Ubuntu Update for Linux kernel vulnerabilities USN-1060-1

Please Install the Updated Packages.

It was discovered that Exim contained a design flaw in the way it processed alternate configuration files. An attacker that obtained privileges of the &quot Debian-exim&quot user could use an alternate configuration file to obtain root privileges. (CVE-2010-4345) It was discovered that Exim incorrectly handled certain return values when handling logging. A local attacker could use this flaw to obtain root privileges. (CVE-2011-0017) Dan Rosenberg discovered that Exim incorrectly handled writable sticky-bit mail directories. If Exim were configured in this manner, a local user could use this flaw to cause a denial of service or possibly gain privileges. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, 9.10, and 10.04 LTS. (CVE-2010-2023) Dan Rosenberg discovered that Exim incorrectly handled MBX locking. If Exim were configured in this manner, a local user could use this flaw to cause a denial of service or possibly gain privileges. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, 9.10, and 10.04 LTS. (CVE-2010-2024)

exim4 vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 8.04 LTS , Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10