Total vulnerabilities in the database
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
| Software | From | Fixed in |
|---|---|---|
| exim / exim | - | 4.72.x |
| opensuse / opensuse | 11.1 | 11.1.x |
| opensuse / opensuse | 11.2 | 11.2.x |
| opensuse / opensuse | 11.3 | 11.3.x |
| debian / debian_linux | 5.0 | 5.0.x |
| canonical / ubuntu_linux | 10.10 | 10.10.x |
| canonical / ubuntu_linux | 9.10 | 9.10.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |
| canonical / ubuntu_linux | 10.04 | 10.04.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |