CVE-2019-15846 Exim "A local or remote attacker can execute programs with root privileges."

oldie

Registered
Sep 11, 2019
3
0
1
Australia
cPanel Access Level
Website Owner
Does using an external email provider such as zoho or gsuite and set mx to their servers mitigate this exim issue, even if the cPanel server generates and sends emails [such as CFS/php script generated email] ?

delete.png
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,902
2,227
363
cPanel Access Level
DataCenter Provider
Twitter
Does using an external email provider such as zoho or gsuite and set mx to their servers mitigate this exim issue, even if the cPanel server generates and sends emails [such as CFS/php script generated email] ?
Hello @oldie,

The vulnerability is applicable to unpatched cPanel & WHM servers with Exim enabled in WHM >> Service Manager. Using an external email provider does not mitigate the vulnerability unless you've disabled the Exim service.

Thank you.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,902
2,227
363
cPanel Access Level
DataCenter Provider
Twitter

ciao70

Well-Known Member
Nov 3, 2006
53
8
158
Hello,

[security] Fixed case CPANEL-29669: Updated Exim for CVE-2019-16928.

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

11.82.0.16