From rapigator at yahoo.com Wed Nov 1 07:48:40 2006 From: rapigator at yahoo.com (Rapigator) Date: Tue, 31 Oct 2006 23:48:40 -0800 (PST) Subject: [Full-disclosure] Invision Power Board 2.1.7 debug mode vulnerability Message-ID: <20061101074840.72028.qmail@web32502.mail.mud.yahoo.com> Debug mode is a feature in IPB 2.0.0-2.1.7 that shows all database queries for each forum page requested. If Debug mode is turned on, it is possible for anyone to request a forgotten password for an account, and capture the validation key that is sent to the account's email address. This allows an attacker to change anyone's password without having access to the email account. Through debug mode, it is also possible to bypass captcha protection used to block bot actions(such as automated registration), and table names can also be discovered. Debug mode is turned off by default, yet there are no security warnings regarding this feature. It is best to keep it off at all times. ____________________________________________________________________________________ Everyone is raving about the all-new Yahoo! Mail (http://advision.webevents.yahoo.com/mailbeta/) -------------- next part -------------- A non-text attachment was scrubbed... Name: debug217.php Type: application/x-php Size: 3275 bytes Desc: 3262775774-debug217.php Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061031/3b777345/attachment.bin From martin.pitt at canonical.com Wed Nov 1 11:23:43 2006 From: martin.pitt at canonical.com (Martin Pitt) Date: Wed, 1 Nov 2006 12:23:43 +0100 Subject: [Full-disclosure] [USN-372-1] imagemagick vulnerability Message-ID: <20061101112343.GJ4782@piware.de> =========================================================== Ubuntu Security Notice USN-372-1 November 01, 2006 imagemagick vulnerability CVE-2006-5456 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libmagick6 6:6.0.6.2-2.1ubuntu1.5 Ubuntu 5.10: libmagick6 6:6.2.3.4-1ubuntu1.4 Ubuntu 6.06 LTS: libmagick9 6:6.2.4.5-0.6ubuntu0.3 Ubuntu 6.10: libmagick9 7:6.2.4.5.dfsg1-0.10ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: M. Joonas Pihlaja discovered that ImageMagick did not sufficiently verify the validity of PALM and DCM images. When processing a specially crafted image with an application that uses imagemagick, this could be exploited to execute arbitrary code with the application's privileges. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.5.diff.gz Size/MD5: 144502 96cdc6266e29aa2ba91e09adc67a3c2a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.5.dsc Size/MD5: 899 6bb10253b54d9b68b99ab5e117d0bb86 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2.orig.tar.gz Size/MD5: 6824001 477a361ba0154cc2423726fab4a3f57c amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.5_amd64.deb Size/MD5: 1466726 30529972b274e75f686f38aab2e27e36 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.6.2-2.1ubuntu1.5_amd64.deb Size/MD5: 229236 13fa208a5cb5f6acdfd271836b39e2f0 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.6.2-2.1ubuntu1.5_amd64.deb Size/MD5: 164022 e4b7c3ed32275b45e7a982bc9be16710 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.6.2-2.1ubuntu1.5_amd64.deb Size/MD5: 1551474 6a6e325d036aa7369e42ea7bc60223b4 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.6.2-2.1ubuntu1.5_amd64.deb Size/MD5: 1195388 38967817dd23a96f6cbbe996c26d86bc http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.6.2-2.1ubuntu1.5_amd64.deb Size/MD5: 232262 3ae7c25400744ee24260453e4a952406 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.5_i386.deb Size/MD5: 1465348 e4330a298179425f3d88db6f308f6520 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.6.2-2.1ubuntu1.5_i386.deb Size/MD5: 209222 879366413a35554aed05bcf9f27f038b http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.6.2-2.1ubuntu1.5_i386.deb Size/MD5: 164516 21497849c6a53e77db86cf217ce5d81a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.6.2-2.1ubuntu1.5_i386.deb Size/MD5: 1454216 12f86d30660e81477ead1ac3e4ed383c http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.6.2-2.1ubuntu1.5_i386.deb Size/MD5: 1140964 c289aa3e81f0d5106d2fd9d23ba1795e http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.6.2-2.1ubuntu1.5_i386.deb Size/MD5: 232642 8b317e6dfe26d08b31bc536d2c083827 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.6.2-2.1ubuntu1.5_powerpc.deb Size/MD5: 1472140 b3b445e1a7af2910ed9e7f8be844f909 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.6.2-2.1ubuntu1.5_powerpc.deb Size/MD5: 228208 99d28d5a4b541a032d52754eebe7aba9 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.6.2-2.1ubuntu1.5_powerpc.deb Size/MD5: 157202 e5553dbb2bf94dac87e16114652f029f http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.6.2-2.1ubuntu1.5_powerpc.deb Size/MD5: 1686432 ad415b90f40c1ab31e023f1df6adcb4e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.6.2-2.1ubuntu1.5_powerpc.deb Size/MD5: 1170248 7a16caf06e3834dffccc4652cd302993 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.6.2-2.1ubuntu1.5_powerpc.deb Size/MD5: 270978 caebe7cef826261b11fb068008ed60b9 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.4.diff.gz Size/MD5: 143918 8dd23724e67f3bddc3aa84605f0cf6ca http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.4.dsc Size/MD5: 899 58b91b7ec00b5d0483ce070f1e8388bc http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4.orig.tar.gz Size/MD5: 5769194 7e9a3edd467a400a74126eb4a18e31ef amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.4_amd64.deb Size/MD5: 1333988 953a195e7ae503626c3320dde7ed72cd http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.4_amd64.deb Size/MD5: 259426 1ce1270fd1c49e1fa024db846961f89f http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.4_amd64.deb Size/MD5: 171470 b3ad7733bfca4788ec88a2fd08ec2a2a http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.4_amd64.deb Size/MD5: 1671122 ace2bb83eb946dad1e7f012335d67943 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.4_amd64.deb Size/MD5: 1320760 d493aac8bd7dd16cca3096f5d9f835fe http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.4_amd64.deb Size/MD5: 169552 143d04e6a8035168db89f360e2051903 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.4_i386.deb Size/MD5: 1332978 f5ca133a3cb76d652890107068d574c9 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.4_i386.deb Size/MD5: 235898 3f80065faaddcd92662c9f6df86b48ab http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.4_i386.deb Size/MD5: 170780 21bc4938d624abefecbca9afe4f1d09e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.4_i386.deb Size/MD5: 1522028 ac538e3ea0f6aef84770fbbced0c6072 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.4_i386.deb Size/MD5: 1224692 8b4e831c757e7b305f72605cb48e02e4 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.4_i386.deb Size/MD5: 164840 90d8363550b649be4705859523e9a02d powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.4_powerpc.deb Size/MD5: 1337886 0aecb181a2b3b7f52a23155510ade72f http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.4_powerpc.deb Size/MD5: 260388 71d0ac72531c2254b8e304142f417af3 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.4_powerpc.deb Size/MD5: 164022 28092bac7b94dabc59dca24df10d7cdc http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.4_powerpc.deb Size/MD5: 1874510 39c305e0addd1a94284dcde33ab9df14 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.4_powerpc.deb Size/MD5: 1258286 39cbb88bc58c3280e4401ed9116860e8 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.4_powerpc.deb Size/MD5: 163992 c3d41c62be266f2c3fe9c266461b545c sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.3.4-1ubuntu1.4_sparc.deb Size/MD5: 1333190 ac554f62e1686ed621a4bab21369f882 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.2.3.4-1ubuntu1.4_sparc.deb Size/MD5: 237060 9f9ff69dfc760f18e3eb8b6a6603fa91 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6c2_6.2.3.4-1ubuntu1.4_sparc.deb Size/MD5: 168936 a2f50904d9d1637907c7d2e103556d28 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.2.3.4-1ubuntu1.4_sparc.deb Size/MD5: 1782272 7f03f5d6d7d9018d7c5e5237b93f6c05 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.2.3.4-1ubuntu1.4_sparc.deb Size/MD5: 1323962 9106e33d17d389e0626da180ec012701 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.3.4-1ubuntu1.4_sparc.deb Size/MD5: 166308 d78a02bd5ed9ff975bf7cb3cab6632d8 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.3.diff.gz Size/MD5: 35130 1faf498a57ec6e5ea18e0c072cf9a8d9 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.3.dsc Size/MD5: 916 a4f711630724113301dbfeb2df4395e0 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.orig.tar.gz Size/MD5: 6085147 8d790a280f355489d0cfb6d36ce6751f amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.3_amd64.deb Size/MD5: 1615954 2149178d9fd28897a3c6fd2c491e9446 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.3_amd64.deb Size/MD5: 249206 1ff95a0af9f962edaee38ccfc856c564 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.3_amd64.deb Size/MD5: 170104 8ccdedbe851271b799534d38fa8aef30 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.3_amd64.deb Size/MD5: 1702484 31c88d7cf9159809dec0265e537973ac http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.3_amd64.deb Size/MD5: 1347912 04536a33add640f7b564b50d33336bea http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.3_amd64.deb Size/MD5: 171830 176568b8c0ebece007649cef8951c08a i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.3_i386.deb Size/MD5: 1614696 e1b8f9848856a58f55fae279565dc076 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.3_i386.deb Size/MD5: 227008 3ff3355410937ac247eee0fe4a9a4365 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.3_i386.deb Size/MD5: 168354 58b9bee7ed0d3bd618044e9340e9d7f5 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.3_i386.deb Size/MD5: 1555878 98034bd5a96af0678965806cd168494c http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.3_i386.deb Size/MD5: 1246892 c2e40b0384bbc3340cd92121338704a1 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.3_i386.deb Size/MD5: 167218 826e884e629bd435974a0b20fd44fe6b powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.3_powerpc.deb Size/MD5: 1619690 3dfc04ee370a409652df16a60f55bdf5 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.3_powerpc.deb Size/MD5: 251396 2cac68d5d4e7cf88b85840030017b5a2 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.3_powerpc.deb Size/MD5: 162346 e7c2100db6cca74fca43befa56ca3135 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.3_powerpc.deb Size/MD5: 1905896 857f0ca00902dbb2195a7f95c84b17ba http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.3_powerpc.deb Size/MD5: 1283792 89ea0de0689c8cbc0917897c29814081 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.3_powerpc.deb Size/MD5: 166220 f2837b5763a471a65ee4cffd251a1503 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5-0.6ubuntu0.3_sparc.deb Size/MD5: 1615312 1d393ab5bb9789c53d104a7200aadcb3 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5-0.6ubuntu0.3_sparc.deb Size/MD5: 229182 f56aac12573aa0a8477f6a732ff215b8 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5-0.6ubuntu0.3_sparc.deb Size/MD5: 167186 69fa08c7e568bea4961fc7fee4bff779 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5-0.6ubuntu0.3_sparc.deb Size/MD5: 1807408 bfc3327e022be55b55824cf9b7f078c6 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5-0.6ubuntu0.3_sparc.deb Size/MD5: 1343696 8449022de57855311a3c13ac77f90354 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5-0.6ubuntu0.3_sparc.deb Size/MD5: 168932 2b90f44f162105b1770a144f12240025 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.10ubuntu0.1.diff.gz Size/MD5: 86939 0273702247d7029c19088435a1188690 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.10ubuntu0.1.dsc Size/MD5: 953 bf00204c47b4e2dd48f2280e458b9820 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1.orig.tar.gz Size/MD5: 5203463 2c5d3723d25c4119cf003efce2161c56 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.10ubuntu0.1_amd64.deb Size/MD5: 742750 8e706a5eeaeee60ecfff5c704fd9ed6f http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_amd64.deb Size/MD5: 247648 a9819de3bafafb2a7855c957fbf13593 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5.dfsg1-0.10ubuntu0.1_amd64.deb Size/MD5: 170128 5d5e867d47238a09a3e9fab4e402b171 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_amd64.deb Size/MD5: 1683534 f8150bfa217135f714c68970b365ee68 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5.dfsg1-0.10ubuntu0.1_amd64.deb Size/MD5: 1330040 81ce158df2d4bd616081489a1a30ac30 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5.dfsg1-0.10ubuntu0.1_amd64.deb Size/MD5: 172158 122abf0e656fe204bcf32c0f249e5cde i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.10ubuntu0.1_i386.deb Size/MD5: 742224 fcf8dcb974fa4347a31e69487a21e6c3 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_i386.deb Size/MD5: 227188 b6bd454c5bd7a6a1b8cd1c0e43a0ec89 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5.dfsg1-0.10ubuntu0.1_i386.deb Size/MD5: 168936 67eee244ac112b7edd7ddadd25fa5353 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_i386.deb Size/MD5: 1591000 e99e8b130b7fec1522ab151281418f67 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5.dfsg1-0.10ubuntu0.1_i386.deb Size/MD5: 1285390 67b32783d2f0000da5b522c10253bfa9 http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5.dfsg1-0.10ubuntu0.1_i386.deb Size/MD5: 167698 c4989f6e88349832aaf50bce0380c3f2 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.10ubuntu0.1_powerpc.deb Size/MD5: 746286 fb8c901a8cdd6f41cca02ac7b54b361d http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_powerpc.deb Size/MD5: 251506 6a600c74335588865deb38857dc92a24 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5.dfsg1-0.10ubuntu0.1_powerpc.deb Size/MD5: 162654 3a31cfd5f5ed88277ca5e1b336eb4d0d http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_powerpc.deb Size/MD5: 1918166 1e7529e780454da1ef84b3d70c86b9b4 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5.dfsg1-0.10ubuntu0.1_powerpc.deb Size/MD5: 1296618 7a76234a2cacec2e3790c02d09084e4b http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5.dfsg1-0.10ubuntu0.1_powerpc.deb Size/MD5: 168368 9513e0612c2f3d75f0bdc4144a8967e5 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.10ubuntu0.1_sparc.deb Size/MD5: 742250 1d039fa163cdf20c97d84102c5eb2af3 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_sparc.deb Size/MD5: 229050 fb7f29883dd5a5f99d419592383ab4f9 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5.dfsg1-0.10ubuntu0.1_sparc.deb Size/MD5: 167680 8a7570a56925c201d594cf3c771ce34e http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9-dev_6.2.4.5.dfsg1-0.10ubuntu0.1_sparc.deb Size/MD5: 1854042 4357668480e4dd2e05d1e58895513330 http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick9_6.2.4.5.dfsg1-0.10ubuntu0.1_sparc.deb Size/MD5: 1382884 5dda6687e4de0884de79d1529b146e8b http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.2.4.5.dfsg1-0.10ubuntu0.1_sparc.deb Size/MD5: 173864 531d3f68c8cb859291a66f7657402e67 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061101/e6cb4b5b/attachment.bin From martin.pitt at canonical.com Wed Nov 1 11:23:40 2006 From: martin.pitt at canonical.com (Martin Pitt) Date: Wed, 1 Nov 2006 12:23:40 +0100 Subject: [Full-disclosure] [USN-369-2] postgresql-8.1 vulnerabilities Message-ID: <20061101112340.GI4782@piware.de> =========================================================== Ubuntu Security Notice USN-369-2 November 01, 2006 postgresql-8.1 vulnerabilities CVE-2006-5540, CVE-2006-5541, CVE-2006-5542 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.10: postgresql-8.1 8.1.4-7ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10. Original advisory details: Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. (CVE-2006-5541) Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit this to crash the server backend. This update disables this construct, since it is not very well defined and forbidden by the SQL standard. (CVE-2006-5540) Sergey Koposov discovered a flaw in the duration logging. This could cause a server crash under certain circumstances. (CVE-2006-5542) Please note that these flaws can usually not be exploited through web and other applications that use a database and are exposed to untrusted input, so these flaws do not pose a threat in usual setups. Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-7ubuntu0.1.diff.gz Size/MD5: 52401 af21a893e2947a1e467d5e98663031e7 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-7ubuntu0.1.dsc Size/MD5: 1176 04b8d59e5fdb061ebc2a0b1e86c4220d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4.orig.tar.gz Size/MD5: 11312643 c6554a0ef948ab2b18b617954e1788fe Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.4-7ubuntu0.1_all.deb Size/MD5: 1442056 4263930dd4391fd81944a82c372f3cba amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 152924 5fb69c85456514e2f78072efc3956ec0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 344912 a34d581ae43ce95f0758f3128d2c07e5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 173428 733938955a0112fb6fedc835f5456052 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 175450 5412a17f17d49c3090cb7fcbcc136e7b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 312606 3b5e8a5d6cffa8b48f82575458503d22 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 206680 559c766535f53918647783563d797582 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 3256168 a0bbda514074cd42271529eb07e94ecd http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 769328 3323f21f5fd11c660e74e0b2a3d480f6 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 619156 08c3d6be3fa11d19eccdbb9986e659d4 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 169362 d5cec1f551207e2e734bf6fab2317ef9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 163748 b99d7a9fafcfd3e8b616ef1f483c4da9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 164056 17bb99f0f7ab3edf2391271d64e0feda http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.4-7ubuntu0.1_amd64.deb Size/MD5: 596412 1d3f23de9e73e3f3c97b2532d7b4c5c8 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 152234 5ec67e24a0c39547dd1a4594f43c9ba2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 342026 a3628ec749e0d789575496d8ef383a31 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 172122 21c2f681f5c623d65d8a8a83ca5ee4fe http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 175124 547e40b4cdb2fb8f6c01a443b21a9edb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 305840 49c8db9e9ee18d99ce45c1b4cc64c3b6 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 202648 e02cd0e97ea04f3ed9808562cdd61b16 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 3155738 8b8a255cfc36bb6207d4972d30114c4f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 739926 42db79545ef912384d45a9e321aa7889 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 587552 7b3612cd963fd40b7626f19940f5cc85 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 168202 da95c00f91be43d6c4651144fd5d78ce http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 161630 f781234805909d6efabcd1e0ec42bfc5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 163002 76e987350cb8feb799663e0b72c77a4f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.4-7ubuntu0.1_i386.deb Size/MD5: 596394 460bfba660947b82c1616353d5171e96 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 153756 f269e9370aa649d122994aa7907104b5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 339348 af5a24b146f61084c6b94b796d3a653a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 174288 5142ebdd438cf151e0f405ff4855f2dc http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 178260 0d0a813c48e899bb9cff5a41a8398fbd http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 308032 c11439a9a23ead70ddb60fd1b2264003 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 204732 019d45db40122878bd2f64e25b58702f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 3555700 d07b565f5be335ff6761da96b7d88f26 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 779658 251e7a8eed17c33eb868dcf0018970d7 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 639686 bea4a0e9f449f75f56554c79f252e9fd http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 169106 16226facd3e893b889cb72eb9e8df42c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 163948 d9996a974e94652834ca4c1d1df5013d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 165024 2df3b4f4878f006eec5ce7305672d752 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.4-7ubuntu0.1_powerpc.deb Size/MD5: 596432 d35808efc5c022dab90461e0dccfccca sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 151610 d7e6bb8c226664538a41c05bd8efcc80 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 335088 b0309c99b0f904414afaf29e27ef4aa0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 171724 474c5c7903229f404bc042d00910fe34 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 173454 dcd4fc4f2550bf80130fb7e1b02da2b4 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 305174 268c509165f58d3ef83491e49cfbdda2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 201412 d5e3d6dcca7b83ba18a90da314443c26 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 3482382 515aaee1feeda7549efb2543cf30b167 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 754506 cc62cd3ba7ecb37f88a0a13abb0c7a49 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 598348 fb2b4f26146e27d75c2ed580f2b59be0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 167762 69bfb050570fc151fb2d251855ded8f4 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 162366 4a38b861e8eb528bc4e96e1f64b27a04 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 163042 68c9e99678283f3b2cf0f73db8b845e2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.4-7ubuntu0.1_sparc.deb Size/MD5: 596424 5a9b3e7626e3664578060f8292199f62 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061101/1f82b2a7/attachment.bin From kees at ubuntu.com Wed Nov 1 15:37:48 2006 From: kees at ubuntu.com (Kees Cook) Date: Wed, 1 Nov 2006 07:37:48 -0800 Subject: [Full-disclosure] [USN-370-1] screen vulnerability Message-ID: <20061101153748.GY23017@outflux.net> =========================================================== Ubuntu Security Notice USN-370-1 October 31, 2006 screen vulnerability CVE-2006-4573 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: screen 4.0.2-4.1ubuntu2.5.04 Ubuntu 5.10: screen 4.0.2-4.1ubuntu2.5.10 Ubuntu 6.06 LTS: screen 4.0.2-4.1ubuntu5.6.06 Ubuntu 6.10: screen 4.0.2-4.1ubuntu5.6.10 After a standard system upgrade you need to restart any running screen sessions to effect the necessary changes. Details follow: cstone and Rich Felker discovered a programming error in the UTF8 string handling code of "screen" leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.04.diff.gz Size/MD5: 34158 cba61559263bcc4370232cdadc6e582f http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.04.dsc Size/MD5: 648 f6c73c29a88533bec08a0c7a596af8da