Search Engine: Elastic

Article ID: 2554, created on Oct 29, 2007, last review on Apr 18, 2012

  • Applies to:
  • Pro Control Panel Linux


View Knowledge
Knowledge ID 1694
Product : WEBppliance for Linux
Version : 3.1.8
Topic : FAQ

SendMail Security Patch for WEBppliance for Linux (LS)

SendMail Security Patch for WEBppliance for Linux (LS)



This Security Patch resolves the Sendmail vulnerability that allows local and possibly remote attackers to gain root privileges.

Compatibility :
This Patch requires WEBppliance 3.1.8 to be installed on your server.

NOTE : This patch will not install on any other version of WEBppliance other than 3.1.8

Major Fixes:
This patch fixes the Security vulnerabilities mentioned below :

  1. Sendmail vulnerability that allows local and possibly remote attackers to 
    gain root privileges.

    There is a vulnerability in Sendmail versions prior to and including 8.12.8. The address parser performs insufficient bounds checking in certain conditions due to a char to int conversion, making it possible for an attacker to take control of the application. Although no exploit currently exists, this issue is probably locally exploitable and may also be remotely exploitable. 

    Advisory details for the security patch are available at the following URL:

Installation Instructions :

Download site: (be sure to downloadusing BINARY mode)

  1.  Download the file LS-3.1.9-2.tar.gz
  2. Uncompress the file:
    tar -xvzf LS-3.1.9-2.tar.gz
  3. Change the current directory to the directory where you have uncompressed the file:
    cd LS-3.1.9-2
  4. Run the following command
    # sh ./

    The install script verifies the current installation of WEBppliance to ensure that it complies with the patch requirements and then upgrades the required RPMs (requires root access).
  5. This install script will restart the sendmail service automatically.


Related Knowledge

Related Links
Last ModifiedUsageSatisfiedLast Used
8/20/2004 12:41:44 PM14 10/11/2007 6:49:44 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF