===========================================================
Ubuntu Security Notice USN-757-1 April 15, 2009
ghostscript, gs-esp, gs-gpl vulnerabilities
CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583,
CVE-2009-0584, CVE-2009-0792
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
gs-esp 8.15.2.dfsg.0ubuntu1-0ubuntu1.2
gs-gpl 8.15-4ubuntu3.3
Ubuntu 8.04 LTS:
libgs8 8.61.dfsg.1-1ubuntu3.2
Ubuntu 8.10:
libgs8 8.63.dfsg.1-0ubuntu6.4
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that Ghostscript contained a buffer underflow in its
CCITTFax decoding filter. If a user or automated system were tricked into
opening a crafted PDF file, an attacker could cause a denial of service or
execute arbitrary code with privileges of the user invoking the program.
(CVE-2007-6725)
It was discovered that Ghostscript contained a buffer overflow in the
BaseFont writer module. If a user or automated system were tricked into
opening a crafted Postscript file, an attacker could cause a denial of
service or execute arbitrary code with privileges of the user invoking the
program. (CVE-2008-6679)
It was discovered that Ghostscript contained additional integer overflows
in its ICC color management library. If a user or automated system were
tricked into opening a crafted Postscript or PDF file, an attacker could
cause a denial of service or execute arbitrary code with privileges of the
user invoking the program. (CVE-2009-0792)
Alin Rad Pop discovered that Ghostscript contained a buffer overflow in the
jbig2dec library. If a user or automated system were tricked into opening a
crafted PDF file, an attacker could cause a denial of service or execute
arbitrary code with privileges of the user invoking the program.
(CVE-2009-0196)
USN-743-1 provided updated ghostscript and gs-gpl packages to fix two
security vulnerabilities. This update corrects the same vulnerabilities in
the gs-esp package.
Original advisory details:
It was discovered that Ghostscript contained multiple integer overflows in
its ICC color management library. If a user or automated system were
tricked into opening a crafted Postscript file, an attacker could cause a
denial of service or execute arbitrary code with privileges of the user
invoking the program. (CVE-2009-0583)
It was discovered that Ghostscript did not properly perform bounds
checking in its ICC color management library. If a user or automated
system were tricked into opening a crafted Postscript file, an attacker
could cause a denial of service or execute arbitrary code with privileges
of the user invoking the program. (CVE-2009-0584)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1-0ubuntu1.2.diff.gz
Size/MD5: 88475 888a5e36bcd499e1c0a6104c2f2c32b2
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1-0ubuntu1.2.dsc
Size/MD5: 904 0b4f1a1e2255ffcfa870adee0c933eba
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1.orig.tar.gz
Size/MD5: 7318074 cf386d9cdbf447f292128aa3bf17a94c
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubuntu3.3.diff.gz
Size/MD5: 45642 04b7f413b90ef9a01ee7b78bb06f4b0c
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubuntu3.3.dsc
Size/MD5: 864 5c03cef56ec50634d6bde7ac4e8d154b
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15.orig.tar.gz
Size/MD5: 6382514 f2e0e6355d4b64e6f636b62a2220ad47
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs_8.15-4ubuntu3.3_all.deb
Size/MD5: 14958 786b4e5e659958f80fb2f6ebba60131c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1-0ubuntu1.2_amd64.deb
Size/MD5: 3086720 e56a942a70491403b044492228b9e60c
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubuntu3.3_amd64.deb
Size/MD5: 2768130 8974dd28ce222b8f9b9170121f7f4565
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1-0ubuntu1.2_i386.deb
Size/MD5: 2879706 364962f1d6445fecbc777ff3eba3e71f
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubuntu3.3_i386.deb
Size/MD5: 2590888 d454d8ebe63b6ac2f8ea5148ab7d79be
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1-0ubuntu1.2_powerpc.deb
Size/MD5: 3069114 75807469a620426a9fae5a0d9ed5effc
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubuntu3.3_powerpc.deb
Size/MD5: 2751418 195cc55e06eb108d38e7183d4ef93f2a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg.0ubuntu1-0ubuntu1.2_sparc.deb
Size/MD5: 2912480 f902f75395b7bf7e1bdb0a8f0e31072d
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubuntu3.3_sparc.deb
Size/MD5: 2616726 f8204c3caad01b832d309cb307e87c99
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2.diff.gz
Size/MD5: 110434 dcdeaf75d04bfeb1c7e2beefea977753
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2.dsc
Size/MD5: 1206 3f0396e784c1fa07b6e3e3728072faf8
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1.orig.tar.gz
Size/MD5: 12199544 4669884352d6967153a13a1d413f26b2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-doc_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 2725280 2d9fb6d5078f95de159f6e4ac25b5889
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs-gpl_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27934 42619ea5765adf1bce524f7a7de5060c
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27930 3f720ae67557ae5956a5a19f512bd10c
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-esp-dev_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27942 a3ee0e4007848f6778e3e0cc433baab8
http://security.ubuntu.com/ubuntu/pool/multiverse/g/ghostscript/gs-aladdin_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27936 3e45a07defaab03b9af973f565973deb
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-common_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27934 1e1fafc614dc563ef5db46744ebb2d65
