Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Exim < 4.74 Local Privilege Escalation Vulnerability

High

Synopsis

The remote mail server is affected by a local privilege escalation vulnerability.

Description

The remote host is running Exim, a message transfer agent.

Versions of Exim earlier than 4.74 are potentially affected by a local privilege escalation vulnerability. Attackers can exploit this flaw to append arbitrary data to files through symbolic link attacks. Successfully exploiting this issue allows local attackers with 'exim' run-time privileges to perform certain actions with superuser privileges, leading to a complete compromise of an affected computer. Note that this issue only affects Exim on Linux.

Solution

Upgrade to Exim 4.74 or later.