You are here

CVE-2010-2023

Vincent (CVE) Danen's picture
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.

Details Source

Mitre

Statement

The Red Hat Security Response Team has rated this issue as having low security impact. By default, /var/spool/mail/ is not provided with permissions to make an attack scenario possible, and there is no reason for permissions to be relaxed in such a way as to make it possible. We therefore have no plans to fix this flaw in Red Hat Enterprise Linux 4 or 5.

Public Date

2010-06-03 00:00:00

Impact

Moderate

Bugzilla

CVE-2010-2023 exim: hard-link following vulnerability in mailbox handling

Bugzilla ID

600 093

CVSS Status

verified

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 exim Affected
Red Hat Enterprise Linux 4 exim Affected