Ubuntu Security Notice (C) 2016 Canonical, Inc. / NASL script (C) 2016 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related
It was discovered that Exim incorrectly filtered environment variables
when used with the perl_startup configuration option. If the
perl_startup option was enabled, a local attacker could use this issue
to escalate their privileges to the root user. This issue has been
fixed by having Exim clean the complete execution environment by
default on startup, including any subprocesses such as transports that
call other programs. This change in behaviour may break existing
installations and can be adjusted by using two new configuration
options, keep_environment and add_environment. (CVE-2016-1531)
Patrick William discovered that Exim incorrectly expanded mathematical
comparisons twice. A local attacker could possibly use this issue to
perform arbitrary file operations as the Exim user. This issue only
affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2972).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Update the affected exim4-daemon-custom, exim4-daemon-heavy and / or
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.7
Public Exploit Available : true