Dear Customers,
We wanted to alert you about a major security risk for anyone running Exim mail server used in cPanel and LPCP control panels.
A buffer overflow existing in Exim versions below and equal version 4.69 may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. However, the Exim user retains root privileges when running the -C and -D command line flags. Through the creation of a temporary exim configuration which is processed with the -C or -D flags, the Exim user is able to execute arbitrary commands as root. As the result, remote attacker may gain root privileges on systems running Exim with versions <= 4.69.
For cPanel systems, you can ensure that your system has received the update fixing this issue by running the following command as root:
rpm -qi exim
If it outputs something like:
Name : exim Relocations: (not relocatable)
Version : 4.69 Vendor: (none)
Release : 26_cpanel_maildir
Your system is not vulnerable.
If the output of the command mentions some lower number than 26 for Exim RPM release, please run the following in a root shell:
/scripts/eximup
For LPCP, only LPCP on CentOS4 is affected. To see if your operating system is CentOS 4, please check the following in root SSH:
cat /etc/redhat-release
If it is CentOS4, the output will show "CentOS release 4.x" where x is an OS revision number.
To update, please execute the command below as root:
rpm -Uvh http://lunarpository.com/12112010/exim-4.72-lpcp.centos4.i686.rpm
We can perform these updates for you for a fee of $35. You would simply need to contact
dedicated@lunarpages.com with the last 4 digits of your card on file and your account username or primary domain name.
Those who are on monitored hosting, please note we can provide this update for you at no cost.
If you have any questions, please contact
dedicated@lunarpages.com with those questions.
Thank you,
Lunarpages System Administrator Team
