Debian DSA-2131-1 : exim4 - arbitrary code execution

high Nessus Plugin ID 51128

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been found in exim4 that allow a remote attacker to execute arbitrary code as root user. Exploits for these issues have been seen in the wild.

This update fixes a memory corruption issue that allows a remote attacker to execute arbitrary code as the Debian-exim user (CVE-2010-4344 ).

A fix for an additional issue that allows the Debian-exim user to obtain root privileges (CVE-2010-4345 ) is currently being checked for compatibility issues. It is not yet included in this upgrade but will released soon in an update to this advisory.

Solution

Upgrade the exim4 packages.

For the stable distribution (lenny), this problem has been fixed in version 4.69-9+lenny1.

This advisory only contains the packages for the alpha, amd64, hppa, i386, ia64, powerpc, and s390 architectures. The packages for the arm, armel, mips, mipsel, and sparc architectures will be released as soon as they are built.

See Also

https://security-tracker.debian.org/tracker/CVE-2010-4344

https://security-tracker.debian.org/tracker/CVE-2010-4345

https://www.debian.org/security/2010/dsa-2131

Plugin Details

Severity: High

ID: 51128

File Name: debian_DSA-2131.nasl

Version: 1.17

Type: local

Agent: unix

Published: 12/12/2010

Updated: 3/28/2022

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:exim4, cpe:/o:debian:debian_linux:5.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/10/2010

CISA Known Exploited Vulnerability Due Dates: 4/15/2022

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Exim4 string_format Function Heap Buffer Overflow)

Reference Information

CVE: CVE-2010-4344

DSA: 2131