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp-x_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27928 56e3d854d67b738c9ee1d3eac68ec62a
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27920 334312a6225c76d69fe5e259500ac36e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 61914 e1a0b0675481193dc941db3a15af365f
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 739836 28ef7752ce30d66573e95be97a91f557
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 15092 718ea138e8711314fde1a1ab5bd326d7
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 2302114 4b12f56ad2e3665b7c7ff705e1a37988
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 60248 6eb4e669b1aaa8fc33c1aec44f9aef70
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 739930 235fdf708d0addb8c641234dcc46c8dc
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 15094 3594e6e2fee08c35c2732908a72f8531
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 2216730 5fcbbbab7bd0be7706498d2a4e64a261
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg.1-1ubuntu3.2_lpia.deb
Size/MD5: 59840 7664a2ac830360aa3a26191265e7b49b
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2_lpia.deb
Size/MD5: 739536 08441356acaed8c8a17622dc9fdda7e1
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1ubuntu3.2_lpia.deb
Size/MD5: 15096 4d93a542ae9b1b595723e95e483b2277
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubuntu3.2_lpia.deb
Size/MD5: 2209744 efa4db8adfd22b58f36c930792b0ebe6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg.1-1ubuntu3.2_powerpc.deb
Size/MD5: 64960 e44bdeb6d982fe85df33919221742bf8
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2_powerpc.deb
Size/MD5: 742288 cd314807d66f2eef4a8ec9e8b622e7c4
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1ubuntu3.2_powerpc.deb
Size/MD5: 15102 fb1604ae54eda89546cfd0931e7a340e
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubuntu3.2_powerpc.deb
Size/MD5: 2395884 3d454d68d26ab7dd25f79d0cff8f79fc
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg.1-1ubuntu3.2_sparc.deb
Size/MD5: 59152 3db40124236ca66dbe6771ed97944a89
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1-1ubuntu3.2_sparc.deb
Size/MD5: 739734 12aab96c1c44665fd35cf6871dbca3e8
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1ubuntu3.2_sparc.deb
Size/MD5: 15092 e709b95bfe603f5e5ce512ec1ef0ea87
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubuntu3.2_sparc.deb
Size/MD5: 2184148 ae618f8fd60ff53259d9009fd4525286
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4.diff.gz
Size/MD5: 117152 e861a0b6261b876ea8638fdb774f550a
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4.dsc
Size/MD5: 1648 3af1ae64f055cceffdd2489e9a69b6f5
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1.orig.tar.gz
Size/MD5: 13446723 0f019ca7041f892255600abf58aa1eec
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-doc_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 2843940 9bbfc9b09deebac55a53c463729771c1
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs-common_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30562 3d72c15e83c920ce72bfbbd47436e704
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs-gpl_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30562 2fdec106a3170a9899faea032d3527bb
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30556 bfd7af84ef3aca682a17a8db6446b7dd
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-esp-dev_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30100 cb2a62d828fe463c5ddc92fff6184c17
http://security.ubuntu.com/ubuntu/pool/multiverse/g/ghostscript/gs-aladdin_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30560 1ef502dc69f6a2cfda973ea7b0f9091f
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp-x_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30088 0645862bdecf9bdcb651cd672d441e89
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30548 48cf5e56c4c06d460aaf6b1a4243a3a0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 64372 63421de9c9f3bb16f639b11213ed4ad7
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 795550 3d2c08a01de9b91667fcd06c253960e0
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 15094 cae2da14946aad2e3d158e1db7aca624
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 2386192 5e3ebd7b79309db1c7359558a97aeb18
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 63022 82a47c879af21d1e3d2ff7ffef449553
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 795030 30c0c3fd8d606c73d365adf901653dfe
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 15090 bef1ea9161f55bf760b166b428663354
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 2291468 fdb4d25935f5271a415c041e7503464b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg.1-0ubuntu6.4_lpia.deb
Size/MD5: 62470 ac2789a870bfce68e9ac683d80c2257d
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4_lpia.deb
Size/MD5: 795022 f4dab53c3f01fdca8d0c399940e170af
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0ubuntu6.4_lpia.deb
Size/MD5: 15088 55b3c9182a964f7c58a8380bfec0eba2
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubuntu6.4_lpia.deb
Size/MD5: 2273562 b87ce70cd757823653b3404ed1fa8560
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg.1-0ubuntu6.4_powerpc.deb
Size/MD5: 67086 84567c0401077e0f742c9ba2e611e4fe
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4_powerpc.deb
Size/MD5: 798252 d4f700d96229bfbd2688d2e0fa1eeb30
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0ubuntu6.4_powerpc.deb
Size/MD5: 15100 0be215b3317c43abd5d5e137f929fe3a
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubuntu6.4_powerpc.deb
Size/MD5: 2472500 2392467d6f113f08fa23dc6d2a6595a7
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg.1-0ubuntu6.4_sparc.deb
Size/MD5: 61480 ba8052bd2ebc5542f4d442f4681a8652
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1-0ubuntu6.4_sparc.deb
Size/MD5: 795456 8ee9db74e81cc58fbcddfdc7628c2935
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0ubuntu6.4_sparc.deb
Size/MD5: 15100 09be0f187e6edda02ce73e0dafa715e9
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubuntu6.4_sparc.deb
Size/MD5: 2232010 b3e6a3507a906cad5ad6d24fb77e57df
--=-kwYKGfs/PBLep11q50ct
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAknl8ZEACgkQLMAs/0C4zNozEwCeOYIab5aqbpDMDo1YJdy4iNAH
BZgAnjQmdmpNk3VCpNAHo7FXDzjth5Yr
=AxN2
-----END PGP SIGNATURE-----
--=-kwYKGfs/PBLep11q50ct--
From - Wed Apr 15 12:14:46 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071cc
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40035-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 18C13EC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 12:10:45 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 5CE17143A2E; Wed, 15 Apr 2009 08:57:14 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 12116 invoked from network); 15 Apr 2009 09:50:46 -0000
Date: Wed, 15 Apr 2009 11:54:11 +0200
Message-Id: <200904150954.n3F9sBJl013250@ca.secunia.com>
To: bugtraq@securityfocus.com
Subject: Secunia Research: Oracle BEA WebLogic Server Plug-ins Integer Overflow
From: Secunia Research <remove-vuln@secunia.com>
Status:
=====================================================================
Secunia Research 15/04/2009
- Oracle BEA WebLogic Server Plug-ins Integer Overflow -
=====================================================================Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
=====================================================================1) Affected Software
* Oracle BEA WebLogic Server Plug-ins version 1.0.1166189.
NOTE: Other versions may also be affected.
=====================================================================2) Severity
Rating: Highly critical
Impact: System access
Where: From Remote
=====================================================================3) Vendor's Description of Software
"... the world's best application server for building and deploying
enterprise applications and services ...".
Product Link:
http://www.oracle.com/technology/products/weblogic/index.html
=====================================================================4) Description of Vulnerability
Secunia Research has discovered a vulnerability in the Oracle BEA
WebLogic Server plug-ins for web servers, which can be exploited by
malicious people to compromise a vulnerable system.
The Oracle BEA WebLogic Server can be configured to receive requests
via an Apache, Sun, or IIS web server. In this case, a plug-in is
installed in the Internet-facing web server that passes the request to
a WebLogic server. An integer overflow when parsing HTTP requests can
be exploited to cause a heap-based buffer overflow.
Successful exploitation may allow execution of arbitrary code.
=====================================================================5) Solution
Apply patches released by the vendor.
=====================================================================6) Time Table
01/03/2009 - Vendor notified.
06/03/2009 - Vendor response requesting more information.
06/03/2009 - Sent PoC to vendor.
10/03/2009 - Vendor confirms vulnerability.
12/03/2009 - Vendor requests more information.
15/03/2009 - Supplemental information sent to vendor.
17/03/2009 - Vendor confirms and provides preliminary patch.
15/04/2009 - Public disclosure.
=====================================================================7) Credits
Discovered by Dyon Balding, Secunia Research.
=====================================================================8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0189 for the vulnerability.
=====================================================================9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
=====================================================================10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-22/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
=====================================================================
From - Wed Apr 15 12:24:47 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071cf
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40033-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id AB6C1EC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 12:23:03 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 837E0143C3F; Wed, 15 Apr 2009 08:56:02 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 9962 invoked from network); 15 Apr 2009 07:33:49 -0000
Date: Wed, 15 Apr 2009 09:37:15 +0200
Message-Id: <200904150737.n3F7bFNN031777@ca.secunia.com>
To: bugtraq@securityfocus.com
Subject: Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow
From: Secunia Research <remove-vuln@secunia.com>
Status:
=====================================================================
Secunia Research 15/04/2009
- DivX Web Player Stream Format Chunk Buffer Overflow -
=====================================================================Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
=====================================================================1) Affected Software
* DivX Web Player version 1.4.2.7
NOTE: Other versions may also be affected.
=====================================================================2) Severity
Rating: Highly critical
Impact: System access
Where: Remote
=====================================================================3) Vendor's Description of Software
"DivX Web Player lets you play up to HD-quality DivX� video in your
web browser. You can also use DivX Web Player to easily embed DivX
videos onto your website or blog."
Product Link:
http://www.divx.com/en/web-player-windows
=====================================================================4) Description of Vulnerability
Secunia Research has discovered a vulnerability in DivX Web Player,
which can be exploited by malicious people to compromise a user's
system.
The vulnerability is caused due to a signedness error in the
processing of "STRF" (Stream Format) chunks. This can be exploited to
cause a heap-based buffer overflow via a specially crafted DivX file.
Successful exploitation may allow execution of arbitrary code by
tricking a user into visiting a malicious website.
=====================================================================5) Solution
Update to version 1.4.3.4, included in an updated DivX bundle.
=====================================================================6) Time Table
17/12/2008 - Vendor notified.
18/12/2008 - Vendor response.
11/03/2009 - DivX Web Player 1.4.3 released in a bundle update.
15/04/2009 - Public disclosure.
=====================================================================7) Credits
Discovered by Alin Rad Pop, Secunia Research.
=====================================================================8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2008-5259 for the vulnerability.
=====================================================================9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
=====================================================================10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2008-57/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
=====================================================================
From - Wed Apr 15 12:54:46 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071d5
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40037-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 53782EC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 12:49:01 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id D9373143B78; Wed, 15 Apr 2009 08:58:26 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 15661 invoked from network); 15 Apr 2009 13:56:17 -0000
Subject: SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell
Teaming
From: Bernhard Mueller <research@sec-consult.com>
To: Full Disclosure <full-disclosure@lists.grok.org.uk>,
Bugtraq <bugtraq@securityfocus.com>
Content-Type: text/plain
Date: Wed, 15 Apr 2009 14:02:23 +0000
Message-ID: <1239804143.6664.35.camel@b4byl0n>
MIME-Version: 1.0
X-Mailer: Evolution 2.24.3
Content-Transfer-Encoding: 7bit
Status:
SEC Consult Security Advisory < 20090415-0 >
========================================================================= title: Novell Teaming Multiple Vulnerabilities
* Username Enumeration
* Multiple Cross Site Scripting
* Includes vulnerable Liferay portal
program: Novell Teaming
vulnerable version: 1.0.3
homepage:
http://www.novell.com/products/teaming/
found: February 2009
by: Michael Kirchner, SEC Consult Vulnerability Lab
link:
https://www.sec-consult.com/files/20090415-0-novell-teaming.txt
=========================================================================
Vendor description:
-------------------
Web conferencing software from Novell. Teaming and conferencing offers a
number of solutions to improve productivity for enterprises, with web
conferencing just one of those solutions.
[source:
http://www.novell.com/products/teaming/]
Vulnerability overview:
-----------------------
Multiple vulnerabilities have been identified in Novell Teaming. These
include enumeration of usernames, information disclosure, and cross site
scripting flaws. An attacker could leverage these vulnerabilities to
collect information about the system and its users and conduct effective
(XSS supported) hybrid phishing attacks.
Vulnerability description:
-------------------------
1. Username enumeration:
User authentication takes place via a login form at:
https://teaming.example.com/c/portal/login
The web application reacts differently for valid and invalid usernames
("Please enter a valid login" / "Auhtentication failed"). This allows an
attacker to deduce wether a spedific username exists. The attacker could
use this flaw to generate a list of usernames for dictionary- or
bruteforce-attacks.
2. Cross site scripting:
The parameters p_p_state and p_p_mode are not validated or escaped by
the web application. Script code can be injected into these parameters,
allowing for cross site scripting attacks. Example:
https://teaming.example.com/web/guest/home?p_p_id�&p_p_action=1&p_p_state=%3Cscript%3Ealert('xss+vulnerability')%3C/script%3E&p_p_mode=view&p_p_col_id=column-2&p_p_col_pos=1&p_p_col_count=2&_82_struts_action=%2Flanguage%2Fview&_82_languageId�_DE
3. Vulnerable Liferay portal:
Novell Teaming includes a version of Liferay portal with known
vulnerabilities (two cross site scripting flaws):
* Liferay Portal "login" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/27537/
* Liferay Portal "emailAddress" Cross-Site Scripting
http://secunia.com/advisories/27821/
-
Proof of concept:
-----------------
No special exploit code is required to exploit this vulnerabilities.
Vulnerable versions:
--------------------
Version 1.0.3 of Novell Teaming is vulnerable to the issues described.
Prior versions are most likely also vulnerable.
Vendor contact timeline:
------------------------
2009-02-19: Vendor informed about vulnerabilities
2009-04-14: Patches available
Patch:
------
The vendor has provided fixes for the issues described. In addition, two
Technical Information Documents containing update instructions have been
released. These can be found at the following URLs:
* TID 7002997
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalIdp02997&sliceId=1&docTypeID=DT_TID_1_1&dialogID3090060&stateId=1%200%2033084737
* TID 7002999
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalIdp02999&sliceId=1&docTypeID=DT_TID_1_1&dialogID3090060&stateId=1%200%2033084737
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SEC Consult Unternehmensberatung GmbH
Office Vienna
Mooslackengasse 17
A-1190 Vienna
Austria
Tel.: +43 / 1 / 890 30 43 - 0
Fax.: +43 / 1 / 890 30 43 - 25
Mail: research at sec-consult dot com
www.sec-consult.com
EOF SEC Consult Vulnerability Lab / @2009
From - Wed Apr 15 12:54:47 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071d6
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40032-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 5AFCCEC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 12:52:22 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 19A71143B8D; Wed, 15 Apr 2009 08:54:16 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 6626 invoked from network); 15 Apr 2009 03:57:54 -0000
X-Spam-Status: No, hits=-4.4 required=5.0
X-Spam-Report: SA TESTS
-1.8 ALL_TRUSTED Passed through trusted hosts only via SMTP
-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
[score: 0.0000]
X-Antivirus-INTERUNIX-Mail-From: prabu@hackinthebox.org via prometheus.interunix.net
X-Antivirus-INTERUNIX: 1.25-st-qms (Clear:RC:0(202.190.74.58):SA:0(-4.4/5.0):. Processed in 3.62372 secs Process 99193)
Message-ID: <49E55C82.7080905@hackinthebox.org>
Date: Wed, 15 Apr 2009 12:03:14 +0800
From: "S. Praburaajan" <prabu@hackinthebox.org>
User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302)
MIME-Version: 1.0
To: dailydave@lists.immunityinc.com, securityjobs@securityfocus.com,
voipsec@voipsa.org, bugtraq@securityfocus.com
Subject: HITBSecConf2009 - Malaysia: Call for Papers
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Status:
The Call for Papers for HITB Security Conference 2009 Malaysia is now open!
Talks that are more technical or that discuss new and never before seen
attack methods are of more interest than a subject that has been covered
several times before. Summaries not exceeding 1250 words should be
submitted (in plain text format) to cfp -at- hackinthebox.org for review
and possible inclusion in the programme.
Submissions are due no later than 31st July 2009
TOPICS
Topics of interest include, but are not limited to the following:
# 3G/4G Cellular Networks
# Apple / OS X security vulnerabilities
# SS7/Backbone telephony networks
# VoIP security
# Firewall technologies
# Intrusion detection
# Data Recovery, Forensics and Incident Response
# HSDPA and CDMA Security
# WIMAX Security
# Identification and Entity Authentication
# Network Protocol and Analysis
# Smart Card and Physical Security
# Virus and Worms
# WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security
# Analysis of malicious code
# Applications of cryptographic techniques
# Analysis of attacks against networks and machines
# File system security
# Security of Embedded Devices
# Side Channel Analysis of Hardware Devices
PLEASE NOTE:
We do not accept product or vendor related pitches. If your talk
involves an advertisement for a new product or service your company is
offering, please do not submit.
Your submission should include:
# Name, title, address, email and phone/contact number
# Short biography, qualification, occupation (limit 250 words)
# Summary or abstract for your presentation (limit 1250 words)
# Technical requirements (video, internet, wireless, audio, etc.)
Each non-resident speaker will receive accommodation for 2 nights/3
days. For each non-resident speaker, HITB will cover travel expenses up
to USD 1,200.00.
HITBSecConf2009 - Malaysia
http://conference.hackinthebox.org/hitbsecconf2009kl/
From - Wed Apr 15 13:04:46 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071d7
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40036-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 6ED95EC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 13:04:39 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 1E535143B4D; Wed, 15 Apr 2009 08:57:41 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 12164 invoked from network); 15 Apr 2009 09:54:06 -0000
Date: Wed, 15 Apr 2009 11:57:34 +0200
Message-Id: <200904150957.n3F9vYYM013555@ca.secunia.com>
To: bugtraq@securityfocus.com
Subject: Secunia Research: Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow
From: Secunia Research <remove-vuln@secunia.com>
Status:
=====================================================================
Secunia Research 15/04/2009
- Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow -
=====================================================================Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
=====================================================================1) Affected Software
* Oracle BEA WebLogic Server Plug-ins version 1.0.1166189.
NOTE: Other versions may also be affected.
=====================================================================2) Severity
Rating: Highly critical
Impact: System access
Where: From Remote
=====================================================================3) Vendor's Description of Software
"... the world's best application server for building and deploying
enterprise applications and services ...".
Product Link:
http://www.oracle.com/technology/products/weblogic/index.html
=====================================================================4) Description of Vulnerability
Secunia Research has discovered a vulnerability in the Oracle BEA
WebLogic Server plug-ins for web servers, which can be exploited by
malicious people to compromise a vulnerable system.
The Oracle BEA WebLogic Server can be configured to receive requests
via an Apache web server. In this case, a plug-in is installed in the
Internet-facing web server that passes the request to a WebLogic
server.
