SMTP Exim Servers vulnerability detected

informatica rme

• March 14, 2018 04:20

This is the vulnerability issue: The Threat of CVE-2018-6789 vulnerability affecting Exim SMTP Servers is being analyzed, the Devcore group of researchers has published information about an overflow vulnerability in Exim's base64 decoding function, which affects all versions of Exim below 4.90.1 and that could be used to perform an RCE (remote code execution) and compromise the Server. For now there are no public exploits, and because of what they say in different sources it is possible that their exploitation is difficult. A scan of the whm/cpanel servers has been made and they may have vulnerable Exim Servers and to which the vulnerability should be notified so that they patch if they have not done so, since their security may be at risk. Exim versions that are not vulnerable are 4.90.1 and later releases. We need the Servers to be patched in order to avoid possible Security Incidents due to exploitation of these vulnerabilities. I guess that cpanel support team will release a massive patch to secure the servers that are using whm/cpanel. Regards For more information: CVE-2018-6789

• 

  rpvw

  • March 14, 2018 09:25

  0
• 

  informatica rme

  • March 14, 2018 09:38

  Ok thanks but could you help me with the following question: I have a

  0
• 

  rpvw

  • March 14, 2018 09:43

  Your v68.0.30 server is already patched with a back-ported patch Fixed case CPANEL-18511: Update exim to 4.89.1-2.cp1162. that was included in the cPanel v68.0.29 release. You can check if the patch has been applied by running the following code in a terminal # rpm -q --changelog exim | grep CVE-2018-6789
  It should return - Fix CVE-2018-6789
  if the patch has been applied

  0
• 

  cPanelMichael

  • March 14, 2018 17:48

  Hello, As noted, this is answered on the following thread: Thank you.

  0

Please sign in to leave a comment.