1. Ubuntu Security Notices
  2. USN-1060-1

USN-1060-1: Exim vulnerabilities

Publication date

10 February 2011

Overview

Releases

Packages

Details

It was discovered that Exim contained a design flaw in the way it processed
alternate configuration files. An attacker that obtained privileges of the
"Debian-exim" user could use an alternate configuration file to obtain
root privileges. (CVE-2010-4345)

It was discovered that Exim incorrectly handled certain return values when
handling logging. An attacker that obtained privileges of the "Debian-exim"
user could use this flaw to obtain root privileges. (CVE-2011-0017)

Dan Rosenberg discovered that Exim incorrectly handled writable sticky-bit
mail directories. If Exim were configured in this manner, a local user
could use this flaw to cause a denial of service or possibly gain
privileges. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, 9.10,
and 10.04 LTS. (CVE-2010-2023)

Dan Rosenberg discovered that...

It was discovered that Exim contained a design flaw in the way it processed
alternate configuration files. An attacker that obtained privileges of the
"Debian-exim" user could use an alternate configuration file to obtain
root privileges. (CVE-2010-4345)

It was discovered that Exim incorrectly handled certain return values when
handling logging. An attacker that obtained privileges of the "Debian-exim"
user could use this flaw to obtain root privileges. (CVE-2011-0017)

Dan Rosenberg discovered that Exim incorrectly handled writable sticky-bit
mail directories. If Exim were configured in this manner, a local user
could use this flaw to cause a denial of service or possibly gain
privileges. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, 9.10,
and 10.04 LTS. (CVE-2010-2023)

Dan Rosenberg discovered that Exim incorrectly handled MBX locking. If
Exim were configured in this manner, a local user could use this flaw to
cause a denial of service or possibly gain privileges. This issue only
applied to Ubuntu 6.06 LTS, 8.04 LTS, 9.10, and 10.04 LTS. (CVE-2010-2024)

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

ATTENTION: This security update brings changes to Exim's behaviour. Please review the following information carefully, as your Exim configuration may need to be adjusted after applying this update. Exim no longer runs alternate configuration files specified with the -C option as root. The new /etc/exim4/trusted_configs file can be used to override this new behaviour. Files listed in trusted_configs and owned by root will be run with root privileges when using the -C option. In addition, Exim no longer runs as root when the -D option is used. Macro definitions that require root privileges should now be placed in trusted configuration files. Please see the /usr/share/doc/exim4-*/NEWS.Debian file for detailed information.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
9.10 karmic exim4-daemon-heavy –  4.69-11ubuntu4.2
exim4-daemon-custom –  4.69-11ubuntu4.2
exim4-daemon-light –  4.69-11ubuntu4.2
8.04 hardy exim4-daemon-heavy –  4.69-2ubuntu0.3
exim4-daemon-custom –  4.69-2ubuntu0.3
exim4-daemon-light –  4.69-2ubuntu0.3
6.06 dapper exim4-daemon-heavy –  4.60-3ubuntu3.3
exim4-daemon-custom –  4.60-3ubuntu3.3
exim4-daemon-light –  4.60-3ubuntu3.3
10.10 maverick exim4-daemon-heavy –  4.72-1ubuntu1.1
exim4-daemon-custom –  4.72-1ubuntu1.1
exim4-daemon-light –  4.72-1ubuntu1.1
10.04 lucid exim4-daemon-heavy –  4.71-3ubuntu1.1
exim4-daemon-custom –  4.71-3ubuntu1.1
exim4-daemon-light –  4.71-3ubuntu1.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›