The Apache web server may be configured to accept SSL connections and
forward the request to the WebLogic server along with any SSL-related
information. If the SSL client supplies a certificate (and the Apache
server is configured to accept it), then the certificate is passed to
the WebLogic plug-in via an environment variable.
The vulnerability is caused by a boundary error when parsing
certificates and can be exploited to cause a stack-based buffer
overflow by supplying a specially crafted certificate.
Successful exploitation may allow execution of arbitrary code.
=====================================================================5) Solution
Apply patches released by the vendor.
=====================================================================6) Time Table
01/03/2009 - Vendor notified.
06/03/2009 - Vendor confirms vulnerability.
17/03/2009 - Vendor provides preliminary patch.
15/04/2009 - Public disclosure.
=====================================================================7) Credits
Discovered by Dyon Balding, Secunia Research.
=====================================================================8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0190 for the vulnerability.
=====================================================================9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
=====================================================================10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-23/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
=====================================================================
From - Wed Apr 15 13:24:46 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071d8
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40040-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id DF223EC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 13:17:22 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id ED17E237383; Wed, 15 Apr 2009 11:07:11 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 21988 invoked from network); 15 Apr 2009 16:05:32 -0000
Date: Wed, 15 Apr 2009 10:11:39 -0600
Message-Id: <200904151611.n3FGBdHn013971@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: antonia.goodwin@procheckup.com
To: bugtraq@securityfocus.com
Subject: XSS with mod_perl perl_status utility
Status:
Vulnerability found: 28th February 2009
Vendor informed: 1st March 2009
Advisory last updated: 1st March 2009
Severity: Medium/High
Credits: Richard Brain of ProCheckUp Ltd (www.procheckup.com)
CVE reference: CVE-2009-0796
BID: 34383
Many thanks to Torsten Foertsch for his kind assistance in fixing the bug.
Description:
There is a Cross-site Scripting vulnerability on Mod_perl's, perl-status utility. The perl-status utility on request displays the current status of the Mod_perl server, and some configuration information. Perl-status when configured to allow any viewers, presents an information disclosure risk,
Procheckup has found by making a malformed request to perl-status, that additionally a vanilla cross site scripting (XSS) attack is possible.
Proof of concept:
Submitting the following string to an unpatched server "server".
http://server:80/perl-status/APR::SockAddr::port/%22%3E%3Cscript%3Ealert(1)%3C/script%3E
The following is returned:-
<p><a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?env">Environment</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?inc">Loaded Modules</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?inh_tree">Inheritance Tree</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?isa_tree">ISA Tree</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?myconfig">Perl Configuration</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?rgysubs">Compiled Registry Scripts</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?script">PerlRequire'd Files</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?sig">Signal Handlers</a><br />
<a href="/perl-status/APR::SockAddr::port/"><script>alert(1)</script>?symdump">Symbol Table Dump</a><br />
</p></body></html>
An attacker may be able to cause execution of malicious scripting code in the browser of a user who clicks on a link or visits a malicious webpage. The malicious code would run in the security context of the vulnerable website.
This type of attack can result in non-persistent defacement of the target site, or the redirection of confidential information (i.e.: passwords or session IDs) to unauthorised third parties.
Fix:
http://perl.apache.org/
Legal:
Copyright 2009 Procheckup Ltd. All rights reserved.
Permission is granted for copying and circulating this Bulletin to the Internet community for the purpose of alerting them to problems, if and only if, the Bulletin is not edited or changed in any way, is attributed to Procheckup, and provided such reproduction and/or distribution is performed for non-commercial purposes.
Any other use of this information is prohibited. Procheckup is not liable for any misuse of this information by any third party.
