Exim < 4.72 Multiple Vulnerabilities

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote mail server is potentially affected by multiple
vulnerabilities.

Description :

The remote host is running Exim, a message transfer agent (SMTP).

According to the version number in its banner, the installed version
of Exim is earlier than 4.72 and thus potentially affected by one or
both of the following vulnerabilities :

- An error when handling hardlinks within the mail
directory during the mail delivery process can be
exploited to perform unauthorized actions.
(CVE-2010-2023)

- When MBX locking is enabled, a race condition exists
that could allow an attacker to change permissions of
other non-root users' files, leading to denial-of-
service conditions or potentially privilege escalation.
(CVE-2010-2024)

See also :

http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html
http://www.nessus.org/u?f28f03db
http://bugs.exim.org/show_bug.cgi?id=988
http://bugs.exim.org/show_bug.cgi?id=989

Solution :

Upgrade to Exim 4.72 or later when it becomes available.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 46783 (exim_4_72.nasl)

Bugtraq ID: 40451
40454

CVE ID: CVE-2010-2023
CVE-2010-2024