{"id":7042,"date":"2019-06-06T08:00:04","date_gmt":"2019-06-06T12:00:04","guid":{"rendered":"http:\/\/g33kinfo.com\/info\/?p=7042"},"modified":"2019-06-06T08:00:04","modified_gmt":"2019-06-06T12:00:04","slug":"exim-vulnerability","status":"publish","type":"post","link":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/","title":{"rendered":"Exim Vulnerability"},"content":{"rendered":"\n

By now, some of you have been hearing about a recent security vulnerability affecting the Exim mail transfer agent. With that news, let explore what’s happening… <\/p>\n\n\n\n


SUMMARY:<\/b>

A flaw was found in Exim versions 4.87 to 4.91 (inclusive), that may lead to remote command execution due to improper validation of recipient address in the `deliver_message()` function inside \/src\/deliver.c.

This vulnerability has a CVSSv3 Base Score of 9.8 (Critical).

Affected Packages State:
RHEL 5\/CentOS 5       Not affected*<\/p>\n\n\n\n

As cPanel stated:<\/p>\n\n\n\n

To confirm you are already running a patched version, you can run this command on the server:<\/p>

rpm -q exim<\/p>

The output will show you the Exim versions that are installed, and should look something like what\u2019s below:<\/p>

For Version 78: exim-4.92-1.cp1178.x86_64
For Version 80: exim-4.92-1.cp1180.x86_64<\/p><\/blockquote>\n\n\n\n

This flaw has been fixed as of version 4.92, which cPanel is shipping in version 78 and higher. cPanel version 76 and lower are considered EOL and are not<\/strong> provided with a patch to address this vulnerability. This happens to coincide with EasyApache 3 being removed as of cPanel version 78 and presents an opportunity to address a fundamental issue which is clients running software in End-of-Life status. <\/p>\n\n\n\n

For additional information, please see https:\/\/blog.cpanel.com\/exim-cve-2019-10149-protect-<\/wbr>yourself\/<\/wbr><\/a>.

* CentOS 5 ships with 4.63 and is not affected by this flaw. However, the base operating system is no longer supported by cPanel. <\/p>\n\n\n\n

Follow up:<\/p>\n

https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10149<\/a><\/p>\n

This Exim exploit could affect any servers running cPanel & WHM versions below our latest LTS version which, as of this email is, v78.0.27. For more information about this Exim exploit, please see the link above.
We recommend that you update any servers below cPanel & WHM v78.0.27, promptly, to ensure that you’ve received the latest system updates.<\/p>\n

To update your server manually, right away, please use the WebHost Manager interface: WHM >> Home >> cPanel >> Upgrade to Latest Version<\/p>\n

If you have any issues with the updates, please contact our technical support analysts for assistance: https:\/\/tickets.cpanel.net<\/p>\n

We’ve added more in-depth details about this Exim exploit and explain how you can protect yourself, in a blog post on our website, here:
https:\/\/blog.cpanel.com\/exim-cve-2019-10149-protect-yourself\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

By now, some of you have been hearing about a recent security vulnerability affecting the Exim mail transfer agent. With that news, let explore what’s happening…  SUMMARY:A flaw was found in Exim versions 4.87 to 4.91 (inclusive), that may lead to remote command execution due to improper validation of recipient address in the `deliver_message()` function… <\/p>\n

