Mirapoint Defect Patch: D4_3_5_webmail_2

About the D4_3_5_webmail_2 Patch

This patch addresses the following issue:

Webmail is vulnerable to cross-site scripting attack.

NOTE:

This patch stops and starts the webmail service.
This patch does not reboot the appliance, but it does interrupt services.
This patch can be removed (uninstalled).
Patch removal also stops the webmail service and starts it.
On the MOS which has been branded, you must brand again (re-brand) after installing the patch to take effect.
Similarly, after uninstalling the patch, you must re-brand to fallback to previous state.

Installing the Patch

To install this patch:

Use a telnet client to connect to the administration command-line interface on port 23 on your Mirapoint appliance.

Log in as an administrator.

Issue the following command:
```
        Version
```
If the result returned is 4.3.5, you can install this patch.

Install the D4_3_5_webmail_2 patch using the following CLI command:

Update Install ftp://ftp.mirapoint.com/pub/updates/D4_3_5_webmail_2

Always check the system log after installing a patch regardless of whether installation succeeds or fails.