Exim Security Update

[RezaFH]

کسانی که سرور هاستینگ cPanel دارن حتما exim رو آپدیت کنند.
دستور آپدیت :

کد:

/scripts/eximup

و توضیحات cPanel در این مورد :

کد:

Message: 1
Date: Fri, 10 Dec 2010 00:42:57 -0600
From: Kenneth Power <kenp@cpanel.net>
To: news@cpanel.net
Subject: [cPanel-News] Critical: exim security update
Message-ID: <D092C409-8697-4D86-97F5-1DF4E7968328@cpanel.net>
Content-Type: text/plain; charset=windows-1252

=============
Summary
=============
A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM.

-----------------------
Security Rating
-----------------------
This update has been rated as Critical by the cPanel Security team.

Description
-----------------------
Research up to this point indicates the exploit is a buffer overflow vulnerability that takes advantage of the default Exim configuration settings related to altering Exim's runtime configuration file along with overriding the macro definitions in the configuration file. This buffer overflow may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. However, the Exim user retains root privileges when running the -C and -D command line flags. Through the creation of a temporary exim configuration which is processed with the -C or -D flags, the Exim user is able to execute arbitrary commands as root.

Solution
-----------------------
To resolve and work around the issue, for Linux-based systems cPanel has issued new Exim RPMs. The new version of Exim locks configuration file locations to the /etc/exim prefix as well as disabling use of the -D flag. Server Owners are strongly urged to upgrade to the following Exim RPM versions:

       ? Systems configured to use Maildir: Exim 4.69-25
       ? Systems configured to use mbox (deprecated): Exim 4.63-4

Exim RPMs will be distributed through cPanel's package management system. All cPanel & WHM servers receiving updates automatically will receive the updated Exim RPM during normal update and maintenance operations (upcp).  If you prefer to install the update right now, please run the following in a root shell:

   /scripts/eximup

On cPanel & WHM FreeBSD servers, Exim is an unmanaged install performed from the Ports system. To apply a like setup on FreeBSD systems, server administrators will need to perform the following manual configuration:

       ?  Remove WITHOUT_ALT_CONFIG_PREFIX=yes from /etc/make.conf
       ?  Add the following to /var/db/ports/exim/options

WITH_ALT_CONFIG_PREFIX=true
SEDLIST+= -e 's,^(ALT_CONFIG_PREFIX=).*,\1/etc/exim,'
SEDLIST+= -e 's,^\# (DISABLE_D_OPTION=),\1,'

       ? Change directory to /usr/ports/mail/exim
       ? Execute 'make deinstall'
       ? Execute 'make install'

Caution: the above changes have potential to be undone by /scripts/checkmakeconf, and updates to the Exim port. An upcoming version of cPanel & WHM 11.28 will resolve this for FreeBSD users.

References
-----------------------
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/SecurityLevels
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html

لطفا اطلاع رسانی کنید ...

[IFACO.Net]

در تکمیل پست قبلی : از طریق فعال کردن آپدیت سی پنل در whm هم می توانید exim رو آپدیت کنید.

[Ariya]

کسانی که سرور هاستینگ cPanel دارن حتما exim رو آپدیت کنند.
دستور آپدیت :

کد:

/scripts/eximup

و توضیحات cPanel در این مورد :

کد:

Message: 1
Date: Fri, 10 Dec 2010 00:42:57 -0600
From: Kenneth Power <kenp@cpanel.net>
To: news@cpanel.net
Subject: [cPanel-News] Critical: exim security update
Message-ID: <D092C409-8697-4D86-97F5-1DF4E7968328@cpanel.net>
Content-Type: text/plain; charset=windows-1252
 
=============
Summary
=============
A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM.
 
-----------------------
Security Rating
-----------------------
This update has been rated as Critical by the cPanel Security team.
 
Description
-----------------------
Research up to this point indicates the exploit is a buffer overflow vulnerability that takes advantage of the default Exim configuration settings related to altering Exim's runtime configuration file along with overriding the macro definitions in the configuration file. This buffer overflow may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. However, the Exim user retains root privileges when running the -C and -D command line flags. Through the creation of a temporary exim configuration which is processed with the -C or -D flags, the Exim user is able to execute arbitrary commands as root.
 
