The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

exim security hole!!

Discussion in 'Security' started by sodapopinski, May 6, 2004.

  1. sodapopinski

    sodapopinski Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    79
    Likes Received:
    0
    Trophy Points:
    6
  2. netwrkr

    netwrkr Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    Have you opened a ticket with CP?
     
  3. roliboli

    roliboli Active Member

    Joined:
    Sep 3, 2003
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Switzerland
    Both configuration options in /etc/exim.conf are not set by Cpanel.
    So the default parameters are secure against the hole.
     
  4. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
  5. foxboy

    foxboy Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    6
    exim-26 doesn't work anymore after upgrading :confused:
     
  6. Curto

    Curto Active Member

    Joined:
    Sep 4, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    NY, USA
    Here's my result with exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan.i386.rpm on RHE 3:


    root@xxxx [~]# rpm -i exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan.i386.rpm
    file /etc/exim.conf.dist from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /etc/exim.conf.mailman2.dist from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /etc/exim.pl from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /etc/init.d/exim from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/lib/libperl.so from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/lib/sendmail from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exicyclog from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exigrep from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim_checkaccess from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim_dbmbuild from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim_dumpdb from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim_fixdb from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim_lock from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exim_tidydb from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/eximstats from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exinext from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exiqgrep from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/exiwhat from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2
    file /usr/sbin/sendmail from install of exim-4.33-3_cpanel_stmpcontrol_antivirus_rewrite_mailman2_mailtrap_exiscan conflicts with file from package exim-4.30-0_cpanel_stmpcontrol_antivirus_rewrite_mailman2

    Any ideas?

    When I connect with telnet <host> 25 I get:
    220-xxxx.xxxx.net ESMTP Exim 4.30 #1 Fri, 07 May 2004 22:20:15 -0400
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.

    So I guess the upgrade failed....
     
  7. Curto

    Curto Active Member

    Joined:
    Sep 4, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    NY, USA
    Update:
    220-xxxx.xxxx.net ESMTP Exim 4.33 #1 Fri, 07 May 2004 22:22:34 -0400
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.

    rpm -i --force worked :) made it overwrite the old files:cool:
     
  8. promak

    promak Well-Known Member

    Joined:
    Oct 6, 2001
    Messages:
    248
    Likes Received:
    0
    Trophy Points:
    16
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.2800.1409
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
    X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on xxx
    X-Spam-Level: *
    X-Spam-Status: No, hits=1.4 required=10.0 tests=HTML_70_80,HTML_MESSAGE,
    MIME_HTML_MOSTLY,RCVD_IN_SORBS autolearn=no version=2.63

    I think we need to reinstall Mailscanner or reconfig exim.conf to let mailscanner to work again.

    220-xxx.net ESMTP Exim 4.33 #1 Sat, 08 May 2004 14:28:54 +0800
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
     
  9. promak

    promak Well-Known Member

    Joined:
    Oct 6, 2001
    Messages:
    248
    Likes Received:
    0
    Trophy Points:
    16
    root@smp [~]# service exim restart
    Shutting down clamd: [FAILED]
    Shutting down exim: [ OK ]
    Shutting down antirelayd: [ OK ]
    Shutting down spamd: [ OK ]
    Starting clamd: ERROR: Please edit the example config file /etc/clamav.conf.
    ERROR: Can't open/parse the config file /etc/clamav.conf
    [FAILED]
    Starting exim: [ OK ]
    Starting exim-outgoing: [ OK ]
    Starting exim-smtps: [ OK ]
    Starting antirelayd: [ OK ]
    Starting spamd: [ OK ]

    Any idea?
     
  10. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Yes, edit /etc/clamav.conf and comment out "Example" at the top of the config.
    It should look like:
    #Example
     
  11. promak

    promak Well-Known Member

    Joined:
    Oct 6, 2001
    Messages:
    248
    Likes Received:
    0
    Trophy Points:
    16
    Yes ok now , but need to reinstall mailscanner
     
  12. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    I didn't.
     
  13. promak

    promak Well-Known Member

    Joined:
    Oct 6, 2001
    Messages:
    248
    Likes Received:
    0
    Trophy Points:
    16
    Yes i need to add this in my exim.conf

    pico /etc/exim.conf
    // At the top of the page under:
    #!!# cPanel Exim 4 Config
    // Add:
    spool_directory = /var/spool/exim_incoming
    queue_only = true

    // Search for:
    begin routers
    // Under “begin routers” add:
    defer_router:
    driver = redirect
    allow_defer
    data = :defer: All deliveries are handled by MailScanner
    verify = false

    Save and Exit

    and
    pico /etc/init.d/exim

    // Delete the lines starting from:
    echo -n "Starting exim: "

    // Until the line ABOVE: (so do not delete: echo -n "Starting exim-smtps: ")
    echo -n "Starting exim-smtps: "

    // Write the following lines under: “ if [ ! -e "/etc/eximdisable" ]; then “

    if [ -e "/etc/exim_outgoing.conf" ]; then
    echo -n "Starting exim: "
    TMPDIR=/tmp daemon /usr/sbin/exim $([ "$DAEMON" = yes ] && echo -bd)
    echo
    echo -n "Starting exim-outgoing: "
    TMPDIR=/tmp daemon /usr/sbin/exim $([ "$DAEMON" = yes ] && echo -C) \
    $(echo /etc/exim_outgoing.conf) \
    $([ -n "$QUEUE" ] && echo -q$QUEUE)
    echo
    else
    echo -n "Starting exim: "
    TMPDIR=/tmp daemon /usr/sbin/exim $([ "$DAEMON" = yes ] && echo -bd) \
    $([ -n "$QUEUE" ] && echo -q$QUEUE)
    echo

    fi

    Save and Exit

    Now work again with mailscanner + 4.33!

    :D
     
  14. foxboy

    foxboy Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    6
    thanks, that worked :)
     
  15. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    ]

    Interesting. It left my exim.conf file alone for some reason... Oh well. :)
     
  16. Rubas

    Rubas Well-Known Member

    Joined:
    Sep 15, 2003
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    *bump
     
  17. ZachICU

    ZachICU Well-Known Member

    Joined:
    Aug 11, 2001
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16
    Got popped by this one, one of my boxes had 300+ exim's running on it.

    A little more advice from cpanel team would be great.
     
  18. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    any info about this?
     
  19. ZachICU

    ZachICU Well-Known Member

    Joined:
    Aug 11, 2001
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16
    I think a little more information from cpanel would be good.

    Considering I woke up this morning to my box having a load average over 300 thanks to the exim security hole.

    Now I have some customers who are getting password errors when sending mail.

    And exim after running for a few hours takes up 98% of the resources

    (this is after running ./exim4)
     
  20. chrisbond

    chrisbond Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Hereford, United Kingdom
    Exim 4.33 has a bug in it

    Exim 4.33 has a big bug in it which is why exim 4.34 has been released - surely it makes sense for cpanel to use that version not 4.33???
     
Loading...

Share This Page