This issue is affecting all its versions.
Exim is the default mail transporter for all cPanel based servers.
cPanel has included an emergency update which was patched overnight. We did a manual update on all our critical infrastructures using cPanel (mainly our shared and reseller servers) a few hours after the security issue.
You can check whether your server has been updated by running the following command :
rpm -q --changelog exim | grep CVE-2016-1531
Which should give the following output :
- Fixes CVE-2016-1531
It doesn't return anything and if you are running cPanel you would only need to type the following SSH commands :
/scripts/upcp
/scripts/check_cpanel_rpms --fix --long-list
**UPDATE : 4th March 2016
The update has broken a feature to detect mailing script which now returns cwd=/ instead of cwd=/path/to/script
We have notified cPanel which has notified Exim and a patch is on its way since our custom malware script detection relies on returning the full path of a script sending emails.
**UPDATE : 5th March 2016
A work around is being worked on, we are waiting for its official release.
https://bugs.exim.org/show_bug.cgi?id=1805
Wednesday, March 2, 2016