From - Wed Apr 15 13:34:46 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000071d9
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-40041-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 5D9E9EC11F
for <lists@securityspace.com>; Wed, 15 Apr 2009 13:29:52 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 78494237418; Wed, 15 Apr 2009 11:07:19 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 26094 invoked from network); 15 Apr 2009 17:02:06 -0000
Date: Wed, 15 Apr 2009 10:07:41 -0700
From: Kees Cook <kees@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Subject: [USN-758-1] udev vulnerabilities
Message-ID: <20090415170741.GM7904@outflux.net>
Reply-To: Ubuntu Security <security@ubuntu.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="L+ofChggJdETEG3Y"
Content-Disposition: inline
Organization: Ubuntu
X-MIMEDefang-Filter: outflux$Revision: 1.316 $
X-HELO: www.outflux.net
X-Scanned-By: MIMEDefang 2.64 on 10.2.0.1
Status:
--L+ofChggJdETEG3Y
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================Ubuntu Security Notice USN-758-1 April 15, 2009
udev vulnerabilities
CVE-2009-1185, CVE-2009-1186
==========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
udev 079-0ubuntu35.1
Ubuntu 7.10:
udev 113-0ubuntu17.2
Ubuntu 8.04 LTS:
udev 117-8ubuntu0.2
Ubuntu 8.10:
udev 124-9ubuntu0.2
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Details follow:
Sebastian Krahmer discovered that udev did not correctly validate netlink
message senders. A local attacker could send specially crafted messages
to udev in order to gain root privileges. (CVE-2009-1185)
Sebastian Krahmer discovered a buffer overflow in the path encoding routines
in udev. A local attacker could exploit this to crash udev, leading to a
denial of service. (CVE-2009-1186)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.diff.gz
Size/MD5: 51122 c7d3b676db9a83db24f422a285438ca7
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.dsc
Size/MD5: 670 7cbaeaa0f9888994397d3d7cf90e3658
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079.orig.tar.gz
Size/MD5: 281803 2b34fbddeadee3728ffe28121d6c1ebd
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_amd64.udeb
Size/MD5: 142138 1392a4f575c8acda5672fc62f637b3fb
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_amd64.deb
Size/MD5: 279030 84f654a125f3e3d0725103cfe68420b0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_i386.udeb
Size/MD5: 109638 4882b6311f73bef9868881b1c5e8ed41
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_i386.deb
Size/MD5: 239122 af377acadfffddf3d9040dc23286fc8f
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_powerpc.udeb
Size/MD5: 118100 d792bd2e62989a8d95309aed153e4289
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_powerpc.deb
Size/MD5: 280766 b306f68f10ff06ca5cd9ee17828d39d5
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_sparc.udeb
Size/MD5: 115618 63bcef9fd2bada2eafe266d7796a84c9
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_sparc.deb
Size/MD5: 247624 4b80d6ca0c5e076f249087c118962922
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.diff.gz
Size/MD5: 55913 a7a1ba8a02b2fe905bc71743e5a5c7c0
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.dsc
Size/MD5: 728 7b6e062975bbe336c2d760e5ff11572a
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113.orig.tar.gz
Size/MD5: 239920 be4948d5057ae469de9bea8ae588221e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_amd64.deb
Size/MD5: 86226 3f5adacc769ddfe17fafd79c54ce81a7
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_amd64.deb
Size/MD5: 81900 edaba987b6002b09d6b4173e156e330e
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_amd64.udeb
Size/MD5: 149804 e601d0c2bc7037a8df133a30d1f76605
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_amd64.deb
Size/MD5: 304258 7a2173b367fc88bf531bfb706e3e1f8b
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_amd64.deb
Size/MD5: 75160 fd8f032baabb6f0bbfc6f371cec52e1c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_i386.deb
Size/MD5: 83892 12a63120228e99b4730f010cd361c244
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_i386.deb
Size/MD5: 80572 6b5994b0eadaaee1f523de159718b408
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_i386.udeb
Size/MD5: 132812 630042b66ab4a4344191fc82ecec0a38
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_i386.deb
Size/MD5: 288284 986d47c76158ade2a30e6a1948f55082
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_i386.deb
Size/MD5: 74174 902478d959375b71e2b78cf0f0f8d82a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_lpia.deb
Size/MD5: 83926 a32df0b3fe432aadfad07d3961e20a7e
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_lpia.deb
Size/MD5: 80568 0266ced7497651f1bc9996ee0e00d6c5
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_lpia.udeb
Size/MD5: 132732 386aa29c7b1175fac96d231a0e255118
http://ports.ubuntu.com/pool/main/u/udev/udev_113-0ubuntu17.2_lpia.deb
Size/MD5: 288604 e05dbb1b8ff89c24b26cf318550442d6
http://ports.ubuntu.com/pool/main/u/udev/volumeid_113-0ubuntu17.2_lpia.deb
Size/MD5: 74138 bf4aa952e2d07c0d27fba4e858dcd678
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_powerpc.deb
Size/MD5: 87538 e0b0ae6ebf9847c5a4141950026b29f2
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_powerpc.deb
Size/MD5: 83398 a4372fb8399d28496fe8ed7a03fe2aab
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_powerpc.udeb
Size/MD5: 149236 99bdb65c79ce39bf881fa56972a7df76
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_powerpc.deb
Size/MD5: 336274 d575f25a976f8cbd4cd123f47c696305
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_powerpc.deb
Size/MD5: 77432 6c548fabc0ad7861f125de70071cd0d7
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_sparc.deb
