Privilege Escalation via Arbitrary Command Execution in Exim 4.72 and Earlier
CVE-2010-4345 · MEDIUM Severity
AV:L/AC:M/AU:N/C:C/I:C/A:C
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
Learn more about our User Device Pen Test.