Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED EXIM CVE-2018-6789 Query

Discussion in 'Security' started by bellwood, Mar 6, 2018.

  1. bellwood

    bellwood Member
    PartnerNOC

    Joined:
    Sep 25, 2012
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    DataCenter Provider
    Regarding CVE-2018-6789 affecting Exim under 4.90.1 what is the plan?

    Exim 4.90.1 is in CentOS 7 EPEL testing however I am unsure if a manual update is supported?

    I'm on the cPanel "release" channel which as of this writing is version 68 with Exim version:

    [~] rpm -q exim
    exim-4.89.1-2.cp1162.x86_64

    Details:

    devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/
     
    #1 bellwood, Mar 6, 2018
    Last edited: Mar 6, 2018
  2. mooseontheloose

    Joined:
    Jul 25, 2003
    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    228
    cPanel Access Level:
    DataCenter Provider
    Code:
    # rpm -q exim
    exim-4.89.1-2.cp1162.x86_64
    # rpm -q --changelog exim | grep CVE-2018-6789
    - Fix CVE-2018-6789.
    
    Looks like the patch was backported.
     
    cPanelMichael and bellwood like this.
  3. bellwood

    bellwood Member
    PartnerNOC

    Joined:
    Sep 25, 2012
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    DataCenter Provider
    Much appreciated =)
     
  4. JedCavins

    JedCavins Member

    Joined:
    Jan 2, 2016
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    usa
    cPanel Access Level:
    Root Administrator
    Confirmed;

    Code:
    root@host [~]# whmapi1 installed_versions packages=1|grep exim
      exim: 4.89.1-1
        - exim-4.89.1-1.cp1162.x86_64
    
    root@host [~]# rpm -q exim
    exim-4.90.1-1.cp1170.x86_64
    
    root@host [~]# rpm -q --changelog exim | grep CVE-2018-6789
    - Fix CVE-2018-6789
    
     
  5. JedCavins

    JedCavins Member

    Joined:
    Jan 2, 2016
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    usa
    cPanel Access Level:
    Root Administrator
    (This was post upcp so assuming that cPanel/RH backports are working correctly)
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,245
    Likes Received:
    1,759
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi @bellwood,

    The previous posts are correct. The patch was backported into Exim as part of updates to cPanel versions 62, 68, and 70.

    Code:
    # rpm -q --changelog exim | grep CVE-2018-6789
    - Fix CVE-2018-6789
    
    The case numbers to reference in the change logs are CPANEL-18510 and CPANEL-18511:

    Change Logs - Change Logs - cPanel Documentation

    Thanks!
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,245
    Likes Received:
    1,759
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi @JedCavins,

    We actually publish our own RPM for Exim. cPanel servers don't use the default Exim RPM that comes with CentOS.

    Thank you.
     
Loading...

Share This Page