Test ID:	1.3.6.1.4.1.25623.1.0.105568
Category:	SMTP problems
Title:	Exim < 4.86.2 Local Root / Privilege Escalation Vulnerability
Summary:	Exim is prone to a local root privilege escalation; vulnerability.
Description:	Summary: Exim is prone to a local root privilege escalation vulnerability. Vulnerability Insight: When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges. Solution: Update to version 4.86.2 or later. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1531 Debian Security Information: DSA-3517 (Google Search) http://www.debian.org/security/2016/dsa-3517 https://www.exploit-db.com/exploits/39535/ https://www.exploit-db.com/exploits/39549/ https://www.exploit-db.com/exploits/39702/ http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup http://www.securitytracker.com/id/1035512 SuSE Security Announcement: openSUSE-SU-2016:0721 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html http://www.ubuntu.com/usn/USN-2933-1
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.