Ubuntu exim4 vulnerability released

Ubuntu has released a security notice for exim4 today. That affects these versions:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

This vulnerability is for an issue in exim where it could be made to run programs as an administrator. This was because Exim did not properly deallocate memory when processing certain command line arguments. Local attackers could use that along with other vulnerabilities that could possibly allow arbitrary code to be executed and could allow administrative privileges.

You will want to ensure that you update that package using the ‘apt-get upgrade exim4’ command or that it is updated to one of these packages:

Ubuntu 17.04:
exim4-daemon-heavy 4.88-5ubuntu1.1
exim4-daemon-light 4.88-5ubuntu1.1

Ubuntu 16.10:
exim4-daemon-heavy 4.87-3ubuntu1.2
exim4-daemon-light 4.87-3ubuntu1.2

Ubuntu 16.04 LTS:
exim4-daemon-heavy 4.86.2-2ubuntu2.2
exim4-daemon-light 4.86.2-2ubuntu2.2

Ubuntu 14.04 LTS:
exim4-daemon-heavy 4.82-3ubuntu2.3
exim4-daemon-light 4.82-3ubuntu2.3

More information on that can be found here as well:

Ubuntu Security Notice USN-3322-1

Popular Posts
  • No Popular Post Available
Leave a Reply

Your email address will not be published. Required fields are marked *