Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-2024
Description:transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
Test IDs: 1.3.6.1.4.1.25623.1.0.67537   1.3.6.1.4.1.25623.1.0.67536   1.3.6.1.4.1.25623.1.0.69479  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-2024
BugTraq ID: 40454
http://www.securityfocus.com/bid/40454
Bugtraq: 20100603 Multiple vulnerabilities in Exim (Google Search)
http://www.securityfocus.com/archive/1/511653/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html
http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html
http://secunia.com/advisories/40019
http://secunia.com/advisories/40123
http://secunia.com/advisories/43243
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://www.ubuntu.com/usn/USN-1060-1
http://www.vupen.com/english/advisories/2010/1402
http://www.vupen.com/english/advisories/2011/0364
XForce ISS Database: exim-mbx-symlink(59042)
https://exchange.xforce.ibmcloud.com/vulnerabilities/59042




© 1998-2024 E-Soft Inc. All rights reserved.