• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

02 7903 0216

     

Open Ticket

    

Client Area

FASTDOT Web Hosting Australia

FASTDOT Web Hosting Australia

Australian Cloud Hosting

  • Web Design
    • eCommerce Development
    • Branding
    • Web Design
  • Domains
    • Register
    • Domain FAQ
    • Domain Extensions
    • MyDNS Manager
    • Domain Transfer
  • Hosting
    • WordPress Hosting
    • Sydney cPanel Hosting
    • Magento Hosting – eCommerce Website
    • eCommerce Options
      • Managed Magento Hosting
      • PrestaShop Hosting
      • OpenCart Hosting
      • CS-Cart Hosting
    • Business Emails
  • Cloud Servers
    • VMware ESXi Hypervisor
    • Equinix – ISO Certified Data Centres
    • Cloud Hosting Info
    • Virtual Machines
  • Resources
    • Partner Program
    • Transferring Websites
    • WordPress Tips
    • Email Tutorials
    • Hosting in Australia
    • Apps Galore
    • Tutorials & News
      • SEO
      • VMware VPS Cloud
      • PHP and MySQL
      • Security
      • Linux Guides
      • Server Management
Order Now

Exim CVE-2019-10149: how to protect yourself

June 7, 2019 by Editor

Update June 6, 2019: We have now released updates for the End Of Life Versions 70 and 76.

Exim is the mail server software cPanel & WHM servers use. Last week an exploit for Exim was identified, and today a patch for the exploit was released. This exploit allowed for both local and remote root-level privilege escalation. That means that you won’t need to be able to access the server as a user to exploit the server, as is the case with most security vulnerabilities that are found.

It’s possible that the update will be blocked with an error similar to this:

A system upgrade was not possible due to the following blockers:
[2019-06-07 02:02:51 +0200] W [FATAL] - You must migrate from EA3 to EA4 before upgrading to v78 or newer. You can do so by running /usr/local/cpanel/scripts/migrate_ea3_to_ea4 or via WHM’s EasyApache 4 Migration interface. For more information please see: https://go.cpanel.net/EA4Migration

If you encounter this error, you must manually adjust your /etc/cpupdate.conf file to the example below:

CPANEL=11.76
RPMUP=daily
SARULESUP=daily
STAGING_DIR=/usr/local/cpanel
UPDATES=daily

Once you have completed this update (upcp) please set this back to the following:

CPANEL=release
RPMUP=daily
SARULESUP=daily
STAGING_DIR=/usr/local/cpanel
UPDATES=daily

This will allow you to upgrade to newer versions of cPanel & WHM once you have migrated to EasyApache 4.

While Exim is open source software that we bundle with our software and is not built by cPanel, this vulnerability is something that we feel deserves our attention. This is an extremely rare and specific situation that has the potential to impact everyone who interacts with the internet in any way. For that reason, we have released an update to patch this vulnerability for both Version 70 and Version 76. To ensure that your server has received the patch, please update to one of the following versions:

TIER VERSION
70 70.0.69
76 76.0.22
78 78.0.27

cPanel & WHM Versions 70 and 76 remain End of Life and will receive no other updates. This is a one-time bending of our policy, and we do not plan to pursue any other updates for these versions. We still strongly recommend that you keep your servers updated, and continue to run the most recent versions of cPanel & WHM available. 


How to Protect Yourself from Exim Vulnerabilities

The best way to protect yourself is to upgrade to a supported version of cPanel & WHM. All supported versions of cPanel & WHM are immune to the exploit. Version 80 was never vulnerable, as it included a newer (and non-vulnerable) version of Exim. Thanks in large part to the improvements we’ve made around installs and updates, we were also able to take that update from Exim, test it, and release an update for Version 78 today.

To confirm you are already running a patched version, you can run this command on the server:

rpm -q exim

The output will show you the Exim versions that are installed, and should look something like what’s below:

For Version 78: exim-4.92-1.cp1178.x86_64 
For Version 80: exim-4.92-1.cp1180.x86_64 
For Version 70 and 76: exim-4.91-4.cp1170.x86_64

cPanel & WHM Version 76 Not Patched (now patched, see above update)

cPanel & WHM Version 76 reached end of life in April of this year and was the last version to support EasyApache 3. Some hosting providers have not yet migrated to EasyApache 4, which means they are prevented from upgrading beyond Version 76. If you are using EasyApache 3, you are not only vulnerable to this exploit, but also dozens of exploits that exist in the now end-of-life versions of Apache and PHP used by EasyApache 3.

If you are concerned about migrating to EasyApache 4, you shouldn’t be! Migrating to EasyApache 4 is easy! Our Documentation breaks down all of the changes that have been made in the migration process in The EasyApache 3 to EasyApache 4 Migration Process. Any concerns about specific parts of the migration can be eased by reviewing the Current Status of EasyApache 4 documentation, which breaks down all of the bits we took into account.

Migrating can be done with the click of a button inside WHM. Just log in, go to the EasyApache 4 interface, and click Migrate. The command line steps to migrate can be found in our How to Install EasyApache 4 documentation as well. 

Current Workarounds

There are no known-good workarounds at this time. The only way to ensure that you are protected is to upgrade your server to a patched version. Both Versions 78 and 80 are patched at this time. You can also see the CVE-2019-10149 Exim page in our documentation for more information about our response. 

If you need help with any of this, don’t hesitate to reach out! The best places to ask questions are the cPanel Forums, our directly to our support team. You can also join us in our Slack or Discord channels, or even ask on our subreddit! 

More great articles

SpamAssassin - Spam Filtering on cPanel: Everything You Need To Know
Cloud-Based Hostname Workaround
NGINX Levels Up!
How to Turn Email Subscribers into Customers

Category iconTutorials Tag iconcve,  Exim,  Products,  The Return of the WIZard

Primary Sidebar

Recent Posts

  • How to Upload Files Using the cPanel File Manager?
  • How To Increase the PHP Max Upload Size in cPanel®?
  • Choosing a hosting platform in 2021
  • VARCHAR vs. TEXT for MySQL Databases
  • What Are the Best Shopify® Alternatives in 2021?
Introducing Glass: A New Style For Paper Lantern
What is content marketing?
How to Crowdfund with WordPress
How To Configure a Cron Job

Categories

  • Application Hosting
  • Australian Cloud Hosting
  • cPanel Hosting
  • DNS and Domains
  • eCommerce Hosting
  • Email Tutorials
  • Legals
  • Linux Tutorials
  • Operating Systems
  • PHP and MySQL
  • Register a Domain Name
  • Search Engine Optimization
  • Security
  • Server Management
  • Tutorials
  • VMware Cloud Hosting
  • Web Hosting Tutorials
  • WordPress Tips & Tricks
Australian web hosting

Footer

Recent Posts

  • How to Upload Files Using the cPanel File Manager?
  • How To Increase the PHP Max Upload Size in cPanel®?
  • Choosing a hosting platform in 2021
  • VARCHAR vs. TEXT for MySQL Databases
  • What Are the Best Shopify® Alternatives in 2021?

Legals

  • Terms&Conditions
  • SLA
  • Acceptable Usage Policies
  • Privacy Policies
  • About FASTDOT
  • ISO Certified

Contact

Australia: +61 02 7903 0216
Submit a Support Ticket

Company

FASTDOT.COM.AU PTY/LTD
ACN 002 454 631
200 Bourke Rd, Alexandria NSW 2015 Australia
Processing by eWay, PayPal and Bitcoin

blankNSW Government Provider

Made with in Sydney/Australia

Copyright © 2022 FASTDOT.COM

All rights reserved. Return to top