Main Vulnerability Database Exploits ID:1739 - Exploit for Default set-uid root for perl_startup script - CVE-2016-1531

ID:1739 - Exploit for Default set-uid root for perl_startup script - CVE-2016-1531

Published: March 18, 2020

Vulnerability identifier: #VU34

Vulnerability risk: Low

CVE-ID: CVE-2016-1531

CWE-ID: CWE-676

Exploitation vector: Local access

Vulnerable software:

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup

Vulnerability description

The vulnerability allows a local user to obtain elevated privileges.

The vulnerability exists due to improper default permission for "perl_startup" startup script, which has set-uid root bit. A local user can obtain root privileges on the system.

Successful exploitation of this vulnerability will allow the local attacker to obtain elevated privileges and execute arbitrary commands as root.

Remediation

Install the latest version Exim 4.84.2, 4.85.2 or 4.86.2.

ID:1739 - Exploit for Default set-uid root for perl_startup script - CVE-2016-1531

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human