{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-12-07T00:00:00", "descriptions": [{"lang": "en", "value": "Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-04T17:06:32", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "43128", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43128"}, {"name": "SUSE-SA:2010:059", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"name": "[exim-dev] 20101209 Re: [Exim-maintainers] Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html"}, {"name": "VU#758489", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/758489"}, {"name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012"}, {"name": "ADV-2011-0364", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0364"}, {"tags": ["x_refsource_MISC"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"name": "RHSA-2011:0153", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html"}, {"name": "45341", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45341"}, {"name": "42930", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42930"}, {"name": "42576", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42576"}, {"name": "43243", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43243"}, {"name": "1024859", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024859"}, {"name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"name": "DSA-2154", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2154"}, {"name": "20101213 Exim security issue in historical release", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"name": "ADV-2011-0245", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0245"}, {"name": "ADV-2011-0135", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0135"}, {"name": "USN-1060-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1060-1"}, {"name": "ADV-2010-3204", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.exim.org/show_bug.cgi?id=1044"}, {"name": "DSA-2131", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"name": "ADV-2010-3171", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html"}, {"name": "[oss-security] 20101210 Exim remote root", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:43:14.742Z"}, "title": "CVE Program Container", "references": [{"name": "43128", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43128"}, {"name": "SUSE-SA:2010:059", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"name": "[exim-dev] 20101209 Re: [Exim-maintainers] Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html"}, {"name": "VU#758489", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/758489"}, {"name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012"}, {"name": "ADV-2011-0364", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0364"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"name": "RHSA-2011:0153", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html"}, {"name": "45341", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/45341"}, {"name": "42930", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42930"}, {"name": "42576", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42576"}, {"name": "43243", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43243"}, {"name": "1024859", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024859"}, {"name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"name": "DSA-2154", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2154"}, {"name": "20101213 Exim security issue in historical release", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"name": "ADV-2011-0245", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0245"}, {"name": "ADV-2011-0135", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0135"}, {"name": "USN-1060-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1060-1"}, {"name": "ADV-2010-3204", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.exim.org/show_bug.cgi?id=1044"}, {"name": "DSA-2131", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"name": "ADV-2010-3171", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html"}, {"name": "[oss-security] 20101210 Exim remote root", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4345", "datePublished": "2010-12-14T15:00:00", "dateReserved": "2010-11-30T00:00:00", "dateUpdated": "2024-08-07T03:43:14.742Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Exim Privilege Escalation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "matchCriteriaId": "91805B65-DDF2-4888-8F81-011F8D78B558", "versionEndIncluding": "4.72", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive."}, {"lang": "es", "value": "Exim v4.72 y anteriores permiten a usuarios locales ganar privilegios potenciando la habilidad especificar un archivo de cuenta de usuario con una configuraci\u00f3n alternativa mediante una directiva que contenga comandos de su elecci\u00f3n, como se demostr\u00f3 con la directiva spool_directory."}], "id": "CVE-2010-4345", "lastModified": "2024-07-16T17:57:37.573", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2010-12-14T16:00:04.257", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch"], "url": "http://bugs.exim.org/show_bug.cgi?id=1044"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch"], "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://openwall.com/lists/oss-security/2010/12/10/1"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/42576"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/42930"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/43128"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/43243"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.debian.org/security/2010/dsa-2131"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.debian.org/security/2011/dsa-2154"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/758489"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/45341"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1024859"}, {"source": "secalert@redhat.com", "tags": ["Press/Media Coverage", "Third Party Advisory"], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1060-1"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3171"}, {"source": "secalert@redhat.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/3204"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0135"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0245"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0364"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0153", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "exim-0:4.43-1.RHEL4.5.el4_8.3", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2011-01-17T00:00:00Z"}, {"advisory": "RHSA-2011:0153", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "exim-0:4.63-5.el5_6.2", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-01-17T00:00:00Z"}], "bugzilla": {"description": "exim: privilege escalation", "id": "662012", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "status": "verified"}, "cwe": "CWE-78", "details": ["Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive."], "name": "CVE-2010-4345", "public_date": "2010-12-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-4345\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-4345\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Moderate"}