CVE-2016-1531
38Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 5.9%
from disclosure to weapon0 days
Published on NVDApr 7
1st PoCMar 9
metasploitMar 10
exploitation probability
5.9%top 8% of all CVEs
observed exploitation
nono source reports it
8 public exploit(s)
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Affected products
n/a · n/apublic PoCs found — 8
githubgithub.com/h3x0v3rl0rd/CVE-2016-1531★ 0cve_referencewww.exploit-db.com/exploits/39535/unverifiedcve_referencewww.exploit-db.com/exploits/39549/unverifiedcve_referencewww.exploit-db.com/exploits/39702/unverifiedexploitdbwww.exploit-db.com/exploits/39702unverifiedexploitdbwww.exploit-db.com/exploits/39535unverifiedcve_referencepacketstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.htmlunverifiedexploitdbwww.exploit-db.com/exploits/39549unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.htmlhttp://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.htmlhttps://www.exploit-db.com/exploits/39535/https://www.exploit-db.com/exploits/39549/https://www.exploit-db.com/exploits/39702/http://www.debian.org/security/2016/dsa-3517http://www.exim.org/static/doc/CVE-2016-1531.txthttp://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startuphttp://www.securitytracker.com/id/1035512http://www.ubuntu.com/usn/USN-2933-1