exim4-daemon-custom on Ubuntu Linux 8.04

    Upgrade exim4-daemon-custom for Ubuntu 8.04 LTS

    Use `apt-get upgrade` to upgrade exim4-daemon-custom to the latest version

  • exim4-daemon-light on Ubuntu Linux 8.04

    Upgrade exim4-daemon-light for Ubuntu 8.04 LTS

    Use `apt-get upgrade` to upgrade exim4-daemon-light to the latest version

  • exim4-daemon-heavy on Ubuntu Linux 9.10

    Upgrade exim4-daemon-heavy for Ubuntu 9.10

    Use `apt-get upgrade` to upgrade exim4-daemon-heavy to the latest version

  • exim4-daemon-custom on Ubuntu Linux 9.10

    Upgrade exim4-daemon-custom for Ubuntu 9.10

    Use `apt-get upgrade` to upgrade exim4-daemon-custom to the latest version

  • exim4-daemon-light on Ubuntu Linux 9.10

    Upgrade exim4-daemon-light for Ubuntu 9.10

    Use `apt-get upgrade` to upgrade exim4-daemon-light to the latest version

Related Vulnerabilities