cPanel Security Team: exim CVE-2016-1531
cPanel Security Team: exim CVE-2016-1531
Background Information
On Wednesday, March 2, 2016, Exim announced a vulnerability in all versions of the Exim software.
Impact
According to Exim development: "All installations having Exim set-uid root and using 'perl_startup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim (this is normally *any* user) can gain root privileges."
Releases
The following versions of cPanel & WHM were patched to have the correct version of Exim. All previous versions of cPanel & WHM, including 11.48.x and below, are vulnerable to a set-uid attack on Exim.
11.50 11.50.5.0
11.52 11.52.4.0
11.54 11.54.0.18
EDGE 11.55.9999.106
CURRENT 11.54.0.18
RELEASE 11.54.0.18
STABLE 11.54.0.18
How to determine if your server is up to date
The updated RPMs provided by cPanel will contain a changelog entry with the CVE number. You can check for this changelog entry with the following command:
rpm -q --changelog exim | grep CVE-2016-1531
The output should resemble below:
- - Fixes CVE-2016-1531
What to do if you are not up to date
If your server is not running one of the above versions, update immediately.
You can upgrade your server by navigating to WHM Home > cPanel > Upgrade to Latest Version and clicking "Click to Upgrade" (
Initial Public Disclosure:
For the PGP-Signed version of this announcement:
Please sign in to leave a comment.
Comments
0 comments