Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-2023HistoryJun 07, 2010 - 5:12 p.m.
CVE-2010-2023
2010-06-0717:12:00
Debian Security Bug Tracker
security-tracker.debian.org
8
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.4%
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user’s file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 11 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 10 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 999 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
| Debian | 13 | all | exim4 | < 4.72-1 | exim4_4.72-1_all.deb |
Related
cve
cve
CVE-2010-2023
2010-06-07 17:12:00
ubuntucve
ubuntucve
CVE-2010-2023
2010-06-07 00:00:00
prion
prion
Hardcoded credentials
2010-06-07 17:12:00
nessus
nessus
openSUSE Security Update : exim (openSUSE-SU-2010:0416-1)
2014-06-13 00:00:00
openSUSE Security Update : exim (openSUSE-SU-2010:0416-1)
2010-07-23 00:00:00
Exim < 4.72 Multiple Vulnerabilities
2010-06-01 00:00:00
openvas
openvas
Fedora Update for exim FEDORA-2010-9524
2010-06-11 00:00:00
Exim < 4.72 RC2 Multiple Vulnerabilities
2010-06-03 00:00:00
Fedora Update for exim FEDORA-2010-9506
2010-06-11 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in Exim
2010-06-08 00:00:00
Exim hard links vulnerability
2010-06-08 00:00:00
Exim security issue in historical release
2010-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: exim-4.72-1.fc13
2010-06-08 19:39:49
[SECURITY] Fedora 12 Update: exim-4.72-1.fc12
2010-06-08 19:34:34
[SECURITY] Fedora 14 Update: exim-4.72-2.fc14
2011-04-12 21:26:15
ubuntu
ubuntu
Exim vulnerabilities
2011-02-10 00:00:00
gentoo
gentoo
Exim: Multiple vulnerabilities
2014-01-27 00:00:00
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.4%
Related for DEBIANCVE:CVE-2010-2023