Exim < 4.74 Local Privilege Escalation Vulnerability
High Nessus Network Monitor Plugin ID 5752
SynopsisThe remote mail server is affected by a local privilege escalation vulnerability.
DescriptionThe remote host is running Exim, a message transfer agent.
Versions of Exim earlier than 4.74 are potentially affected by a local privilege escalation vulnerability. Attackers can exploit this flaw to append arbitrary data to files through symbolic link attacks. Successfully exploiting this issue allows local attackers with 'exim' run-time privileges to perform certain actions with superuser privileges, leading to a complete compromise of an affected computer. Note that this issue only affects Exim on Linux.
SolutionUpgrade to Exim 4.74 or later.