USN-3322-1: Exim vulnerability
19 June 2017
Exim could be made to run programs as an administrator.
- exim4 - Exim is a mail transport agent
It was discovered that Exim did not properly deallocate memory when
processing certain command line arguments. A local attacker could use this
in conjunction with a vulnerability in the underlying kernel to possibly
execute arbitrary code and gain administrative privileges.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.