Parallels

WEBppliance Pro for Linux

Version 3.5.3 (LS)

WEBppliance Pro 3.5.3 fixes a security issue that allows browsers to access arbitrary apache-readable files by using multiple '/' characters in the URI (e.g. http://server//etc/passwd). This exploit is present in all versions of WEBppliance Pro prior to 3.5.3.

Compatibility :

You can apply WEBppliance Pro 3.5.3 ONLY on WEBppliance Pro 3.5.2 for Linux

Installation :

Download Site : (be sure to download using BINARY mode)
http://download.swsoft.com/ensim/download/webppliance/linux/pro/3.5.3/

To install the patch, please follow the instructions below:

1.  Download the file LS-3.5.3-5.tar.gz

2.  Uncompress the file:
    tar -xvzf LS-3.5.3-5.tar.gz

3.  Change the current directory to the directory
    where you have uncompressed the file:
    cd LS-3.5.3-5

4.  Run the following command
    # sh ./patch-install-3.5.3-5.sh

    The install script verifies the current installation of WEBppliance
    to ensure that it complies with the patch requirements and then
    upgrades the required RPMs (requires root access).

    This install script will restart webppliance services
    automatically.