From sahalderf at ymail.com Fri Jan 1 01:24:31 2010 From: sahalderf at ymail.com (Sam Haldorf) Date: Thu, 31 Dec 2009 17:24:31 -0800 (PST) Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> References: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> Message-ID: <426009.73880.qm@web24806.mail.ird.yahoo.com> n3td3v? ________________________________ Von: Glafkos Charalambous An: full-disclosure at lists.grok.org.uk CC: romeo at darkmindz.com; romeo.haxxor at gmail.com; srshaxsir at hushmail.com; coolking_97 at hotmail.com Gesendet: Donnerstag, den 31. Dezember 2009, 17:38:40 Uhr Betreff: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) . | \ * ./ . * * * . -=* LULZ! *=- . .* * * . / * .\ | . _ _ ( ) ( ) | |_| | _ _ _ _ _ _ _ _ | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) | | | |( (_| || (_) )| (_) )| (_) | (_) (_)`\__,_)| ,__/'| ,__/'`\__, | | | | | ( )_| | (_) (_) `\___/' _ _ _ _ ( ) ( ) ( ) ( ) | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ | , ` | /'__`\( ) ( ) ( ) `\ /'/'__`\ /'_` )( '__) | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | (_) (_)`\____)`\___x___/' (_)`\____)`\__,_)(_) anti-sec.com . | \ * ./ . * * * . -=* RAWR! *=- . .* * * . / * .\ | . http://www.anti-sec.com http://pastebin.com/f12f6f9c0 http://pastebin.mozilla.org/694145 http://pastebin.ca/1733192 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ __________________________________________________ Do You Yahoo!? Sie sind Spam leid? Yahoo! Mail verf?gt ?ber einen herausragenden Schutz gegen Massenmails. http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091231/44ab2299/attachment.html From tweetycoaster at gmail.com Fri Jan 1 02:39:09 2010 From: tweetycoaster at gmail.com (bro) Date: Fri, 1 Jan 2010 09:09:09 +0630 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <426009.73880.qm@web24806.mail.ird.yahoo.com> References: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> <426009.73880.qm@web24806.mail.ird.yahoo.com> Message-ID: <423628cc0912311839qb92f48cp16af9ffc47f08530@mail.gmail.com> ~~~~~ same 2 u ~~~~ On 1/1/10, Sam Haldorf wrote: > n3td3v? > > > > ________________________________ > Von: Glafkos Charalambous > An: full-disclosure at lists.grok.org.uk > CC: romeo at darkmindz.com; romeo.haxxor at gmail.com; srshaxsir at hushmail.com; > coolking_97 at hotmail.com > Gesendet: Donnerstag, den 31. Dezember 2009, 17:38:40 Uhr > Betreff: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) > > . > | > \ * ./ > . * * * . > -=* LULZ! *=- > . .* * * . > / * .\ > | > . > > _ _ > ( ) ( ) > | |_| | _ _ _ _ _ _ _ _ > | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) > | | | |( (_| || (_) )| (_) )| (_) | > (_) (_)`\__,_)| ,__/'| ,__/'`\__, | > | | | | ( )_| | > (_) (_) `\___/' > _ _ _ _ > ( ) ( ) ( ) ( ) > | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ > | , ` | /'__`\( ) ( ) ( ) `\ /'/'__`\ /'_` )( '__) > | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | > (_) (_)`\____)`\___x___/' (_)`\____)`\__,_)(_) > anti-sec.com > . > | > \ * ./ > . * * * . > -=* RAWR! *=- > . .* * * . > / * .\ > | > . > > http://www.anti-sec.com > http://pastebin.com/f12f6f9c0 > http://pastebin.mozilla.org/694145 > http://pastebin.ca/1733192 > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > __________________________________________________ > Do You Yahoo!? > Sie sind Spam leid? Yahoo! Mail verf?gt ?ber einen herausragenden Schutz > gegen Massenmails. > http://mail.yahoo.com -- I will never let you go ... From sahalderf at ymail.com Fri Jan 1 05:04:55 2010 From: sahalderf at ymail.com (Sam Haldorf) Date: Thu, 31 Dec 2009 21:04:55 -0800 (PST) Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <4b6ee9310912311839n5fb7da71ufb18a9b1fe8f8ea7@mail.gmail.com> References: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> <426009.73880.qm@web24806.mail.ird.yahoo.com> <4b6ee9310912311839n5fb7da71ufb18a9b1fe8f8ea7@mail.gmail.com> Message-ID: <573369.89153.qm@web24807.mail.ird.yahoo.com> Thanks n3td3v, http://lists.grok.org.uk/pipermail/full-disclosure/2009-December/071715.html Key: n3td3vsucks Decrypt: http://webnet77.com/cgi-bin/helpers/blowfish.pl Have a happy new year, Sam ________________________________ Von: n3td3v An: Sam Haldorf Gesendet: Freitag, den 1. Januar 2010, 2:39:28 Uhr Betreff: Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) Happy new year from everyone at n3td3v Intelligence Branch - http://twitter.com/n3td3v On Fri, Jan 1, 2010 at 1:24 AM, Sam Haldorf wrote: > n3td3v? > > ________________________________ > Von: Glafkos Charalambous > An: full-disclosure at lists.grok.org.uk > CC: romeo at darkmindz.com; romeo.haxxor at gmail.com; srshaxsir at hushmail.com; > coolking_97 at hotmail.com > Gesendet: Donnerstag, den 31. Dezember 2009, 17:38:40 Uhr > Betreff: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) > > . > | > \ * ./ > . * * * . > -=* LULZ! *=- > . .* * * . > / * .\ > | > . > > _ _ > ( ) ( ) > | |_| | _ _ _ _ _ _ _ _ > | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) > | | | |( (_| || (_) )| (_) )| (_) | > (_) (_)`\__,_)| ,__/'| ,__/'`\__, | > | | | | ( )_| | > (_) (_) `\___/' > _ _ _ _ > ( ) ( ) ( ) ( ) > | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ > | , ` | /'__`\( ) ( ) ( ) `\ /'/'__`\ /'_` )( '__) > | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | > (_) (_)`\____)`\___x___/' (_)`\____)`\__,_)(_) > anti-sec.com > . > | > \ * ./ > . * * * . > -=* RAWR! *=- > . .* * * . > / * .\ > | > . > > http://www.anti-sec.com > http://pastebin.com/f12f6f9c0 > http://pastebin.mozilla.org/694145 > http://pastebin.ca/1733192 > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > __________________________________________________ > Do You Yahoo!? > Sie sind Spam leid? Yahoo! Mail verf?gt ?ber einen herausragenden Schutz > gegen Massenmails. > http://mail.yahoo.com > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org..uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > __________________________________________________ Do You Yahoo!? Sie sind Spam leid? Yahoo! Mail verf?gt ?ber einen herausragenden Schutz gegen Massenmails. http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20091231/668ad862/attachment.html From stealthetv at hushmail.com Fri Jan 1 04:11:36 2010 From: stealthetv at hushmail.com (stealthetv at hushmail.com) Date: Fri, 01 Jan 2010 12:11:36 +0800 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) Message-ID: <20100101041136.6CA522803F@smtp.hushmail.com> Like seriously omg, omfg! =O You think you really got romeo figured out, exposed, owned and shit? romeo did not use a proxy, almost everyone i know, knew that romeo is from Saudi Arabia, and yet none of you 'well-funded top notch security experts' (lmao) were able to ever get anywhere near the guy, like omg wtf dude... oh wow you can has recovery of files, but did you ever figure out how you guys got pwnt in the first place? NO LOL. tell us mr sec expert, tell us how did asta loose there server and dignity infront of everyone after they saw what kinda shit you guys do on there, better yet, tell us what happened to your OWN server like 10 times in a row, wiped once, wiped twice, wiped thrice, etc. lulz rawr much? What else did your expert forensic investigation tell you?, other than using recovery tools and strings, do your really think you got any skills in there? doooo eeeet and tell us how the hackers got in -_- "With the use of sleuthkit in our investication we validated the existance of the hax directory and the ll.tar file on /dev/sdb2" OMG IT TAKES SO MUCH SKILLS TO VALIDATE THAT, RESPECT.. lol -_- k, very cool story, bro.. very cool story, now i am talking from a completely viewer perspective here, do not count me in any sides or anything, but from what i can see, the kid got your shit owned last summer in his summer break being bored and shit, took you the bunch of well-funded, top notch, awesome security experts all year long to come up with this.. the audience requests more!, get romeo behind bars and let the world see it or atleast, ATLEAT figure out how the dude got into your servers, that should be a whole lot of help to the security industry right? should not be hard really, you got his intel figured out, you got a whole connection between 'romeo' and 'Faisal Hourani', a good list of dynamic IP's from a Saudi Arabian ISP, do it already and take down anti-sec for lyfe! eh, good luck and everything with the destruction etc etc, but let me remind you: "The reason that we decided to start looking into this subject, was to see how and why my dedicated hosting server was compromised despite the fact that it was secure enough to provide access to the outside world." ....10,000 lines later, a year and loads of experts behind your back and you still cant figure out the 'how' :] Much Love, iStoleTheTV <3 From judelaw_rulez at yahoo.com Fri Jan 1 14:36:04 2010 From: judelaw_rulez at yahoo.com (judelaw rulez) Date: Fri, 1 Jan 2010 20:06:04 +0530 (IST) Subject: [Full-disclosure] antisec retardation Message-ID: <973576.71684.qm@web94714.mail.in2.yahoo.com> That antisec group is DDOSING anti-sec.com site because they are not able to hack the site The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100101/63a449b9/attachment.html From gluttony at gmail.com Fri Jan 1 20:34:59 2010 From: gluttony at gmail.com (Andrew A) Date: Fri, 1 Jan 2010 14:34:59 -0600 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <20100101041136.6CA522803F@smtp.hushmail.com> References: <20100101041136.6CA522803F@smtp.hushmail.com> Message-ID: <1865973b1001011234y3a97986fs9ee8117072b92828@mail.gmail.com> Although I largely agree with the content of this post, anyone whose name is "iStoletheTV" is clearly of African American descent and is probably trying to short change you or sell you counterfeit watches. On Thu, Dec 31, 2009 at 10:11 PM, wrote: > Like seriously omg, omfg! =O > > You think you really got romeo figured out, exposed, owned and shit? > > romeo did not use a proxy, almost everyone i know, knew that romeo > is from Saudi Arabia, and yet none of you 'well-funded top notch > security experts' (lmao) were able to ever get anywhere near the > guy, like omg wtf dude... > > oh wow you can has recovery of files, but did you ever figure out > how you guys got pwnt in the first place? NO LOL. > > tell us mr sec expert, tell us how did asta loose there server and > dignity infront of everyone after they saw what kinda shit you guys > do on there, better yet, tell us what happened to your OWN server > like 10 times in a row, wiped once, wiped twice, wiped thrice, etc. > lulz rawr much? > > What else did your expert forensic investigation tell you?, other > than using recovery tools and strings, do your really think you got > any skills in there? doooo eeeet and tell us how the hackers got in > -_- > > > "With the use of sleuthkit in our investication we validated the > existance of the hax directory and the ll.tar > file on /dev/sdb2" > > OMG IT TAKES SO MUCH SKILLS TO VALIDATE THAT, RESPECT.. lol -_- > > k, very cool story, bro.. very cool story, now i am talking from a > completely viewer perspective here, do not count me in any sides or > anything, but from what i can see, the kid got your shit owned last > summer in his summer break being bored and shit, took you the bunch > of well-funded, top notch, awesome security experts all year long > to come up with this.. the audience requests more!, get romeo > behind bars and let the world see it or atleast, ATLEAT figure out > how the dude got into your servers, that should be a whole lot of > help to the security industry right? should not be hard really, you > got his intel figured out, you got a whole connection between > 'romeo' and 'Faisal Hourani', a good list of dynamic IP's from a > Saudi Arabian ISP, do it already and take down anti-sec for lyfe! > > eh, good luck and everything with the destruction etc etc, but let > me remind you: > > "The reason that we decided to start looking into this subject, was > to see how and why my dedicated hosting > server was compromised despite the fact that it was secure enough > to provide access to the outside world." > > ....10,000 lines later, a year and loads of experts behind your > back and you still cant figure out the 'how' :] > > Much Love, > iStoleTheTV > <3 > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > From uuf6429 at gmail.com Fri Jan 1 20:37:22 2010 From: uuf6429 at gmail.com (Christian Sciberras) Date: Fri, 1 Jan 2010 21:37:22 +0100 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <1865973b1001011234y3a97986fs9ee8117072b92828@mail.gmail.com> References: <20100101041136.6CA522803F@smtp.hushmail.com> <1865973b1001011234y3a97986fs9ee8117072b92828@mail.gmail.com> Message-ID: <3af3d47c1001011237o12c7a56y1454f00832295494@mail.gmail.com> You really mean prestige original 1st grade replicas (aka fake), right? On Fri, Jan 1, 2010 at 9:34 PM, Andrew A wrote: > Although I largely agree with the content of this post, anyone whose > name is "iStoletheTV" is clearly of African American descent and is > probably trying to short change you or sell you counterfeit watches. > > On Thu, Dec 31, 2009 at 10:11 PM, wrote: > > Like seriously omg, omfg! =O > > > > You think you really got romeo figured out, exposed, owned and shit? > > > > romeo did not use a proxy, almost everyone i know, knew that romeo > > is from Saudi Arabia, and yet none of you 'well-funded top notch > > security experts' (lmao) were able to ever get anywhere near the > > guy, like omg wtf dude... > > > > oh wow you can has recovery of files, but did you ever figure out > > how you guys got pwnt in the first place? NO LOL. > > > > tell us mr sec expert, tell us how did asta loose there server and > > dignity infront of everyone after they saw what kinda shit you guys > > do on there, better yet, tell us what happened to your OWN server > > like 10 times in a row, wiped once, wiped twice, wiped thrice, etc. > > lulz rawr much? > > > > What else did your expert forensic investigation tell you?, other > > than using recovery tools and strings, do your really think you got > > any skills in there? doooo eeeet and tell us how the hackers got in > > -_- > > > > > > "With the use of sleuthkit in our investication we validated the > > existance of the hax directory and the ll.tar > > file on /dev/sdb2" > > > > OMG IT TAKES SO MUCH SKILLS TO VALIDATE THAT, RESPECT.. lol -_- > > > > k, very cool story, bro.. very cool story, now i am talking from a > > completely viewer perspective here, do not count me in any sides or > > anything, but from what i can see, the kid got your shit owned last > > summer in his summer break being bored and shit, took you the bunch > > of well-funded, top notch, awesome security experts all year long > > to come up with this.. the audience requests more!, get romeo > > behind bars and let the world see it or atleast, ATLEAT figure out > > how the dude got into your servers, that should be a whole lot of > > help to the security industry right? should not be hard really, you > > got his intel figured out, you got a whole connection between > > 'romeo' and 'Faisal Hourani', a good list of dynamic IP's from a > > Saudi Arabian ISP, do it already and take down anti-sec for lyfe! > > > > eh, good luck and everything with the destruction etc etc, but let > > me remind you: > > > > "The reason that we decided to start looking into this subject, was > > to see how and why my dedicated hosting > > server was compromised despite the fact that it was secure enough > > to provide access to the outside world." > > > > ....10,000 lines later, a year and loads of experts behind your > > back and you still cant figure out the 'how' :] > > > > Much Love, > > iStoleTheTV > > <3 > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100101/535edc10/attachment.html From thor at hammerofgod.com Fri Jan 1 20:39:46 2010 From: thor at hammerofgod.com (Thor (Hammer of God)) Date: Fri, 1 Jan 2010 12:39:46 -0800 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <3af3d47c1001011237o12c7a56y1454f00832295494@mail.gmail.com> References: <20100101041136.6CA522803F@smtp.hushmail.com> <1865973b1001011234y3a97986fs9ee8117072b92828@mail.gmail.com> <3af3d47c1001011237o12c7a56y1454f00832295494@mail.gmail.com> Message-ID: <09130A33C60C9C4982D35105CBABB27827A065B3CD@Exchange.hammerofgod.com> I'm sure that's what he meant... Only 1 day left to order for shipping before Christmas!! Oh, wait... t From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Christian Sciberras Sent: Friday, January 01, 2010 12:37 PM To: Andrew A Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) You really mean prestige original 1st grade replicas (aka fake), right? On Fri, Jan 1, 2010 at 9:34 PM, Andrew A > wrote: Although I largely agree with the content of this post, anyone whose name is "iStoletheTV" is clearly of African American descent and is probably trying to short change you or sell you counterfeit watches. On Thu, Dec 31, 2009 at 10:11 PM, > wrote: > Like seriously omg, omfg! =O > > You think you really got romeo figured out, exposed, owned and shit? > > romeo did not use a proxy, almost everyone i know, knew that romeo > is from Saudi Arabia, and yet none of you 'well-funded top notch > security experts' (lmao) were able to ever get anywhere near the > guy, like omg wtf dude... > > oh wow you can has recovery of files, but did you ever figure out > how you guys got pwnt in the first place? NO LOL. > > tell us mr sec expert, tell us how did asta loose there server and > dignity infront of everyone after they saw what kinda shit you guys > do on there, better yet, tell us what happened to your OWN server > like 10 times in a row, wiped once, wiped twice, wiped thrice, etc. > lulz rawr much? > > What else did your expert forensic investigation tell you?, other > than using recovery tools and strings, do your really think you got > any skills in there? doooo eeeet and tell us how the hackers got in > -_- > > > "With the use of sleuthkit in our investication we validated the > existance of the hax directory and the ll.tar > file on /dev/sdb2" > > OMG IT TAKES SO MUCH SKILLS TO VALIDATE THAT, RESPECT.. lol -_- > > k, very cool story, bro.. very cool story, now i am talking from a > completely viewer perspective here, do not count me in any sides or > anything, but from what i can see, the kid got your shit owned last > summer in his summer break being bored and shit, took you the bunch > of well-funded, top notch, awesome security experts all year long > to come up with this.. the audience requests more!, get romeo > behind bars and let the world see it or atleast, ATLEAT figure out > how the dude got into your servers, that should be a whole lot of > help to the security industry right? should not be hard really, you > got his intel figured out, you got a whole connection between > 'romeo' and 'Faisal Hourani', a good list of dynamic IP's from a > Saudi Arabian ISP, do it already and take down anti-sec for lyfe! > > eh, good luck and everything with the destruction etc etc, but let > me remind you: > > "The reason that we decided to start looking into this subject, was > to see how and why my dedicated hosting > server was compromised despite the fact that it was secure enough > to provide access to the outside world." > > ....10,000 lines later, a year and loads of experts behind your > back and you still cant figure out the 'how' :] > > Much Love, > iStoleTheTV > <3 > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100101/d3a10dcf/attachment.html From tonybrown at hush.ai Fri Jan 1 18:27:07 2010 From: tonybrown at hush.ai (tonybrown at hush.ai) Date: Fri, 01 Jan 2010 18:27:07 +0000 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) Message-ID: <20100101182707.4EFFE2803C@smtp.hushmail.com> The exposure timestamps are showing that they had access since day one, how do u explain that? ps: If I had the 'how' and as rumored being an 0day exploit I would keep it for myself Either way it was a good New Year LULZ:) Happy New Year kid.. Keep trying.. From info at infosec.org.uk Sat Jan 2 00:38:14 2010 From: info at infosec.org.uk (Glafkos Charalambous) Date: Sat, 2 Jan 2010 02:38:14 +0200 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <20100101041136.6CA522803F@smtp.hushmail.com> References: <20100101041136.6CA522803F@smtp.hushmail.com> Message-ID: <02c101ca8b43$e1386680$a3a93380$@org.uk> Does it really hurt that much? Did you by any change notice any "summer" dates on the exposure? Don't feed us with your crap anymore kid.. jail shell break? grsec local root exploit? hypocrite! We had good lulz watching u for months.. trust me.. Even yr post reply shows how much we broke your heart and how pissed off you are.. take it easy bro.. don't take it to the heart.. You have to agree at one part though.. everyone had a good new year LULZ including yr closest friends (we have logs too) :] ps: You tell us security experts while at the same time you are calling your darkmindz site security experts ? You said you only rm -rf security sites while you rm'ed makosolutions with no obvious reason.. you are a big lie and full of crap.. u know that.. everyone else does.. Nothing else to say.. move on with your life and your studies.. "_ATLEAT_" have a happy new year.. With luv, iStoleYourBoxes ^_^ -----Original Message----- From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of stealthetv at hushmail.com Sent: Friday, January 01, 2010 6:12 AM To: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) Like seriously omg, omfg! =O You think you really got romeo figured out, exposed, owned and shit? romeo did not use a proxy, almost everyone i know, knew that romeo is from Saudi Arabia, and yet none of you 'well-funded top notch security experts' (lmao) were able to ever get anywhere near the guy, like omg wtf dude... oh wow you can has recovery of files, but did you ever figure out how you guys got pwnt in the first place? NO LOL. tell us mr sec expert, tell us how did asta loose there server and dignity infront of everyone after they saw what kinda shit you guys do on there, better yet, tell us what happened to your OWN server like 10 times in a row, wiped once, wiped twice, wiped thrice, etc. lulz rawr much? What else did your expert forensic investigation tell you?, other than using recovery tools and strings, do your really think you got any skills in there? doooo eeeet and tell us how the hackers got in -_- "With the use of sleuthkit in our investication we validated the existance of the hax directory and the ll.tar file on /dev/sdb2" OMG IT TAKES SO MUCH SKILLS TO VALIDATE THAT, RESPECT.. lol -_- k, very cool story, bro.. very cool story, now i am talking from a completely viewer perspective here, do not count me in any sides or anything, but from what i can see, the kid got your shit owned last summer in his summer break being bored and shit, took you the bunch of well-funded, top notch, awesome security experts all year long to come up with this.. the audience requests more!, get romeo behind bars and let the world see it or atleast, ATLEAT figure out how the dude got into your servers, that should be a whole lot of help to the security industry right? should not be hard really, you got his intel figured out, you got a whole connection between 'romeo' and 'Faisal Hourani', a good list of dynamic IP's from a Saudi Arabian ISP, do it already and take down anti-sec for lyfe! eh, good luck and everything with the destruction etc etc, but let me remind you: "The reason that we decided to start looking into this subject, was to see how and why my dedicated hosting server was compromised despite the fact that it was secure enough to provide access to the outside world." ....10,000 lines later, a year and loads of experts behind your back and you still cant figure out the 'how' :] Much Love, iStoleTheTV <3 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ From me at b3nji.com Sat Jan 2 00:48:43 2010 From: me at b3nji.com (Benji) Date: Sat, 2 Jan 2010 00:48:43 +0000 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <02c101ca8b43$e1386680$a3a93380$@org.uk> References: <20100101041136.6CA522803F@smtp.hushmail.com> <02c101ca8b43$e1386680$a3a93380$@org.uk> Message-ID: did you just come out as ProSec then, and not the reciever of information like you previously claimed? "We had good lulz watching u for months.. trust me.. Even yr post reply shows how much we broke your heart and how pissed off you are.. take it easy bro.. don't take it to the heart.." "What you are about to read is the complete destruction of the "Anti-Sec" group. An organization know as "ProSec" contacted us with reports containing information about the entire group and how it was operating. We don't know who they are, they appear to be well-funded and top notch security experts and what they have done against the group is invaluable to us and others that they have and or would have been targeted." So, how are you funded? Tell us more about ProSec please. On Sat, Jan 2, 2010 at 12:38 AM, Glafkos Charalambous wrote: > Does it really hurt that much? Did you by any change notice any "summer" > dates on the exposure? > > Don't feed us with your crap anymore kid.. jail shell break? grsec local > root exploit? hypocrite! > > We had good lulz watching u for months.. trust me.. Even yr post reply > shows > how much we broke your heart and how pissed off you are.. take it easy > bro.. > don't take it to the heart.. > > You have to agree at one part though.. everyone had a good new year LULZ > including yr closest friends (we have logs too) :] > > ps: You tell us security experts while at the same time you are calling > your > darkmindz site security experts ? > You said you only rm -rf security sites while you rm'ed makosolutions > with no obvious reason.. you are a big lie and full of crap.. u know that.. > everyone else does.. > > Nothing else to say.. move on with your life and your studies.. "_ATLEAT_" > have a happy new year.. > > With luv, > iStoleYourBoxes > ^_^ > > > -----Original Message----- > From: full-disclosure-bounces at lists.grok.org.uk > [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of > stealthetv at hushmail.com > Sent: Friday, January 01, 2010 6:12 AM > To: full-disclosure at lists.grok.org.uk > Subject: Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) > > Like seriously omg, omfg! =O > > You think you really got romeo figured out, exposed, owned and shit? > > romeo did not use a proxy, almost everyone i know, knew that romeo > is from Saudi Arabia, and yet none of you 'well-funded top notch > security experts' (lmao) were able to ever get anywhere near the > guy, like omg wtf dude... > > oh wow you can has recovery of files, but did you ever figure out > how you guys got pwnt in the first place? NO LOL. > > tell us mr sec expert, tell us how did asta loose there server and > dignity infront of everyone after they saw what kinda shit you guys > do on there, better yet, tell us what happened to your OWN server > like 10 times in a row, wiped once, wiped twice, wiped thrice, etc. > lulz rawr much? > > What else did your expert forensic investigation tell you?, other > than using recovery tools and strings, do your really think you got > any skills in there? doooo eeeet and tell us how the hackers got in > -_- > > > "With the use of sleuthkit in our investication we validated the > existance of the hax directory and the ll.tar > file on /dev/sdb2" > > OMG IT TAKES SO MUCH SKILLS TO VALIDATE THAT, RESPECT.. lol -_- > > k, very cool story, bro.. very cool story, now i am talking from a > completely viewer perspective here, do not count me in any sides or > anything, but from what i can see, the kid got your shit owned last > summer in his summer break being bored and shit, took you the bunch > of well-funded, top notch, awesome security experts all year long > to come up with this.. the audience requests more!, get romeo > behind bars and let the world see it or atleast, ATLEAT figure out > how the dude got into your servers, that should be a whole lot of > help to the security industry right? should not be hard really, you > got his intel figured out, you got a whole connection between > 'romeo' and 'Faisal Hourani', a good list of dynamic IP's from a > Saudi Arabian ISP, do it already and take down anti-sec for lyfe! > > eh, good luck and everything with the destruction etc etc, but let > me remind you: > > "The reason that we decided to start looking into this subject, was > to see how and why my dedicated hosting > server was compromised despite the fact that it was secure enough > to provide access to the outside world." > > ....10,000 lines later, a year and loads of experts behind your > back and you still cant figure out the 'how' :] > > Much Love, > iStoleTheTV > <3 > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100102/5ad83bb7/attachment.html From jblaum02 at gmail.com Sat Jan 2 04:01:52 2010 From: jblaum02 at gmail.com (Jeff Blaum) Date: Fri, 1 Jan 2010 20:01:52 -0800 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> References: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> Message-ID: <8272fdf81001012001q13ee733n9c871a90ef92ac4e@mail.gmail.com> It still does not change the fact that you (Glafkos) are a cock, and that astalavista is (and was) always a shit stain of a website. J On Thu, Dec 31, 2009 at 9:38 AM, Glafkos Charalambous wrote: > . > | > \ * ./ > . * * * . > -=* LULZ! *=- > . .* * * . > / * .\ > | > . > > _ _ > ( ) ( ) > | |_| | _ _ _ _ _ _ _ _ > | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) > | | | |( (_| || (_) )| (_) )| (_) | > (_) (_)`\__,_)| ,__/'| ,__/'`\__, | > | | | | ( )_| | > (_) (_) `\___/' > _ _ _ _ > ( ) ( ) ( ) ( ) > | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ > | , ` | /'__`\( ) ( ) ( ) `\ /'/'__`\ /'_` )( '__) > | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | > (_) (_)`\____)`\___x___/' (_)`\____)`\__,_)(_) > anti-sec.com > . > | > \ * ./ > . * * * . > -=* RAWR! *=- > . .* * * . > / * .\ > | > . > > http://www.anti-sec.com > http://pastebin.com/f12f6f9c0 > http://pastebin.mozilla.org/694145 > http://pastebin.ca/1733192 > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100101/0947223c/attachment.html From berendjanwever at gmail.com Sat Jan 2 10:06:37 2010 From: berendjanwever at gmail.com (Berend-Jan Wever) Date: Sat, 2 Jan 2010 11:06:37 +0100 Subject: [Full-disclosure] BETA3 released Message-ID: <3fa2f5bb1001020206r32094a0ifc17e5d82e95d0a2@mail.gmail.com> Happy New Year! As part of my New Year's resolutions, I am releasing some tools that I never got around to finish and/or publish. First on the list is BETA3 , a multi-format shellcode encoding tool that can convert raw binary shellcode into text that can be used in exploit source-code. It can convert raw binary data to a large number of encodings. It can also do the reverse: decode encoded data into binary for the same types of encodings. This is the follow-up to BETA2 . http://skypher.com/index.php/2010/01/02/beta3-released/ Cheers, SkyLined Berend-Jan Wever http://skypher.com/SkyLined -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100102/16fcad2f/attachment.html From chuksjonia at gmail.com Sat Jan 2 11:10:08 2010 From: chuksjonia at gmail.com (Gichuki John Chuksjonia) Date: Sat, 2 Jan 2010 14:10:08 +0300 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <8272fdf81001012001q13ee733n9c871a90ef92ac4e@mail.gmail.com> References: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> <8272fdf81001012001q13ee733n9c871a90ef92ac4e@mail.gmail.com> Message-ID: One of the amazing thing about these hackers calling them antisec didn't have real hardening on their servers. Most of their servers had direct public ip on their Interfaces and even their user management was crappy. I remember when i heard of antisec i thot these guys were real gurus with more than 10 years of experience, but after the fake sshd and fake attacks, and DDOS that meant nothing and now all is lulz, i cant help but rofl..... ./Chuks On 1/2/10, Jeff Blaum wrote: > It still does not change the fact that you (Glafkos) are a cock, and that > astalavista is (and was) always a shit stain of a website. > > J > > On Thu, Dec 31, 2009 at 9:38 AM, Glafkos Charalambous > wrote: > >> . >> | >> \ * ./ >> . * * * . >> -=* LULZ! *=- >> . .* * * . >> / * .\ >> | >> . >> >> _ _ >> ( ) ( ) >> | |_| | _ _ _ _ _ _ _ _ >> | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) >> | | | |( (_| || (_) )| (_) )| (_) | >> (_) (_)`\__,_)| ,__/'| ,__/'`\__, | >> | | | | ( )_| | >> (_) (_) `\___/' >> _ _ _ _ >> ( ) ( ) ( ) ( ) >> | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ >> | , ` | /'__`\( ) ( ) ( ) `\ /'/'__`\ /'_` )( '__) >> | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | >> (_) (_)`\____)`\___x___/' (_)`\____)`\__,_)(_) >> anti-sec.com >> . >> | >> \ * ./ >> . * * * . >> -=* RAWR! *=- >> . .* * * . >> / * .\ >> | >> . >> >> http://www.anti-sec.com >> http://pastebin.com/f12f6f9c0 >> http://pastebin.mozilla.org/694145 >> http://pastebin.ca/1733192 >> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > -- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer at inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ From berendjanwever at gmail.com Sat Jan 2 20:48:40 2010 From: berendjanwever at gmail.com (Berend-Jan Wever) Date: Sat, 2 Jan 2010 21:48:40 +0100 Subject: [Full-disclosure] Countslide alphanumeric GetPC Message-ID: <3fa2f5bb1001021248u4c1a66d1h5c10aee7fbb790fd@mail.gmail.com> One limitation of most alphanumeric shellcode decoders, including those in * ALPHA2 * and the soon-to-be-released *ALPHA3 * is that they need to know where they are located in memory in order to decode themselves and run correctly. This makes using a *nopslide* hard in most circumstances, because you mostly only need a *nopslide* if you do not know exactly where your shellcode is in memory to begin with. I've developed a way to get around this problem, which I've described in more detail here: http://skypher.com/index.php/2010/01/02/countslide-alphanumeric-getpc/ ALPHA3 has support for generating working alphanumeric shellcode with nopslides using this technique. I'm currently working on getting the rest of its code into releasable shape. Cheers, SkyLined Berend-Jan Wever http://skypher.com/SkyLined -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100102/d7df6bac/attachment.html From joxeankoret at yahoo.es Sun Jan 3 11:37:45 2010 From: joxeankoret at yahoo.es (Joxean Koret) Date: Sun, 03 Jan 2010 12:37:45 +0100 Subject: [Full-disclosure] [Tool] DeepToad 1.1.0 Message-ID: <1262518666.22485.10.camel@joxean-desktop.etxea.com> Hi all, I'm happy to announce the very first public release of the open source project DeepToad, a tool for computing fuzzy hashes from files. DeepToad can generate signatures, clusterize files and/or directories and compare them. It's inspired in the very good tool ssdeep [1] and, in fact, both projects are very similar. The complete project is written in pure python and is distributed under the LGPL license [2]. Links: Project's Web Page http://code.google.com/p/deeptoad/ Download Web Page http://code.google.com/p/deeptoad/downloads/list Wiki http://code.google.com/p/deeptoad/w/list References: [1] http://ssdeep.sourceforge.net/ [2] http://www.gnu.org/licenses/lgpl.html Regards && Happy new year! Joxean Koret -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100103/71a4a8e6/attachment.bin From a3li at gentoo.org Sun Jan 3 17:24:13 2010 From: a3li at gentoo.org (Alex Legler) Date: Sun, 3 Jan 2010 18:24:13 +0100 Subject: [Full-disclosure] [ GLSA 201001-02 ] Adobe Flash Player: Multiple vulnerabilities Message-ID: <20100103182413.50cf38e2@mail.a3li.li> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201001-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: January 03, 2010 Bugs: #296407 ID: 201001-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-plugins/adobe-flash < 10.0.42.34 >= 10.0.42.34 Description =========== Multiple vulnerabilities have been discovered in Adobe Flash Player: * An anonymous researcher working with the Zero Day Initiative reported that Adobe Flash Player does not properly process JPEG files (CVE-2009-3794). * Jim Cheng of EffectiveUI reported an unspecified data injection vulnerability (CVE-2009-3796). * Bing Liu of Fortinet's FortiGuard Labs reported multiple unspecified memory corruption vulnerabilities (CVE-2009-3797, CVE-2009-3798). * Damian Put reported an integer overflow in the Verifier::parseExceptionHandlers() function (CVE-2009-3799). * Will Dormann of CERT reported multiple unspecified Denial of Service vulnerabilities (CVE-2009-3800). Impact ====== A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or a Denial of Service via unknown vectors. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-plugins/adobe-flash-10.0.42.34" References ========== [ 1 ] CVE-2009-3794 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3794 [ 2 ] CVE-2009-3796 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3796 [ 3 ] CVE-2009-3797 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3797 [ 4 ] CVE-2009-3798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3798 [ 5 ] CVE-2009-3799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3799 [ 6 ] CVE-2009-3800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3800 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201001-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100103/ba14b9ee/attachment.bin From ad_lists at netragard.com Sun Jan 3 18:45:23 2010 From: ad_lists at netragard.com (Adriel T. Desautels) Date: Sun, 3 Jan 2010 13:45:23 -0500 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: References: <01fc01ca8a40$19d2b5e0$4d7821a0$@org.uk> <8272fdf81001012001q13ee733n9c871a90ef92ac4e@mail.gmail.com> Message-ID: <1D9FBD5C-8BB0-4472-A086-46B7C373CCE0@netragard.com> So it seems that the blackhat world suffers from the same ailments as the whitehat world. There are ninjas few and far, but most of the hackers are just a bunch of kids that think they're "zerocool". Its the ones that you never hear about that scare me. On Jan 2, 2010, at 6:10 AM, Gichuki John Chuksjonia wrote: > One of the amazing thing about these hackers calling them antisec > didn't have real hardening on their servers. Most of their servers had > direct public ip on their Interfaces and even their user management > was crappy. > > I remember when i heard of antisec i thot these guys were real gurus > with more than 10 years of experience, but after the fake sshd and > fake attacks, and DDOS that meant nothing and now all is lulz, i cant > help but rofl..... > > > ./Chuks > > On 1/2/10, Jeff Blaum wrote: >> It still does not change the fact that you (Glafkos) are a cock, >> and that >> astalavista is (and was) always a shit stain of a website. >> >> J >> >> On Thu, Dec 31, 2009 at 9:38 AM, Glafkos Charalambous >> wrote: >> >>> . >>> | >>> \ * ./ >>> . * * * . >>> -=* LULZ! *=- >>> . .* * * . >>> / * .\ >>> | >>> . >>> >>> _ _ >>> ( ) ( ) >>> | |_| | _ _ _ _ _ _ _ _ >>> | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) >>> | | | |( (_| || (_) )| (_) )| (_) | >>> (_) (_)`\__,_)| ,__/'| ,__/'`\__, | >>> | | | | ( )_| | >>> (_) (_) `\___/' >>> _ _ _ _ >>> ( ) ( ) ( ) ( ) >>> | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ >>> | , ` | /'__`\( ) ( ) ( ) `\ /'/'__`\ /'_` )( '__) >>> | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | >>> (_) (_)`\____)`\___x___/' (_)`\____)`\__,_)(_) >>> anti-sec.com >>> . >>> | >>> \ * ./ >>> . * * * . >>> -=* RAWR! *=- >>> . .* * * . >>> / * .\ >>> | >>> . >>> >>> http://www.anti-sec.com >>> http://pastebin.com/f12f6f9c0 >>> http://pastebin.mozilla.org/694145 >>> http://pastebin.ca/1733192 >>> >>> >>> >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> > > > -- > -- > Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P > I.T Security Analyst and Penetration Tester > infosigmer at inbox.com > > {FORUM}http://lists.my.co.ke/pipermail/security/ > http://nspkenya.blogspot.com/ > http://chuksjonia.blogspot.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Adriel T. Desautels ad_lists at netragard.com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com From jamie at canonical.com Sun Jan 3 20:48:39 2010 From: jamie at canonical.com (Jamie Strandboge) Date: Sun, 3 Jan 2010 14:48:39 -0600 Subject: [Full-disclosure] [USN-876-1] PostgreSQL vulnerabilities Message-ID: <20100103204839.GE31725@severus.strandboge.com> =========================================================== Ubuntu Security Notice USN-876-1 January 03, 2010 postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities CVE-2009-4034, CVE-2009-4136 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: postgresql-8.1 8.1.19-0ubuntu0.6.06 Ubuntu 8.04 LTS: postgresql-8.3 8.3.9-0ubuntu8.04 Ubuntu 8.10: postgresql-8.3 8.3.9-0ubuntu8.10 Ubuntu 9.04: postgresql-8.3 8.3.9-0ubuntu9.04 Ubuntu 9.10: postgresql-8.4 8.4.2-0ubuntu9.10 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-4034) It was discovered that PostgreSQL did not properly manage session-local state. A remote authenticated user could exploit this to escalate priviliges within PostgreSQL. (CVE-2009-4136) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19-0ubuntu0.6.06.diff.gz Size/MD5: 32478 f8a8c08faa6856e6fca231d5af602ed9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19-0ubuntu0.6.06.dsc Size/MD5: 1130 93e2b6f6e91963d4764a46eb76a4d99c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19.orig.tar.gz Size/MD5: 11535709 64185bcc279f0787017d89596ad519a0 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.19-0ubuntu0.6.06_all.deb Size/MD5: 1522484 f831276b9a69c9f8387e9c1b30e733a4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 188840 0739d7d9a7fa01544adf5daca220d0fd http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 381554 45e117abe3d42721eb85c29123904bf3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 209572 61cbf51c2fc372e970588de9df7503aa http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 210378 b0b6f440861adc00f1fead4eff1607ee http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 344162 361783e68757032477294519785f9de2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 242678 ccae63e46d338c6ef1cf53c4c54aa965 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 3193654 72edcbeb1ebd98fd46c707fef9cf41fb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 820836 45a2e8ebb615e9c9acddd676eec487a2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 651358 412f25c826e62128b9ff820fd8af1846 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 205764 1a18279c23ffb00358412048d17455f0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 199552 64f036bd26f5d4cce15c4478acac84be http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 199862 e486bab9deb31847581dfd2e1946b0f5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.19-0ubuntu0.6.06_amd64.deb Size/MD5: 635024 5291116f9d5921c0921eb1cd6cb79c5c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 187850 313a0c389f200816c1111eb389dcb3d9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 371574 39fa5bdb2adde02f7473b281aff1e58e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 207474 76737f80f0c506bb867a7c8dfec481ae http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 208750 27803eed6e591e4dfe7a01f4b96b3f1a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 332568 338136da4e4c8cf6f21a85a7e45e3bb5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 235726 5b8e253e273e5ed93afd2c9dfa8abb52 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 2995296 74a9fd38e42063151ef88a9584c187c2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 748148 68f168e7cbb7046d03a4283de6aa6011 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 605580 757a63020358d4aa3bab30eb309c761c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 203884 a8cbda0796ec5e9a5c298c2ac9aa93fd http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 196916 23e861a31b9d4be89fab17e4c474c0a9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 198412 974331c8f70900ebe84551b0cb0f221b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.19-0ubuntu0.6.06_i386.deb Size/MD5: 635028 31a9a493b1bd1d5f32ba90b93f8ffa4a powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 189554 aab48b2b8d5ba906affeeecfc4671ea4 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 377336 ecdfb205b1d3f1c13bd6ab931c1175db http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 210394 f073624a2d7132f6b4a3a425616d68ac http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 212744 83d27f8b8b42bdb86c15bd198d9464b6 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 338650 64a181b4a9db1fc6a5446a0ad42c5a19 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 239300 10fd78d31759fb384d1f174d21a5f2b0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 3490094 0f819969b08fdf9dd02b6ed6a7dcd1a0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 821006 91625be2022a179e91b58695e35e8703 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 667966 2955e0d817fcb032cf9bd2359ba48e22 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 205496 318d649f9755676a9719bc212fb54bf2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 199584 2789116fa1d9e51b151bda087f71df34 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 200626 b441d7d8a1a1662aec3ebc6dd7e9618c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.19-0ubuntu0.6.06_powerpc.deb Size/MD5: 635034 8f47d1bed3a92ca614bceb11c777d2c4 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 187560 e21f4c5cf196f0eadaa358f45e41880d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 368588 fced5b4c689630e02dc28b996def16be http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 207888 7f7b6b11cabf6955021090529476963c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 208364 1763062d7423f1470c30eaafcd97fc3f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 334742 1af5635578d89410fafedff1cd8bff5d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 235982 56882e90b8efdb29fcaead4dc47d4576 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 3362678 5e77870976f3cf10beb0461cda20ba15 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 776560 73443b9451f02ef4f3cb46c8ef53073b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 625926 7ac6fe1c9b474e185395236be3dd9816 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 204038 84570c4eed5594452cf5765480a288bb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 197882 0b8defc74feeb0f2d784e44b67f60aa1 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 198796 1f4e494dc3b3e65e1d33ec99215fd7e3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.19-0ubuntu0.6.06_sparc.deb Size/MD5: 635044 b072653a778f642e327ca5b0e23204de Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04.diff.gz Size/MD5: 64519 f6aa8f8c0d5e69c39c2cf1fdd5ce314a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04.dsc Size/MD5: 1303 d8f18ea259cdd1aefa15e35c3e9b504c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9.orig.tar.gz Size/MD5: 13850244 05088ab3b924a326914572eb77db541b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client_8.3.9-0ubuntu8.04_all.deb Size/MD5: 245732 973455f4a0716e76a4a36f8becf94784 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib_8.3.9-0ubuntu8.04_all.deb Size/MD5: 245620 5d3d0dd16e6404fd48c34a339b0ef2eb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.9-0ubuntu8.04_all.deb Size/MD5: 1988738 28f73953a3e0e12dcdee2bd2b59c08a9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-doc_8.3.9-0ubuntu8.04_all.deb Size/MD5: 3436 c654d174eb1808f0e54eb793dc45d500 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql_8.3.9-0ubuntu8.04_all.deb Size/MD5: 245752 9b2a60c285d0c7fc8ee57ab680ed686e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 11614 f33427a49586eac374e46fa160bd88ae http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 222642 685ecddd2b14cd2cc4fbb8702aed931d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 32384 7a4f7379eb42a7caaa5ac54b38c9349a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 275040 04b5cc82e7d4b1d516f4d6fec8095df9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 190102 e16e69f44e3461b8c059eccda1789ae8 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 310662 a809497df290423d7b3de04b4bb5ae27 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 3750038 87c3e5c8a433f5d8a648b09d7a69e173 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 735996 904e37e45da72bf5f59e99ea5ca857af http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 367778 44750aa7b5d3ab5b5b06dbee47ea0187 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 275558 2c7f18f75a6348a9692364b12b40b6a9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 267650 b6c2ec172490f40144763b1cd1415ee0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 265162 f711959043311e63d4ea154af9e4b9cc http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.04_amd64.deb Size/MD5: 813478 af7cf11ecec651126802b84e0e6e22d0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 10606 99200b25298976d6bb0b151432dc745b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 213896 27550ef06c65984bf557d6cdf290ced2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 31406 7aefea1a022779249b0c3ac13cebda51 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 274540 3648a9c26739352844695f0b6d2141a0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 182338 86bc6b8b1bc55b526dc25ede37e8eb98 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 306366 8121107495d3147fcfc5bdf36d28256a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 3618990 54192c4212dac016cc45e3389e85f369 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 705834 f51cbee276eefc5ecb1b3c23efff3066 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 331864 44f030808f77badfe92f8d0c4f15bda3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 273580 49bb22f05481e0cd11bf977ebb433678 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 264952 03432ec1a25f249e51b99a3382d87f90 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 264070 62a855a027b9f845f9bfc4f8a84f85bb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.04_i386.deb Size/MD5: 811626 f031e7b6ab5eb669e6b49a6dbdd47bfa lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 10460 e40281bdd49efb44902ac983ac44e5b5 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 212624 1cad94dd1cbb9da566dd768f65a6485e http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 30854 301f789324e5ea2a015a408425fe098f http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 274190 0c0d1274f8d92ca3dc65cc38e0b905de http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 179626 b1ae21591def462276644b6b05511dd9 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 305506 1277f72af05bd0e7b991f3d8b2f01869 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 3604402 22c935c7fcc28453427811b0e391df59 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 702716 d2a8d7b36407461479d57437bb3458b0 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 329426 db3dc26b7874d07dd665ea5cb6433ee9 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 273892 63beb1ff7f44f764fae8a1a772ae9c37 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 265044 85ae3f62461087f4e02933193da60c65 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 264140 c9765fd1b1946d71932d4ba170d3bf44 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.04_lpia.deb Size/MD5: 811326 872f1d4332cae2d10d30b55281f12b96 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 11244 c979628a24bab4100ba09f40c9215494 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 217730 337e59af2777bfa5c51fb4adb8e12b00 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 33978 4502498e297b740b8f33fdf0b53924e7 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 277546 5d008adbbeb6617bac7ea826c2aa5d66 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 189904 9a0ed0c9eaf70b86c247242a338e5f68 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 310332 fdadab3ca7970411e45437ca13085d85 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 4100256 041bbd40358147ac5cd72d4465ef521e http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 768602 f5d5c5e5d005d583f13873feb7d14681 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 416882 c3ef9ba34a8a009d06b9870f18f3dea0 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 277168 c91de27061e9087dade523ba2ddf4e7f http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 269182 46128af522c52aed3034447d2e8e34dd http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 267416 e7bbcb5394d5a39c2b1bedbe34e72adc http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.04_powerpc.deb Size/MD5: 814270 5d637d6afe0abd296d96534a40011097 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 9848 c5850a767ba1a5cef330e1112aff0a5c http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 203898 f5297b6885a7a6ef7c03a620fe619099 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 29594 eced0d8a6156333e020fdb37bae3b825 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 271678 c995ede3f400483188925c7c577724db http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 178676 1ad133ac688b36877c5daacc5f54e92b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 302606 10b8d0a566f17bb22d738f671bed60dc http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 3858060 56a69360fa58320a7622358b5d83ffc2 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 704282 c7e2f233855cb5847672a45a8bb47cbe http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 327728 ba95b7e1c6f635e7650da30d9c4198ce http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 272208 7c46d489e1c8970be2d05d74442eadaa http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 264390 72c8812c7fd71adce0b3b31b8eb6490b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 263396 bdbf8ea9827c484516bc06b89f403745 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.04_sparc.deb Size/MD5: 812378 ffad92b640b79e262c028b8ffaa7678b Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10.diff.gz Size/MD5: 66839 37eaab5d0524a498e53a488ac9dd145c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10.dsc Size/MD5: 1681 9b897ccb01f40c23263009ff2921cd89 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9.orig.tar.gz Size/MD5: 13850244 05088ab3b924a326914572eb77db541b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client_8.3.9-0ubuntu8.10_all.deb Size/MD5: 247818 e0bf82dc194eeb1456a4a8dd86a6c827 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib_8.3.9-0ubuntu8.10_all.deb Size/MD5: 247718 0c36ff07b855131e5cbb186169f35a6c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.9-0ubuntu8.10_all.deb Size/MD5: 1990814 b71287e241302a70ba49b27a3bddda99 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-doc_8.3.9-0ubuntu8.10_all.deb Size/MD5: 3414 522ec1222f39df5cb1e16ad807c8f8bb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql_8.3.9-0ubuntu8.10_all.deb Size/MD5: 247852 de7f38e73f7255f7a8a67da80a82a0b3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 11540 543b6e62697ff166adbc6ae6b5547a8f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 226334 ae0571c5a6576af88c777e98c213d954 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 32772 49f02c9ece8d813a5936efe54a1cc26b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 277504 2c2bb14c8d67b529295fd1c504317c97 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 192432 5d945cf9626adb93684e41a2f913399d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 313880 54614d2a52ab96823225dda6e40000d5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 3819860 2c301ef91c5b6aa5a220ee188056261b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 769210 33ef1d04a88a9a66c9857890924fad65 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 374950 ac316e7130fb65db400ad5e508bee920 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 275472 760cbde58bc0b32a1b34be15faa8c4cb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 269606 430094642d55720b1332b6c70d44314e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 267180 82d568868a788df397738c468321c10c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.10_amd64.deb Size/MD5: 819020 b49c5f3e0608f296b8181b2773504498 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 10692 bb3f4fb94170faad232f935abde60db2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 216332 ce83b48fd49c59d155864f9d79ac588f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 32022 6b04948f08b653a49f3f34be2fe74c1d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 276802 6f7a3ebd4bb27044bd657137c3aed338 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 184468 4b8cc9065c37766af671fb521ff97e47 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 309716 024289904f87a11ef5217d26d3776d89 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 3670458 5158a4f94d5712a48091e6aa52a96340 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 727672 5cf061dafe9389b75c3bda91c1d9e4a5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 337208 8f9e4e9fefbdf4d7204fbad4ad48aa34 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 273786 31e77a5f53f70f150bfe03195ced3f1f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 267194 0ab5f83ebc73c9a1e396b3cb81a44666 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 266214 aa2fe0fd84defb075433f9a180603c87 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.10_i386.deb Size/MD5: 814438 90d07d4fe20b876cf12cf4eb08e42683 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 10418 6ac55dc39264fa42dd04c91d4818201d http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 216400 05edb2951f42178b7e0a1cc93922f963 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 31226 66859e21741346736f8ead65c66feeba http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 276366 f147e9b90c44c9f1744fa922ecb2b836 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 181192 1815ad58cb93ee76e08db65222b1018b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 308508 fc06bd60e6db64a9ba9a20ebd4a1b6aa http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 3647390 57244f6e86fa922f3857cd1b6625863a http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 722306 ff5930adc5f425d8b59a0efe3dea7a87 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 333516 90147e77c537edccfcf50fb705db4f9d http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 274018 377be15e1a00430193cce0130a855df9 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 267122 6880ff9801b62f7e2739dbaab09f8447 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 266176 a25195084ffcd13c798cb154495ad4fd http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.10_lpia.deb Size/MD5: 813908 5758dde0c23d1f307fa2694a4b421624 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 11234 ecfac6cacc83e8464d77b63059b993d7 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 224106 82b33be9d0de96491a7605334cae9171 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 33840 f12807a20f299602e3f7ab7ddd5eddad http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 279882 ef78620a99f24e52642b19cb866ba9dc http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 190806 a9d775777607f7c65b1ff623bf772870 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 312420 388002d918e327b5f70321a59a32a637 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 4188698 81bef64ca89dea76c951633aaa08e3c7 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 797802 949fc80cc2f3fe67dfda90ffbef3172b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 425200 829d5a316ad7c2c862aa17ef4e5c3970 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 276706 d6c61ab36de5c19bdf31d37e78cad1b5 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 271138 335cdf9355ca5d48429769b8101aa566 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 269232 f9cbf0bc90d968a7d900567cfd0e3845 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.10_powerpc.deb Size/MD5: 820794 70c26efc461628b89bb628c2ab6da092 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 9850 b99861631dd5644201825ac799162605 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 208284 ca7c14007935d54393911c477006f18c http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 29424 638eb893cca5b2126ba8bcb0574b2707 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 273652 0577dbfb7309670fbc526472d6eaa9c1 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 179348 e4a97ba572ae4e5d8576fd7677f2fbce http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 304988 19facd34bdbde5d978b8c9ba4800a149 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 3915428 0cb039ffa71db37ce3056d51c2f1cd4c http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 721516 5f16590b2d2b118c73ea072db8070a1b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 333852 56cec30edfa09e91e1b2432f3ca5827e http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 272036 919680705b51e097d706b397130aff69 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 266266 ffacb477966793deb73cd979b4e1950b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 265306 19905bdea6e0a24f61cbee63a0129046 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu8.10_sparc.deb Size/MD5: 814668 fe7a9b7723475943c25745604815e542 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04.diff.gz Size/MD5: 67442 1f000ac9f9062ed87f995102397b5618 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04.dsc Size/MD5: 1668 a35d2602689f8e0d8215192589290772 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9.orig.tar.gz Size/MD5: 13850244 05088ab3b924a326914572eb77db541b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client_8.3.9-0ubuntu9.04_all.deb Size/MD5: 247998 6c836111eb211c176cbcef4012bc8d71 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib_8.3.9-0ubuntu9.04_all.deb Size/MD5: 247896 1014183cfd4c1fa9dfba4fc73965d346 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.9-0ubuntu9.04_all.deb Size/MD5: 1990968 3e218ee4eacb0504e711243eef55fc56 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-doc_8.3.9-0ubuntu9.04_all.deb Size/MD5: 3416 61710511c7c55cd631cb7acdef3e816f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql_8.3.9-0ubuntu9.04_all.deb Size/MD5: 248030 c0478b6a150def07b88b397e374dae9d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 11536 d6fca094d3e3d1432878306e1a0754da http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 226328 a8bca996994c83757745a2cf9376ac7f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 32762 ea62875ae5fcdc20e7de3a822143886e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 277658 aa882a5d6917512724afcbdefeb09688 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 192436 343e0384a861d160fd06a59c8ba61776 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 314084 7c747c060607dcaab225d61a389ffa53 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 3820058 0388831a0530e6b1f142506c0cf18e3e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 769166 0629292b91ed4a5a28429b53efb16b17 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 374948 e62ba9bfd350e4f18a527698fddb743e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 819168 4285dc88a8794de982928f422b57da02 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 275628 45f203026149540ae8183901f2c02e47 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 269638 078b4b694bd7a36b0e80a360cdb019c8 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu9.04_amd64.deb Size/MD5: 267346 d60fd9746ca2f21db05a40958c1b977c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 10694 6892aa49258ad7c67e3b43d9fa627848 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 216310 8c36cf7c5267e5ef44909144667ed33c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 32026 45fd00787e1a23760dd45c01cc1c1523 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 276968 31581954ad5be701f5a10c7669c82670 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 184478 e5cfb16bc4652fa12cd35475b8fb7169 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 309916 63154cedbf892e3a4de26c48d3bfa33c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 3670182 0b4be3c6267e3bb79bf04a6e39e2847c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 727662 89999d9806c445531f1dcf8c369fd60b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 337244 b3b08bda5996c067b7779108c79629e5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 814576 3355a068df9340dfa059177dfa6f2491 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 273890 b03144d7d4b70eeeadcc69001293c426 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 267284 9103df46461a80a90ee74d6665bf917c http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu9.04_i386.deb Size/MD5: 266370 749404176d1ae85b8977ad42320b524d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 10416 acca065e3b7d7399510f071dcb030e79 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 216394 ae6fa78addee24536bbdba450dba2610 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 31234 8a7348b9f69216e9577066252a295aa1 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 276530 ab3b4e3021eefb53bd4a18285e9f3c08 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 181216 1f0bd070e6391b8f5bc33278e8f36141 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 308708 4ede373e7684158bd8ea9b4b3b602710 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 3647652 4dcb3c120835d848162d6d7d5042d43b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 722320 56daa71dc219881245097bf0a2a8f3b5 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 333514 540cfc91df2825a4dfe9c8df41d1afe3 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 814072 3d2dc0bde748fd9c7d380a4fa3d6d8bd http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 274156 604f7444300432d4699242274e27a226 http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 267206 547d8ce4533758e7ebfe49ea9b14dd47 http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu9.04_lpia.deb Size/MD5: 266326 4e1ec7d11559aaa8730cd59b5744af88 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 11236 eaf643ec107fa84901fca85597239984 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 224126 1129cf02bb03b0761b90bc51fc3db3c8 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 33842 0251c3faa2dec1e4b53abd05949926e8 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 280026 e1b6b01ac7449b56bec4fcafc97236b0 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 190790 90fe118c22d171ede70c4844234623ef http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 312610 3b210cef6860ecdd0ec2124f5a27e76e http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 4188510 c50a6750903c3cb3ae048ad76c6f533b http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 797838 28569ea1d8287dcf61ece36fe61f2551 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 425178 fcdb8ae14b8161e14aba59f3a3950e19 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 820906 b27bc12f890b8403d61e5eaaa613bae2 http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 276882 c99ace022ea843d6c2b6439c9d336bce http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 271072 15ddc80b2407101b234bb5ba50545ccc http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu9.04_powerpc.deb Size/MD5: 269382 a88ef37394a9d354a3488251dd20ba29 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-compat3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 9812 4bd79bbaeb6ff1540d6ad5505a4d4a63 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg-dev_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 208232 f3b8efb9a3b7302baa3d0acf16236129 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libecpg6_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 29404 5dc2cd031b3d46e33fa9c77e707d23be http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpgtypes3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 273710 7bd18837b8763e764194bdbbbcb6ac40 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq-dev_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 179282 39cbe365c506b5fa98890efe584ee0f6 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/libpq5_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 305116 0df8805118c67f506cce35124aaa1e1e http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 3914640 c0dfa02ae12b9cb9bfaa0f59ce917ac7 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 721046 d7ba3eb4836d179a6bc32cbd1a9fddb1 http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 333184 4cf44568ab0633c10fbe76266b5b12da http://ports.ubuntu.com/pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 814768 20b27639fca543c20f7ab2cc1c7b02ea http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-plperl-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 272140 0830fa0f2d8c38496ed5d2506d7a35ab http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-plpython-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 266258 c6098891cd15fda88dabf7dada77479c http://ports.ubuntu.com/pool/universe/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.9-0ubuntu9.04_sparc.deb Size/MD5: 265406 4a2cfbe516629861a49f428507862a04 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10.diff.gz Size/MD5: 30831 88b3af9730e269c778ecc30101354d24 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10.dsc Size/MD5: 1715 ed5f9fbb0fe8833a59570f5a727f7149 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2.orig.tar.gz Size/MD5: 16810915 1bc9cdc76c6a2a13bd7fdc0f3f53667f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-client_8.4.2-0ubuntu9.10_all.deb Size/MD5: 10190 71094a5e80228b624e3cc1169e7aff85 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-contrib_8.4.2-0ubuntu9.10_all.deb Size/MD5: 10086 c745bb660aaea645ae8c77e0b09df341 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-doc-8.4_8.4.2-0ubuntu9.10_all.deb Size/MD5: 1862266 272de09ed053eff07f1b5fec946ddfa7 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-doc_8.4.2-0ubuntu9.10_all.deb Size/MD5: 3396 8d633c23f4099aab9bc6c5e9407ebb0b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql_8.4.2-0ubuntu9.10_all.deb Size/MD5: 10224 473eb5bd6f8a771b59cab60f32574040 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libecpg-compat3_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 11496 64bd49c7bd3926302cbe3984d2c3c9aa http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libecpg-dev_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 241178 bb38602d6752442f892cbe17ca9ecad2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libecpg6_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 33370 228510e4eec4b3ab29eece6e66f9d012 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libpgtypes3_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 42024 db143dc3dd7fdd006aa9d9197c92b7e1 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libpq-dev_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 202940 233273abdd301bf7531fb3f9e1a1bc4b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libpq5_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 81132 a7f8ae79ff18e18153814d50f37679ff http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 4043424 7cc20a3f4039651f14e3cc31e8d9b687 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-client-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 827518 faa458ecf8b53cc022f862a208232bf3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-contrib-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 415448 9c8553db72dc345176bff5d351e68510 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-server-dev-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 623372 2889e05ede971692732baa0a29211591 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.4/postgresql-plperl-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 38258 9bb8dd71b7e702eb5535b1dbcf8b5c1a http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.4/postgresql-plpython-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 32466 b4b12bc7e6d9819167eae47ef887e751 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.4/postgresql-pltcl-8.4_8.4.2-0ubuntu9.10_amd64.deb Size/MD5: 29504 83d8377bba8433fde8e31c5ad01fa065 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libecpg-compat3_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 10578 54c7d05a4d12921bcd010ac863f0ad8d http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libecpg-dev_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 225890 6dd3d228f902869bb272286e85cf8cac http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libecpg6_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 32312 dd8476c3bfebedbd6db11252ccc4dea2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libpgtypes3_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 40812 f60dabfff5d29dce247c046b2a543e70 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libpq-dev_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 194150 3e3657272a0330fa4919ac6fa435436a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/libpq5_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 76008 c4dde335f6f28f2f7fa7d16dc4f7062e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 3893198 3c6244db13f244813753fa8eb73f6cd0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-client-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 786568 f3eb097c73f7fecd8bb81056552eeb40 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-contrib-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 371846 467b42e59034054140abce5aba0f4433 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.4/postgresql-server-dev-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 618868 afedd898e25e59d0d43e04ffe7573e13 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.4/postgresql-plperl-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 36426 2b448e929ff4b528ff65d7c34ff24bc6 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.4/postgresql-plpython-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 30114 62f570fa28cde2249752b29129f947d9 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql-8.4/postgresql-pltcl-8.4_8.4.2-0ubuntu9.10_i386.deb Size/MD5: 28570 c54df03adad90e6bb4e0a809a8b0c0e3 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg-compat3_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 10390 8813e0cb96c0f5ea0e36de0e73c0318f http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg-dev_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 224244 cfe95a3c1659ea2cd885e81c49cfa54e http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg6_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 31890 b70357f5ce897fe37ea2c83d566ccd26 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpgtypes3_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 41058 241d34d4e0d8459e4cb672d1ceff5aa2 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpq-dev_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 191546 b343b784b2c99ce29c9185c7820e5202 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpq5_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 75312 3865f919800f6d5180500952ffc97184 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 3884070 0a6ba537ee14ac157a0bc3c263b9355c http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-client-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 784264 8126909648bdfdc6f28df10dd9908859 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-contrib-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 369612 6be5d61363a4be6034b82d93c50132d3 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-server-dev-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 618392 def701164d954de72199ec4dbf0042f8 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-plperl-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 36976 4fe6752c74651aa6427a65e37a9a3ae3 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-plpython-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 30282 801b5fc5edbe1f2fb8febf9613fa547e http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-pltcl-8.4_8.4.2-0ubuntu9.10_lpia.deb Size/MD5: 28910 1e73ed141b11e12f084e3525364ce76d powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg-compat3_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 10920 fd03d0f4ec15cfaab6006342fdde52ec http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg-dev_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 241212 4b7ad53966ad1738815646e7914746ee http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg6_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 34330 5c27c410dc84d5fdbb5fc94ec27332c4 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpgtypes3_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 44644 07e16cabc27a9babd25264102f43c5d8 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpq-dev_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 200836 ba66f7882b0b3a0c39b55efe9a5fc53c http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpq5_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 78698 4c595fa3b2dc18b48b3affc2770f33f3 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 4359568 bcb1cc01daba58c9e93f645d64af2731 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-client-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 828860 9c1d46e97e767a4ba425d52686bc67f2 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-contrib-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 399078 7ab995c6c48cc4cc2f7d63037c2356bf http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-server-dev-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 624698 1a178153c9e489f4948145106f0ab955 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-plperl-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 37428 e95fa8e8fe06b31aecd1daa9099479a2 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-plpython-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 31824 698e1ba16592b741ed774f0b3bed8386 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-pltcl-8.4_8.4.2-0ubuntu9.10_powerpc.deb Size/MD5: 29548 9e92eedc6ddb73238460e05c6471b395 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg-compat3_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 9910 8e9657318ee050f24aef2c645418fca1 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg-dev_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 228586 800e910f83dac7e0c4f98f32ed985f8f http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libecpg6_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 30536 d18fecf78c93276402fc2a28a4caded5 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpgtypes3_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 38604 03e5a3ffa9c916062730e4c7d9e98903 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpq-dev_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 189564 827d92ab148469626dbb05b13ffb4251 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/libpq5_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 71606 51304d81e29d2988dea6e1598016d673 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 4127672 255ac57ffa68e06ad7ed5d466c58d442 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-client-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 781432 6efe7f914220f074f6ee4df912e9a516 http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-contrib-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 372404 32c31f9fb31434b6efd36922ae89503c http://ports.ubuntu.com/pool/main/p/postgresql-8.4/postgresql-server-dev-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 621976 d8c63eb13e026efbe08cffce55369981 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-plperl-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 34768 463ec6338aa8292be3b0daaf7a501840 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-plpython-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 29164 ed996fdea533c1e3d316315914b60870 http://ports.ubuntu.com/pool/universe/p/postgresql-8.4/postgresql-pltcl-8.4_8.4.2-0ubuntu9.10_sparc.deb Size/MD5: 27694 7cd4ae7ee83690cb551c8d207173df51 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100103/634a4c2f/attachment.bin From craig at gentoo.org Sun Jan 3 16:29:56 2010 From: craig at gentoo.org (Stefan Behte) Date: Sun, 03 Jan 2010 17:29:56 +0100 Subject: [Full-disclosure] [ GLSA 201001-01 ] NTP: Denial of Service Message-ID: <4B40C604.8000306@gentoo.org> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201001-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: NTP: Denial of Service Date: January 03, 2010 Bugs: #290881 ID: 201001-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A Denial of Service condition in ntpd can cause excessive CPU or bandwidth consumption. Background ========== NTP is a set of the Network Time Protocol programs. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/ntp < 4.2.4_p7-r1 >= 4.2.4_p7-r1 Description =========== Robin Park and Dmitri Vinokurov discovered that ntp_request.c in ntpd does not handle MODE_PRIVATE packets correctly, causing a continuous exchange of MODE_PRIVATE error responses between two NTP daemons or causing high CPU load on a single host. Impact ====== A remote, unauthenticated attacker could send a specially crafted MODE_PRIVATE packet, allowing for a Denial of Service condition (CPU and bandwidth consumption). Workaround ========== There is no known workaround at this time. Resolution ========== All NTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.4_p7-r1" References ========== [ 1 ] CVE-2009-3563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201001-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100103/63f6388a/attachment.bin From mustlive at websecurity.com.ua Sun Jan 3 21:50:29 2010 From: mustlive at websecurity.com.ua (MustLive) Date: Sun, 3 Jan 2010 23:50:29 +0200 Subject: [Full-disclosure] MouseOverJacking attacks References: <001d01ca88d0$ba878860$010000c0@ml> <2A4A815C-EA3A-47D9-9890-6279EE9CA147@gmail.com> Message-ID: <007101ca8cbe$fce28920$010000c0@ml> Hello Andrew! First of all, Happy New Year to you and to all participants of the list. And about your letter. > If you can inject arbitrary HTML into a web page, When you are talking about arbitrary HTML, then it means possibility to inject angle brackets and in my article I'm talking about hardest cases, where using of angle brackets is not possible. > there are plenty of ways (many of them easier or more flexible than this) > you can get it to run Javascript Yes, in other cases there can be used other XSS attack vectors. But I'm talking about hardest cases, where only using of events of html objects are possible. As I clearly wrote about it in my article. Here is a quote from the article: It's possible to intercept onMouseOver events in Cross-Site Scripting vulnerabilities, when other vectors of XSS attacks are impossible at the site. For example, in case of filtration at the server or using of WAF. So in such rare cases, when you can only use events of html objects for attack, you can use MouseOverJacking technique instead of common XSS attack, to conduct this XSS attack automatically. Also in my article I wrote that MouseOverJacking can be used for other attacks (DoS, CSRF and others). > None of this is considered particularly novel at this point. All of attack vectors mentioned by you are known to me for a long time. It's known XSS attack vectors. As I said, MouseOverJacking can be used in hard cases (when other automated XSS attacks are not possible), to make automation of such attack. Besides, as I see from conversation with different people about MouseOverJacking (including you), people didn't see the possibility of using this attack technique not only in rare cases, but in more widespread cases of XSS attacks. As I hinted about it in my article ;-). So at the end of December I decided to make a new article with description of wider use of MouseOverJacking for XSS attacks. And I'll write it soon. P.S. > - Embedded objects (say, Flash, using ExternalInterface) Or Flash with getURL. About XSS attack via Flash I have another article - XSS vulnerabilities in 8 millions flash files (http://websecurity.com.ua/3789/). Which you can read. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ----- Original Message ----- From: "Andrew Farmer" To: "MustLive" Cc: Sent: Thursday, December 31, 2009 7:15 AM Subject: Re: [Full-disclosure] MouseOverJacking attacks On 29 Dec 2009, at 13:48, MustLive wrote: > Recently, 26th of December 2009, I wrote the article MouseOverJacking > attacks (http://websecurity.com.ua/3807/), and today I > wrote English version of it (http://websecurity.com.ua/3814/). Hardly news. If you can inject arbitrary HTML into a web page, there are plenty of ways (many of them easier or more flexible than this) you can get it to run Javascript: - " in the 'Name' field 4. Enter arbitrary data in the other required fields and click the 'Save' button 5. Click on Sales -> Orders then 'Create New Order' 6. Select any customer 7. Click 'Add Products' 8. Select the newly created product and lick 'Add Selected Product(s) to Order' 9. Observe the JavaScript alert == Product SKU == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'product SKU' Proof of concept: 1. Create a new product as above, except enter the script value for the product SKU 2. Create a new review of the product from Catalog -> Reviews and Ratings -> Cutomer Reviews -> All Reviews and clicking the 'Add New Review' button 3. Save the product review to view the JavaScript == Product Description == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'product description'. Any Javascript in a product description will be rendered when a customer views the product details of that product. == Customer Group Name == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'customer group name' Proof of concept: 1. Click on Customers -> Customer Groups 2. Click the 'Add New Customer Group' button 3. Enter "" for the 'Group Name' 4. Click 'Save Customer Group' 5. Click Customers -> Manage Customers 6. Observe the JavaScript alert (twice) == Product Category Name == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'Product category name' Proof of concept: 1. Click on Catalog -> Manage Categories 2. Click on 'Add Root Category' 3. Click on the 'General Information' tab 4. Enter "" for the 'Name' 5. Click the 'Save Category' button 6. Click the new category name from the left 7. Observe the Javascript alert == Attribute Set == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'Attribute set name' Proof of concept: 1. Click on Catalog -> Attributes -> Manage Attribute Sets 2. Click the 'Add New Set' button 3. Enter "" for the 'Name' 4. Click 'Save Attribute Set' 5. Observe the JavaScript alert == Sitemap Path == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'Sitemap path' Proof of concept: 1. Click on Catalog -> Google Sitemap 2. Click 'Add Sitemap' 3. Enter "" for the Path 4. Click 'Save & Generate' button 5. Observe the Javascript alert == Customer Tax Class, Product Tax Class, Tax Rate ID == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'Customer tax class name', 'Product tax class name', or 'Tax rate id' fields Proof of concept is only provided for Customer Tax Class (others follow same methodology): 1. Click on Sales -> Tax -> Customer Tax Classes 2. Click the 'Add New' button 3. Enter "" for the Class Name 4. Click 'Save Class' 5. Click on Sales -> Tax -> Manage Tax Rule 6. Observe Javascript N.B. The Product Tax Class XSS also affects the Catalog Advanced Search page at index.php/catalogsearch/advanced/ == Poll Question == The Magento platform suffers from a XSS vulnerability because it does not properly sanitize the 'Poll Question' or 'Poll Answer' fields Proof of concept: 1. Click on CMS -> Poll Manager 2. Click the 'Add New Poll' button 3. Enter "" for the Poll Question 4. Click the 'Poll Answers' tab 5. Click the 'Add New Answer' button 6. Enter "" for the Answer Title 7. Click the 'Save Poll' 8. Observe the Javascript alerts when the poll renders at index.php == Architecture == Magento stores submitted values in the database without any filtration. In this model it becomes imperative that data be filtered for XSS before display. Whereas only one point of data input exists, there can be countless points of data display that expand beyond Magento core as modules are applied. The polluted data layer allows XSS to creep forward into display layers with ease unless extreme care is taken by developers. - -- Justin C. Klein Keane http://www.MadIrish.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iPwEAQECAAYFAktCFkIACgkQkSlsbLsN1gAvpQb/VH2krfCKertSsXhFANajrmcL 7efU7cUQ2lJDBAXcbhojgf2G8wJEmShsj91TQ9juEvhG+3tVkffcMoUG2wFMnqrx qRlS8gPCGIAdhIfLEpTeRHu2ANRpaJzrUrU9pAGHLPaRC+WTFrLlMfTK9k+jbutE RTI2BgzDmX7cOz65CrKsQ4Y6TnNT2RscV1YL/c1VHJesgga7sRiPY/pdFW4mRCPg ZcP0Bb78WEN1QAQl6nHtSEqZATvCnkbfiScKE6qfu2sksOlzNFUIqgSgME4mAJY1 grCgYAC/jMvY8jL4/Q8= =eO2B -----END PGP SIGNATURE----- From reedarvin at gmail.com Tue Jan 5 04:27:13 2010 From: reedarvin at gmail.com (Reed Arvin) Date: Mon, 4 Jan 2010 21:27:13 -0700 Subject: [Full-disclosure] Windows Account Password Guessing with WinScanX Message-ID: <80115b691001042027kab2f744laa1009d8e434e3cf@mail.gmail.com> Original article: http://windowsaudit.com/winscanx/windows-account-password-guessing-with-winscanx/ WinScanX download (free): http://windowsaudit.com/ Watch the video: http://www.youtube.com/watch?v=i9ZI7A-IpDw One of the most dangerous things you can do with WinScanX is lockout a Windows account password using the Guess Windows Passwords option recklessly. The account lockout threshold value should always be taken into consideration before attempting to guess Windows account passwords. Prerequisites to Windows account password guessing: For Windows account password guessing to occur you must have a list of valid user accounts from the remote host to guess passwords against. When WinScanX enumerates these user accounts they are stored in a file in the UserCache directory named .users. There are three different options WinScanX can use to generate user cache files for Windows password guessing, all of which are safe: - Get User Information - Get User Information via RA Bypass - Guess SNMP Community Strings If the appropriate options are selected, WinScanX will attempt to enumerate a list of valid user account the normal way, using a Restrict Anonymous bypass method, or by guessing a valid SNMP community string (if the SNMP service is available). Review the account lockout threshold: It is very important to review the account lockout threshold on the remote host before performing Windows account password checking. Run WinScanX with the Get Account Policy Info option selected to retrieve the account lockout threshold. Machines where accounts do not lockout are the safest to guess passwords against. Review the dictionary.input file: The dictionary.input file is the file that lists the passwords that will be attempted for each valid Windows account. By default there are two passwords attempted for each Windows account: ? the username in lowercase ? a blank or null password Feel free to add as many passwords to this file as you wish. A password of ?password? is also common. Remember that every password in this list will be attempted against every valid Windows account. Initiating Windows account password guessing: If you?ve obtained a user cache file from the remote host and verified that you?re comfortable with the account lockout threshold set on the remote host, then you are ready to start the Windows account password guessing process. Select the Guess Windows Passwords option in the WinScanX GUI and click Start Scan. When the scan is complete, check the Reports folder for the GuessedWindowsPasswords.txt file. You may also want to review the ConnectErrorLog.txt file to ensure you have not accidentally locked out any Windows account passwords. From fajarep at gmail.com Tue Jan 5 08:55:52 2010 From: fajarep at gmail.com (Fajar Edisya Putera) Date: Tue, 5 Jan 2010 15:55:52 +0700 Subject: [Full-disclosure] [OOT] VPN Benchmark Message-ID: <828af05c1001050055m2fb1f381wa305fd539b0207b0@mail.gmail.com> Hi All, I just want to know if there is a VPN Benchmark application that can be used to do following tasks : 1. Emulate 4k users 2. Login to VPN over PPTP or L2TP 3. Emulate browsing activity Maybe someone knows? My most important target is to know how many client can be logged in on my current VPN server. Thank you. Fajar -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/70ae9322/attachment.html From tbiehn at gmail.com Tue Jan 5 14:41:58 2010 From: tbiehn at gmail.com (T Biehn) Date: Tue, 5 Jan 2010 09:41:58 -0500 Subject: [Full-disclosure] [Tool] DeepToad 1.1.0 In-Reply-To: <1262518666.22485.10.camel@joxean-desktop.etxea.com> References: <1262518666.22485.10.camel@joxean-desktop.etxea.com> Message-ID: <2d6724811001050641y49071131vb2345e8559b005b6@mail.gmail.com> Hmm, Wouldn't it be more useful to the sec community to have a algorithm that abstracts at the -interpreted- content level? That is when analyzing binaries I wouldn't think that this would classify two with near identical functionality together, even though it is removing a significant chunk of information during the hash pass. I would largely assume that your algorithm, as is, works best on uncompressed bitmaps. Is there something I'm missing? -Travis On Sun, Jan 3, 2010 at 6:37 AM, Joxean Koret wrote: > Hi all, > > I'm happy to announce the very first public release of the open source > project DeepToad, a tool for computing fuzzy hashes from files. > > DeepToad can generate signatures, clusterize files and/or directories > and compare them. It's inspired in the very good tool ssdeep [1] and, in > fact, both projects are very similar. > > The complete project is written in pure python and is distributed under > the LGPL license [2]. > > Links: > Project's Web Page http://code.google.com/p/deeptoad/ > Download Web Page http://code.google.com/p/deeptoad/downloads/list > Wiki http://code.google.com/p/deeptoad/w/list > > References: > [1] http://ssdeep.sourceforge.net/ > [2] http://www.gnu.org/licenses/lgpl.html > > Regards && Happy new year! > Joxean Koret > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da From dan at doxpara.com Tue Jan 5 14:51:02 2010 From: dan at doxpara.com (Dan Kaminsky) Date: Tue, 5 Jan 2010 15:51:02 +0100 Subject: [Full-disclosure] [Tool] DeepToad 1.1.0 In-Reply-To: <2d6724811001050641y49071131vb2345e8559b005b6@mail.gmail.com> References: <1262518666.22485.10.camel@joxean-desktop.etxea.com> <2d6724811001050641y49071131vb2345e8559b005b6@mail.gmail.com> Message-ID: I looked into a fair amount of this sort of normalization back when I was playing with dotplots. The idea was to upgrade from simple Levenshtein string comparison (with no knowledge of variable length x86 instructions, pointers that shift from compile to compile, etc) to something with at least some domain specific knowledge. What I found, somewhat surprisingly, was that dumb string comparison was more than enough. In fact, when I compared pre-patch and post-patch builds, it was easy to directly see when content was added, removed, shifted in location, etc. Joxean's going to have much the same result -- as basic as his similarity metric is, he'll get the broad strokes just fine. Ultimately the best approach is to build a graph of how functions interact and measure graph isomorphism, but of course Halvar figured that out years ago :) On Tue, Jan 5, 2010 at 3:41 PM, T Biehn wrote: > Hmm, > Wouldn't it be more useful to the sec community to have a algorithm > that abstracts at the -interpreted- content level? That is when > analyzing binaries I wouldn't think that this would classify two with > near identical functionality together, even though it is removing a > significant chunk of information during the hash pass. > > I would largely assume that your algorithm, as is, works best on > uncompressed bitmaps. Is there something I'm missing? > > -Travis > > On Sun, Jan 3, 2010 at 6:37 AM, Joxean Koret wrote: > > Hi all, > > > > I'm happy to announce the very first public release of the open source > > project DeepToad, a tool for computing fuzzy hashes from files. > > > > DeepToad can generate signatures, clusterize files and/or directories > > and compare them. It's inspired in the very good tool ssdeep [1] and, in > > fact, both projects are very similar. > > > > The complete project is written in pure python and is distributed under > > the LGPL license [2]. > > > > Links: > > Project's Web Page http://code.google.com/p/deeptoad/ > > Download Web Page http://code.google.com/p/deeptoad/downloads/list > > Wiki http://code.google.com/p/deeptoad/w/list > > > > References: > > [1] http://ssdeep.sourceforge.net/ > > [2] http://www.gnu.org/licenses/lgpl.html > > > > Regards && Happy new year! > > Joxean Koret > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > -- > FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > http://pastebin.com/f6fd606da > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/681e976d/attachment.html From tbiehn at gmail.com Tue Jan 5 14:53:28 2010 From: tbiehn at gmail.com (T Biehn) Date: Tue, 5 Jan 2010 09:53:28 -0500 Subject: [Full-disclosure] MouseOverJacking attacks In-Reply-To: <64fcd9051001031929o7959f0ebp738d2ef6ec6d85d2@mail.gmail.com> References: <001d01ca88d0$ba878860$010000c0@ml> <2A4A815C-EA3A-47D9-9890-6279EE9CA147@gmail.com> <007101ca8cbe$fce28920$010000c0@ml> <64fcd9051001031929o7959f0ebp738d2ef6ec6d85d2@mail.gmail.com> Message-ID: <2d6724811001050653j14939a4ak918772dea3006953@mail.gmail.com> Hey MustLive! If you read the HTML specification you can find all sorts of XSS attack vectors that people just assumed would be redundant to write entire articles on! Here! http://www.w3.org/TR/REC-html40/interact/scripts.html -Travis On Sun, Jan 3, 2010 at 10:29 PM, Jeff Williams wrote: > Thanks for your wishes MustDie; > > Do you consider yourself as an oz XSS ninja ? > > Did your C.V. ended in the OWASP trash bin ? > > And how the fuck you came up with a nickname like that ? > > > > Let us know, we truly give a shit about your life, and xss. > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da From tbiehn at gmail.com Tue Jan 5 14:56:42 2010 From: tbiehn at gmail.com (T Biehn) Date: Tue, 5 Jan 2010 09:56:42 -0500 Subject: [Full-disclosure] [Tool] DeepToad 1.1.0 In-Reply-To: References: <1262518666.22485.10.camel@joxean-desktop.etxea.com> <2d6724811001050641y49071131vb2345e8559b005b6@mail.gmail.com> Message-ID: <2d6724811001050656n1b723b26t3e1619d4559a74c3@mail.gmail.com> I can see what you're saying, it could be useful for finding differences in different versions of the same binary but from what I can see Joxean's app is meant to group files of the same 'type,' not provide 'diff' capabilities. -Travis On Tue, Jan 5, 2010 at 9:51 AM, Dan Kaminsky wrote: > I looked into a fair amount of this sort of normalization back when I was > playing with dotplots.? The idea was to upgrade from simple Levenshtein > string comparison (with no knowledge of variable length x86 instructions, > pointers that shift from compile to compile, etc) to something with at least > some domain specific knowledge.? What I found, somewhat surprisingly, was > that dumb string comparison was more than enough.? In fact, when I compared > pre-patch and post-patch builds, it was easy to directly see when content > was added, removed, shifted in location, etc.? Joxean's going to have much > the same result -- as basic as his similarity metric is, he'll get the broad > strokes just fine. > > Ultimately the best approach is to build a graph of how functions interact > and measure graph isomorphism, but of course Halvar figured that out years > ago :) > > On Tue, Jan 5, 2010 at 3:41 PM, T Biehn wrote: >> >> Hmm, >> Wouldn't it be more useful to the sec community to have a algorithm >> that abstracts at the -interpreted- content level? That is when >> analyzing binaries I wouldn't think that this would classify two with >> near identical functionality together, even though it is removing a >> significant chunk of information during the hash pass. >> >> I would largely assume that your algorithm, as is, works best on >> uncompressed bitmaps. Is there something I'm missing? >> >> -Travis >> >> On Sun, Jan 3, 2010 at 6:37 AM, Joxean Koret wrote: >> > Hi all, >> > >> > I'm happy to announce the very first public release of the open source >> > project DeepToad, a tool for computing fuzzy hashes from files. >> > >> > DeepToad can generate signatures, clusterize files and/or directories >> > and compare them. It's inspired in the very good tool ssdeep [1] and, in >> > fact, both projects are very similar. >> > >> > The complete project is written in pure python and is distributed under >> > the LGPL license [2]. >> > >> > Links: >> > Project's Web Page http://code.google.com/p/deeptoad/ >> > Download Web Page http://code.google.com/p/deeptoad/downloads/list >> > Wiki http://code.google.com/p/deeptoad/w/list >> > >> > References: >> > [1] http://ssdeep.sourceforge.net/ >> > [2] http://www.gnu.org/licenses/lgpl.html >> > >> > Regards && Happy new year! >> > Joxean Koret >> > >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> >> >> >> -- >> FD1D E574 6CAB 2FAF 2921 ?F22E B8B7 9D0D 99FF A73C >> http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on >> http://pastebin.com/f6fd606da >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da From joxeankoret at yahoo.es Tue Jan 5 15:00:12 2010 From: joxeankoret at yahoo.es (Joxean Koret) Date: Tue, 5 Jan 2010 15:00:12 +0000 (GMT) Subject: [Full-disclosure] [Tool] DeepToad 1.1.0 In-Reply-To: <2d6724811001050656n1b723b26t3e1619d4559a74c3@mail.gmail.com> Message-ID: <314803.6781.qm@web23004.mail.ird.yahoo.com> Yes. It isn't designed to search for the differences between 2 binary files but to search for similar files, _independently_ of the format, and group them. This tool can be used, in example, to search for similar "crapwares" or to search for similar image files (not similar looking, but similar files), similar office documents, etc... --- El mar, 5/1/10, T Biehn escribi?: > De: T Biehn > Asunto: Re: [Full-disclosure] [Tool] DeepToad 1.1.0 > Para: "Dan Kaminsky" > CC: "Joxean Koret" , "Full Disclosure" , bugtraq at securityfocus.com > Fecha: martes, 5 de enero, 2010 15:56 > I can see what you're saying, it > could be useful for finding > differences in different versions of the same binary but > from what I > can see Joxean's app is meant to group files of the same > 'type,' not > provide 'diff' capabilities. > > -Travis > > On Tue, Jan 5, 2010 at 9:51 AM, Dan Kaminsky > wrote: > > I looked into a fair amount of this sort of > normalization back when I was > > playing with dotplots.? The idea was to upgrade from > simple Levenshtein > > string comparison (with no knowledge of variable > length x86 instructions, > > pointers that shift from compile to compile, etc) to > something with at least > > some domain specific knowledge.? What I found, > somewhat surprisingly, was > > that dumb string comparison was more than enough.? In > fact, when I compared > > pre-patch and post-patch builds, it was easy to > directly see when content > > was added, removed, shifted in location, etc.? > Joxean's going to have much > > the same result -- as basic as his similarity metric > is, he'll get the broad > > strokes just fine. > > > > Ultimately the best approach is to build a graph of > how functions interact > > and measure graph isomorphism, but of course Halvar > figured that out years > > ago :) > > > > On Tue, Jan 5, 2010 at 3:41 PM, T Biehn > wrote: > >> > >> Hmm, > >> Wouldn't it be more useful to the sec community to > have a algorithm > >> that abstracts at the -interpreted- content level? > That is when > >> analyzing binaries I wouldn't think that this > would classify two with > >> near identical functionality together, even though > it is removing a > >> significant chunk of information during the hash > pass. > >> > >> I would largely assume that your algorithm, as is, > works best on > >> uncompressed bitmaps. Is there something I'm > missing? > >> > >> -Travis > >> > >> On Sun, Jan 3, 2010 at 6:37 AM, Joxean Koret > > wrote: > >> > Hi all, > >> > > >> > I'm happy to announce the very first public > release of the open source > >> > project DeepToad, a tool for computing fuzzy > hashes from files. > >> > > >> > DeepToad can generate signatures, clusterize > files and/or directories > >> > and compare them. It's inspired in the very > good tool ssdeep [1] and, in > >> > fact, both projects are very similar. > >> > > >> > The complete project is written in pure > python and is distributed under > >> > the LGPL license [2]. > >> > > >> > Links: > >> > Project's Web Page http://code.google.com/p/deeptoad/ > >> > Download Web Page http://code.google.com/p/deeptoad/downloads/list > >> > Wiki http://code.google.com/p/deeptoad/w/list > >> > > >> > References: > >> > [1] http://ssdeep.sourceforge.net/ > >> > [2] http://www.gnu.org/licenses/lgpl.html > >> > > >> > Regards && Happy new year! > >> > Joxean Koret > >> > > >> > > >> > > _______________________________________________ > >> > Full-Disclosure - We believe in it. > >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> > Hosted and sponsored by Secunia - http://secunia.com/ > >> > > >> > >> > >> > >> -- > >> FD1D E574 6CAB 2FAF 2921 ?F22E B8B7 9D0D 99FF > A73C > >> http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > >> http://pastebin.com/f6fd606da > >> > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > -- > FD1D E574 6CAB 2FAF 2921? F22E B8B7 9D0D 99FF A73C > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > http://pastebin.com/f6fd606da > From dan at doxpara.com Tue Jan 5 15:08:44 2010 From: dan at doxpara.com (Dan Kaminsky) Date: Tue, 5 Jan 2010 16:08:44 +0100 Subject: [Full-disclosure] [Tool] DeepToad 1.1.0 In-Reply-To: <2d6724811001050656n1b723b26t3e1619d4559a74c3@mail.gmail.com> References: <1262518666.22485.10.camel@joxean-desktop.etxea.com> <2d6724811001050641y49071131vb2345e8559b005b6@mail.gmail.com> <2d6724811001050656n1b723b26t3e1619d4559a74c3@mail.gmail.com> Message-ID: Joxean's stuff is similar to Nilsimsa or (as he mentions) ssdeep, in that it'll find mostly similar instances of the same underlying data, assuming only small bit-level changes (such as from version shifts). It's obviously not a magic unpacker of any arbitrary virus, though. His stuff, by its very nature, is a fuzzy similarity metric, meaning if you run it on small chunks of a file sequentially you can get fuzzy diff. Detecting multiple files of the same file type is actually a different problem, and sort of an interesting one. The best thing to do here is take a large number of samples that *are* your file type, and then a large number of samples that *are not* your file type (and are not the same other not-the-right-type), and look for either strings or statistical patterns that show up in the member set and not in the alternate. These fingerprints are then sought in other samples. It's not terribly common that you actually need to do this though. Browsers need to do this a bit because MIME types are wonky. They do this optimization by hand though. On Tue, Jan 5, 2010 at 3:56 PM, T Biehn wrote: > I can see what you're saying, it could be useful for finding > differences in different versions of the same binary but from what I > can see Joxean's app is meant to group files of the same 'type,' not > provide 'diff' capabilities. > > -Travis > > On Tue, Jan 5, 2010 at 9:51 AM, Dan Kaminsky wrote: > > I looked into a fair amount of this sort of normalization back when I was > > playing with dotplots. The idea was to upgrade from simple Levenshtein > > string comparison (with no knowledge of variable length x86 instructions, > > pointers that shift from compile to compile, etc) to something with at > least > > some domain specific knowledge. What I found, somewhat surprisingly, was > > that dumb string comparison was more than enough. In fact, when I > compared > > pre-patch and post-patch builds, it was easy to directly see when content > > was added, removed, shifted in location, etc. Joxean's going to have > much > > the same result -- as basic as his similarity metric is, he'll get the > broad > > strokes just fine. > > > > Ultimately the best approach is to build a graph of how functions > interact > > and measure graph isomorphism, but of course Halvar figured that out > years > > ago :) > > > > On Tue, Jan 5, 2010 at 3:41 PM, T Biehn wrote: > >> > >> Hmm, > >> Wouldn't it be more useful to the sec community to have a algorithm > >> that abstracts at the -interpreted- content level? That is when > >> analyzing binaries I wouldn't think that this would classify two with > >> near identical functionality together, even though it is removing a > >> significant chunk of information during the hash pass. > >> > >> I would largely assume that your algorithm, as is, works best on > >> uncompressed bitmaps. Is there something I'm missing? > >> > >> -Travis > >> > >> On Sun, Jan 3, 2010 at 6:37 AM, Joxean Koret > wrote: > >> > Hi all, > >> > > >> > I'm happy to announce the very first public release of the open source > >> > project DeepToad, a tool for computing fuzzy hashes from files. > >> > > >> > DeepToad can generate signatures, clusterize files and/or directories > >> > and compare them. It's inspired in the very good tool ssdeep [1] and, > in > >> > fact, both projects are very similar. > >> > > >> > The complete project is written in pure python and is distributed > under > >> > the LGPL license [2]. > >> > > >> > Links: > >> > Project's Web Page http://code.google.com/p/deeptoad/ > >> > Download Web Page http://code.google.com/p/deeptoad/downloads/list > >> > Wiki http://code.google.com/p/deeptoad/w/list > >> > > >> > References: > >> > [1] http://ssdeep.sourceforge.net/ > >> > [2] http://www.gnu.org/licenses/lgpl.html > >> > > >> > Regards && Happy new year! > >> > Joxean Koret > >> > > >> > > >> > _______________________________________________ > >> > Full-Disclosure - We believe in it. > >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> > Hosted and sponsored by Secunia - http://secunia.com/ > >> > > >> > >> > >> > >> -- > >> FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C > >> > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > >> http://pastebin.com/f6fd606da > >> > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > -- > FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > http://pastebin.com/f6fd606da > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/9143666f/attachment.html From disclosure at contextis.co.uk Mon Jan 4 17:51:14 2010 From: disclosure at contextis.co.uk (Context IS - Disclosure) Date: Mon, 4 Jan 2010 17:51:14 +0000 Subject: [Full-disclosure] Context App Tool - New Web Application Testing Tool Released Message-ID: <9CE75E98979ABC448892B4284A51E252BF17021C5D@kestrel.london.contextis.co.uk> CAT is an application to facilitate manual web application penetration testing. It was designed to cope with a more demanding level of application testing, taking away some of the more repetitive nature of testing and allowing the tester to focus their time instead on the individual application, enabling them to conduct a much more thorough test. Conceptually it is similar to other proxies available both commercially and open source. CAT provides a richer feature set and greater performance, combined with a more intuitive user interface to aid a professional manual penetration tester. There are a number of differences between CAT and currently available web proxies. Some key differences are: * Uses Internet Explorer's rendering engine for accurate HTML representation * Supports many different types of text conversations including: URL, Base64, Hex, Unicode, HTML/XML, SQL and JavaScript no Quotes * Integrated SQL Injection and XSS Detection * Synchronised Proxies for Authentication and Authorisation checking * Faster due to HTTP connection caching * SSL Version and Cipher checker using OpenSSL * Greater flexibility for importing/exporting logs and saving projects * Tabbed Interface allowing for multiple tools at once e.g. multiple repeaters and different logs * The ability to repeat and modify a sequence of requests (particular useful in SSO testing) * Free! There are a number of features which CAT has to enable a wide variety of testing to be conducted: * Request Repeater ? Used for repeating a single request * Proxy ? Classic Inline proxy * Fuzzer ? Allows for batch of tests to be sent to a server for brute forcing, parameter fuzzing, forced browsing etc. * Log ? View a list of requests to sort, search repeat etc. Allows for a sequence of requests to be repeated and modified. * Authentication Checker ? Two synchronised proxies which can be used to check authentication and authorisation controls. * SSL Checker ? Request a specific page with various SSL ciphers and versions. * Notepad ? A text/RTF editor which can be used as a scratch pad for conversions etc. * Web Browser ? An integrated web browser with proxy pre-configured based on the Internet Explorer's rendering engine. For more information and to download a copy go to http://cat.contextis.com Look forward to any feedback, Michael Jordon About Context Information Security ---------------------------------- Context Information Security Limited is a specialist information security consultancy based in London and Dusseldorf. Context promotes the holistic approach to information security and helps clients to identify, assess and control their exposure to risk within the fields of IT, telephony and physical security. Context employs experienced information security professionals who are subject-matter experts in their various technical specialisms. Context works extensively within the finance, legal, defence and government sectors, delivering high-end information security projects to organisations for which security is a priority. From organiser at syscan.org Tue Jan 5 07:22:09 2010 From: organiser at syscan.org (organiser at syscan.org) Date: Tue, 05 Jan 2010 15:22:09 +0800 Subject: [Full-disclosure] SyScan'10 Call For Training (CFT) Message-ID: <4B42E8A1.8070204@syscan.org> apologies for the multiple copies. SyScan'10 CALL FOR TRAINING ABOUT SYSCAN'10 This year, SyScan'10 will be held in the 4 exciting cities of Singapore, Shanghai, Taipei and Ho chi Minh City (Vietnam). Details are as follows: SyScan'10 Singapore date: 15 - 18 June 2010 SyScan'10 Shanghai date: 8 - 11 July 2010 SyScan'10 Taipei date: 19 - 22 August 2010 SyScan'10 Ho Chi Minh City (Vietnam) date: 23 - 26 September 2010 TRAINING TOPICS SyScan?10 training topics will focus on the following areas: Web Applications Networks Securing Windows/Linux Systems Databases Storage Secure Programming/Development Cloud Computing Virtualization Malware Analysis Penetration Testing Exploit Development Reverse Code Engineering Languages (Assembly, Python, Ruby etc) PRIVILEGES Trainers? Privileges: ? 50% of net profit of class. ? Complimentary entry to SyScan'10 conference ? Trainers/Speakers Dinner on conference days ? After-conference party. ? A very healthy dose of alcohol and fun. Please note that the net profit for each class is determined by the difference between the total fee collected for each class and the total expenses incurred for each class. The expenses of each class would include the return economy air-ticket of the trainer, 3 nights of accommodation (training) and the rental of the training venue. *CFT SUBMISSION* CFT submission must include the following information: 1) Brief biography including list of publications and papers published previously or training classes conducted previously. 2) Training title. 3) Training introduction/description. 4) Student Prerequisite. 5) Software Requirements. 6) Hardware Requirements. 7) Course Outline (daily basis). 8) Contact Information (full name, alias, handler, e-mail, postal address, phone, fax, photo, country of origin, special dietary requirement). 9) Employment and/or affiliations information. 10) Any significant educational/training experience/background. 11) Why is your material different or innovative or significant or an important tutorial? Training classes will be 2 full days (0900 hours - 1700 hours). Please inform the CFP committee if your class is shorter or longer than 2 days during your CFT submission. All submissions must be in English and in PDF format only. The more information you provide, the better the chance for selection. Please send submission to cfp at syscan.org. *IMPORTANT DATES * Final CFT Submission ? 28th February 2010. *OTHER INFORMATION * Please feel free to visit SyScan website to get a feel what this conference is all about ? SHARE AND HAVE FUN! By agreeing to speak at the SyScan'09 you are granting Syscan Pte. Ltd. the rights to reproduce, distribute, advertise and show your presentation including but not limited to http://www.syscan.org, printed and/or electronic advertisements, and all other mediums. -- Thank you Thomas Lim Organiser SyScan'10 www.syscan.org From support at iiscan.com Tue Jan 5 02:32:45 2010 From: support at iiscan.com (iiScan support) Date: Tue, 5 Jan 2010 10:32:45 +0800 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: References: Message-ID: Dear all friends: iiScan is pleased to announce our new gerneration of Web Application Security Evalution Platform which is totally FREE. It provides web security as a service through the Cloud, no installation of hardware or software is needed. Here is some description: i) New generation of web application security evaluation platform iiScan provide a cloud-computing based security service which focus on web application security. With iiScan, you can get your web application assessed by iiScan expert and the only thing you have to do is clicking the START botton. After that, a report contained all details of vulnerabilities or risks of your website will be sent to your mailbox. Then you can fix it and make your website safer. ii) iiScan can detect and test most Web Vulnerabilities without manual intervention : SQL injection Cross Site Scripting (XSS) File Upload Vulnerability Information Leakage Insecure Direct Object References Buffer overflow Path Traversal OS Commanding Session Fixation XPath Injection ?? iii) Rich Statements The statements we offered include abundant informations. You can find all the details about every vulnerabilities and fix it with our suggestion. We also provide report for web develop and testing engineer. iv) Easy to use There is no longer technical research which difficult to comprehend and no process of configuration items. Through iiScan,you are the security expert of web application security. And you can finish the security assessment of web application deeply and thoroughly through only several clicks. v) Absolute free Security as a basic service should be provided free,so we firmly believe that the security industry needs revolution. As a new free service provider , we build the domestic first and only assessment platform of security assignment of web application which full functions are free. In the iiScan platform,the basic policy of scanning is absolute free. We hope our work can help you. More information please visit http://www.iiScan.com/ Demo video can be found here http://www.iiscan.com/help/manual Sincerely NOSEC iiScan support team support at iiscan.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/7c457cc6/attachment.html From advisories at rewterz.com Tue Jan 5 15:35:35 2010 From: advisories at rewterz.com (rewterz security team) Date: Tue, 5 Jan 2010 20:35:35 +0500 Subject: [Full-disclosure] REWTERZ-20100103 - Ofilter Player Local Denial of Service (DoS) Vulnerability Message-ID: <1ba42b871001050735u237b1508rb0b55f1b4776de58@mail.gmail.com> ======================================================== Rewterz 05/01/2010 - Ofilter Player Local Denial of Service (DoS) Vulnerability - 1) Affected Software * Ofilter Player 1.1 NOTE: Other versions may also be affected. ======================================================== 2) Severity Rating: Low Impact: Denial of Service Where: Local ======================================================== 3) Vendor's Description of Software "Ofilter Player is an easy-to-use multimedia player. It can play many kinds of audio and video formats such as mp3, wav, midi, avi, VCD, mpeg etc. It supports the powerful playback control: play, pause, stop, step, skip forward, skip backward. It can display and configure all filters' properties during the playback of the video." Product Link: http://www.008soft.com/products/ofilter-player.htm ======================================================== 4) Description of Vulnerability Rewterz has discovered vulnerability in Ofilter Player. This vulnerability could lead to Denial of Service with the privileges of the current process or user and cause application to crash. This vulnerability exists in the handling of application skin by the user. We chose not to provide detailed information about the location of the vulnerability and how to reproduce it because the author hasn't confirmed this vulnerability. We can pass a long argument into the skin file. There is no checking of the length of these inputs. Depending on the input, this will cause DoS condition. We have confirmed the ability to execute our own code. ======================================================== 5) Credits Discovered by Rehan Ahmed, Rewterz. ======================================================== 6) About Rewterz Rewterz is a boutique Information Security company, committed to consistently providing world class professional security services. Our strategy revolves around the need to provide round-the-clock quality information security services and solutions to our customers. We maintain this standard through our highly skilled and professional team, and custom-designed, customer-centric services and products. http://www.rewterz.com Complete list of vulnerability advisories published by Rewterz: http://rewterz.com/securityadvisories.php ======================================================== From advisories at rewterz.com Tue Jan 5 15:35:22 2010 From: advisories at rewterz.com (rewterz security team) Date: Tue, 5 Jan 2010 20:35:22 +0500 Subject: [Full-disclosure] REWTERZ-20100101 - n.player Local Heap Overflow Vulnerability Message-ID: <1ba42b871001050735j1b787ceaqb66d377e631bd4c6@mail.gmail.com> ======================================================== Rewterz 05/01/2010 - n.player Local Heap Overflow Vulnerability - 1) Affected Software * n.player 1.12.07 NOTE: Other versions may also be affected. ======================================================== 2) Severity Rating: High Impact: Denial of Service Manipulation of Data Where: Local ======================================================== 3) Vendor's Description of Software "n.player is a versatile media player that plays audio CDs, DVD, WMA, MP3, AVI, DiVX and other media with the preinstalled DirectShow decoder. n.player also supports enhanced features for playing video and audio. n.player includes the high-quality audio equalizer, support for divX subtitles, many functions for video and audio playback and ATI Remote Wonder controller support." Product Link: http://www.softpedia.com/get/Multimedia/Video/Video-Players/nplayer.shtml http://www.samo.cz ======================================================== 4) Description of Vulnerability Rewterz has discovered vulnerability in n.player. This vulnerability could lead to execution of code with the privileges of the current process or user. This vulnerability exists in the handling of application skin selection by the user. We chose not to provide detailed information about the location of the vulnerability and how to reproduce it because the author hasn't confirmed this vulnerability. We can pass a long argument with some commands into a heap. There is no checking of the length of these inputs. Depending on the input, this will cause exploitable condition. We have confirmed the ability to execute our own code. This is a common heap overflow vulnerability and can be exploited easily. ======================================================== 5) Credits Discovered by Rehan Ahmed, Rewterz. ======================================================== 6) About Rewterz Rewterz is a boutique Information Security company, committed to consistently providing world class professional security services. Our strategy revolves around the need to provide round-the-clock quality information security services and solutions to our customers. We maintain this standard through our highly skilled and professional team, and custom-designed, customer-centric services and products. http://www.rewterz.com Complete list of vulnerability advisories published by Rewterz: http://rewterz.com/securityadvisories.php ======================================================== From advisories at rewterz.com Tue Jan 5 15:35:28 2010 From: advisories at rewterz.com (rewterz security team) Date: Tue, 5 Jan 2010 20:35:28 +0500 Subject: [Full-disclosure] REWTERZ-20100102 - Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability Message-ID: <1ba42b871001050735i9012df6n7af798b58e1ded84@mail.gmail.com> ======================================================== Rewterz 05/01/2010 - Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability - 1) Affected Software * NSP 2.0 * NSP 1.1 Beta ======================================================== 2) Severity Rating: High Impact: Denial of Service Where: Local ======================================================== 3) Vendor's Description of Software "The Nemesis Player (NSP) is much more than any other media player. It allows you to watch your video files collection like any player but also enables you to emulate a "DVD menu" for your videos. Nsp can be broken down into 3 parts: Scene Editing, Project Settings and the player itself." Product Link: http://www.nsplayer.org ======================================================== 4) Description of Vulnerability Rewterz has discovered vulnerability in Nemesis Player (NSP). This vulnerability could lead to Denial of Service with the privileges of the current process or user and cause system to stop responding. This vulnerability exists in the handling of Nsp project file. We chose not to provide detailed information about the location of the vulnerability and how to reproduce it because the author hasn't confirmed this vulnerability. We can pass a long argument into the Nsp project file. There is no checking of the length of these inputs. Depending on the input, this will cause DoS condition. We have confirmed the ability to execute our own code. ======================================================== 5) Credits Discovered by Rehan Ahmed, Rewterz. ======================================================== 6) About Rewterz Rewterz is a boutique Information Security company, committed to consistently providing world class professional security services. Our strategy revolves around the need to provide round-the-clock quality information security services and solutions to our customers. We maintain this standard through our highly skilled and professional team, and custom-designed, customer-centric services and products. http://www.rewterz.com Complete list of vulnerability advisories published by Rewterz: http://rewterz.com/securityadvisories.php ======================================================== From phrack-ru at hushmail.com Tue Jan 5 15:54:19 2010 From: phrack-ru at hushmail.com (phrack-ru at hushmail.com) Date: Tue, 05 Jan 2010 17:54:19 +0200 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) Message-ID: <20100105155421.E23A128040@smtp.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anti=Sec is alive, you morrons! RoMeO is alive, the underground is alive.. Be prepared for revenge, Be prepared for trouble! Trust no one. Disclose nothing. Never sell out, *never surrender*. -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAktDYKsACgkQNK7hZXPv/x4MfQP/STguvldfDT9PaI3rOkE6JdZ2///S Avjj926FKHgkRs32iFpN16EU3oaM8aJqhKRjvO9sNU/H1XP1mfVl9VaDgW09sHv5P8xW ClmJ7Kx4hMhYn7HlG3kcb2AHpNYfh0tepLun4BoqoDsGVR0Ocighe6trB/Cc9Y7AORug eAySs5o= =qdwU -----END PGP SIGNATURE----- From uuf6429 at gmail.com Tue Jan 5 16:12:50 2010 From: uuf6429 at gmail.com (Christian Sciberras) Date: Tue, 5 Jan 2010 17:12:50 +0100 Subject: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com) In-Reply-To: <20100105155421.E23A128040@smtp.hushmail.com> References: <20100105155421.E23A128040@smtp.hushmail.com> Message-ID: <3af3d47c1001050812r4c5d9f7ew64f108467f43e4a9@mail.gmail.com> Gosh! And me thinking Romeo is dead!!! Thanks very much for the information! Now let's all go pray for this poor soul. *Amen* On Tue, Jan 5, 2010 at 4:54 PM, wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Anti=Sec is alive, you morrons! > RoMeO is alive, the underground is alive.. > Be prepared for revenge, Be prepared for trouble! > > Trust no one. > Disclose nothing. > Never sell out, *never surrender*. > > -----BEGIN PGP SIGNATURE----- > Charset: UTF8 > Version: Hush 3.0 > Note: This signature can be verified at https://www.hushtools.com/verify > > wpwEAQMCAAYFAktDYKsACgkQNK7hZXPv/x4MfQP/STguvldfDT9PaI3rOkE6JdZ2///S > Avjj926FKHgkRs32iFpN16EU3oaM8aJqhKRjvO9sNU/H1XP1mfVl9VaDgW09sHv5P8xW > ClmJ7Kx4hMhYn7HlG3kcb2AHpNYfh0tepLun4BoqoDsGVR0Ocighe6trB/Cc9Y7AORug > eAySs5o= > =qdwU > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/b0df75f9/attachment.html From Eddie.McGhee at ncr.com Tue Jan 5 16:37:20 2010 From: Eddie.McGhee at ncr.com (McGhee, Eddie) Date: Tue, 5 Jan 2010 11:37:20 -0500 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: References: Message-ID: Hi. where can we receive a invite code to test? ________________________________ From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of iiScan support Sent: 05 January 2010 02:33 To: full-disclosure at lists.grok.org.uk Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free Dear all friends: iiScan is pleased to announce our new gerneration of Web Application Security Evalution Platform which is totally FREE. It provides web security as a service through the Cloud, no installation of hardware or software is needed. Here is some description: i) New generation of web application security evaluation platform iiScan provide a cloud-computing based security service which focus on web application security. With iiScan, you can get your web application assessed by iiScan expert and the only thing you have to do is clicking the START botton. After that, a report contained all details of vulnerabilities or risks of your website will be sent to your mailbox. Then you can fix it and make your website safer. ii) iiScan can detect and test most Web Vulnerabilities without manual intervention : SQL injection Cross Site Scripting (XSS) File Upload Vulnerability Information Leakage Insecure Direct Object References Buffer overflow Path Traversal OS Commanding Session Fixation XPath Injection ...... iii) Rich Statements The statements we offered include abundant informations. You can find all the details about every vulnerabilities and fix it with our suggestion. We also provide report for web develop and testing engineer. iv) Easy to use There is no longer technical research which difficult to comprehend and no process of configuration items. Through iiScan,you are the security expert of web application security. And you can finish the security assessment of web application deeply and thoroughly through only several clicks. v) Absolute free Security as a basic service should be provided free,so we firmly believe that the security industry needs revolution. As a new free service provider , we build the domestic first and only assessment platform of security assignment of web application which full functions are free. In the iiScan platform,the basic policy of scanning is absolute free. We hope our work can help you. More information please visit http://www.iiScan.com/ Demo video can be found here http://www.iiscan.com/help/manual Sincerely NOSEC iiScan support team support at iiscan.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/b320b981/attachment.html From guiscombatti at gmail.com Tue Jan 5 17:11:16 2010 From: guiscombatti at gmail.com (Guilherme Scombatti) Date: Tue, 5 Jan 2010 15:11:16 -0200 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: References: Message-ID: Yes, I want an invite code to test On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie wrote: > Hi. > > where can we receive a invite code to test? > > ------------------------------ > *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: > full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan support > *Sent:* 05 January 2010 02:33 > *To:* full-disclosure at lists.grok.org.uk > *Subject:* [Full-disclosure] iiScan - Full-function web application > security scanning platform for free > > Dear all friends: > > iiScan is pleased to announce our new gerneration of Web Application > Security Evalution Platform which is totally FREE. It provides web security > as a service through the Cloud, no installation of hardware or software is > needed. Here is some description: > > i) New generation of web application security evaluation platform > iiScan provide a cloud-computing based security service which focus on web > application security. With iiScan, you can get your web application assessed > by iiScan expert and the only thing you have to do is clicking the START > botton. After that, a report contained all details of vulnerabilities or > risks of your website will be sent to your mailbox. Then you can fix it and > make your website safer. > > ii) iiScan can detect and test most Web Vulnerabilities without manual > intervention : > SQL injection > Cross Site Scripting (XSS) > File Upload Vulnerability > Information Leakage > Insecure Direct Object References > Buffer overflow > Path Traversal > OS Commanding > Session Fixation > XPath Injection > ?? > > iii) Rich Statements > The statements we offered include abundant informations. You can find all > the details about every vulnerabilities and fix it with our suggestion. We > also provide report for web develop and testing engineer. > > iv) Easy to use > There is no longer technical research which difficult to comprehend and no > process of configuration items. Through iiScan,you are the security expert > of web application security. And you can finish the security assessment of > web application deeply and thoroughly through only several clicks. > > v) Absolute free > Security as a basic service should be provided free,so we firmly believe > that the security industry needs revolution. As a new free service provider > , we build the domestic first and only assessment platform of security > assignment of web application which full functions are free. In the iiScan > platform,the basic policy of scanning is absolute free. > > We hope our work can help you. More information please visit > http://www.iiScan.com/ > Demo video can be found here http://www.iiscan.com/help/manual > > Sincerely > > NOSEC iiScan support team > > support at iiscan.com > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/a504cb1e/attachment-0001.html From mquintans at gmail.com Tue Jan 5 17:37:54 2010 From: mquintans at gmail.com (Manu Quintans) Date: Tue, 5 Jan 2010 18:37:54 +0100 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: References: Message-ID: Invitation code is invalid On Tue, Jan 5, 2010 at 6:11 PM, Guilherme Scombatti wrote: > Yes, > > I want an invite code to test > > On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie wrote: > >> Hi. >> >> where can we receive a invite code to test? >> >> ------------------------------ >> *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: >> full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan support >> *Sent:* 05 January 2010 02:33 >> *To:* full-disclosure at lists.grok.org.uk >> *Subject:* [Full-disclosure] iiScan - Full-function web application >> security scanning platform for free >> >> Dear all friends: >> >> iiScan is pleased to announce our new gerneration of Web Application >> Security Evalution Platform which is totally FREE. It provides web security >> as a service through the Cloud, no installation of hardware or software is >> needed. Here is some description: >> >> i) New generation of web application security evaluation platform >> iiScan provide a cloud-computing based security service which focus on web >> application security. With iiScan, you can get your web application assessed >> by iiScan expert and the only thing you have to do is clicking the START >> botton. After that, a report contained all details of vulnerabilities or >> risks of your website will be sent to your mailbox. Then you can fix it and >> make your website safer. >> >> ii) iiScan can detect and test most Web Vulnerabilities without manual >> intervention : >> SQL injection >> Cross Site Scripting (XSS) >> File Upload Vulnerability >> Information Leakage >> Insecure Direct Object References >> Buffer overflow >> Path Traversal >> OS Commanding >> Session Fixation >> XPath Injection >> ?? >> >> iii) Rich Statements >> The statements we offered include abundant informations. You can find all >> the details about every vulnerabilities and fix it with our suggestion. We >> also provide report for web develop and testing engineer. >> >> iv) Easy to use >> There is no longer technical research which difficult to comprehend and no >> process of configuration items. Through iiScan,you are the security expert >> of web application security. And you can finish the security assessment of >> web application deeply and thoroughly through only several clicks. >> >> v) Absolute free >> Security as a basic service should be provided free,so we firmly believe >> that the security industry needs revolution. As a new free service provider >> , we build the domestic first and only assessment platform of security >> assignment of web application which full functions are free. In the iiScan >> platform,the basic policy of scanning is absolute free. >> >> We hope our work can help you. More information please visit >> http://www.iiScan.com/ >> Demo video can be found here http://www.iiscan.com/help/manual >> >> Sincerely >> >> NOSEC iiScan support team >> >> support at iiscan.com >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- ? Manu Quintans ? mail: mquintans at gmail.com Mike Ditka - "If God had wanted man to play soccer, he wouldn't have given us arms." -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/2af10c37/attachment.html From mrx at propergander.org.uk Tue Jan 5 18:49:05 2010 From: mrx at propergander.org.uk (mrx) Date: Tue, 05 Jan 2010 18:49:05 +0000 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: References: Message-ID: <4B4389A1.6070905@propergander.