Details
WEBppliance 3.1.7 provides a security patch that resolves the Sendmail vulnerability
Compatibility :
This patch requires WEBppliance 3.1.6 for Linux to be installed on your server.
NOTE: This patch will not install on any other version of WEBppliance for Linux, other than 3.1.6.
Major Features of WEBppliance 3.1.7
This patch addresses and fixes the security vulnerability mentioned below:
- Sendmail vulnerability that may allow remote attackers to gain root privileges by sending a carefully crafted message.
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via a certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
Advisory details for the security patch are available at the following URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1337
Installation Instructions :
Download site: (be sure to download using BINARY mode)
http://download.swsoft.com/ensim/download/webppliance/linux/patches/3.1.7/
To install the patch please follow the instructions below :
1. Download the file LS-3.1.7-2.tar.gz
2. Uncompress the file:
tar -xvzf LS-3.1.7-2.tar.gz
3. Change the current directory to the directory
where you have uncompressed the file:
cd LS-3.1.7-2
4. Run the following command
# sh ./patch-install-3.1.7-2.sh
The install script verifies the current installation of WEBppliance to ensure that it complies with the patch requirements and then upgrades the required RPMs (requires root access).
| 
English
Chinese
French
German
Japanese
Russian
Spanish