Article ID: 2845, created on Oct 29, 2007, last review on Apr 18, 2012

  • Applies to:
  • Pro Control Panel Linux


View Knowledge
Knowledge ID 2265
Product : Ensim Pro for Linux
Version : 3.5
Topic : Hotfix

Installation for WEBppliance 3.1.12 for Linux LS

Installation for WEBppliance 3.1.12 for Linux LS



WEBppliance for Linux 3.1.12 (LS)

Ensim today announces a maintenance release, that resolves key issues

Compatibility :

You can upgrade to WEBppliance for Linux 3.1.12 (LS) from WEBppliance for Linux 3.1.11 (LS).

IMPORTANT: This patch can be installed on WEBppliance 3.1.11 for Linux ONLY. This upgrade could take several hours depending on the number of domains. It is recommended that you schedule the upgrade at a time of relatively low activity and inform the Resellers and the Site Administrators about the domain downtime.

Resolved Issues:

This patch fixes the security vulnerabilities mentioned below:

  1.  MySQL buffer overflow vulnerability
    Under this bug, a Password field with a value greater than 16 characters can cause a buffer overflow. It may be possible for an attacker with the ability to modify the user table to exploit this buffer overflow to execute arbitrary code as the MySQL user.
    For more details on this please refer to 

  2. Perl vulnerability
    When versions 2.0.7 and earlier are used with Perl 5.8.0 and earlier, it is possible for an attacker to break out of safe compartments within Safe::reval and Safe::rdo by using a redefined @_ variable.
    For more details on this please refer to 

  3. Several minor bugs in Apache and mod_ssl.
    A bug in the optional renegotiation code in mod_ssl which can cause cipher suite restrictions to be ignored. For more details on this please refer to 
    Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. For more details on this please refer to 

  4. Sendmail vulnerability.
    The sucessful exploitation of a bug present in the prescan() function of unpatched Sendmail versions prior to 8.12.10 can lead to heap and stack structure overflows. Although no exploit currently exists, this issue is locally exploitable and may also be remotely exploitable. For more details on this please refer to 

  5. Proftpd vulnerability 
    X-Force Research at ISS has discovered a remote exploit in ProFTPD's handling of ASCII translations that an attacker, by downloading a carefully crafted file, can exploit and gain a root shell.

In addition to these the quota compatibility bug has also been resolved in this release. For details on this bug refer to Knowledge Base Article 732.

Installation Instructions 
Download Location:

To install the patch, please follow the instructions below:

  1. Download the file LS-3.1.12-7.tar.gz from the download location mentioned above.
  2. Uncompress the file:
    tar -xvzf LS-3.1.12-7.tar.gz
  3. Change the current directory to the directory where you have uncompressed the file:
    cd LS-3.1.12-7
  4. Run the following command
    # sh ./ 

The install script verifies the current installation of WEBppliance to ensure that it complies with the patch requirements and then upgrades the required RPMs (requires root access).

This install script will restart the Apache, MySQL, and Proftpd services automatically.

Also, refer to the Errata page for new additional fixes for this release.


Related Knowledge

Related Links
Last ModifiedUsageSatisfiedLast Used
6/16/2006 4:28:58 AM15 10/11/2007 4:28:19 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF