ID de Prueba:	1.3.6.1.4.1.25623.1.0.100663
Categoría:	SMTP problems
Título:	Exim < 4.72 RC2 Multiple Vulnerabilities
Resumen:	Exim is prone to multiple vulnerabilities.
Descripción:	Summary: Exim is prone to multiple vulnerabilities. Vulnerability Insight: 1. Exim creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible. 2. Exim is prone to a local privilege escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges on affected computers. Affected Software/OS: Versions prior to Exim 4.72 RC2 are vulnerable. Solution: Updates are available. Please see the references for more information. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2024 BugTraq ID: 40454 http://www.securityfocus.com/bid/40454 Bugtraq: 20100603 Multiple vulnerabilities in Exim (Google Search) http://www.securityfocus.com/archive/1/511653/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html http://secunia.com/advisories/40019 http://secunia.com/advisories/40123 http://secunia.com/advisories/43243 SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://www.ubuntu.com/usn/USN-1060-1 http://www.vupen.com/english/advisories/2010/1402 http://www.vupen.com/english/advisories/2011/0364 XForce ISS Database: exim-mbx-symlink(59042) https://exchange.xforce.ibmcloud.com/vulnerabilities/59042 Common Vulnerability Exposure (CVE) ID: CVE-2010-2023 BugTraq ID: 40451 http://www.securityfocus.com/bid/40451 XForce ISS Database: exim-mail-directory-priv-escalation(59043) https://exchange.xforce.ibmcloud.com/vulnerabilities/59043
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.