CVE-2011-0017
EPSS 0.12%發布日:2011/2/2修改日:2026/4/28
也稱為:DEBIAN-CVE-2011-0017
描述
The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
受影響套件(1)
- Debian/exim4from 0, < 4.72-4