CVE-2010-4345

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

Date published : 2010-12-14

http://www.securityfocus.com/bid/45341

http://www.securityfocus.com/archive/1/515172/100/0/threaded