Server Buddies
Server Buddies info@serverbuddies.com Server Management LiveZilla Live Help
English
Eng
Server Management Spanish
Spa
Providing Dedicated Server Solutions Just a Click AWAY
Home
Services
Order
Support
News
Contact Us
About Us
server management Server Tweaking Server Monitoring HelpDesk Support Security Audit
Empty
Cpanel Support
Plesk Support
Ensim Support
Webmin Support
Directadmin Support
Empty
We Accept
We accept Visa, Mastercard, Discover and American Express credit cards.
Paypal is also accepted. The email address to use to make PayPal payment to us is:
order@serverbuddies.com
Paypal Accepted Paypal Accepted
2Checkout Accepted
30-Day MoneyBack Guarantee!


Empty
Testimonials
This guys knows their stuff pretty well. They helped me understand where my memory might fall short of my quota on my VPS and they optimized some CONF files that I needed modified for a much more robust server. I highly recommend them.
HW Publishing.
See more reviews
Empty
News

new exim remote code execution vulnerability

10-28-2012

Summary

A remote code execution vulnerability exists in Exim versions between 4.70 and 4.80, inclusive. Exim is the mail transfer agent used by cPanel & WHM.

Security Rating

This vulnerability has been rated as Critical[1] by the cPanel Security team.

Description

A remote code execution flaw in Exim has been discovered by an internal audit performed by the Exim developers[2]. This vulnerability may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. In some circumstances this may lead to privilege escalation.

The vulnerability is tied to the DKIM support introduced in Exim 4.70. It has been assigned CVE-2012-5671[3].

The following Exim RPMs, as distributed by cPanel, Inc. are known to be vulnerable:

* exim-4.76-1
* exim-4.77-0
* exim-4.77-1
* exim-4.80-0
* exim-4.80-1

These RPMs were shipped as part of cPanel & WHM versions 11.32 and 11.34.

Solution

Contact us at info@serverbuddies.com for patching your Exim server with the latest security patches and run a Full Security Audit on your server.

Remember, we listen to you! Any comments/suggestions should be sent to info@serverbuddies.com.

 
RedHat Support Debian Support Gentoo Linux Support FreeBSD Support Fedora Support Ubuntu Support CentOS Support SuSe Support
Home | Services | Order | Support | News | About Us | Contact | Site Map | Refund & Privacy Policy | Blog