vendor:
Exim
by:
Dawid Golunski and wvu
N/A
CVSS
N/A
Perl injection vulnerability
78
CWE
Product Name: Exim
Affected Version From: Exim < 4.86.2
Affected Version To: Exim < 4.86.2
Patch Exists: YES
Related CWE: CVE 2016-1531
CPE: o:exim:exim
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Unix
2016
Exim “perl_startup” Privilege Escalation
This module exploits a Perl injection vulnerability in Exim < 4.86.2 given the presence of the "perl_startup" configuration parameter.
Mitigation:
Upgrade to Exim version 4.86.2 or later