http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2.orig.tar.gz Size/MD5: 840519 ed68ea9b43d9fba0972cb017a24940a1 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.04_amd64.deb Size/MD5: 600012 b2f316afe7637709a5da52356d0e05ec i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.04_i386.deb Size/MD5: 577644 d8b407353de17ecda15979be0f42f892 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.04_powerpc.deb Size/MD5: 593876 3fa2c203b8aa9f7178d9489bc547845a Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.10.diff.gz Size/MD5: 34163 6070d837711a9eb26aed7f6e253b8976 http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.10.dsc Size/MD5: 648 b10627fdfffa9eb56c883febe4e1d879 http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2.orig.tar.gz Size/MD5: 840519 ed68ea9b43d9fba0972cb017a24940a1 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.10_amd64.deb Size/MD5: 608874 cafd5e3cebd014b2f91ad1abc9be6ea7 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.10_i386.deb Size/MD5: 580646 a5e927874bef8d3989d728758bf37c4a powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.10_powerpc.deb Size/MD5: 598392 8e667231c080709c1900d543cdc6575f sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu2.5.10_sparc.deb Size/MD5: 596636 6bb3b98e8575d7c5bedf3c4306c37bd8 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.06.diff.gz Size/MD5: 54523 ffd98c68cd22cec18f7017b0e26e0003 http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.06.dsc Size/MD5: 648 cc1098ba02b1f371e2d8afe72a06802c http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2.orig.tar.gz Size/MD5: 840519 ed68ea9b43d9fba0972cb017a24940a1 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.06_amd64.deb Size/MD5: 609606 2ed54b9ddd4626ea693d0c549c1ddefa i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.06_i386.deb Size/MD5: 580748 38ef03be6459a041f92668b550b3efa7 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.06_powerpc.deb Size/MD5: 598866 3213b3cef084f98fa010a719535aa72a sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.06_sparc.deb Size/MD5: 594890 bd551cba69f370ed1ffc2aa3b9eb39ec Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.10.diff.gz Size/MD5: 54524 eebf0a7b77625db94987d03d0171252f http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.10.dsc Size/MD5: 648 e4cb0fca076db296eaf91f57b87e32f1 http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2.orig.tar.gz Size/MD5: 840519 ed68ea9b43d9fba0972cb017a24940a1 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.10_amd64.deb Size/MD5: 606076 d302fc97f5890de4a22ef77580f04c00 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.10_i386.deb Size/MD5: 584358 f01e1a4282ac189db902c252f92d6a7f powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.10_powerpc.deb Size/MD5: 599994 ac26d1da763cdad66e9fa8b1846968e6 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/s/screen/screen_4.0.2-4.1ubuntu5.6.10_sparc.deb Size/MD5: 597784 76c7fd9e1ed7b229fb5de57f60394db1 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061101/59d49ba6/attachment.bin From kees at ubuntu.com Wed Nov 1 15:38:35 2006 From: kees at ubuntu.com (Kees Cook) Date: Wed, 1 Nov 2006 07:38:35 -0800 Subject: [Full-disclosure] [USN-371-1] Ruby vulnerability Message-ID: <20061101153835.GZ23017@outflux.net> =========================================================== Ubuntu Security Notice USN-371-1 October 31, 2006 ruby1.8 vulnerability CVE-2006-5467 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libruby1.8 1.8.1+1.8.2pre4-1ubuntu0.5 Ubuntu 5.10: libruby1.8 1.8.2-9ubuntu1.3 Ubuntu 6.06 LTS: libruby1.8 1.8.4-1ubuntu1.2 Ubuntu 6.10: libruby1.8 1.8.4-5ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: An error was found in Ruby's CGI library that did not correctly check for the end of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5.diff.gz Size/MD5: 36237 4cf0186e529c8572e63c3e5fa23b8490 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5.dsc Size/MD5: 1408 6840b3026fe9ff9c2d1b3bfc9439537a http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4.orig.tar.gz Size/MD5: 3598517 1bf195093ed5279412f1047f70fafded Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 149518 d6e01838b9e3ea0a6ac87a946e14f934 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdrb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 132272 b7b8b94870d094ba4112d01b784ed22c http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/liberb-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 116086 e01642dfaac094d84f79d722a343ff72 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/librexml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 169266 d68598481a8b39fb1d24eb9149751599 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsoap-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 217882 7c8de749b8a03049e5210a8de0ce6c2e http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtest-unit-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 135050 730a0c59a59656c5f26aeb2c8b1f937c http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libwebrick-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 140548 10e2ab4ab2301c037ac66365608cd442 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libxmlrpc-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 130030 d074e4e99f0ed12cf34cc8afebcd5e9d http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 216690 35789f77e70556893b8095ef08144d75 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 441292 f5165cfd3c11f6ab59f3ba52c4fe4a76 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 125722 f86226d1549be122b14c940ddeb2248a http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.1+1.8.2pre4-1ubuntu0.5_all.deb Size/MD5: 135282 8c2a63dbe3ebf140283482f48d8ddb0d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 153334 bec045743599c596c580408fd074b984 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 125830 3416bdebd82eb3c0b0f2d0980221366a http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 118448 877226c72df56d043caf480f687f8b14 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 152266 13b2305e17ecff613ae4841ae375d7b2 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 120004 7537cef5c40dfde22fb3497d56e695db http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 113948 c0ea069afcf5be9d770cd13ef0a144d2 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 215018 65c7cb192eef7d4ab8d9a03619c4439e http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 117162 9093ba931f4e29a51987cd19ef7c8214 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 116964 b3b2dd1c7e64b8db3aeee006e9f2d60c http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 115778 4c390aa2468e089eb4794e60882369c6 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 759926 ec0bcd4af5d513baf492931c0bd8dfc6 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 900776 6f2ef849e9a3b86261b9c2c41e35213f http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 121806 f072088e99af30d2320b799d179e6fee http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 114676 53e573e2aa5b63816058fb41517fa901 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 114856 d05eb5161da92ef62f4e96eeb4f218a7 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 172038 cafceed541ef923fc10312f89f7dd26c http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 1142572 cf99bcdc9f218cd8914eba190581d2f2 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 162326 c96728f05e4abb9c486e3d5932b1549f http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 130750 3fa235a0fb04fd44a73f45f190695dbc http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 627132 2a96867277c71db3f13020828ffe1c52 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_amd64.deb Size/MD5: 131710 47195dc272ec60c38b416dd8692369dd i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 151520 06424bdd2aae7c38c76b2e60cfdc6f0b http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 123888 b5612826d5e74b46484fc272ebe58e5a http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 117862 92d67035b7df90d77d02c73eca8a895c http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 148652 7e36bf5872c11e40372dc260e2b64fb0 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 118954 2b75c2b368e67f4a05ff0aefa0dec708 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 113486 e8fa5f14ef42dba21ea7bff0c9a280d0 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 203248 56ec0c9ca7be7b806dbc3933bcf0e9f5 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 116784 a04df55862ce7e564bd802cc3e256013 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 116232 92bbe00b1a3fc8962b86aa4996b7da43 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 114952 4d97db3c3b25577be01048538e8672e5 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 719586 586176df73d7bd0aaa1f0b35ff91d795 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 856270 19336825dcfd14cae994a1bd1a599fa3 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 120940 ff155af859e2bd649e8c5d14e311f1be http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 113586 0d11742b2c460f40a6ed062e66c09eb1 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 114308 b5d4c8dd1c8e045be89d849db3bf49cb http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 168278 5b98ac2393da3173ed10b1165822f988 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 1142404 28510ab6d478be92e41f307ba2ddbbe8 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 159856 c5b54b9ca81cdcaa3e9a30723b5b878b http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 128922 ea52b4843c90861ebedeb5c14091051f http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 585806 573f4a928f905dc2cb24f30230313a93 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_i386.deb Size/MD5: 131466 ef60af9668170bbcb632ae0822f6b1f7 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libbigdecimal-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 155932 8a0cf80a8f10d18073d503743b401189 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libcurses-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 126982 e24b35a95fba450f4597fc0400661553 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 119892 e5aa3787e55d51b805ae5f35d0cd9514 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 150776 08d21c052b05d214f3600c9cc69ebc20 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 121026 480398cdb604a1e1fac68c9a0cece504 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libiconv-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 115288 408ce02ce99efa5030cd8843c24167ba http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 206388 919bb4dc971baab4dfcbd3d4d69deef5 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libpty-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 118398 7a5151fe47703486b43a2cd970dc5dc4 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libracc-runtime-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 118280 b4419022170b2e4ae52ec16721d904b5 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 116866 b501d446424a8ded3bab4cb6564dfba6 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 949710 d4a3c6e7d084f02e73215eb4151a401d http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 910360 f8a1768b16d1a04df7ade7e7cd14a556 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsdbm-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 123092 67645e61d5831a9f41223e346fad74ab http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libstrscan-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 115910 7d87fa06dfbb8179e23db45fb91d4be6 