Hello all,
Please do read the article and save your server from the latest known CVE-2016-1531 exim vulnerability.
Overview
CVE-2016-1531 is most recent vulnerability reported by Exim on March 2, 2016. It affects all versions of the mail transfer agent. We all know that exim is the default MTA (Mail Transfer Agent) provided by the cPanel. It’s very easy to use so it became the most user friendly one.
There is no need to worry about this vulnerability as the latest version patches the vulnerability and the latest cPanel update resolves the issue.
Impact
The vulnerability has got serious impacts on the server. Exim reports that all the installations of the MTA were vulnerable to a state in which the attacker can gain root privileges no matter what level of privileges he has with the server or system. You may please check the cPanel/WHM versions listed below and cross check it with your server. If you found a version below the mentioned ones, please do the resolution steps now itself.
Any version older to the current versions listed below are vulnerable:
11.50.5.0 11.52.4.0 54.0.18 55.9999.106 (EDGE tier only)
How to check if Exim is Vulnerable on Your Server?
You can check this easily, it just a matter of checking the current version of the cPanel/WHM that you have, if you have enables automatic updates with WHM, then you are safe as the patch will already have been applied.
To check the version of WHM, please access the server via browser (http://ip-address:2086) and check the version at the top right corner of the control panel as shown in the below image.
Important Note: The “build” listed after the version represents the final digits in the release version. In the example above, WHM 54.0 (build 18) indicates that the version is 54.0.18.
How to check version from command line?
You can also check the cPanel/WHM version from the command line, please use the following command for the same:
# /usr/local/cpanel/cpanel -V 54.0 (build 18)
You may refer the below screenshot, its output for the above command:
Resolution
As you all know resolution is to update the cPanel to it’s latest version, for that you can run the below command on the server as root user(recommend to run it on screen):# /scripts/upcp
You may also enable auto-update on the server if that’s not done yet, for that you can follow the below steps.
- Login to the WHM control panel
- Search for Update Preferences in the search option
- Locate the Daily Updates section, select radio button prior to Automatic to allow cPanel to install updates automatically.
- Under Operating System Package Updates section, select Automatic to enable automatic updates of RPMs.
- Finally, click the blue Save button at the bottom of the page to save your settings.
That’ all guys, thanks. Share and spread and save servers!!!
Bye!