{"id":1126,"date":"2021-05-06T14:05:37","date_gmt":"2021-05-06T13:05:37","guid":{"rendered":"https:\/\/hostinguk.net\/blog\/?p=1126"},"modified":"2021-05-06T14:52:48","modified_gmt":"2021-05-06T13:52:48","slug":"exim-vulnerability-advisory","status":"publish","type":"post","link":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/","title":{"rendered":"Exim vulnerability advisory"},"content":{"rendered":"\n

Researchers at security company Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain “a full remote unauthenticated code execution and gain root privileges on the Exim Server.”.<\/p>\n\n\n\n

Exim is a mail transfer agent (MTA), responsible for receiving and forwarding email messages. It runs primarily on Unix or Linux and is also the main MTA used on cPanel.<\/p>\n\n\n\n

According to one recent survey nearly 60 per cent of mail servers visible on the internet use Exim.<\/p>\n\n\n\n

The Qualys researchers have now reported on 21 critical vulnerabilities discovered via a code audit, 10 of which can be exploited remotely.<\/p>\n\n\n\n

Successful exploitation of these vulnerabilities would allow a remote attacker to gain full root privileges on the target server and execute commands to install programs, modify data, and create new accounts.<\/p>\n\n\n\n

All versions before Exim-4.94.2 are vulnerable, and security updates were released for the vulnerabilities on 04\/05\/2021.<\/p>\n\n\n\n

We would strongly advise all clients running exim to apply the updates for this as soon as possible.

For customers running cPanel, as long as you have applied all updates available, this should then be using the latest version of Exim that is not vulnerable. For our our shared hosting and managed server customers , our team have already addressed this issue.<\/p>\n","protected":false},"excerpt":{"rendered":"

Researchers at security company Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain “a full remote unauthenticated code execution and gain root privileges on the Exim Server.”. Exim is a mail transfer agent (MTA), responsible for receiving and forwarding email messages. It runs primarily on Unix or Linux… Keep Reading<\/a><\/p>\n","protected":false},"author":4,"featured_media":1127,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[7],"tags":[],"class_list":["post-1126","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general"],"yoast_head":"\nExim vulnerability advisory - Hosting UK<\/title>\n<meta name=\"description\" content=\"Critical exim vulnerabilities you need to know and patch against. Ensure your systems are protected without further delay\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exim vulnerability advisory - Hosting UK\" \/>\n<meta property=\"og:description\" content=\"Critical exim vulnerabilities you need to know and patch against. Ensure your systems are protected without further delay\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/\" \/>\n<meta property=\"og:site_name\" content=\"Hosting UK\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-06T13:05:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-06T13:52:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Phil Parry\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Phil Parry\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/\"},\"author\":{\"name\":\"Phil Parry\",\"@id\":\"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/79e8a2b2dc3dd4a4ce879ca9c23d3572\"},\"headline\":\"Exim vulnerability advisory\",\"datePublished\":\"2021-05-06T13:05:37+00:00\",\"dateModified\":\"2021-05-06T13:52:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/\"},\"wordCount\":210,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg\",\"articleSection\":[\"General\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/\",\"url\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/\",\"name\":\"Exim vulnerability advisory - Hosting UK\",\"isPartOf\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg\",\"datePublished\":\"2021-05-06T13:05:37+00:00\",\"dateModified\":\"2021-05-06T13:52:48+00:00\",\"author\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/79e8a2b2dc3dd4a4ce879ca9c23d3572\"},\"description\":\"Critical exim vulnerabilities you need to know and patch against. Ensure your systems are protected without further delay\",\"breadcrumb\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage\",\"url\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg\",\"contentUrl\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg\",\"width\":1200,\"height\":400,\"caption\":\"Patching\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/hostinguk.net\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exim vulnerability advisory\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/hostinguk.net\/blog\/#website\",\"url\":\"https:\/\/hostinguk.net\/blog\/\",\"name\":\"Hosting UK\",\"description\":\"Hosting UK | Domain names | Web hosting | Dedicated Servers\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/hostinguk.net\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/79e8a2b2dc3dd4a4ce879ca9c23d3572\",\"name\":\"Phil Parry\",\"url\":\"https:\/\/hostinguk.net\/blog\/author\/huk-phil\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exim vulnerability advisory - Hosting UK","description":"Critical exim vulnerabilities you need to know and patch against. Ensure your systems are protected without further delay","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"Exim vulnerability advisory - Hosting UK","og_description":"Critical exim vulnerabilities you need to know and patch against. Ensure your systems are protected without further delay","og_url":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/","og_site_name":"Hosting UK","article_published_time":"2021-05-06T13:05:37+00:00","article_modified_time":"2021-05-06T13:52:48+00:00","og_image":[{"width":1200,"height":400,"url":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg","type":"image\/jpeg"}],"author":"Phil Parry","twitter_misc":{"Written by":"Phil Parry","Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#article","isPartOf":{"@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/"},"author":{"name":"Phil Parry","@id":"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/79e8a2b2dc3dd4a4ce879ca9c23d3572"},"headline":"Exim vulnerability advisory","datePublished":"2021-05-06T13:05:37+00:00","dateModified":"2021-05-06T13:52:48+00:00","mainEntityOfPage":{"@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/"},"wordCount":210,"commentCount":0,"image":{"@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage"},"thumbnailUrl":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg","articleSection":["General"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/","url":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/","name":"Exim vulnerability advisory - Hosting UK","isPartOf":{"@id":"https:\/\/hostinguk.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage"},"image":{"@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage"},"thumbnailUrl":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg","datePublished":"2021-05-06T13:05:37+00:00","dateModified":"2021-05-06T13:52:48+00:00","author":{"@id":"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/79e8a2b2dc3dd4a4ce879ca9c23d3572"},"description":"Critical exim vulnerabilities you need to know and patch against. Ensure your systems are protected without further delay","breadcrumb":{"@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#primaryimage","url":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg","contentUrl":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg","width":1200,"height":400,"caption":"Patching"},{"@type":"BreadcrumbList","@id":"https:\/\/hostinguk.net\/blog\/exim-vulnerability-advisory\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hostinguk.net\/blog\/"},{"@type":"ListItem","position":2,"name":"Exim vulnerability advisory"}]},{"@type":"WebSite","@id":"https:\/\/hostinguk.net\/blog\/#website","url":"https:\/\/hostinguk.net\/blog\/","name":"Hosting UK","description":"Hosting UK | Domain names | Web hosting | Dedicated Servers","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hostinguk.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/79e8a2b2dc3dd4a4ce879ca9c23d3572","name":"Phil Parry","url":"https:\/\/hostinguk.net\/blog\/author\/huk-phil\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2021\/05\/software-update-patch-fotalia.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p63y3g-ia","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts\/1126","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/comments?post=1126"}],"version-history":[{"count":3,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts\/1126\/revisions"}],"predecessor-version":[{"id":1130,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts\/1126\/revisions\/1130"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/media\/1127"}],"wp:attachment":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/media?parent=1126"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/categories?post=1126"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/tags?post=1126"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}