Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4345

Опубликовано: 14 дек. 2010
Источник: nvd
CVSS3: 7.8
CVSS2: 6.9
EPSS Средний

Описание

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*
Версия до 4.72 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

EPSS

Процентиль: 93%
0.11704
Средний

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

NVD-CWE-noinfo
CWE-77

Связанные уязвимости

ubuntu логотип

CVE-2010-4345

CVSS3: 7.8
ubuntu
больше 14 лет назад

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

redhat логотип

CVE-2010-4345

redhat
больше 14 лет назад

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

debian логотип

CVE-2010-4345

CVSS3: 7.8
debian
больше 14 лет назад

Exim 4.72 and earlier allows local users to gain privileges by leverag ...

github логотип

GHSA-qq6c-p3fx-6qcx

CVSS3: 7.8
github
около 3 лет назад

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

oracle-oval логотип

ELSA-2011-0153

oracle-oval
больше 14 лет назад

ELSA-2011-0153: exim security update (MODERATE)

EPSS

Процентиль: 93%
0.11704
Средний

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

NVD-CWE-noinfo
CWE-77