CVE-2019-15846 Exim "A local or remote attacker can execute programs with root privileges."

oldie

Member
Sep 11, 2019
7
0
1
Australia
cPanel Access Level
Website Owner
Does using an external email provider such as zoho or gsuite and set mx to their servers mitigate this exim issue, even if the cPanel server generates and sends emails [such as CFS/php script generated email] ?

delete.png
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Does using an external email provider such as zoho or gsuite and set mx to their servers mitigate this exim issue, even if the cPanel server generates and sends emails [such as CFS/php script generated email] ?
Hello @oldie,

The vulnerability is applicable to unpatched cPanel & WHM servers with Exim enabled in WHM >> Service Manager. Using an external email provider does not mitigate the vulnerability unless you've disabled the Exim service.

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363

ciao70

Well-Known Member
Nov 3, 2006
81
13
158
Hello,

[security] Fixed case CPANEL-29669: Updated Exim for CVE-2019-16928.

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

11.82.0.16