Информационная безопасность
[RU] switch to English


Повреждение памяти и выполнение кода в Exim
дополнено с 12 декабря 2010 г.
Опубликовано:3 февраля 2011 г.
Источник:
SecurityVulns ID:11287
Тип:удаленная
Уровень опасности:
9/10
Затронутые продукты:EXIM : exim 4.69
 EXIM : exim 4.72
CVE:CVE-2011-0017 (The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.)
 CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.)
 CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA-2154-1] exim4 security update (03.02.2011)
 documentEXIM, Exim security issue in historical release (13.12.2010)
 documentDEBIAN, [SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution (12.12.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород