Debian DSA-3517-1 : exim4 - security update

high Nessus Plugin ID 89926

Synopsis

The remote Debian host is missing a security-related update.

Description

A local root privilege escalation vulnerability was found in Exim, Debian's default mail transfer agent, in configurations using the'perl_startup' option (Only Exim via exim4-daemon-heavy enables Perl support).

To address the vulnerability, updated Exim versions clean the complete execution environment by default, affecting Exim and subprocesses such as transports calling other programs, and thus may break existing installations. New configuration options (keep_environment, add_environment) were introduced to adjust this behavior.

More information can be found in the upstream advisory at https://www.exim.org/static/doc/CVE-2016-1531.txt

Solution

Upgrade the exim4 packages.

For the oldstable distribution (wheezy), this problem has been fixed in version 4.80-7+deb7u2.

For the stable distribution (jessie), this problem has been fixed in version 4.84.2-1.

See Also

https://www.exim.org/static/doc/CVE-2016-1531.txt

https://packages.debian.org/source/wheezy/exim4

https://packages.debian.org/source/jessie/exim4

https://www.debian.org/security/2016/dsa-3517

Plugin Details

Severity: High

ID: 89926

File Name: debian_DSA-3517.nasl

Version: 2.13

Type: local

Agent: unix

Published: 3/15/2016

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 5.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7

Temporal Score: 6.5

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:exim4, cpe:/o:debian:debian_linux:7.0, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/14/2016

Exploitable With

Core Impact

Reference Information

CVE: CVE-2016-1531

DSA: 3517