Article ID: 2556, created on Oct 29, 2007, last review on Apr 17, 2012

  • Applies to:
  • Pro Control Panel Linux

AdditionalInformation

View Knowledge
Knowledge ID 1700
Product : WEBppliance for Linux
Version : 3.1
Topic : FAQ

Title
Sendmail Security Patch release for WEBppliance 3.1.1 and 3.1.0 for Linux (LS)

Summary
Sendmail Security Patch release for WEBppliance 3.1.1 and 3.1.0 for Linux (LS)

Prevention


Details
This security patch resolves the Sendmail vulnerability.

Compatibility :

This patch requires WEBppliance 3.1.1 or 3.1.0 for Linux (LS).

Major Feature :

This patch fixes the security vulnerability mentioned below:

1. Sendmail vulnerability may allow remote attackers to gain
   root privileges by sending subversive messages.

   A buffer overflow in Sendmail 5.79 to 8.12.7 allows remote
   attackers to execute arbitrary code using certain formatted
   address fields, related to sender and recipient headercomments
   as processed by the crackaddr function of headers.c.

   Advisory details for the security patch are available at
   the following URL:

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1337

Installation Instructions :

Download site: (be sure to downloadusing BINARY mode)
http://download.swsoft.com/ensim/download/webppliance/linux/patches/3.1/sendmail/

1.  Download the file LS-3.1-Sendmail-patch.tar.gz

2.  Uncompress the file:
     tar -xvzf LS-3.1-Sendmail-patch.tar.gz

3.  Change the current directory to the director where you haveuncompressed the file:
     cd LS-3.1-Sendmail-patch

4.  Run the following commands to install the sendmail packages,
     # rpm -Uvh \
        sendmail-8.11.6-2ensim5.i386.rpm \
        sendmail-doc-8.11.6-2ensim5.i386.rpm \
        sendmail-cf-8.11.6-2ensim5.i386.rpm

     # /sbin/service sendmail restart


Attachments


Related Knowledge

Related Links
 
Last ModifiedUsageSatisfiedLast Used
8/20/2004 12:31:39 PM42 10/11/2007 6:50:04 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF