Rapid7 Vulnerability & Exploit Database

RHSA-2011:0153: exim security update

Back to Search

RHSA-2011:0153: exim security update



Exim is a mail transport agent (MTA) developed at the University ofCambridge for use on UNIX systems connected to the Internet.A privilege escalation flaw was discovered in Exim. If an attacker wereable to gain access to the "exim" user, they could cause Exim to executearbitrary commands as the root user. (CVE-2010-4345)This update adds a new configuration file, "/etc/exim/trusted-configs". Toprevent Exim from running arbitrary commands as root, Exim will now dropprivileges when run with a configuration file not listed as trusted. Thiscould break backwards compatibility with some Exim configurations, as thetrusted-configs file only trusts "/etc/exim/exim.conf" and"/etc/exim/exim4.conf" by default. If you are using a configuration filenot listed in the new trusted-configs file, you will need to add itmanually.Additionally, Exim will no longer allow a user to execute exim as root withthe -D command line option to override macro definitions. All macrodefinitions that require root permissions must now reside in a trustedconfiguration file.Users of Exim are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing thisupdate, the exim daemon will be restarted automatically.


  • redhat-upgrade-exim
  • redhat-upgrade-exim-doc
  • redhat-upgrade-exim-mon
  • redhat-upgrade-exim-sa

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center