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libsyslog-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 116368 8e78bc993672e92aaec47e9600f3d0af http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 170800 47770cf5023a4bc18aeec3aa0f850126 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtk-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 1142978 09010c3c7b3dc6ca8541c55f3d40b194 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libyaml-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 160198 a36216f09e27ce3f1f4bb6ed720e37b8 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libzlib-ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 131508 b4163c855ae6b5a6d4172a4492c05abb http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 598942 66ea17a52e3b1110172a219835a56a46 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.1+1.8.2pre4-1ubuntu0.5_powerpc.deb Size/MD5: 133388 c7cf8b95628a7c100f0f863d535c8d8a Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.3.diff.gz Size/MD5: 894589 bc74dd6218ff68f2fadf884ee1aed4c8 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.3.dsc Size/MD5: 1030 8ee6f558a861faefda5868fc8b55f84d http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2.orig.tar.gz Size/MD5: 3623780 4bc5254bec262d18cf1ceef03aae8bdf Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.2-9ubuntu1.3_all.deb Size/MD5: 178998 b01c858e2ad0dc149c5318541322d100 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.2-9ubuntu1.3_all.deb Size/MD5: 244044 06937668d2a3d95f69c519cd86f1878d http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.2-9ubuntu1.3_all.deb Size/MD5: 719238 2128b244e619c00659af6dc464554e93 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.2-9ubuntu1.3_all.deb Size/MD5: 154368 e1dbb89906ef020c3268a090ed557139 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.2-9ubuntu1.3_all.deb Size/MD5: 189056 af6df07e5f517190cedd1b5cfc683f17 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 141894 dfbc5a239105323f0b77c85db742d4f9 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 143124 ed77642bf504afa05769e9b8f1e3685e http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 245034 7f791595578464d6bd666851fa813780 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 142516 79ce31ad1906d84272a6b1cce6f27d14 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 1005680 08c04375b59201edae55bd61e723925c http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 1448308 94a66f48aa76709343251545fbe14a42 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 1463254 e85eece9ec5b05605f32cdc240695813 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 686982 9f119a5cb9cb442f3ed0d8b3cc224890 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.3_amd64.deb Size/MD5: 161272 1dc3f3fce335387586a490a563956c94 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 141166 08e922e8a0d377b13cfe80ecef34deb4 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 141718 998caa056b212f44551e8c9677e79cb7 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 230812 c3138a1ada9e223127740df84347b2de http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 141514 400ff3c048f03944b36721d89745e2d3 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 837522 87eae4761eca5084ed15283e50cf2f8f http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 1365660 04e1acfb77147aa3418f2523711eb971 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 1453132 c430817d913f86eec23e4d6bef7ea5d6 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 632696 d980cccd8f079bcdef0ac5164301400f http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.3_i386.deb Size/MD5: 161074 c3db0228fc98e73407bab670a5f01147 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 143440 714bf0ce0ea0b204f28021b66f3233db http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 143932 8f79fc6cdf15fffcb640e86ce7676709 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 236270 4d77b7c62ae57f322e3f485fbba965a5 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 143638 ec1a15264a1636dcb9c66a7842fea177 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 995800 e6faf92655bce5fdbb5296a830e80d64 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 1451066 888b9c3c2a350b8b02397c5af3f8ebbf http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 1462654 ca5229c1e1ae5b7a612800989bd0f190 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 649874 b2c2bc8692d5e0505b838189a1044c8a http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1.3_powerpc.deb Size/MD5: 163018 bbc5f401dc6cb8a9f25d740fa132d060 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.2.diff.gz Size/MD5: 35030 4a6318bfb6c2d5e64f0f353d8e7094ef http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.2.dsc Size/MD5: 1029 8c9154d657d6ac0c085308a811006ea3 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4.orig.tar.gz Size/MD5: 4308915 2994203e0815ea978965de34287c5ea2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.4-1ubuntu1.2_all.deb Size/MD5: 206682 2ee54a5fbadd3067bbb795a1503726dd http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.4-1ubuntu1.2_all.deb Size/MD5: 271544 256862d6d7c6eef5a64a4f9bcf18e65e http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.4-1ubuntu1.2_all.deb Size/MD5: 756812 c534f01495cce97c1571ca1d52f7ffc1 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.4-1ubuntu1.2_all.deb Size/MD5: 181440 86a13e3a66b44a319e64921d4b5bdc1b http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.4-1ubuntu1.2_all.deb Size/MD5: 213688 cfe291f37e22173205494277fdbb5f1e amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 169102 1920b7fb7122b33668ab2812f7a613df http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 170302 418e66ae4a94b52ca91df2c573b7749d http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 273734 22337ab38f3bafcd7daf17d74a5bf000 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 169750 a692ebe4ea6a1a2af6d44fbbc5dc97f0 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 1041264 7be9554c52bed9130b60dd288d8f93e1 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 1506114 9cd9da12e87eda35a91c2306a31718e9 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 1797744 7e32c5735fc5dea0a92d3b38a6d130fe http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 717284 ef73a37c17a176b64ed11a034a3b2db0 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.2_amd64.deb Size/MD5: 188676 42ed4fea2480acc0baea0bf85403acc4 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 168324 8e5201809da40a9a5fddbfff2bcb66d1 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 168874 dc331672d058e2d95077cc39cbce97c5 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 258180 17ad9bf21de71dcfa8bfbcfe45aa6fc4 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 168744 c01ad280a9e5bf84ef471ac88cd6ac83 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 870680 c61e622f04a13276fe97d5c59f341080 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 1419860 7d2a2967b5dadba8b3795be79b8ffe08 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 1789580 78f1b550293c5b2c651c4652ce1ef5fb http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 662248 417b39c18d9306bad1efa2a2690dd5ba http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.2_i386.deb Size/MD5: 188442 b139692be1c8ed431e628483f1bb4d8b powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 170564 eb56ec08411e5d6a907df6a2ee72f2c3 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 171100 27cc84aeef2b976b9bd558d7bec89024 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 264128 421e83cbe67e567a853606c6742a0e99 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 170852 9b5b0e5ccf82c053d1e3f63d748e2c0b http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 1030914 8c56ce8a558370b02b2afdfc6d5e850b http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 1507906 373eb5464b923f72f9ffd70739a4727b http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 1797656 84b88e3dcfbf1c4f91fdf509a342a9a1 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 681294 4337d8aebb3a38680b7d5ed717e8058a http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.2_powerpc.deb Size/MD5: 190464 6fe161b19b8d3a85e2d5594830cef75a sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 168392 deea51e7b0bb0c5d3e848659fab33d90 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 169224 ec073ce103d94778b6816ff9a3aa4d53 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 266492 d4482c2a0ff32dc109182c2e7b10baec http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 169012 87aa6eeab0361c801a9784f9a5edc8f5 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 914770 686662d36d613e97eb3aba8e5e341120 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 1461334 2c223efb117548c2ac53a20ba90bb4fe http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 1793588 b31fbad6c76806cb5f9c49dea70c750f http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 703040 b6b814570d2014d427cd1549c112c2e5 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-1ubuntu1.2_sparc.deb Size/MD5: 188692 6830cfa4ed0fae38f403ee463b0dac37 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-5ubuntu1.1.diff.gz Size/MD5: 77670 0694a30e3701b6639ddd8d475cf762a3 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-5ubuntu1.1.dsc Size/MD5: 1056 92cc353b8bf288be8a5d557eed54e8f5 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4.orig.tar.gz Size/MD5: 4308915 2994203e0815ea978965de34287c5ea2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/irb1.8_1.8.4-5ubuntu1.1_all.deb Size/MD5: 209266 9f1c22095c4e6aa81f4c5d34f64a467b http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/rdoc1.8_1.8.4-5ubuntu1.1_all.deb Size/MD5: 274176 0b437ce21327398e88d475fed1e3063c http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ri1.8_1.8.4-5ubuntu1.1_all.deb Size/MD5: 776574 a322f493e771f3856d95535bec095113 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-elisp_1.8.4-5ubuntu1.1_all.deb Size/MD5: 184032 11991d08dc9223aa76d62cc68fe4663a http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/ruby1.8-examples_1.8.4-5ubuntu1.1_all.deb Size/MD5: 216324 9a3b2d5675fb8c067065fee77b5f4aaa amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 171704 5842fb45c0bb1795f01c9e043e7f8865 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 172840 b8e7857c98b565b1246cbf0217e45d3e http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 276098 a63c95087e871c97cb3efa0b9f371c15 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 172332 b27ed50ab9cd1f49db369cc016765c54 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 1031738 ff8219b0e507dace4184e661d55f535c http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 1513664 a3c1faab9bea91332aa85d9277105b9a http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 1799792 a66bcc0ba7e1482241dc4483a7f948b1 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 720754 46c3895afff48eacb98c48acac9b7daf http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-5ubuntu1.1_amd64.deb Size/MD5: 191284 cd1a8d35d3adecb7c5f969bfcb124481 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 171110 e6ec34f39f44fc0619c8079643d176de http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 171700 7b0747e007831ea8acd175405ed6405f http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 263384 7182affaa09d6fdd92bda01bbabe7140 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 171472 1a5e3eea0bf801716c4c98a3590ed6cf http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 959908 87297c9865bbf68e77958bbcf463451e http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 1450888 f150737bc9f0745b9af1d0197a875799 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 1793598 af32f84036c9b8f6e8bd29c0269cfe98 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 682522 649deaa614556e79cbab360f6600cd07 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-5ubuntu1.1_i386.deb Size/MD5: 191052 62ae00fa453c2d3b239692a76a95eecf powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 173254 38946094a72824213b08e5b8ff305c49 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 173796 9d6ad47d20675f5acb185c8e2a789d18 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 267166 db721fbce8652a5d37ad086639318f92 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 173458 459ab022a6f18b688b0b41c407417f22 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 1069520 e28f82077e5a08389c827e3dd02adfeb http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 1520572 ede5df918a1b72ac5d16888f7db39ab4 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 1800674 59351cfd303419d429454c094ed2905f http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 688988 a436a303161161cb40e450980a371dcc http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-5ubuntu1.1_powerpc.deb Size/MD5: 193132 c6a96d4bb880e578bcc47b1f654ad0a9 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libdbm-ruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 170840 7fe5cc03a075c27b0e1c775cd7104742 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libgdbm-ruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 171630 c5215e07f80e4305c66d98fd295e8e7b http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libopenssl-ruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 269270 097645280f6c6f8ef9e8cdddbfe76092 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libreadline-ruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 171572 81238f13634afab51692137314a8654d http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8-dbg_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 923524 c285d47bbf8c01666b7f57d19b1e5ff9 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/libruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 1471994 2a77f333458355b8431b3d03d7b69979 http://security.ubuntu.com/ubuntu/pool/universe/r/ruby1.8/libtcltk-ruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 1796424 2496d35d58db1d9ec17c389db5ec3b79 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8-dev_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 711500 83d0616487c10872add90adc070234d4 http://security.ubuntu.com/ubuntu/pool/main/r/ruby1.8/ruby1.8_1.8.4-5ubuntu1.1_sparc.deb Size/MD5: 191222 f26bb96445701cd7b17c7487f8c694a7 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061101/9003a2e0/attachment.bin From psirt at cisco.com Wed Nov 1 16:15:00 2006 From: psirt at cisco.com (Cisco Systems Product Security Incident Response Team) Date: Wed, 01 Nov 2006 16:15:00 -0000 Subject: [Full-disclosure] Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass Message-ID: <200611011615.csa@psirt.cisco.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass Advisory ID: cisco-sa-20061101-csamc http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml Revision 1.0 For Public Release 2006 November 01 1600 UTC (GMT) - --------------------------------------------------------------------- Summary ======= Cisco Security Agent Management Center (CSAMC) contains an administrator authentication bypass vulnerability when configured to use an external Lightweight Directory Access Protocol (LDAP) server for authentication. There is a workaround for this vulnerability. Cisco has made free software available to address this vulnerability for affected customers. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml Affected Products ================= Vulnerable Products +------------------ CSAMC version 5.1 prior to Hotfix 5.1.0.79 is affected by this vulnerability. Products Confirmed Not Vulnerable +-------------------------------- CSAMC versions prior to 5.1 are not affected by this vulnerability. No other Cisco products are currently known to be affected by this vulnerability. Details ======= Cisco Security Agent Management Center (CSAMC) version 5.1 contains an administrator authentication bypass vulnerability when configured to authenticate administrators against an external LDAP server. There are three roles for CSAMC administrators: configure, deploy, and monitor. The configure role has complete access to the CSAMC application, including the ability to create security policies. The deploy role can create agent kits, deploy security policies, and perform application monitoring. The deploy role cannot modify security policies. The monitoring role can only perform application monitoring functions. All CSAMC administrator accounts are defined in the local CSAMC database and have an assigned role. CSAMC can be configured to use an external LDAP server to authenticate administrators. As a safety feature, it is possible to specify certain administrator accounts to fall back to local authentication if the LDAP server is unavailable. If CSAMC is configured to use LDAP for authentication, it is possible to supply a valid administrator username and blank (zero length) password and gain administrative access to the CSAMC application with the role privileges of the administrator. This vulnerability occurs when CSAMC incorrectly handles an authentication failure message from the LDAP server. The administrator password stored on the LDAP server is a valid, non-blank password. CSAMC version 5.1 is the first to include external LDAP authentication. LDAP authentication is not the default configuration for CSAMC and must be explicitly configured. The LDAP server in this configuration is not built into CSAMC. Information on configuring administrator LDAP authentication for CSAMC can be found here: http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a008066e98e.html#wp994975 Information on configuring role-based administration for CSAMC can be found here: http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a008066e98e.html#wp965432 This vulnerability is documented in Cisco Bug ID CSCsg40822 Impact ====== Successful exploitation of this vulnerability allows an attacker with a valid administrator username to gain access to the CSAMC application with the role privileges of the compromised administrator account. If the administrator has a role of configure or deploy, it is possible to make policy changes for managed CSA clients. This may be leveraged to reduce the security posture of managed systems and allow potential attacks against the managed systems. Software Version and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center ("TAC") or your contracted maintenance provider for assistance. +---------------------------------------+ | Affected Software | Fixed Software | | Version | Version | |---------------------+-----------------| | CSAMC version 5.1 | CSAMC version | | Hotfix prior to | 5.1 Hotfix | | 5.1.0.79 | 5.1.0.79 | +---------------------------------------+ Fixed CSAMC (fcs-csamc-hotfix-5.1.0.79-w2k-k9.zip) software can be downloaded at http://www.cisco.com/cgi-bin/tablebuild.pl/csahf-crypto?psrtdcat20e2 Workarounds =========== It is possible to workaround this vulnerability by disabling external LDAP authentication and configuring administrators to authenticate against the local CSAMC database. Obtaining Fixed Software ======================== Cisco will make free software available to address this vulnerability for affected customers. This advisory will be updated as fixed software becomes available. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/public/sw-license-agreement.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml. Do not contact either "psirt at cisco.com" or "security-alert at cisco.com" for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac at cisco.com Have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was reported to Cisco by a third party. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce at cisco.com * first-teams at first.org * bugtraq at securityfocus.com * vulnwatch at vulnwatch.org * cisco at spot.colorado.edu * cisco-nsp at puck.nether.net * full-disclosure at lists.grok.org.uk * comp.dcom.sys.cisco at newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +----------------------------------------+ | Revision | | Initial | | 1.0 | 2006-November-01 | public | | | | release. | +----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) iD8DBQFFSMXG8NUAbBmDaxQRAmNIAKCEsDG2HGNsEpkE9QVbjmVCTxK9nwCfcz/H isC0zbAgWMS8zK8TM7Rgjzw= =AlPo -----END PGP SIGNATURE----- From kees at ubuntu.com Wed Nov 1 17:51:40 2006 From: kees at ubuntu.com (Kees Cook) Date: Wed, 1 Nov 2006 09:51:40 -0800 Subject: [Full-disclosure] [USN-373-1] mutt vulnerabilities Message-ID: <20061101175140.GC23017@outflux.net> =========================================================== Ubuntu Security Notice USN-373-1 November 01, 2006 mutt vulnerabilities CVE-2006-5297, CVE-2006-5298 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: mutt 1.5.9-2ubuntu1.2 Ubuntu 6.06 LTS: mutt 1.5.11-3ubuntu2.2 Ubuntu 6.10: mutt 1.5.12-1ubuntu1.1 After a standard system upgrade you need to restart mutt to effect the necessary changes. Details follow: Race conditions were discovered in mutt's handling of temporary files. Under certain conditions when using a shared temp directory (the default), other local users could overwrite arbitrary files owned by the user running mutt. This vulnerability is more likely when the temp directory is over NFS. Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9-2ubuntu1.2.diff.gz Size/MD5: 94051 44a298795bfed9dad61cb13ad6613373 http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9-2ubuntu1.2.dsc Size/MD5: 781 5f99006e61b707b6b5e1766694a1fa02 http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9.orig.tar.gz Size/MD5: 3033253 587dd1d8f44361b73b82ef64eb30c3a0 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9-2ubuntu1.2_amd64.deb Size/MD5: 731908 70dcc1e0c188642e0e33f78d9042d413 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9-2ubuntu1.2_i386.deb Size/MD5: 680158 b72fb699dd4960b85093fba91d7882bc powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9-2ubuntu1.2_powerpc.deb Size/MD5: 725690 e6f151b9bd4053ea48ea29b4f474ddec sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.9-2ubuntu1.2_sparc.deb Size/MD5: 697634 8b8a6fadab315b826db56a77adb003b5 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11-3ubuntu2.2.diff.gz Size/MD5: 417839 7fc3fbca7a2532c8299d9f5abf50063c http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11-3ubuntu2.2.dsc Size/MD5: 749 cf87540f9b41135b360a3a50427c7cbb http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11.orig.tar.gz Size/MD5: 3187076 30f165fdfaf474521a640f1f3886069a amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11-3ubuntu2.2_amd64.deb Size/MD5: 961092 6c7028e9a210d3cfb19ae8233598f2a9 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11-3ubuntu2.2_i386.deb Size/MD5: 907980 657ded1e8e7887f93f7e067ad2d62bae powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11-3ubuntu2.2_powerpc.deb Size/MD5: 957334 08aad1d84d5ea91af31221a8f81d285c sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.11-3ubuntu2.2_sparc.deb Size/MD5: 925302 3e66e893cb497f918e35c64e32abaeda Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12-1ubuntu1.1.diff.gz Size/MD5: 136823 71bb1c771dc6c257ed6624a59b41bff7 http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12-1ubuntu1.1.dsc Size/MD5: 749 a49828c3436c2783fb40670fb167864a http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12.orig.tar.gz Size/MD5: 3440835 57196c816211a72900fdc54341eb0132 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12-1ubuntu1.1_amd64.deb Size/MD5: 1832512 1f5479a1c3d11b5d91d01a979612fcd8 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12-1ubuntu1.1_i386.deb Size/MD5: 1014220 c07a5f19d5aa5a282bbae2964f3d3393 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12-1ubuntu1.1_powerpc.deb Size/MD5: 1049642 a9b3c0e14c3a01be49af7e05697d83a6 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mutt/mutt_1.5.12-1ubuntu1.1_sparc.deb Size/MD5: 1806914 3b36cf505556b256a60d6d9b090559fd -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061101/a840d5df/attachment.bin From kees at ubuntu.com Wed Nov 1 18:57:25 2006 From: kees at ubuntu.com (Kees Cook) Date: Wed, 1 Nov 2006 10:57:25 -0800 Subject: [Full-disclosure] [USN-374-1] wvWare vulnerability Message-ID: <20061101185725.GE23017@outflux.net> =========================================================== Ubuntu Security Notice USN-374-1 November 01, 2006 wv vulnerability CVE-2006-4513 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.10: libwv-1.2-1 1.2.1-2ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: An integer overflow was discovered in the DOC file parser of the wv library. By tricking a user into opening a specially crafted MSWord (.DOC) file, remote attackers could execute arbitrary code with the user's privileges. Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/wv/wv_1.2.1-2ubuntu0.1.diff.gz Size/MD5: 11929 1162b872e4e77345295a34e0c7fb731b http://security.ubuntu.com/ubuntu/pool/main/w/wv/wv_1.2.1-2ubuntu0.1.dsc Size/MD5: 716 4ec3816084073a77df966ff2fec1a40e http://security.ubuntu.com/ubuntu/pool/main/w/wv/wv_1.2.1.orig.tar.gz Size/MD5: 628027 d757080af4595839d5d82a1a573c692c amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-1.2-1_1.2.1-2ubuntu0.1_amd64.deb Size/MD5: 146278 3eb3817dfa782c6e3bcc22c6fb35b8ad http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-dev_1.2.1-2ubuntu0.1_amd64.deb Size/MD5: 202772 30ebeb74c64333e33d5604df48a0f8f0 http://security.ubuntu.com/ubuntu/pool/universe/w/wv/wv_1.2.1-2ubuntu0.1_amd64.deb Size/MD5: 90506 a1835a5db7c038487567686e77a95f9a i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-1.2-1_1.2.1-2ubuntu0.1_i386.deb Size/MD5: 138724 918761ea08c2eb366821648adc571bc3 http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-dev_1.2.1-2ubuntu0.1_i386.deb Size/MD5: 180656 f041845463774af932bdd8a848422481 http://security.ubuntu.com/ubuntu/pool/universe/w/wv/wv_1.2.1-2ubuntu0.1_i386.deb Size/MD5: 88162 3940c61f26c24d2ac1f66d33a7f00166 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-1.2-1_1.2.1-2ubuntu0.1_powerpc.deb Size/MD5: 140532 6f76eefa75620e73bfe7738e67618bab http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-dev_1.2.1-2ubuntu0.1_powerpc.deb Size/MD5: 207102 d241cdb9f374c6f6b61c7ce9667f79b6 http://security.ubuntu.com/ubuntu/pool/universe/w/wv/wv_1.2.1-2ubuntu0.1_powerpc.deb Size/MD5: 94366 682568966d755eb3e55ef210ff08dd05 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-1.2-1_1.2.1-2ubuntu0.1_sparc.deb Size/MD5: 136236 a8a17256755dfb88d996972dd76736d7 http://security.ubuntu.com/ubuntu/pool/main/w/wv/libwv-dev_1.2.1-2ubuntu0.1_sparc.deb Size/MD5: 189474 7e263e180bcf218dd6714ab813c9bf97 http://security.ubuntu.com/ubuntu/pool/universe/w/wv/wv_1.2.1-2ubuntu0.1_sparc.deb Size/MD5: 88130 413b2fb70a223db99545e4e3ccbe2145 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061101/c7d4ac5d/attachment.bin From andymolinetti at hotmail.com Wed Nov 1 18:53:39 2006 From: andymolinetti at hotmail.com (Andres Molinetti) Date: Wed, 01 Nov 2006 18:53:39 +0000 Subject: [Full-disclosure] SQL Injection with cursors? Message-ID: Hi, I have another question, somehow related with my previous one. I have an injection point, where I can do, for example test.asp?param=blabla' and 1=(select @@version)-- and injections of the sort, and retrieve the information without problems. Now, when I try to execute a stored procedure like test.asp?param=blabla' exec master..xp_cmdshell 'dir'-- or test.asp?param=blabla'; exec master..xp_cmdshell 'dir'-- I get the following error: Microsoft OLE DB Provider for SQL Server error '80040e14' sp_cursoropen/sp_cursorprepare: The statement parameter can only be a single select or a single stored procedure. Does anybody got an idea of why this is happening? Best Regards, Andy. _________________________________________________________________ Dale rienda suelta a tu tiempo libre. Mil ideas para exprimir tu ocio con MSN Entretenimiento. http://entretenimiento.msn.es/ From fdlist at digitaloffense.net Wed Nov 1 19:15:10 2006 From: fdlist at digitaloffense.net (H D Moore) Date: Wed, 1 Nov 2006 13:15:10 -0600 Subject: [Full-disclosure] Fun with wireless cards... Message-ID: <200611011315.10648.fdlist@digitaloffense.net> Lorenzo's Kernel Fun project: http://kernelfun.blogspot.com/ The Metasploit 3 exploit module: http://metasploit.com/svn/framework3/trunk/modules/auxiliary/dos/wireless/daringphucball.rb Media coverage so far: http://www.securityfocus.com/brief/344 http://www.darkreading.com/document.asp?doc_id=109535&WT.svl=news1_1 http://blog.washingtonpost.com/securityfix/2006/11/exploit_released_for_unpatched_1.html More to come :-) -HD From research at matousec.com Wed Nov 1 18:56:05 2006 From: research at matousec.com (Matousec - Transparent security Research) Date: Wed, 01 Nov 2006 19:56:05 +0100 Subject: [Full-disclosure] Outpost Insufficient validation of 'SandBox' driver input buffer Message-ID: <4548EDC5.80803@matousec.com> Hello, We would like to inform you about a vulnerability in Outpost Firewall PRO 4.0. Description: Outpost insufficiently protects its driver \Device\SandBox against a manipulation by malicious applications and it fails to validate its input buffer. It is possible to open this driver and send arbitrary data to it, which are implicitly believed to be valid. It is possible to assemble the data in the input buffer such that the driver performs an invalid memory operation and crashes the whole operating system. Further impacts of this bug were not examined. Vulnerable software: * Outpost Firewall PRO 4.0 (964.582.059) More details and a proof of concept including source code is available here: http://www.matousec.com/info/advisories/Outpost-Insufficient-validation-of-SandBox-driver-input-buffer.php Regards, -- Matousec - Transparent security Research http://www.matousec.com/ From fdlist at digitaloffense.net Wed Nov 1 19:21:00 2006 From: fdlist at digitaloffense.net (H D Moore) Date: Wed, 1 Nov 2006 13:21:00 -0600 Subject: [Full-disclosure] Microsoft patches the WMI Object Broker bug Message-ID: <200611011321.00437.fdlist@digitaloffense.net> http://www.microsoft.com/technet/security/advisory/927709.mspx The Metasploit 2 module (ie_createobject)[1] has been exploiting this bug since it was released in August. Glad to see they finally noticed. Thanks to Aviv for noticing / sending me the link. -HD 1. http://metasploit.com/projects/Framework/exploits.html#ie_createobject From fdlist at digitaloffense.net Wed Nov 1 19:43:03 2006 From: fdlist at digitaloffense.net (H D Moore) Date: Wed, 1 Nov 2006 13:43:03 -0600 Subject: [Full-disclosure] Microsoft patches the WMI Object Broker bug In-Reply-To: <200611011321.00437.fdlist@digitaloffense.net> References: <200611011321.00437.fdlist@digitaloffense.net> Message-ID: <200611011343.03391.fdlist@digitaloffense.net> Doh. I read too quickly. Ryan Naraine pointed out that there is no patch, the advisory just confirms that people are exploiting it. -HD On Wednesday 01 November 2006 13:21, H D Moore wrote: > http://www.microsoft.com/technet/security/advisory/927709.mspx From dudevanwinkle at gmail.com Wed Nov 1 20:16:43 2006 From: dudevanwinkle at gmail.com (Dude VanWinkle) Date: Wed, 1 Nov 2006 15:16:43 -0500 Subject: [Full-disclosure] Microsoft patches the WMI Object Broker bug In-Reply-To: <200611011321.00437.fdlist@digitaloffense.net> References: <200611011321.00437.fdlist@digitaloffense.net> Message-ID: More here: http://www.eweek.com/article2/0,1759,2048968,00.asp?kc=EWRSS03119TX1K0000594 http://tinyurl.com/w2gcz An "extremely critical" vulnerability in Microsoft Visual Studio 2005 could put users at risk of remote code execution attacks, the company confirmed Nov. 1. ADVERTISEMENT The Redmond, Wash., software maker issued a security advisory with pre-patch workarounds and warned that the flaw is already being used in zero-day attacks. "We are aware of proof of concept code published publicly and of the possibility of limited attacks that are attempting to use the reported vulnerability," Microsoft said in the advisory. and here: http://www.betanews.com/article/Microsoft_Scrambling_to_Patch_Exploit/1162401603 http://tinyurl.com/y394vx This morning, Microsoft Security announced it has been alerted to proof-of-concept code that may already have been referenced in the creation of a malicious exploit. Although details about the exploit itself have not yet be revealed, according to this morning's advisory, the point of weakness is a Windows library that is shipped with Visual Studio 2005, called wmiscriptutils.dll. Apparently a call to this library, placed from within a script executed in some installations of Internet Explorer 7 with default settings, on operating systems other than Windows Server 2003, can trigger possible unguarded remote malicious code execution. On 11/1/06, H D Moore wrote: > http://www.microsoft.com/technet/security/advisory/927709.mspx > > The Metasploit 2 module (ie_createobject)[1] has been exploiting this bug > since it was released in August. Glad to see they finally noticed. > > Thanks to Aviv for noticing / sending me the link. > > -HD > > 1. http://metasploit.com/projects/Framework/exploits.html#ie_createobject > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From avivra at gmail.com Wed Nov 1 22:07:28 2006 From: avivra at gmail.com (avivra) Date: Thu, 2 Nov 2006 00:07:28 +0200 Subject: [Full-disclosure] Internet Explorer 7 - Still Spyware Writers' Heaven Message-ID: <8beca820611011407q3787ff52o4f5bc06cd8103ae0@mail.gmail.com> The new version of Internet Explorer is vulnerable to a DLL-load hijacking. When IE7 is executed it will load several DLL files. While trying to load some of those files, it does not provide the full path of the DLL file to the function which loads the DLL file to the memory, and therefore Windows will search for this file in the user's machine using the directories provided in the PATH environment variable, and will load the first match it will found. Today, most desktop security products include a generic detection for changes in the startup folder and startup registry keys, in order to catch malicious code trying to load when the users boot his machine. Now, all the spyware/virus writer has to do to bypass this detection is to put a malicious DLL file (or just a downloader DLL of a malicious file) in one of the PATH directories (e.g. the user's desktop), and the next time the user will run IE7 the code of the attacker's file will be executed instead of the original DLL file. As Microsoft intends to fix this issue only in future releases of their OS (according to their response), I encourage security vendors to update their products to detect this behavior, as soon as possible. More info: http://aviv.raffon.net/2006/11/01/InternetExplorer7StillSpywareWritersHeaven.aspx From juha-matti.laurio at netti.fi Thu Nov 2 02:13:02 2006 From: juha-matti.laurio at netti.fi (Juha-Matti Laurio) Date: Thu, 2 Nov 2006 04:13:02 +0200 (EET) Subject: [Full-disclosure] WordPress release 2.0.5 includes about 50 bugfixes Message-ID: <6039151.800331162433582544.JavaMail.juha-matti.laurio@netti.fi> It appears that WordPress version 2.0.5 has been released. It includes several bugfixes and it is a security release as well. More details available at http://wordpress.org/development/2006/10/205-ronan/ Changelog entry available too: http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/ Solution: Upgrade to version 2.0.5: http://wordpress.org/download/ - Juha-Matti From nocfed at gmail.com Thu Nov 2 07:15:19 2006 From: nocfed at gmail.com (nocfed) Date: Thu, 2 Nov 2006 01:15:19 -0600 Subject: [Full-disclosure] Putty Proxy login/password discolsure.... In-Reply-To: <1162139946.3508.5.camel@notegiba> References: <1161786251.453f738b89ede@webmail.mail.gatech.edu> <20061025144234.C5C0.CARDOSOLISTAS@contraditorium.com> <200610252357.15981.raju@linux-delhi.org> <45408B7B.90306@iq.pl> <1162139946.3508.5.camel@notegiba> Message-ID: <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> > You could use the 'restrict' option, it dosnt ask for a password unless > you modify this arguments. (if you press enter u boot, if you add init=* > it asks for a passwd). > > Saludos, Juan Pablo. > > > -- > Juan Pablo Daniel Borgna > Development Manager > SHELLCODE, IT Solutions & Security Research. > Paran? 