Search Engine: Elastic

Article ID: 2831, created on Oct 29, 2007, last review on Apr 18, 2012

  • Applies to:
  • Pro Control Panel Linux


View Knowledge
Knowledge ID 2251
Product : Ensim Pro for Linux
Version : 3.5
Topic : Hotfix

Sendmail security patch release for WEBppliance for Linux 3.0.x (LS)

Sendmail security patch release for WEBppliance for Linux 3.0.x (LS)



This security patch resolves the Sendmail vulnerability.

Compatibility :

This patch requires WEBppliance 3.0.3 or 3.0.0 for Linux (LS).

Major Feature :

This patch fixes the security vulnerability mentioned below:

1. Sendmail vulnerability may allow remote attackers to gain
   root privileges by sending subversive messages.

   A buffer overflow in Sendmail 5.79 to 8.12.7 allows remote
   attackers to execute arbitrary code using certain formatted
   address fields, related to sender and recipient headercomments
   as processed by the crackaddr function of headers.c.

   Advisory details for the security patch are available at
   the following URL:

Installation Instructions :

Download site: (be sure to downloadusing BINARY mode)

1.  Download the file LS-3.0-Sendmail-patch.tar.gz

2.  Uncompress the file:
     tar -xvzf LS-3.0-Sendmail-patch.tar.gz

3.  Change the current directory to the director where you haveuncompressed the file:
     cd LS-3.0-Sendmail-patch

4.  Run the following commands to install the sendmail packages,
     # rpm -Uvh \
        sendmail-8.11.6-2ensim5.i386.rpm \
        sendmail-doc-8.11.6-2ensim5.i386.rpm \
    # rm -f /etc/rc.d/init.d/sendmail       

    # ln -s /etc/rc.d/init.d/sendmail_app_init /etc/rc.d/init.d/sendmail  

    # /bin/cp -f /usr/lib/opcenter/sendmail/install/smtp.pam /etc/pam.d/smtp 
    # /sbin/service sendmail restart


Related Knowledge

Related Links
Last ModifiedUsageSatisfiedLast Used
6/16/2006 2:27:39 AM10 10/12/2007 4:01:18 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF