transports/appendfile.c in Exim prior to 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
exim exim |
||
exim exim 4.70 |
||
exim exim 4.63 |
||
exim exim 4.62 |
||
exim exim 4.44 |
||
exim exim 4.43 |
||
exim exim 4.22 |
||
exim exim 4.21 |
||
exim exim 4.10 |
||
exim exim 4.20 |
||
exim exim 4.69 |
||
exim exim 4.68 |
||
exim exim 4.61 |
||
exim exim 4.60 |
||
exim exim 4.54 |
||
exim exim 4.34 |
||
exim exim 4.33 |
||
exim exim 4.41 |
||
exim exim 4.42 |
||
exim exim 4.65 |
||
exim exim 4.64 |
||
exim exim 4.51 |
||
exim exim 4.50 |
||
exim exim 4.24 |
||
exim exim 4.23 |
||
exim exim 4.32 |
||
exim exim 4.40 |
||
exim exim 4.67 |
||
exim exim 4.66 |
||
exim exim 4.53 |
||
exim exim 4.52 |
||
exim exim 4.31 |
||
exim exim 4.30 |
Vulmon