Lucene search

K
suseSuseSUSE-SA:2010:059
HistoryDec 13, 2010 - 10:39 a.m.

remote code execution in exim

2010-12-1310:39:26
lists.opensuse.org
27

0.931 High

EPSS

Percentile

98.8%

The unprivileged user exim is running as could tell the exim daemon to read a different config file and leverage that to escalate privileges to root (CVE-2010-4345). A buffer overflow in exim allowed remote attackers to execute arbitrary code (CVE-2010-4344). openSUSE 11.3 is not affected by this flaw.

Solution

There is no known workaround, please install the update packages.