fkie_cve-2010-2023
Vulnerability from fkie_nvd
Published
2010-06-07 17:12
Modified
2025-04-11 00:51
Severity ?
Summary
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html
cve@mitre.orghttp://bugs.exim.org/show_bug.cgi?id=988
cve@mitre.orghttp://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
cve@mitre.orghttp://secunia.com/advisories/40019Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/40123
cve@mitre.orghttp://secunia.com/advisories/43243
cve@mitre.orghttp://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2
cve@mitre.orghttp://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25Patch
cve@mitre.orghttp://www.securityfocus.com/archive/1/511653/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/40451
cve@mitre.orghttp://www.ubuntu.com/usn/USN-1060-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/1402
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0364
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=600093
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/59043
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.exim.org/show_bug.cgi?id=988
af854a3a-2127-422b-91ae-364da2661108http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40019Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40123
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43243
af854a3a-2127-422b-91ae-364da2661108http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2
af854a3a-2127-422b-91ae-364da2661108http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/511653/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/40451
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1060-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1402
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0364
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=600093
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/59043
Impacted products
Vendor Product Version
exim exim *
exim exim 4.10
exim exim 4.20
exim exim 4.21
exim exim 4.22
exim exim 4.23
exim exim 4.24
exim exim 4.30
exim exim 4.31
exim exim 4.32
exim exim 4.33
exim exim 4.34
exim exim 4.40
exim exim 4.41
exim exim 4.42
exim exim 4.43
exim exim 4.44
exim exim 4.50
exim exim 4.51
exim exim 4.52
exim exim 4.53
exim exim 4.54
exim exim 4.60
exim exim 4.61
exim exim 4.62
exim exim 4.63
exim exim 4.64
exim exim 4.65
exim exim 4.66
exim exim 4.67
exim exim 4.68
exim exim 4.69
exim exim 4.70


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F612EF3-5909-4AA7-9041-02C193E447C4",
              "versionEndIncluding": "4.71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC43E6B-2DA9-496E-BAD2-04FF4C3A53FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "04C4B45D-A0AC-42B3-99D7-91F7B8D15B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED822CDF-C94B-4A16-BEEB-FECE51CBB744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B52A1ECA-44CC-4DDE-B1AD-25AE27605317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E7D5D6F-8FDB-4AC2-A4D9-16E632AC8EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4FEC2B4-BD68-428E-91BC-BC85F72E3BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "23EEBB47-2495-4FDB-9A55-415DA69392E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A8E154-32CC-4665-82A0-1DE7A51B2435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B594190-DF8F-45AE-8579-BD7B4568606F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD2D8712-4DF9-4A73-93A7-7719C3502E18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9DF054-4CBF-4BA7-9A42-5627DC4B6A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13E6533-BEB9-4082-9063-7E3CCBF4C36C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "879B9641-3245-4CF7-912A-FD21372F46F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "A91CA841-BBCA-4EF9-BC00-478A18797941",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEA3F58C-3EF2-48B9-9171-7EFE72B1A3DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFB37C45-54E7-4E91-8E6D-0A3E764E1702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "31CBE3C0-4918-4FA6-B1E7-6336913EF8D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC45BCE0-F190-4050-8B3B-869D0C1033AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD0E5A4-3FCB-46C1-A709-CA15D96FA9B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3335C80-97AE-42DB-B125-0D3FA57D8317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F83560A-BDD7-456D-846C-D1DAF5C9DA64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "22B9FD06-13E3-47CA-AB67-691DC3A9C330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE2A81F2-3E53-4A31-BCC6-BDC0E1B62CC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A03C071-87BF-4D5E-ABED-472ABAEFAC71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D96C53-989C-42C8-9E71-A206B78ED55A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "30190EAB-7140-4E0A-B7A5-8FA8BD0749C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BD63C5-C916-4D7D-AE81-7B9676FC0951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCD8FE2F-8D53-407A-BB83-EB7725456D71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "162F5CB4-1931-4236-8519-DD63A98BCEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF06704-E078-42FA-89DA-7BCA169D0E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8F2CB6E-1ED1-4E56-9532-30D2BA6A53DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "452E9C94-B7FF-40A9-A7F9-FC38824F6135",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user\u0027s file."
    },
    {
      "lang": "es",
      "value": "transports/appendfile.c en Exim antes de v4.72, cuando se usa un directorio de correo con permisos de escritura para todos y sticky-bit activado, no verifica el campo de st_nlink de los ficheros de buz\u00f3n de correo, que permite a usuarios locales causar una denegaci\u00f3n de servicio o posiblemente obtener privilegios mediante la creaci\u00f3n de un v\u00ednculo f\u00edsico a un archivo de otro usuario."
    }
  ],
  "id": "CVE-2010-2023",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-06-07T17:12:48.247",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.exim.org/show_bug.cgi?id=988"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/40123"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/43243"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup\u0026pathrev=exim-4_72_RC2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24\u0026r2=1.25"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/40451"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-1060-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/1402"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0364"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=600093"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.exim.org/show_bug.cgi?id=988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/40019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/40123"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup\u0026pathrev=exim-4_72_RC2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24\u0026r2=1.25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/40451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1060-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=600093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59043"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.