Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.
Novell NetMail 3.5.2
Security vulnerability in the patch packaging for NetMail 3.5.2.
This vulnerability affected the 3.5.2a, 3.5.2b, and 3.5.2c releases of NetMail.
Files in the Linux distribution of the NetMail 3.52a, 3.52b and 3.52c patches had the owner ID and group ID set to 500. If these patches are installed on a system where user ID 500 exists or where users belong to group ID 500, these users could delete or replace the netmail binaries.
This is CAN-2005-1976.
This problem has been resolved with the release of NetMail 3.5.2c1. Although the problem only existed for the Linux binaries, Novell has released NetMail 3.5.2c1 for all platforms to ensure version consistency between platforms. If you have already applied NetMail 3.5.2c for NetWare or Windows, you do NOT need to update to NetMail 3.5.2c1.