Eximstats too large

If the size of your eximstats database is too large, you can do the following steps to empty it.

Login to mysql server from root.

[root@srv1 ~]# mysql

mysql> use eximstats;
Database changed
mysql> show tables;
+---------------------+
| Tables_in_eximstats |
+---------------------+
| defers |
| failures |
| sends |
| smtp |
+---------------------+
4 rows in set (0.00 sec)

mysql> delete from defers;
Query OK, 0 rows affected (0.52 sec)

mysql> delete from failures;
Query OK, 0 rows affected (0.35 sec)

mysql> delete from sends;
Query OK, 17310 rows affected (0.23 sec)

mysql> delete from smtp;
Query OK, 4678 rows affected (0.06 sec)

mysql> exit
Bye
[root@srv1 ~]#

You can also do this by deleting the above .MYD files from the location /var/lib/mysql/eximstats and restart exim service afterwards.

Exim Remote Memory Corruption Vulnerability Notification (CVE-2010-4344)

Summary

A memory corruption vulnerability exists in Exim versions 4.69 and older (CVE-2010-4344). Exim is the mail transfer agent used by cPanel & WHM.

Security Rating

This update has been rated as Important by the cPanel Security team.

Description

A memory corruption vulnerability has been discovered in Exim. This vulnerability may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. cPanel previously released RPMs that mitigated the severity of the vulnerability on December 9, 2010 (CVE-2010-4345). This notification is for the release of new RPMs which remove the remote memory corruption vulnerability in its entirety. The vulnerability relies upon “rejected_header” being enabled (default setting) in the log_selector configuration.

Solution

To resolve and work around the issue on Linux systems, cPanel has issued new Exim RPMs. Server Owners are strongly urged to upgrade to the following Exim RPM versions:

Systems configured to use Maildir: Exim 4.69-26

Systems configured to use mbox (deprecated): Exim 4.63-5

Exim RPMs will be distributed through cPanel’s package management system. All cPanel & WHM servers receiving updates automatically will receive the updated Exim RPM during normal update and maintenance operations (upcp). To begin an Exim update on cPanel systems immediately, run the following command as root:

/scripts/eximup

FreeBSD systems should be running Exim 4.72 by default, which is not affected by this issue.

FAQ

This notification covers CVE-2010-4344.

The notification release earlier on December 10, 2010 with the summary “A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM.” covers CVE-2010-4345. At the time of the earlier announcement, the CVE had not been assigned.

Source

cPanel :: Berkeley DB error: PANIC: fatal region error detected; run recovery

Exim logs /var/log/exim_mainlog shows Berkeley DB error.

Berkeley DB error: PANIC: fatal region error detected; run recovery
Berkeley DB error: PANIC: fatal region error detected; run recovery
Berkeley DB error: PANIC: fatal region error detected; run recovery

Exim stores certain databases using BerkeleyDB (e.g. aliases file). These are due to corrupted Berkeley DB.

In cPanel server you can remove / move the DB and restart exim to fix.

mv /var/spool/exim/db /var/spool/exim/db.bak

/scripts/restartsrv_exim

Now confirm the errors are gone.

tail -f /var/log/exim_mainlog