Read More<\/i><\/a><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-7042","post","type-post","status-publish","format-standard","hentry","category-info"],"yoast_head":"\nExim Vulnerability - Linux Shtuff<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exim Vulnerability - Linux Shtuff\" \/>\n<meta property=\"og:description\" content=\"By now, some of you have been hearing about a recent security vulnerability affecting the Exim mail transfer agent. With that news, let explore what’s happening…  SUMMARY:A flaw was found in Exim versions 4.87 to 4.91 (inclusive), that may lead to remote command execution due to improper validation of recipient address in the `deliver_message()` function... Read More\" \/>\n<meta property=\"og:url\" content=\"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"Linux Shtuff\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/fb.me\/g33kinf0\" \/>\n<meta property=\"article:author\" content=\"https:\/\/fb.me\/g33kinf0\" \/>\n<meta property=\"article:published_time\" content=\"2019-06-06T12:00:04+00:00\" \/>\n<meta name=\"author\" content=\"g33kadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/drsinger1111\" \/>\n<meta name=\"twitter:site\" content=\"@drsinger1111\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/\"},\"author\":{\"name\":\"g33kadmin\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\"},\"headline\":\"Exim Vulnerability\",\"datePublished\":\"2019-06-06T12:00:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/\"},\"wordCount\":385,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\"},\"articleSection\":[\"General Info\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/\",\"url\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/\",\"name\":\"Exim Vulnerability - Linux Shtuff\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#website\"},\"datePublished\":\"2019-06-06T12:00:04+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/exim-vulnerability\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exim Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#website\",\"url\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/\",\"name\":\"Linux Shtuff\",\"description\":\"Because I have CRS Syndrome...\",\"publisher\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/#\\\/schema\\\/person\\\/c022e4c40b13ea1b678e6f020756f547\",\"name\":\"g33kadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\",\"url\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\",\"contentUrl\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\",\"width\":512,\"height\":512,\"caption\":\"g33kadmin\"},\"logo\":{\"@id\":\"https:\\\/\\\/g33kinfo.com\\\/info\\\/wp-content\\\/uploads\\\/2022\\\/07\\\/minion-researchA.gif\"},\"description\":\"I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com\\\/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....\",\"sameAs\":[\"https:\\\/\\\/thelinuxreport.com\",\"https:\\\/\\\/fb.me\\\/g33kinf0\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/twitter.com\\\/drsinger1111\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exim Vulnerability - Linux Shtuff","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"Exim Vulnerability - Linux Shtuff","og_description":"By now, some of you have been hearing about a recent security vulnerability affecting the Exim mail transfer agent. With that news, let explore what’s happening…  SUMMARY:A flaw was found in Exim versions 4.87 to 4.91 (inclusive), that may lead to remote command execution due to improper validation of recipient address in the `deliver_message()` function... Read More","og_url":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/","og_site_name":"Linux Shtuff","article_publisher":"https:\/\/fb.me\/g33kinf0","article_author":"https:\/\/fb.me\/g33kinf0","article_published_time":"2019-06-06T12:00:04+00:00","author":"g33kadmin","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/drsinger1111","twitter_site":"@drsinger1111","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/#article","isPartOf":{"@id":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/"},"author":{"name":"g33kadmin","@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547"},"headline":"Exim Vulnerability","datePublished":"2019-06-06T12:00:04+00:00","mainEntityOfPage":{"@id":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/"},"wordCount":385,"commentCount":0,"publisher":{"@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547"},"articleSection":["General Info"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/g33kinfo.com\/info\/exim-vulnerability\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/","url":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/","name":"Exim Vulnerability - Linux Shtuff","isPartOf":{"@id":"https:\/\/g33kinfo.com\/info\/#website"},"datePublished":"2019-06-06T12:00:04+00:00","breadcrumb":{"@id":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/g33kinfo.com\/info\/exim-vulnerability\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/g33kinfo.com\/info\/exim-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/g33kinfo.com\/info\/"},{"@type":"ListItem","position":2,"name":"Exim Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/g33kinfo.com\/info\/#website","url":"https:\/\/g33kinfo.com\/info\/","name":"Linux Shtuff","description":"Because I have CRS Syndrome...","publisher":{"@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/g33kinfo.com\/info\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/g33kinfo.com\/info\/#\/schema\/person\/c022e4c40b13ea1b678e6f020756f547","name":"g33kadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif","url":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif","contentUrl":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif","width":512,"height":512,"caption":"g33kadmin"},"logo":{"@id":"https:\/\/g33kinfo.com\/info\/wp-content\/uploads\/2022\/07\/minion-researchA.gif"},"description":"I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com\/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....","sameAs":["https:\/\/thelinuxreport.com","https:\/\/fb.me\/g33kinf0","https:\/\/x.com\/https:\/\/twitter.com\/drsinger1111"]}]}},"_links":{"self":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/posts\/7042","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/comments?post=7042"}],"version-history":[{"count":0,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/posts\/7042\/revisions"}],"wp:attachment":[{"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/media?parent=7042"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/categories?post=7042"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/g33kinfo.com\/info\/wp-json\/wp\/v2\/tags?post=7042"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}