FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

exim -- local privilleges escalation

Affected packages
exim < 4.86.2
exim < 4.85.2
exim < 4.84.2


VuXML ID 7d09b9ee-e0ba-11e5-abc4-6fb07af136d2
Discovery 2016-02-26
Entry 2016-03-02

The Exim development team reports:

All installations having Exim set-uid root and using 'perl_startup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim (and this is normally any user) can gain root privileges. If you do not use 'perl_startup' you should be safe.


CVE Name CVE-2016-1531