Solution
-----------------------
To resolve and work around the issue, for Linux-based systems cPanel has issued new Exim RPMs. The new version of Exim locks configuration file locations to the /etc/exim prefix as well as disabling use of the -D flag. Server Owners are strongly urged to upgrade to the following Exim RPM versions:
 
       ? Systems configured to use Maildir: Exim 4.69-25
       ? Systems configured to use mbox (deprecated): Exim 4.63-4
 
Exim RPMs will be distributed through cPanel's package management system. All cPanel & WHM servers receiving updates automatically will receive the updated Exim RPM during normal update and maintenance operations (upcp).  If you prefer to install the update right now, please run the following in a root shell:
 
   /scripts/eximup
 
On cPanel & WHM FreeBSD servers, Exim is an unmanaged install performed from the Ports system. To apply a like setup on FreeBSD systems, server administrators will need to perform the following manual configuration:
 
       ?  Remove WITHOUT_ALT_CONFIG_PREFIX=yes from /etc/make.conf
       ?  Add the following to /var/db/ports/exim/options
 
WITH_ALT_CONFIG_PREFIX=true
SEDLIST+= -e 's,^(ALT_CONFIG_PREFIX=).*,\1/etc/exim,'
SEDLIST+= -e 's,^\# (DISABLE_D_OPTION=),\1,'
 
       ? Change directory to /usr/ports/mail/exim
       ? Execute 'make deinstall'
       ? Execute 'make install'
 
Caution: the above changes have potential to be undone by /scripts/checkmakeconf, and updates to the Exim port. An upcoming version of cPanel & WHM 11.28 will resolve this for FreeBSD users.
 
References
-----------------------
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/SecurityLevels
http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html

لطفا اطلاع رسانی کنید ...

اين يك مشكل امنيتي هست ؟

[IFACO.Net]

اين يك مشكل امنيتي هست ؟

This update has been rated as Critical by the cPanel Security team.

[Vahid]

من یه مشکلی داشتم که ایمیل ها به یاهو نمیرفت ...
با این دستور حل شد ....

---------- Post added at 12:29 AM ---------- Previous post was at 12:25 AM ----------

LOG: MAIN
SMTP error from remote mail server after initial connection: host g.mx.mail.yahoo.com [98.137.54.238]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
Connecting to b.mx.mail.yahoo.com [74.6.136.65]:25 ... connected
SMTP<< 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
SMTP>> QUIT
LOG: MAIN
SMTP error from remote mail server after initial connection: host b.mx.mail.yahoo.com [74.6.136.65]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
Connecting to e.mx.mail.yahoo.com [67.195.168.230]:25 ... connected
SMTP<< 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
SMTP>> QUIT
LOG: MAIN
SMTP error from remote mail server after initial connection: host e.mx.mail.yahoo.com [67.195.168.230]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
Connecting to f.mx.mail.yahoo.com [98.137.54.237]:25 ... connected
SMTP<< 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
SMTP>> QUIT
LOG: MAIN
SMTP error from remote mail server after initial connection: host f.mx.mail.yahoo.com [98.137.54.237]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
Connecting to d.mx.mail.yahoo.com [209.191.88.254]:25 ... connected
SMTP<< 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
SMTP>> QUIT
LOG: MAIN
SMTP error from remote mail server after initial connection: host d.mx.mail.yahoo.com [209.191.88.254]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
Connecting to j.mx.mail.yahoo.com [66.94.237.64]:25 ... connected
SMTP<< 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
SMTP>> QUIT
LOG: MAIN
SMTP error from remote mail server after initial connection: host j.mx.mail.yahoo.com [66.94.237.64]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
LOG: MAIN
== pineal_melatonin@yahoo.com R=lookuphost T=remote_smtp defer (0): SMTP error from remote mail server after initial connection: host j.mx.mail.yahoo.com [66.94.237.64]: 421 4.7.1 [TS03] All messages from 66.197.185.85 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html