cPanel Vulnerability Found!!!

cpanel

I know a lot of sysadmins are very lazy to do work, especially today is weekend.
But…
You lazy mother fucker! Go login into your damn servers and patch that fucking thing! You lazy asshole!!!

Anyway, before posting this article, I already done my upgrades to my servers. So you are consider reading this updates damn late already.
So go patch your cPanel/WHM now, don’t delay anymore or someone in your server will gonna root you up!

By the way, here is the stuff I’ve found and I copy and past it here.

=============
Summary
=============
A privilege escalation vulnerability exists in Exim, the mail
transfer agent used by cPanel & WHM.

———————–
Security Rating
———————–
This update has been rated as Critical by the cPanel Security team.

Description
———————–
Research up to this point indicates the exploit is a buffer overflow
vulnerability that takes advantage of the default Exim configuration
settings related to altering Exim’s runtime configuration file along
with overriding the macro definitions in the configuration file.
This buffer overflow may lead to arbitrary code execution with the
privileges of the user executing the Exim daemon. However, the Exim
user retains root privileges when running the -C and -D command line
flags. Through the creation of a temporary exim configuration which
is processed with the -C or -D flags, the Exim user is able to
execute arbitrary commands as root.

Solution
———————–
To resolve and work around the issue, for Linux-based systems cPanel
has issued new Exim RPMs. The new version of Exim locks configuration
file locations to the /etc/exim prefix as well as disabling use of
the -D flag.
Server Owners are strongly urged to upgrade to the following Exim RPM
versions:

CC BY-NC-ND 4.0 cPanel Vulnerability Found!!! by Garfield is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.