Size/MD5: 87846 a331c703a9b11a20670a160d9bc5a16e
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_sparc.deb
Size/MD5: 83846 6d2a1c58ea38e9b71fba17f841b4a26c
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_sparc.udeb
Size/MD5: 141244 de4f7c09715c900cda38abbf53a6bf0f
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_sparc.deb
Size/MD5: 294436 4591981586a1d547ea33c3cc8b09b39b
http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_sparc.deb
Size/MD5: 74714 cee96bfcea22c72a410644cb812591c0
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.diff.gz
Size/MD5: 65730 81fffa88d20b553d3957cc5180258028
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.dsc
Size/MD5: 716 5ce142feffe74504599351ce14f8e79c
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117.orig.tar.gz
Size/MD5: 245289 1e2b0a30a39019fc7ef947786102cd22
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_amd64.deb
Size/MD5: 90008 9b726512e3681753aa17b4c28f5f0c97
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_amd64.deb
Size/MD5: 85680 7b719dd5b310814d742d82e8187936ad
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_amd64.udeb
Size/MD5: 142424 3b3556f38c4751c19e94dfa442378975
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_amd64.deb
Size/MD5: 275764 a7341d40aaf3886ede818bacdb8f725b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_i386.deb
Size/MD5: 87874 bba06e76c225f835d4bd5da9cf71cb17
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_i386.deb
Size/MD5: 84476 2aaa0302816eb8d524b4b9eed6cc6664
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_i386.udeb
Size/MD5: 125376 12efe871f550741a6070849ecbf345d8
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_i386.deb
Size/MD5: 262096 14de9f79f3e92bca2fd087747fe2cbe4
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_lpia.deb
Size/MD5: 87820 06ae468615109e9693007bbbbd5ab76c
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_lpia.deb
Size/MD5: 84344 74698366a89ff79f7da56e1e8081b7f8
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_lpia.udeb
Size/MD5: 125366 24e6abe9d2d71edc59c8fee7c321aac4
http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_lpia.deb
Size/MD5: 262202 ccd906dc5ba0f8150d2e54560cb506fa
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_powerpc.deb
Size/MD5: 91184 0244aee4cd0b49b752b60bb69b822e8d
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_powerpc.deb
Size/MD5: 87282 717d460e52f5208028b8a114c41441d3
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_powerpc.udeb
Size/MD5: 142902 ac0227c34eabb4f40f8011ab810c6774
http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_powerpc.deb
Size/MD5: 284190 791467a0daac1a186b308a5260998765
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_sparc.deb
Size/MD5: 91172 5d7f21eb5e8183fd4a3a93a08e71fa9a
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_sparc.deb
Size/MD5: 87420 5799e495a349dffb947bca5b831e0a59
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_sparc.udeb
Size/MD5: 134148 07f30c5e47363b26a07a695ef208ac39
http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_sparc.deb
Size/MD5: 268260 81d8d2489b05238c43928ccca028fd97
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.diff.gz
Size/MD5: 60670 3294d977bf37ae45a66d47b624b60db0
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.dsc
Size/MD5: 1092 b52e321c7c4c0e0d6d292167cb6019f8
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124.orig.tar.gz
Size/MD5: 257418 2ea9229208154229c5d6df6222f74ad7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_amd64.deb
Size/MD5: 93152 2ae90a4dc2bad933180b03169f021786
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_amd64.deb
Size/MD5: 88906 31e1fc7a2a7546cdb6c26b38df29cab3
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_amd64.udeb
Size/MD5: 140768 bff970a06a6364bec08459be64169da8
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_amd64.deb
Size/MD5: 280684 09f8b16a2b7b7b5c637e314302ad27b1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_i386.deb
Size/MD5: 90866 348a4b3c7ecace17161c156f648ef7f5
http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_i386.deb
Size/MD5: 87674 af9f5a9f38ebff8867ea1d6055e33705
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_i386.udeb
Size/MD5: 124664 65a463c6512f87e71b40640809f68245
http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_i386.deb
Size/MD5: 263786 34aa4d7ad23bcd6fe682d5c958c2b176
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_lpia.deb
Size/MD5: 90952 13a89ac0608a4432f8fe3410798bfc80
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_lpia.deb
Size/MD5: 87526 c62d3f557da0f00a683dd2affab3ac18
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_lpia.udeb
Size/MD5: 124596 227b5495edd9e8164030ec9e3445206f
http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_lpia.deb
Size/MD5: 263960 55a49a09202c83919fc7966e9cb4f0e9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_powerpc.deb
Size/MD5: 94720 9f705767aec000389c4a0ac5547e4b08
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_powerpc.deb
Size/MD5: 90490 0a821585e04ab4a3ae43fba609d15bad
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_powerpc.udeb
Size/MD5: 136420 a13c982f31bb35caf8bdfa0230d6bf25
http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_powerpc.deb
Size/MD5: 283654 27a1278de0e01ecd84806b4c52242130
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_sparc.deb
Size/MD5: 94552 4ca615812516cb06abbeb05936f60e3c
http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_sparc.deb
Size/MD5: 90856 7c2cbb37e564258dcf75f2f0a85ebe51
http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_sparc.udeb
Size/MD5: 136020 0f478380b3c641b037818ed607eea594
http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_sparc.deb
Size/MD5: 274892 2f392b3a4d9d271db107930adc81e8e4