Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-2023
Description:transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
Test IDs: 1.3.6.1.4.1.25623.1.0.67537   1.3.6.1.4.1.25623.1.0.67536   1.3.6.1.4.1.25623.1.0.69479  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-2023
BugTraq ID: 40451
http://www.securityfocus.com/bid/40451
Bugtraq: 20100603 Multiple vulnerabilities in Exim (Google Search)
http://www.securityfocus.com/archive/1/511653/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html
http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html
http://secunia.com/advisories/40019
http://secunia.com/advisories/40123
http://secunia.com/advisories/43243
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://www.ubuntu.com/usn/USN-1060-1
http://www.vupen.com/english/advisories/2010/1402
http://www.vupen.com/english/advisories/2011/0364
XForce ISS Database: exim-mail-directory-priv-escalation(59043)
https://exchange.xforce.ibmcloud.com/vulnerabilities/59043




© 1998-2024 E-Soft Inc. All rights reserved.