Launchpad CVE tracker

CVE 2011-0017

The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.

Related bugs and status

CVE-2011-0017 (Candidate) is related to these bugs:

Bug #697934: Merge exim4 4.73~rc1-1 (main) from Debian experimental (main)

Summary				In	Importance	Status
	697934	Merge exim4 4.73~rc1-1 (main) from Debian experimental (main)		exim4 (Ubuntu)	Undecided	Fix Released

Bug #708023: exim 4.74 released fixes CVE-2011-0017

		In	Importance	Status
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu)	Medium	Fix Released
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu Hardy)	Medium	Fix Released
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu Dapper)	Medium	Fix Released
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu Lucid)	Medium	Fix Released
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu Natty)	Medium	Fix Released
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu Maverick)	Medium	Fix Released
708023	exim 4.74 released fixes CVE-2011-0017	exim4 (Ubuntu Karmic)	Medium	Fix Released

Bug #713855: Merge exim4 4.74-1 (main) from Debian experimental (main)

Summary				In	Importance	Status
	713855	Merge exim4 4.74-1 (main) from Debian experimental (main)		exim4 (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-0017

References