[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-0017Date: (C)2011-02-01   (M)2023-12-22


The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.9
Exploit Score: 3.4
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-43101
SECUNIA-43128
SECUNIA-43243
BID-46065
OSVDB-70696
ADV-2011-0224
ADV-2011-0245
ADV-2011-0364
ADV-2011-0464
DSA-2154
SUSE-SR:2011:004
USN-1060-1
http://lists.exim.org/lurker/message/20110126.034702.4d69c278.en.html
exim-openlog-privilege-escalation(65028)
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74

CPE    67
cpe:/a:exim:exim:4.53
cpe:/a:exim:exim
cpe:/a:exim:exim:4.54
cpe:/a:exim:exim:4.10
...
CWE    1
CWE-20
OVAL    3
oval:org.secpod.oval:def:600545
oval:org.secpod.oval:def:700224
oval:org.secpod.oval:def:600175

© SecPod Technologies