The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Exim Remote Memory Corruption Vulnerability Notification (CVE-2010-4344)

Discussion in 'cPanel Announcements' started by cPanelDavidG, Dec 13, 2010.

Thread Status:
Not open for further replies.
  1. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Summary

    A memory corruption vulnerability exists in Exim versions 4.69 and older (CVE-2010-4344). Exim is the mail transfer agent used by cPanel & WHM.

    Security Rating

    This update has been rated as Important by the cPanel Security team.

    Description

    A memory corruption vulnerability has been discovered in Exim. This vulnerability may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. cPanel previously released RPMs that mitigated the severity of the vulnerability on December 9, 2010 (CVE-2010-4345). This notification is for the release of new RPMs which remove the remote memory corruption vulnerability in its entirety. The vulnerability relies upon "rejected_header" being enabled (default setting) in the log_selector configuration.

    Solution

    To resolve and work around the issue on Linux systems, cPanel has issued new Exim RPMs. Server Owners are strongly urged to upgrade to the following Exim RPM versions:

    Systems configured to use Maildir: Exim 4.69-26

    Systems configured to use mbox (deprecated): Exim 4.63-5

    Exim RPMs will be distributed through cPanel's package management system. All cPanel & WHM servers receiving updates automatically will receive the updated Exim RPM during normal update and maintenance operations (upcp). To begin an Exim update on cPanel systems immediately, run the following command as root:

    /scripts/eximup

    FreeBSD systems should be running Exim 4.72 by default, which is not affected by this issue.

    FAQ

    This notification covers CVE-2010-4344.

    The notification release earlier on December 10, 2010 with the summary "A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM." covers CVE-2010-4345. At the time of the earlier announcement, the CVE had not been assigned.

    References

    Critical: Exim security update (CVE-2010-4345) - cPanel Inc.

    Official Record CVE-2010-4344

    Debian Bug Report for CVE-2010-4344

    [exim-dev] Remote root vulnerability in Exim

    Re: [exim-dev] Remote root vulnerability in Exim



    Click here to read more...
     
Loading...
Similar Threads - Exim Remote Memory
  1. cPanelCory
    Replies:
    0
    Views:
    1,976
Thread Status:
Not open for further replies.

Share This Page