Article ID: 2564, created on Oct 29, 2007, last review on Apr 25, 2014

  • Applies to:
  • Pro Control Panel Linux

AdditionalInformation

View Knowledge
Knowledge ID 1716
Product : WEBppliance for Linux
Version : 3.1.7
Topic : FAQ

Title
WEBppliance 3.1.7 Security Patch (LS)

Summary
WEBppliance 3.1.7 Security Patch (LS)

Prevention


Details

WEBppliance 3.1.7 provides a security patch that resolves the Sendmail vulnerability

Compatibility :

This patch requires WEBppliance 3.1.6 for Linux to be installed on your server.

NOTE: This patch will not install on any other version of WEBppliance for Linux, other than 3.1.6.

Major Features of WEBppliance 3.1.7
This patch addresses and fixes the security vulnerability mentioned below:

  1. Sendmail vulnerability that may allow remote attackers to gain root privileges by sending a carefully crafted message. 

    Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via a certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. 
       
    Advisory details for the security patch are available at the following URL:         
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1337


Installation Instructions :

Download site: (be sure to download using BINARY mode)
http://download.swsoft.com/ensim/download/webppliance/linux/patches/3.1.7/


To install the patch please follow the instructions below :

1.  Download the file LS-3.1.7-2.tar.gz

2.  Uncompress the file:
    tar -xvzf LS-3.1.7-2.tar.gz

3.  Change the current directory to the directory
    where you have uncompressed the file:
    cd LS-3.1.7-2

4.  Run the following command
    # sh ./patch-install-3.1.7-2.sh

The install script verifies the current installation of WEBppliance to ensure that it complies with the patch requirements and then upgrades the required RPMs (requires root access).


Attachments


Related Knowledge

Related Links
 
Last ModifiedUsageSatisfiedLast Used
8/20/2004 12:41:05 PM15 10/11/2007 6:52:40 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF