Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SMTP problems
Title:Exim < 4.72 RC2 Multiple Vulnerabilities
Summary:According to the version from its Banner, the remote Exim is prone to; multiple vulnerabilities.
According to the version from its Banner, the remote Exim is prone to
multiple vulnerabilities.

Vulnerability Insight:
1. Exim creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files,
which may result in a denial of service. Other attacks may also be possible.

2. Exim is prone to a local privilege-escalation vulnerability.

Local attackers can exploit this issue to gain elevated privileges on
affected computers.

Affected Software/OS:
Versions prior to Exim 4.72 RC2 are vulnerable.

Updates are available. Please see the references for more information.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 40454
BugTraq ID: 40451
Common Vulnerability Exposure (CVE) ID: CVE-2010-2024
Bugtraq: 20100603 Multiple vulnerabilities in Exim (Google Search)
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
XForce ISS Database: exim-mbx-symlink(59042)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2023
XForce ISS Database: exim-mail-directory-priv-escalation(59043)
CopyrightThis script is Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.