CVE-2011-0017

The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
Severity
UNKNOWN
AV:L/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
LOCAL
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
eximexim
𝑥
≤ 4.72
eximexim
2.10
eximexim
2.11
eximexim
2.12
eximexim
3.00
eximexim
3.01
eximexim
3.02
eximexim
3.03
eximexim
3.10
eximexim
3.11
eximexim
3.12
eximexim
3.13
eximexim
3.14
eximexim
3.15
eximexim
3.16
eximexim
3.20
eximexim
3.21
eximexim
3.22
eximexim
3.30
eximexim
3.31
eximexim
3.32
eximexim
3.33
eximexim
3.34
eximexim
3.35
eximexim
3.36
eximexim
4.00
eximexim
4.01
eximexim
4.02
eximexim
4.03
eximexim
4.04
eximexim
4.05
eximexim
4.10
eximexim
4.11
eximexim
4.12
eximexim
4.14
eximexim
4.20
eximexim
4.21
eximexim
4.22
eximexim
4.23
eximexim
4.24
eximexim
4.30
eximexim
4.31
eximexim
4.32
eximexim
4.33
eximexim
4.34
eximexim
4.40
eximexim
4.41
eximexim
4.42
eximexim
4.43
eximexim
4.44
eximexim
4.50
eximexim
4.51
eximexim
4.52
eximexim
4.53
eximexim
4.54
eximexim
4.60
eximexim
4.61
eximexim
4.62
eximexim
4.63
eximexim
4.64
eximexim
4.65
eximexim
4.66
eximexim
4.67
eximexim
4.68
eximexim
4.69
eximexim
4.70
eximexim
4.71
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
exim4
bullseye (security)
4.94.2-7+deb11u3
fixed
bullseye
4.94.2-7+deb11u3
fixed
bookworm
4.96-15+deb12u5
fixed
bookworm (security)
4.96-15+deb12u5
fixed
sid
4.98-1
fixed
trixie
4.98-1
fixed