Skip to main content

Where is exim version information stored?

Comments

3 comments

  • cPanelMichael
    Hello, The following command should output the version of Exim installed on your system: whmapi1 installed_versions packages=1|grep exim
    [Moderator Note: Removed reference to cache directory that's no longer applicable] Thank you.
    0
  • jackburton
    Hi Michael, Thank you very much for your prompt response. That was indeed the problem. root@cp20 ~ # whmapi1 installed_versions packages=1|grep exim exim: 4.89-3 - exim-4.89-3.cp1162.x86_64
    Moved the _bin_rpm* out of the way and Service Status is showing the correct data now. Thank you again!
    0
  • cPanelMichael
    Hello Everyone, We've noticed a recent increase in requests for information about how to determine the version of Exim installed on cPanel & WHM servers after the recent announcement from Exim maintainers regarding CVE-2019-15846. Additionally, we've seen requests for information about reports from third-party security companies regarding cPanel & WHM servers that have already been patched to have the correct version of Exim. An example of this is quoted below: [QUOTE]It has come to our attention that the IPs of your network presented to us logs below have a vulnerable version of Exim. Exim Versions earlier than 4.92.2 allow a remote attacker to execute code with root privileges and thus gain unrestricted access to the root system.
    In some cases, reports like this are false positives due to Exim not advertising the build number in its response to outside connections. The best way to determine if reports like the one quoted above are false positives is to access your cPanel & WHM server via the command line and run the following command to look for the specific CVE report in the RPM change log. Here's an example of the command to use for CVE-2019-15846: rpm -q --changelog exim | grep CVE-2019-15846
    The output on LTS version 78, version 82, and the EDGE tier should resemble below on servers patched against this vulnerability: [QUOTE] # rpm -q --changelog exim | grep CVE-2019-15846 - Applied upstream patch for CVE-2019-15846
    Additional information about this vulnerability is available on the document below: Let us know of any questions. Thank you.
    0

Please sign in to leave a comment.