Page tree
Skip to end of metadata
Go to start of metadata

RESOLVED  


Background Information 

On Tuesday, June 4, 2019, Exim maintainers announced that they received a report of a potential remote exploit in Exim from version 4.87 to version 4.91.

On Wednesday, June 5, 2019, the Exim maintainers  released a patch for these vulnerabilities


Impact

According to Exim development: "We received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit. The severity depends on your configuration. It depends on how close to  the standard configuration your Exim runtime configuration is. Exim 4.92 is not vulnerable."

Releases

The following versions of cPanel & WHM were patched to have the correct version of Exim. All previous versions of cPanel & WHM below the stated versions are potentially vulnerable to a root RCE.

TIERVERSION
7070.0.69
7676.0.22
7878.0.27
80Already on Exim version 4.92 which is not vulnerable
EDGECurrently on version 80 which is not vulnerable
CURRENTCurrently on version 80 which is not vulnerable
RELEASECurrently on version 80 which is not vulnerable
STABLE78.0.27


How to determine if your server is up to date

The updated RPMs provided by cPanel should be at least 4.91-4 on versions 70 and 76 and at least 4.92 on versions 78 and above.

rpm -q exim


The output should resemble below:

Versions 70 and 76

exim-4.91-4.cp1170.x86_64

Version 78

exim-4.92-1.cp1178.x86_64

Version 80

exim-4.92-1.cp1180.x86_64

What to do if you are not up to date.

If your server is not running one of the above versions, update immediately. 

To upgrade your server, use WHM's interface (WHM >> Home >> cPanel >> Upgrade to Latest Version).

Alternatively, you can run the commands below to upgrade your server from the command line:

/scripts/upcp
/scripts/check_cpanel_rpms --fix --long-list


If you are on version 76 you will need to update your /etc/cpupdate.conf to look like the following:

CPANEL=11.76
RPMUP=daily
SARULESUP=daily
STAGING_DIR=/usr/local/cpanel
UPDATES=daily


Once you have completed this update (/usr/local/cpanel/scripts/upcp) set /etc/cpupdate.conf: 


If you were on 'stable' previously, set the following:

CPANEL=stable
RPMUP=daily
SARULESUP=daily
STAGING_DIR=/usr/local/cpanel
UPDATES=daily



If you were on 'release' previously, set the following:

CPANEL=release
RPMUP=daily
SARULESUP=daily
STAGING_DIR=/usr/local/cpanel
UPDATES=daily

This will allow you to upgrade to newer versions of cPanel & WHM once you have migrated to EasyApache 4.


Verify the new Exim RPM was installed:


In version 78 run the following:

In version 78 run the following:
rpm -q exim

The output should resemble below:

exim-4.92-1.cp1178.x86_64

In versions 70 and 76 run the following:

In version 70 and 76 run the following:
rpm -q --changelog exim | grep CVE-2019-10149


The output should resemble below:

- Patch for CVE-2019-10149


If you are still experiencing issues or need additional help, please contact 
cPanel support.

  • No labels