Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
BID:68857
Info
Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
| Bugtraq ID: | 68857 |
| Class: | Unknown |
| CVE: |
CVE-2014-2972 |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 22 2014 12:00AM |
| Updated: | Apr 13 2015 09:38PM |
| Credit: | Todd Lyons |
| Vulnerable: |
Exim Exim 4.72 Exim Exim 4.71 Exim Exim 4.70 Exim Exim 4.69 Exim Exim 4.68 Exim Exim 4.67 Exim Exim 4.66 Exim Exim 4.65 Exim Exim 4.64 Exim Exim 4.63 Exim Exim 4.62 Exim Exim 4.61 Exim Exim 4.60 Exim Exim 4.54 Exim Exim 4.53 Exim Exim 4.52 Exim Exim 4.51 Exim Exim 4.50 Exim Exim 4.44 Exim Exim 4.43 Exim Exim 4.42 Exim Exim 4.41 Exim Exim 4.40 Exim Exim 4.34 Exim Exim 4.33 Exim Exim 4.32 Exim Exim 4.31 Exim Exim 4.30 Exim Exim 4.24 Exim Exim 4.23 Exim Exim 4.22 Exim Exim 4.21 Exim Exim 4.20 Exim Exim 4.14 Exim Exim 4.12 Exim Exim 4.11 Exim Exim 4.10 Exim Exim 4.05 Exim Exim 4.04 Exim Exim 4.03 Exim Exim 4.02 Exim Exim 4.01 Exim Exim 4.00 Exim Exim 3.36 Exim Exim 3.35 Exim Exim 3.34 Exim Exim 3.33 Exim Exim 3.32 Exim Exim 3.31 Exim Exim 3.30 Exim Exim 3.22 Exim Exim 3.21 Exim Exim 3.20 Exim Exim 3.16 Exim Exim 3.15 Exim Exim 3.14 Exim Exim 3.13 Exim Exim 3.12 Exim Exim 3.11 Exim Exim 3.10 Exim Exim 3.03 Exim Exim 3.02 Exim Exim 3.01 Exim Exim 3.00 Exim Exim 2.12 Exim Exim 2.11 Exim Exim 2.10 |
| Not Vulnerable: |
Exim Exim 4.83 |
Discussion
Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
Exim is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to gain elevated privileges on affected computers. Successful attacks may allow local attackers to execute arbitrary code in the context of a user.
Versions prior to Exim 4.83 are vulnerable.
Exim is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to gain elevated privileges on affected computers. Successful attacks may allow local attackers to execute arbitrary code in the context of a user.
Versions prior to Exim 4.83 are vulnerable.
Exploit / POC
Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
An attacker uses readily available tools to exploit the issue.
An attacker uses readily available tools to exploit the issue.
References
Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
References:
References:
- Exim Homepage (Exim)
- exim: local code execution via string expansion (Exim)