264, Piso 4to, Of.46 - C1017AAF > Ciudad Aut?noma de Buenos Aires - Argentina > Phone: +54 (011) 57.11.52.63 And if you have physical access then you can simply use a floppy, usb dongle, or any other type of removable media to boot from. Once physical access is obtained then you pretty much have full access, barring full disk encryption. Personally I see linux's password for single user mode to be like a screen door infront of an old door with a combination lock on it. It takes VERY little effort to punch a whole through it, even if you only have 1 minute alone with the server. From abalan at bitdefender.com Thu Nov 2 09:02:55 2006 From: abalan at bitdefender.com (Alexandru Balan) Date: Thu, 02 Nov 2006 11:02:55 +0200 Subject: [Full-disclosure] [funsec] Who is n3td3v? In-Reply-To: <8e5ffb560610261020m3ef8c093td0c8151c2024bbfc@mail.gmail.com> References: <20061024182307.GA4857@sivokote.iziade.m$> <1bde4ec50610250051n37d1a42ah1997bdd2b732ede5@mail.gmail.com> <8e5ffb560610261020m3ef8c093td0c8151c2024bbfc@mail.gmail.com> Message-ID: <1162458175.5749.94.camel@localhost.localdomain> On Thu, 2006-10-26 at 23:05 +0545, Bipin Gautam wrote: > > So I stick to my personal opinion of the great man - > > > > 1. One person > > 2. Good intentions overall > > 3. Not great communication skills (depends how drunk he is) > > 4. Too paranoid for his own good > > 5. Living in Ediburgh > > 6. Most likely Scottish > > > ok despite everything (assuming he isnt suffering from personality > disorder ) he has communicated with so many people. been with many his > type in friendship & flame war and other stuffs. > > I still have a question (though he was good his way) how can someone > who have acted so STUPID & irrational in conversation be intelligent > enough to hide his online identity to a fair degree? > > I'd say he created few personalities on his own mind, played them like > puppets & hide the REAL himself in the noise. I am intrested enough to > track him down. lets see! Did any of the list members stop for a second to think that the infamous troll is posting on the list to this day, still looking for ways to make him feel good about himself ? I find it most disturbing that thanks to you people, he might have the possibility to tell people "Look how famous I am!". N3td0rk! If you're posting about yourself again from one of your split personalities, STOP IT! It's gonna only confuse you even more and your nervous breakdown when you'll realise that you're nothing more then a scene whore with no future whatsoever will be worse then you can imagine. -- Jay -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061102/d91bcaf4/attachment.bin -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: BitDefender.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061102/d91bcaf4/attachment.txt From sesser at hardened-php.net Thu Nov 2 08:10:38 2006 From: sesser at hardened-php.net (Stefan Esser) Date: Thu, 2 Nov 2006 09:10:38 +0100 Subject: [Full-disclosure] Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability Message-ID: <20061102081038.GA7913@hardened-php.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: phpMyAdmin - error.php XSS Vulnerability Release Date: 2006/11/02 Last Modified: 2006/11/02 Author: Stefan Esser [sesser at hardened-php.net] Application: phpMyAdmin <= 2.9.0.2 Severity: XSS vulnerability in an error displaying script Risk: Medium Critical Vendor Status: Vendor has a released an updated version References: http://www.hardened-php.net/advisory_122006.137.html Overview: Quote from http://www.phpmyadmin.net "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and is available in 50 languages." It was discovered that phpMyAdmin comes with a script to display error messages that supports displaying the error in a user supplied charset. Unfortunately the encoding of the error message is not taking the charset into account which can result into XSS when UTF-7 is selected. (Other charsets like US-ASCII can also be used to exploit this in some browsers.) To trigger this XSS vulnerability an attacker just needs to call the error displaying script with charset=utf-7 and utf-7 encoded HTML tags in the error message. Proof of Concept: The Hardened-PHP Project is not going to release exploits for this vulnerability to the public. Disclosure Timeline: 18. October 2006 - Contacted phpMyAdmin developers by email 01. November 2006 - Updated phpMyAdmin was released 02. November 2006 - Public Disclosure Recommendation: It is strongly recommended to upgrade to the newest version of phpMyAdmin 2.9.0.3 which you can download at: http://www.phpmyadmin.net/home_page/downloads.php GPG-Key: http://www.hardened-php.net/hardened-php-signature-key.asc pub 1024D/0A864AA1 2004-04-17 Hardened-PHP Signature Key Key fingerprint = 066F A6D0 E57E 9936 9082 7E52 4439 14CC 0A86 4AA1 Copyright 2006 Stefan Esser. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFFSbPtRDkUzAqGSqERAkcTAJ49t9pfmuBAyvk0UcHuhZe/6cu48gCgp3ea HoIvssTE/gfvQyAY3BcOhwQ= =70mU -----END PGP SIGNATURE----- From tonnerre.lombard at sygroup.ch Thu Nov 2 09:25:03 2006 From: tonnerre.lombard at sygroup.ch (Tonnerre Lombard) Date: Thu, 02 Nov 2006 10:25:03 +0100 Subject: [Full-disclosure] Putty Proxy login/password discolsure.... In-Reply-To: <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> References: <1161786251.453f738b89ede@webmail.mail.gatech.edu> <20061025144234.C5C0.CARDOSOLISTAS@contraditorium.com> <200610252357.15981.raju@linux-delhi.org> <45408B7B.90306@iq.pl> <1162139946.3508.5.camel@notegiba> <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> Message-ID: <1162459503.768.17.camel@aspirateur.sygroup-int.ch> Salut, On Thu, 2006-11-02 at 01:15 -0600, nocfed wrote: > And if you have physical access then you can simply use a floppy, usb > dongle, or any other type of removable media to boot from. Once > physical access is obtained then you pretty much have full access, > barring full disk encryption. Personally I see linux's password for > single user mode to be like a screen door infront of an old door with > a combination lock on it. It takes VERY little effort to punch a > whole through it, even if you only have 1 minute alone with the > server. If you have physical access, just plug in your iPod with UNIX and enjoy full memory access to the host machine... Tonnerre -- SyGroup GmbH Tonnerre Lombard L?sungen mit System Tel:+41 61 333 80 33 R?schenzerstrasse 9 Fax:+41 61 383 14 67 4153 Reinach BL Web:www.sygroup.ch tonnerre.lombard at sygroup.ch -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 825 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061102/d05d1098/attachment.bin From announce-noreply at rpath.com Wed Nov 1 20:45:59 2006 From: announce-noreply at rpath.com (rPath Update Announcements) Date: Wed, 01 Nov 2006 15:45:59 -0500 Subject: [Full-disclosure] rPSA-2006-0202-1 tshark wireshark Message-ID: <45490787.Q89UlnnrFkX97rAJ%announce-noreply@rpath.com> rPath Security Advisory: 2006-0202-1 Published: 2006-11-01 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: wireshark=/conary.rpath.com at rpl:devel//1/0.99.4-0.1-1 tshark=/conary.rpath.com at rpl:devel//1/0.99.4-0.1-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4574 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4805 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5468 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5469 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5740 https://issues.rpath.com/browse/RPL-746 Description: In previous versions of the wireshark and tshark packages, and all versions of the ethereal and tethereal packages, are vulnerable to several remote Denial of Service attacks which can cause the application to crash. None of these vulnerabilities is currently believed to enable remote unauthorized access. The fixes are available only as part of the wireshark package. Development of the ethereal program has ceased under the ethereal name and continued under the wireshark name, due to restrictions on the use of the "ethereal" trademark. The latest version of the ethereal and tethereal packages in rPath Linux 1 are now redirects to the wireshark and tshark packages. The command "conary update ethereal tethereal" will cause the ethereal and tethereal packages on the system to be replaced by wireshark and tshark, respectively. The "conary updateall" command will also appropriately migrate the system from ethereal to wireshark. From nicob at nicob.net Thu Nov 2 01:24:23 2006 From: nicob at nicob.net (Nicob) Date: Thu, 02 Nov 2006 02:24:23 +0100 Subject: [Full-disclosure] Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00 Message-ID: <1162430664.5680.542.camel@localhost> Advisory Name : Multiple vulnerabilities in SAP Web Application Server Release Date : 2 November 2006 Application : SAP Web AS 6.40 < patch 136 and 7.00 < patch 66 Platform : All platforms (except the third vulnerability) Impacts : Remote file disclosure, remote DoS, local privilege escalation Author : Nicob Vendor Status : Updated code is available to customers Vulnerabilities Description : ============================= The following vulnerabilities were found in the monitoring functionality of the SAP Web Application Server : 1) A remote file disclosure vulnerability allows reading any file to which the user that the SAP Web Application Server is running as had access. Under Windows, the service runs by default under the SAPServiceJ2E account. This account is member of the local administrator group. 2) A remote denial of service allows crashing the enserver.exe process. 3) A local privilege escalation vulnerability allows any local user to use the file disclosure vulnerability to access an user-controlled process via a named pipe and impersonate as user SAPServiceJ2E. The exploitation is possible only on Windows 2000 pre-SP4, Windows XP pre-SP2 and Windows NT. Technical Details : =================== Technical details will be released three months after publication of this pre-advisory. This was agreed upon with SAP to allow their clients to upgrade affected software prior to the technical knowledge been publicly available. Mitigations : ============= Vulnerability #1 : Restrict network access to TCP port 3200+SYSNR Vulnerability #2 : Restrict network access to TCP port 3200+SYSNR Vulnerability #3 : Disable local access to the server Solutions : =========== Apply patch 136 for version 6.40 or patch 66 for version 7.00 Note : the mentioned patch level refers to the enqueue server More details can be found in SAP notes 948457 and 959877 From noreply at ptsecurity.ru Thu Nov 2 11:07:52 2006 From: noreply at ptsecurity.ru (noreply at ptsecurity.ru) Date: Thu, 2 Nov 2006 14:07:52 +0300 Subject: [Full-disclosure] Internet Explorer 7.0 mhtml stack overflow Message-ID: <002801c6fe6f$2440a880$466f6f0a@offwork> Internet Explorer 7.0 mhtml stack overflow Penetrate - patch - penetrate - patch - penetrate. Software life cycle or recursion? Impact Low (client side dos) Technical details Recursion, stack overflow, exception on PUSH. http://www.securitylab.ru/vulnerability/276342.php Disclosure timeline 09/23/2006 Discovered 10/06/2006 Vendor informed 10/07/2006 Vendor Response 11/02/2006 Full disclosure Credits Positive Technoligies (www.ptsecurity.com) From Valdis.Kletnieks at vt.edu Thu Nov 2 13:28:15 2006 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu) Date: Thu, 02 Nov 2006 08:28:15 -0500 Subject: [Full-disclosure] Putty Proxy login/password discolsure.... In-Reply-To: Your message of "Thu, 02 Nov 2006 01:15:19 CST." <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> References: <1161786251.453f738b89ede@webmail.mail.gatech.edu> <20061025144234.C5C0.CARDOSOLISTAS@contraditorium.com> <200610252357.15981.raju@linux-delhi.org> <45408B7B.90306@iq.pl> <1162139946.3508.5.camel@notegiba> <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> Message-ID: <200611021328.kA2DSG8i021715@turing-police.cc.vt.edu> On Thu, 02 Nov 2006 01:15:19 CST, nocfed said: > And if you have physical access then you can simply use a floppy, usb > dongle, or any other type of removable media to boot from. Once > physical access is obtained then you pretty much have full access, > barring full disk encryption. For bonus points, figure out how to reboot the machine without being detected. For starters, there's that pesky 'uptime' ;) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061102/5ca835a3/attachment.bin From brian at dessent.net Thu Nov 2 14:47:02 2006 From: brian at dessent.net (Brian Dessent) Date: Thu, 02 Nov 2006 06:47:02 -0800 Subject: [Full-disclosure] Putty Proxy login/password discolsure.... References: <1161786251.453f738b89ede@webmail.mail.gatech.edu> <20061025144234.C5C0.CARDOSOLISTAS@contraditorium.com> <200610252357.15981.raju@linux-delhi.org> <45408B7B.90306@iq.pl> <1162139946.3508.5.camel@notegiba> <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> <200611021328.kA2DSG8i021715@turing-police.cc.vt.edu> Message-ID: <454A04E6.BB0A2593@dessent.net> Valdis.Kletnieks at vt.edu wrote: > For bonus points, figure out how to reboot the machine without being > detected. For starters, there's that pesky 'uptime' ;) 1. Pull power plug on target machine. 2. Open case, disconnect data cable from target hard drive. 3. Use PATA/SATA-to-USB cable to connect target hard drive to attacker's laptop. 4. Re-energise target machine (it won't boot, this is only to supply power to target hard drive.) 5. Using laptop, mount target hard drive and . 6. When done, install rootkit on filesystem of target hard drive. 7. Power down, unplug USB adapter cable, reattach target hard drive's controller, close case, boot target. 8. Using rootkit installed in 6, get privilege and manipulate log files, utmp, kernel state, et al. to cover any traces of a shutdown. 9. Profit. Brian From Valdis.Kletnieks at vt.edu Thu Nov 2 15:49:41 2006 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu) Date: Thu, 02 Nov 2006 10:49:41 -0500 Subject: [Full-disclosure] Putty Proxy login/password discolsure.... In-Reply-To: Your message of "Thu, 02 Nov 2006 06:47:02 PST." <454A04E6.BB0A2593@dessent.net> References: <1161786251.453f738b89ede@webmail.mail.gatech.edu> <20061025144234.C5C0.CARDOSOLISTAS@contraditorium.com> <200610252357.15981.raju@linux-delhi.org> <45408B7B.90306@iq.pl> <1162139946.3508.5.camel@notegiba> <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> <200611021328.kA2DSG8i021715@turing-police.cc.vt.edu> <454A04E6.BB0A2593@dessent.net> Message-ID: <200611021549.kA2FnfbP004367@turing-police.cc.vt.edu> On Thu, 02 Nov 2006 06:47:02 PST, Brian Dessent said: > 8. Using rootkit installed in 6, get privilege and manipulate log files, > utmp, kernel state, et al. to cover any traces of a shutdown. "Funny.. when I left for lunch I was logged in and a screensaver running..." It's really hard to put the state back exactly the way it was - currently running processes are particularly obnoxious. At best, you can make it not-too-obtrusive. Of course, with *most* users, stealth isn't required, as they'll just assume the frikking thing crashed and rebooted again. It's also loads of fun if the box in question is a server that's being monitored by Big Brother or similar. Kinda hard to erase the 'red' marker on the big screen in the NOC. Similar comments apply to machines that report to a central syslog server... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061102/1f7578d4/attachment.bin From zeroknock at metaeye.org Thu Nov 2 14:48:57 2006 From: zeroknock at metaeye.org (Aditya Sood) Date: Thu, 02 Nov 2006 20:18:57 +0530 Subject: [Full-disclosure] Orkut Help Search Bug : Spamdexing Proliferation Message-ID: <454A0559.2020303@metaeye.org> Hi Everyone Orkut help search possess spamdexing search.A full advisory you cam see at http://www.metaeye.org/?p=24#more-24 Regards: ZeroKnock MetaEye Security From zeroknock at metaeye.org Thu Nov 2 14:46:22 2006 From: zeroknock at metaeye.org (Aditya Sood) Date: Thu, 02 Nov 2006 20:16:22 +0530 Subject: [Full-disclosure] Severe PHP Injection Vulnerability in AOL Message-ID: <454A04BE.2040108@metaeye.org> Hi Everyone. A very specific vulnerability occured in the AOL Website. The advisory you can check at main metaeye website. http://www.metaeye.org/?p=25#more-25 Regards: ZeroKnock MetaEye Security From worm at morrisworm.com Thu Nov 2 16:17:35 2006 From: worm at morrisworm.com (morrisworm.com) Date: Thu, 02 Nov 2006 13:17:35 -0300 Subject: [Full-disclosure] 18th anniversary of Internet worm a.k.a. Morris worm Message-ID: Probably nobody else (besides Gene Spafford) is counting but here it goes. This message is just to remind nostalgic guys about 18th anniversary of Internet worm. Exactly 18 years ago the concept of buffer overflows and worms were brought to the public and the internet saw its first great panic. Check out www.morrisworm.com for historical documents and stuff related to the worm. Note this website is a modified version of the old worm.net site, released to celebrate worm's 10th anniversary. And today we celebrate 18 years of Eugene Spafford off the radar. Please help Spaf get back to the media again releasing another worm :) From rsw at jfet.org Thu Nov 2 17:47:05 2006 From: rsw at jfet.org (Riad S. Wahby) Date: Thu, 2 Nov 2006 12:47:05 -0500 Subject: [Full-disclosure] 18th anniversary of Internet worm a.k.a. Morris worm In-Reply-To: References: Message-ID: <20061102174705.GA2431@proton.jfet.org> "morrisworm.com" wrote: > Exactly 18 years ago the concept of buffer overflows and worms were > brought to the public and the internet saw its first great panic. ...and one week ago, Robert Morris got tenure at MIT. Congrats, RTM. -- Riad S. Wahby rsw at jfet.org From michael.holstein at csuohio.edu Thu Nov 2 18:12:30 2006 From: michael.holstein at csuohio.edu (Michael Holstein) Date: Thu, 02 Nov 2006 13:12:30 -0500 Subject: [Full-disclosure] Putty Proxy login/password discolsure.... In-Reply-To: <200611021549.kA2FnfbP004367@turing-police.cc.vt.edu> References: <1161786251.453f738b89ede@webmail.mail.gatech.edu> <20061025144234.C5C0.CARDOSOLISTAS@contraditorium.com> <200610252357.15981.raju@linux-delhi.org> <45408B7B.90306@iq.pl> <1162139946.3508.5.camel@notegiba> <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com> <200611021328.kA2DSG8i021715@turing-police.cc.vt.edu> <454A04E6.BB0A2593@dessent.net> <200611021549.kA2FnfbP004367@turing-police.cc.vt.edu> Message-ID: <454A350E.3010000@csuohio.edu> > It's also loads of fun if the box in question is a server that's being > monitored by Big Brother or similar. Kinda hard to erase the 'red' marker > on the big screen in the NOC. Similar comments apply to machines that > report to a central syslog server... 7b) unplug target network cable [thus avoiding the remote syslog issue] With BigBrother you get 5 minutes (typically) before you create an alarm .. so, depending on what sort of Oragami is required to get into the server, that may be possible. The easiest thing to do though would be just flip the power on a whole rack (and maybe a few next to it) .. somebody will just figure a janitor tripped over something. ... or just hit the EPO on the way out of the datacenter. We had that happen *more than once* at a former site because people mistook it as the release for the maglocks (which it sort of still was, since those were on datacenter power). ~Mike. From jmm at debian.org Thu Nov 2 18:53:01 2006 From: jmm at debian.org (Moritz Muehlenhoff) Date: Thu, 2 Nov 2006 19:53:01 +0100 Subject: [Full-disclosure] [SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass Message-ID: <20061102185301.GA3638@galadriel.inutil.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1203-1 security at debian.org http://www.debian.org/security/ Moritz Muehlenhoff November 2nd, 2006 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : libpam-ldap Vulnerability : programming error Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-5170 Debian Bug : 392984 Steve Rigler discovered that the PAM module for authentication against LDAP servers processes PasswordPolicyReponse control messages incorrectly, which might lead to an attacker being able to login into a suspended system account. For the stable distribution (sarge) this problem has been fixed in version 178-1sarge3. Due to technical problems with the security buildd infrastructure this update lacks a build for the Sun Sparc architecture. It will be released as soon as the problems are resolved. For the unstable distribution (sid) this problem has been fixed in version 180-1.2. We recommend that you upgrade your libpam-ldap package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/libp/libpam-ldap/libpam-ldap_178-1sarge3.dsc Size/MD5 checksum: 672 70ea2f0c5b12d5feebd5ffefcc5f1900 http://security.debian.org/pool/updates/main/libp/libpam-ldap/libpam-ldap_178-1sarge3.diff.gz Size/MD5 checksum: 19895 1ad6af601dbe8caf066477759f5eb83f http://security.debian.org/pool/updates/main/libp/libpam-ldap/libpam-ldap_178.orig.tar.gz Size/MD5 checksum: 127074 222186c498d24a7035e8a7494fc0797d Alpha architecture: http://security.debian.org/pool/updates/main/libp/libpam-ldap/libpam-ldap_178-1sarge3_alpha.deb Size/MD5 checksum: 59374 94464d923e7eb3b1b88a721a9782b210 AMD64 architecture: http://security.debian.org/pool/updates/main/libp/libpam-ldap/libpam-ldap_178-1sarge3_amd64.deb Size/MD5 checksum: