transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-06-07T14:00:00
Updated: 2018-10-10T18:57:01
Reserved: 2010-05-24T00:00:00
Link: CVE-2010-2023
JSON object: View
NVD Information
Status : Modified
Published: 2010-06-07T17:12:48.247
Modified: 2018-10-10T19:58:13.610
Link: CVE-2010-2023
JSON object: View
Redhat Information
No data.
CWE