Article ID: 2571, created on Oct 29, 2007, last review on Apr 18, 2012

  • Applies to:
  • Pro Control Panel Linux

AdditionalInformation

View Knowledge
Knowledge ID 1733
Product : WEBppliance for Linux
Version : 3.5.3
Topic : FAQ

Title
WEBppliance Pro for Linux 3.5.3 (LS)

Summary
WEBppliance Pro for Linux 3.5.3 (LS)

Prevention


Details

WEBppliance Pro for Linux

Version 3.5.3 (LS)

WEBppliance Pro 3.5.3 fixes a security issue that allows browsers to access arbitrary apache-readable files by using multiple '/' characters in the URI (e.g. http://server//etc/passwd). This exploit is present in all versions of WEBppliance Pro prior to 3.5.3.

Compatibility :

You can apply WEBppliance Pro 3.5.3 ONLY on WEBppliance Pro 3.5.2 for Linux

Installation :

Download Site : (be sure to download using BINARY mode)
http://download.swsoft.com/ensim/download/webppliance/linux/pro/3.5.3/

To install the patch, please follow the instructions below:

1.  Download the file LS-3.5.3-5.tar.gz

2.  Uncompress the file:
    tar -xvzf LS-3.5.3-5.tar.gz

3.  Change the current directory to the directory
    where you have uncompressed the file:
    cd LS-3.5.3-5

4.  Run the following command
    # sh ./patch-install-3.5.3-5.sh

    The install script verifies the current installation of WEBppliance
    to ensure that it complies with the patch requirements and then
    upgrades the required RPMs (requires root access).

    This install script will restart webppliance services
    automatically.


Attachments


Related Knowledge

Related Links
 
Last ModifiedUsageSatisfiedLast Used
8/20/2004 12:43:11 PM29 10/11/2007 6:54:35 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF