{"id":794,"date":"2021-07-23T12:38:20","date_gmt":"2021-07-23T12:38:20","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/cve-2019-10149-exim\/"},"modified":"2021-07-23T12:38:20","modified_gmt":"2021-07-23T12:38:20","slug":"cve-2019-10149-exim","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/cve-2019-10149-exim\/","title":{"rendered":"CVE-2019-10149 Exim"},"content":{"rendered":"<\/p>\n<div class=\"col-md-9\">\n<div class=\"flex-column flex-md-row article-header\"><\/div>\n<hr>\n<h2 id=\"background-information\">Background Information<\/h2>\n<p>On Tuesday, June 4, 2019, Exim maintainers announced that they received a report of a potential remote exploit in Exim from version 4.87 to version 4.91.<\/p>\n<p>On Wednesday, June 5, 2019, the Exim maintainers released a patch for these vulnerabilities .<\/p>\n<h2 id=\"impact\">Impact<\/h2>\n<p>According to Exim development: \u201cWe received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit. The severity depends on your configuration. It depends on how close to  the standard configuration your Exim runtime configuration is. Exim 4.92 is not vulnerable.\u201d<\/p>\n<h2 id=\"releases\">Releases<\/h2>\n<p>The following versions of cPanel &#038; WHM were patched to have the correct version of Exim. All previous versions of cPanel &#038; WHM below the stated versions are potentially vulnerable to a root RCE.<\/p>\n<ul>\n<li>70 \u2014 70.0.69<\/li>\n<li>76 \u2014 76.0.22<\/li>\n<li>78 \u2014 78.0.27<\/li>\n<li>80 \u2014 Already on Exim version 4.92 which is not vulnerable<\/li>\n<li>EDGE \u2014 Currently on version 80 which is not vulnerable<\/li>\n<li>CURRENT \u2014 Currently on version 80 which is not vulnerable<\/li>\n<li>RELEASE \u2014 Currently on version 80 which is not vulnerable<\/li>\n<li>STABLE \u2014 78.0.27<\/li>\n<\/ul>\n<h2 id=\"how-to-determine-if-your-server-is-up-to-date\">How to determine if your server is up to date<\/h2>\n<p>The updated RPMs provided by cPanel should be at <strong>least<\/strong> 4.91-4 on versions 70 and 76 and at least 4.92 on versions 78 and above. <\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-perl\" data-lang=\"perl\">rpm <span style=\"color:#f92672\">-<\/span>q exim<\/code><\/pre>\n<\/div>\n<p>The output should resemble below:<\/p>\n<ul>\n<li>\n<p>Versions 70 and 76 \u2014 <code>exim-4.91-4.cp1170.x86_64<\/code><\/p>\n<\/li>\n<li>\n<p>Version 78 \u2014 <code>exim-4.92-1.cp1178.x86_64<\/code><\/p>\n<\/li>\n<li>\n<p>Version 80 \u2014 <code>exim-4.92-1.cp1180.x86_64<\/code><\/p>\n<\/li>\n<\/ul>\n<h2 id=\"what-to-do-if-you-are-not-up-to-date\">What to do if you are not up to date.<\/h2>\n<p>If your server is <strong>not<\/strong> running one of the above versions, update <strong>immediately<\/strong>.<\/p>\n<p>To upgrade your server, use WHM\u2019s <em>Upgrade to Latest Version<\/em> interface (<em>WHM &gt;&gt; Home &gt;&gt; cPanel &gt;&gt; Upgrade to Latest Version<\/em>).<\/p>\n<p>Alternatively, you can run the commands below to upgrade your server from the command line: <\/p>\n<div class=\"highlight\">\n<div style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\">\n<table style=\"border-spacing:0;padding:0;margin:0;border:0;width:auto;overflow:auto;display:block;\">\n<tr>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">1\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">2\n<\/span><\/code><\/pre>\n<\/td>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;;width:100%\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">scripts<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">upcp<\/span>\n<span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">scripts<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">check_cpanel_rpms<\/span> <span style=\"color:#f92672\">--<\/span><span style=\"color:#a6e22e\">fix<\/span> <span style=\"color:#f92672\">--<\/span><span style=\"color:#a6e22e\">long<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#a6e22e\">list<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<p>If you are on version 76 you will need to update your <code>\/etc\/cpupdate.conf<\/code> to look like the following: <\/p>\n<div class=\"highlight\">\n<div style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\">\n<table style=\"border-spacing:0;padding:0;margin:0;border:0;width:auto;overflow:auto;display:block;\">\n<tr>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">1\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">2\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">3\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">4\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">5\n<\/span><\/code><\/pre>\n<\/td>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;;width:100%\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"color:#a6e22e\">CPANEL<\/span>=<span style=\"color:#ae81ff\">11.76<\/span>\n<span style=\"color:#a6e22e\">RPMUP<\/span>=<span style=\"color:#a6e22e\">daily<\/span>\n<span style=\"color:#a6e22e\">SARULESUP<\/span>=<span style=\"color:#a6e22e\">daily<\/span>\n<span style=\"color:#a6e22e\">STAGING_DIR<\/span>=<span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">usr<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">local<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">cpanel<\/span>\n<span style=\"color:#a6e22e\">UPDATES<\/span>=<span style=\"color:#a6e22e\">daily<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<p>After you complete this update (<code>\/usr\/local\/cpanel\/scripts\/upcp<\/code>) set <code>\/etc\/cpupdate.conf<\/code>:<\/p>\n<p>If you were on STABLE previously, set the following: <\/p>\n<div class=\"highlight\">\n<div style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\">\n<table style=\"border-spacing:0;padding:0;margin:0;border:0;width:auto;overflow:auto;display:block;\">\n<tr>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">1\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">2\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">3\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">4\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">5\n<\/span><\/code><\/pre>\n<\/td>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;;width:100%\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"color:#a6e22e\">CPANEL<\/span>=<span style=\"color:#a6e22e\">stable<\/span>\n<span style=\"color:#a6e22e\">RPMUP<\/span>=<span style=\"color:#a6e22e\">daily<\/span>\n<span style=\"color:#a6e22e\">SARULESUP<\/span>=<span style=\"color:#a6e22e\">daily<\/span>\n<span style=\"color:#a6e22e\">STAGING_DIR<\/span>=<span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">usr<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">local<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">cpanel<\/span>\n<span style=\"color:#a6e22e\">UPDATES<\/span>=<span style=\"color:#a6e22e\">daily<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<p>If you were on RELEASE previously, set the following: <\/p>\n<div class=\"highlight\">\n<div style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\">\n<table style=\"border-spacing:0;padding:0;margin:0;border:0;width:auto;overflow:auto;display:block;\">\n<tr>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">1\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">2\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">3\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">4\n<\/span><span style=\"margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f\">5\n<\/span><\/code><\/pre>\n<\/td>\n<td style=\"vertical-align:top;padding:0;margin:0;border:0;;width:100%\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-go\" data-lang=\"go\"><span style=\"color:#a6e22e\">CPANEL<\/span>=<span style=\"color:#a6e22e\">release<\/span>\n<span style=\"color:#a6e22e\">RPMUP<\/span>=<span style=\"color:#a6e22e\">daily<\/span>\n<span style=\"color:#a6e22e\">SARULESUP<\/span>=<span style=\"color:#a6e22e\">daily<\/span>\n<span style=\"color:#a6e22e\">STAGING_DIR<\/span>=<span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">usr<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">local<\/span><span style=\"color:#f92672\">\/<\/span><span style=\"color:#a6e22e\">cpanel<\/span>\n<span style=\"color:#a6e22e\">UPDATES<\/span>=<span style=\"color:#a6e22e\">daily<\/span><\/code><\/pre>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<p>This will allow you to upgrade to newer versions of cPanel &#038; WHM once you have migrated to EasyApache 4.<\/p>\n<h3 id=\"verify-the-new-exim-rpm-was-installed\">Verify the new Exim RPM was installed<\/h3>\n<p>In version 78 run the following: <\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-perl\" data-lang=\"perl\">rpm <span style=\"color:#f92672\">-<\/span>q exim<\/code><\/pre>\n<\/div>\n<p>The output should resemble below: <\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-perl\" data-lang=\"perl\">exim<span style=\"color:#f92672\">-<\/span><span style=\"color:#ae81ff\">4.92<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#ae81ff\">1<\/span><span style=\"color:#f92672\">.<\/span>cp1178<span style=\"color:#f92672\">.<\/span>x86_64<\/code><\/pre>\n<\/div>\n<p>In versions 70 and 76 run the following: <\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-perl\" data-lang=\"perl\">rpm <span style=\"color:#f92672\">-<\/span><span style=\"color:#e6db74\">q --changelog <\/span>exim <span style=\"color:#f92672\">|<\/span> grep CVE<span style=\"color:#f92672\">-<\/span><span style=\"color:#ae81ff\">2019<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#ae81ff\">10149<\/span><\/code><\/pre>\n<\/div>\n<p>The output should resemble below: <\/p>\n<div class=\"highlight\">\n<pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-perl\" data-lang=\"perl\"><span style=\"color:#f92672\">-<\/span> Patch <span style=\"color:#66d9ef\">for<\/span> CVE<span style=\"color:#f92672\">-<\/span><span style=\"color:#ae81ff\">2019<\/span><span style=\"color:#f92672\">-<\/span><span style=\"color:#ae81ff\">10149<\/span><\/code><\/pre>\n<\/div>\n<p>If you are still experiencing issues or need additional help,  contact cPanel support.<\/p>\n<h2 id=\"additional-documentation\">Additional documentation<\/h2>\n<p>More detailed information can be found at the following websites:<\/p>\n<ul>\n<li>https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10149<\/li>\n<li>https:\/\/seclists.org\/oss-sec\/2019\/q2\/152<\/li>\n<\/ul><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Background Information On Tuesday, June 4, 2019, Exim maintainers announced that they received a report of a potential remote exploit in Exim from version 4.87 to version 4.91. On Wednesday, June 5, 2019, the Exim maintainers released a patch for these vulnerabilities . Impact According to Exim development: \u201cWe received a report of a possible &hellip;<\/p>\n","protected":false},"author":1,"featured_media":795,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/794"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=794"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/794\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/795"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=794"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=794"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=794"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}