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I too would like an invitation code. Thank you regards mrx Guilherme Scombatti wrote: > Yes, > > I want an invite code to test > > On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie wrote: > >> Hi. >> >> where can we receive a invite code to test? >> >> ------------------------------ >> *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: >> full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan support >> *Sent:* 05 January 2010 02:33 >> *To:* full-disclosure at lists.grok.org.uk >> *Subject:* [Full-disclosure] iiScan - Full-function web application >> security scanning platform for free >> >> Dear all friends: >> >> iiScan is pleased to announce our new gerneration of Web Application >> Security Evalution Platform which is totally FREE. It provides web security >> as a service through the Cloud, no installation of hardware or software is >> needed. Here is some description: >> >> i) New generation of web application security evaluation platform >> iiScan provide a cloud-computing based security service which focus on web >> application security. With iiScan, you can get your web application assessed >> by iiScan expert and the only thing you have to do is clicking the START >> botton. After that, a report contained all details of vulnerabilities or >> risks of your website will be sent to your mailbox. Then you can fix it and >> make your website safer. >> >> ii) iiScan can detect and test most Web Vulnerabilities without manual >> intervention : >> SQL injection >> Cross Site Scripting (XSS) >> File Upload Vulnerability >> Information Leakage >> Insecure Direct Object References >> Buffer overflow >> Path Traversal >> OS Commanding >> Session Fixation >> XPath Injection >> ?? >> >> iii) Rich Statements >> The statements we offered include abundant informations. You can find all >> the details about every vulnerabilities and fix it with our suggestion. We >> also provide report for web develop and testing engineer. >> >> iv) Easy to use >> There is no longer technical research which difficult to comprehend and no >> process of configuration items. Through iiScan,you are the security expert >> of web application security. And you can finish the security assessment of >> web application deeply and thoroughly through only several clicks. >> >> v) Absolute free >> Security as a basic service should be provided free,so we firmly believe >> that the security industry needs revolution. As a new free service provider >> , we build the domestic first and only assessment platform of security >> assignment of web application which full functions are free. In the iiScan >> platform,the basic policy of scanning is absolute free. >> >> We hope our work can help you. More information please visit >> http://www.iiScan.com/ >> Demo video can be found here http://www.iiscan.com/help/manual >> >> Sincerely >> >> NOSEC iiScan support team >> >> support at iiscan.com >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS0OJobIvn8UFHWSmAQJunwf/aTFSbS4bCbZcagB/kjVRShcvcvicEXhR qVs+NNSfSWVKQjmMWScr876jEct2G+UC/clgjAJ6VU4lWBrOtyd0NojI2p8Sit1L 4pID6RKO03GwS6t2b+i8jO2xn8els7ZTNlN5HOQdprkej0h7pn0LDeey7eiwz8EN 2HknuNDr5dWz35s5YIU7xhQZv75AWfWcVfeAgAHDIDvxXGYWAMBzSxWKdCdgaghO sh9oLF5/BZ42SjMx+b20SwwU8/agxaGOvWlZlWX+TDy8cDZQtoacnES/MZ9rSUnp 5Bi6WcwdgcOryiw+1fEeh8pCeSOBgjA1pl5z5o9vuwbwsRQ8LvrtpQ== =T4X5 -----END PGP SIGNATURE----- From security at mandriva.com Tue Jan 5 19:24:02 2010 From: security at mandriva.com (security at mandriva.com) Date: Tue, 05 Jan 2010 20:24:02 +0100 Subject: [Full-disclosure] [ MDVSA-2009:220-1 ] davfs Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:220-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : davfs Date : January 5, 2010 Affected: 2008.0 _______________________________________________________________________ Problem Description: A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625 (CVE-2009-3720). This update fixes this vulnerability. Update: Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 https://bugs.gentoo.org/show_bug.cgi?id=280615 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 1bdf969bcbde0e5c447f6c69a349e890 2008.0/i586/davfs-0.2.4-10.1mdv2008.0.i586.rpm 3a0db412548d67a97686ef6f271f8898 2008.0/SRPMS/davfs-0.2.4-10.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 569fe422111f00790722b845f1f51411 2008.0/x86_64/davfs-0.2.4-10.1mdv2008.0.x86_64.rpm 3a0db412548d67a97686ef6f271f8898 2008.0/SRPMS/davfs-0.2.4-10.1mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLQ2Y4mqjQ0CJFipgRAq38AKCWtvRQ5z4gxJH55M0FrV9p3bE9hgCg5gtj L7XmKE06Lid2HmMNBazYzgY= =p3B5 -----END PGP SIGNATURE----- From ad_lists at netragard.com Tue Jan 5 19:37:39 2010 From: ad_lists at netragard.com (Adriel T. Desautels) Date: Tue, 5 Jan 2010 14:37:39 -0500 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: <4B4389A1.6070905@propergander.org.uk> References: <4B4389A1.6070905@propergander.org.uk> Message-ID: <9052F234-CBC1-4EF9-A073-C360B0B56094@netragard.com> Code please! On Jan 5, 2010, at 1:49 PM, mrx wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I too would like an invitation code. > Thank you > > regards > mrx > > Guilherme Scombatti wrote: >> Yes, >> >> I want an invite code to test >> >> On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie >> wrote: >> >>> Hi. >>> >>> where can we receive a invite code to test? >>> >>> ------------------------------ >>> *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: >>> full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan >>> support >>> *Sent:* 05 January 2010 02:33 >>> *To:* full-disclosure at lists.grok.org.uk >>> *Subject:* [Full-disclosure] iiScan - Full-function web application >>> security scanning platform for free >>> >>> Dear all friends: >>> >>> iiScan is pleased to announce our new gerneration of Web Application >>> Security Evalution Platform which is totally FREE. It provides web >>> security >>> as a service through the Cloud, no installation of hardware or >>> software is >>> needed. Here is some description: >>> >>> i) New generation of web application security evaluation platform >>> iiScan provide a cloud-computing based security service which >>> focus on web >>> application security. With iiScan, you can get your web >>> application assessed >>> by iiScan expert and the only thing you have to do is clicking the >>> START >>> botton. After that, a report contained all details of >>> vulnerabilities or >>> risks of your website will be sent to your mailbox. Then you can >>> fix it and >>> make your website safer. >>> >>> ii) iiScan can detect and test most Web Vulnerabilities without >>> manual >>> intervention : >>> SQL injection >>> Cross Site Scripting (XSS) >>> File Upload Vulnerability >>> Information Leakage >>> Insecure Direct Object References >>> Buffer overflow >>> Path Traversal >>> OS Commanding >>> Session Fixation >>> XPath Injection >>> ?? >>> >>> iii) Rich Statements >>> The statements we offered include abundant informations. You can >>> find all >>> the details about every vulnerabilities and fix it with our >>> suggestion. We >>> also provide report for web develop and testing engineer. >>> >>> iv) Easy to use >>> There is no longer technical research which difficult to >>> comprehend and no >>> process of configuration items. Through iiScan,you are the >>> security expert >>> of web application security. And you can finish the security >>> assessment of >>> web application deeply and thoroughly through only several clicks. >>> >>> v) Absolute free >>> Security as a basic service should be provided free,so we firmly >>> believe >>> that the security industry needs revolution. As a new free service >>> provider >>> , we build the domestic first and only assessment platform of >>> security >>> assignment of web application which full functions are free. In >>> the iiScan >>> platform,the basic policy of scanning is absolute free. >>> >>> We hope our work can help you. More information please visit >>> http://www.iiScan.com/ >>> Demo video can be found here http://www.iiscan.com/help/manual >>> >>> Sincerely >>> >>> NOSEC iiScan support team >>> >>> support at iiscan.com >>> >>> >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEVAwUBS0OJobIvn8UFHWSmAQJunwf/aTFSbS4bCbZcagB/kjVRShcvcvicEXhR > qVs+NNSfSWVKQjmMWScr876jEct2G+UC/clgjAJ6VU4lWBrOtyd0NojI2p8Sit1L > 4pID6RKO03GwS6t2b+i8jO2xn8els7ZTNlN5HOQdprkej0h7pn0LDeey7eiwz8EN > 2HknuNDr5dWz35s5YIU7xhQZv75AWfWcVfeAgAHDIDvxXGYWAMBzSxWKdCdgaghO > sh9oLF5/BZ42SjMx+b20SwwU8/agxaGOvWlZlWX+TDy8cDZQtoacnES/MZ9rSUnp > 5Bi6WcwdgcOryiw+1fEeh8pCeSOBgjA1pl5z5o9vuwbwsRQ8LvrtpQ== > =T4X5 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Adriel T. Desautels ad_lists at netragard.com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com From sec-community at thegoodhacker.com Tue Jan 5 20:44:46 2010 From: sec-community at thegoodhacker.com (Will McAfee) Date: Tue, 5 Jan 2010 15:44:46 -0500 Subject: [Full-disclosure] Security app Message-ID: <21D96872-C698-4B2A-810C-D5663EE05529@thegoodhacker.com> I am an iPhone app developer working on a security toolkit app. My question is simple. What would you find most useful in a security tool app? Sent from my iPhone From uuf6429 at gmail.com Tue Jan 5 21:18:15 2010 From: uuf6429 at gmail.com (Christian Sciberras) Date: Tue, 5 Jan 2010 22:18:15 +0100 Subject: [Full-disclosure] Security app In-Reply-To: <21D96872-C698-4B2A-810C-D5663EE05529@thegoodhacker.com> References: <21D96872-C698-4B2A-810C-D5663EE05529@thegoodhacker.com> Message-ID: <3af3d47c1001051318q52d93b07o1db683eed6c30238@mail.gmail.com> Depending on what you are aiming at. In general, I'd love to see an information listing app, of course of security-related information (connections, sensors...). On Tue, Jan 5, 2010 at 9:44 PM, Will McAfee wrote: > I am an iPhone app developer working on a security toolkit app. My > question is simple. What would you find most useful in a security > tool app? > > Sent from my iPhone > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/f3ebaf36/attachment.html From nytrokiss at gmail.com Tue Jan 5 21:26:27 2010 From: nytrokiss at gmail.com (James Matthews) Date: Tue, 5 Jan 2010 16:26:27 -0500 Subject: [Full-disclosure] Security app In-Reply-To: <3af3d47c1001051318q52d93b07o1db683eed6c30238@mail.gmail.com> References: <21D96872-C698-4B2A-810C-D5663EE05529@thegoodhacker.com> <3af3d47c1001051318q52d93b07o1db683eed6c30238@mail.gmail.com> Message-ID: <8a6b8e351001051326l633a9aa5xdcddbb77615c1742@mail.gmail.com> What I found to be very helpful was looking at the iPhone-dev teams's presentation about the jailbreak and then asking some questions in the chat room. On Tue, Jan 5, 2010 at 4:18 PM, Christian Sciberras wrote: > Depending on what you are aiming at. > > In general, I'd love to see an information listing app, of course of > security-related information (connections, sensors...). > > > On Tue, Jan 5, 2010 at 9:44 PM, Will McAfee < > sec-community at thegoodhacker.com> wrote: > >> I am an iPhone app developer working on a security toolkit app. My >> question is simple. What would you find most useful in a security >> tool app? >> >> Sent from my iPhone >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- http://www.miami-criminallaw.com/practice-areas/cyber-crimes -- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/5514a9af/attachment.html From keytoaster at gentoo.org Tue Jan 5 21:10:07 2010 From: keytoaster at gentoo.org (Tobias Heinlein) Date: Tue, 05 Jan 2010 22:10:07 +0100 Subject: [Full-disclosure] [ GLSA 201001-03 ] PHP: Multiple vulnerabilities Message-ID: <4B43AAAF.6060402@gentoo.org> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201001-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: PHP: Multiple vulnerabilities Date: January 05, 2010 Bugs: #249875, #255121, #260576, #261192, #266125, #274670, #280602, #285434, #292132, #293888, #297369, #297370 ID: 201001-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Background ========== PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/php < 5.2.12 >= 5.2.12 Description =========== Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Impact ====== A context-dependent attacker could execute arbitrary code via a specially crafted string containing an HTML entity when the mbstring extension is enabled. Furthermore a remote attacker could execute arbitrary code via a specially crafted GD graphics file. A remote attacker could also cause a Denial of Service via a malformed string passed to the json_decode() function, via a specially crafted ZIP file passed to the php_zip_make_relative_path() function, via a malformed JPEG image passed to the exif_read_data() function, or via temporary file exhaustion. It is also possible for an attacker to spoof certificates, bypass various safe_mode and open_basedir restrictions when certain criteria are met, perform Cross-site scripting attacks, more easily perform SQL injection attacks, manipulate settings of other virtual hosts on the same server via a malicious .htaccess entry when running on Apache, disclose memory portions, and write arbitrary files via a specially crafted ZIP archive. Some vulnerabilities with unknown impact and attack vectors have been reported as well. Workaround ========== There is no known workaround at this time. Resolution ========== All PHP users should upgrade to the latest version. As PHP is statically linked against a vulnerable version of the c-client library when the imap or kolab USE flag is enabled (GLSA 200911-03), users should upgrade net-libs/c-client beforehand: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/c-client-2007e" # emerge --ask --oneshot --verbose ">=dev-lang/php-5.2.12" References ========== [ 1 ] CVE-2008-5498 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 [ 2 ] CVE-2008-5514 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514 [ 3 ] CVE-2008-5557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5557 [ 4 ] CVE-2008-5624 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5624 [ 5 ] CVE-2008-5625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5625 [ 6 ] CVE-2008-5658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5658 [ 7 ] CVE-2008-5814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5814 [ 8 ] CVE-2008-5844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5844 [ 9 ] CVE-2008-7002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7002 [ 10 ] CVE-2009-0754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0754 [ 11 ] CVE-2009-1271 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1271 [ 12 ] CVE-2009-1272 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1272 [ 13 ] CVE-2009-2626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2626 [ 14 ] CVE-2009-2687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2687 [ 15 ] CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 [ 16 ] CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 [ 17 ] CVE-2009-3293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 [ 18 ] CVE-2009-3546 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 [ 19 ] CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 [ 20 ] CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 [ 21 ] CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 [ 22 ] CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 [ 23 ] CVE-2009-4143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 [ 24 ] GLSA 200911-03 http://www.gentoo.org/security/en/glsa/glsa-200911-03.xml Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201001-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security at gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/7ec6ed67/attachment.bin From nbrito at sekure.org Tue Jan 5 23:20:47 2010 From: nbrito at sekure.org (Nelson Brito) Date: Tue, 5 Jan 2010 21:20:47 -0200 Subject: [Full-disclosure] [TOOL RELEASE] Microsoft SQL Server Fingerprint Too BETA-3l!!! Message-ID: <001a01ca8e5d$b8e50540$2aaf0fc0$@org> .:[Software Description: This is a tool that performs version fingerprinting on Microsoft SQL Server 2000, 2005 and 2008, using well known techniques based on several public tools that identifies the SQL Version. The strength of this tool is that it uses probabilistic algorithm to identify the version of the Microsoft SQL Server. The "Microsoft SQL Server Fingerprint Tool" can also be used to identify vulnerable versions of Microsoft SQL Server. .:[ Software Release Life Cycle: The initial public release will be the Version 1.00.0006, and will follow the stages: 1. January 4th, 2010: Community Technology Preview (CTP) 2. January 19th, 2010: Release Candidate (RC) 3. January 31st, 2010: Release to Marketing (RTM) 4. February 15th, 2010: General Availability (GA) "Help me to develop this tool... I need "Beta Testers". To help me, please, download the version BETA 3." (Nelson Brito) .:[ Microsoft SQL Server Fingerprint Tool 1. Google Code Project Hosting @ http://code.google.com/p/mssqlfp/ 2. Google Code Download @ http://mssqlfp.googlecode.com/files/mssqlfp-BETA3.exe PS: I will publish the code under GNU Lesser General Public License v3 as soon as GA Release comes out!!! /* * $Id: .siganture,v 1.3 2009-12-11 09:22:54-02 nbrito Exp $ * * Author: Nelson Brito Copyright(c) 2004-2009 Nelson Brito. All rights reserved worldwide. http://fnstenv.blogspot.com */ From zwell.nosec at gmail.com Wed Jan 6 01:28:18 2010 From: zwell.nosec at gmail.com (Vincent Chao) Date: Wed, 6 Jan 2010 09:28:18 +0800 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: <9052F234-CBC1-4EF9-A073-C360B0B56094@netragard.com> References: <4B4389A1.6070905@propergander.org.uk> <9052F234-CBC1-4EF9-A073-C360B0B56094@netragard.com> Message-ID: <4b43e738.8802be0a.2a3a.ffff9791@mx.google.com> Well, it's amazing, I got some invite codes, you can use these: 51465e06c8e0de8e cd1d4118b64e9ae3 f021712b986ea8e9 bb02fce148b77f0f 5ad40949d5041697 75281443357973e4 9d2a0edff5f0a973 8451d2ff81c26050 35a6cfb3579b8873 26e27b5c07114abc -----Original Message----- From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Adriel T. Desautels Sent: Wednesday, January 06, 2010 3:38 AM To: mrx Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] iiScan - Full-function web application security scanning platform for free Code please! On Jan 5, 2010, at 1:49 PM, mrx wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I too would like an invitation code. > Thank you > > regards > mrx > > Guilherme Scombatti wrote: >> Yes, >> >> I want an invite code to test >> >> On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie >> wrote: >> >>> Hi. >>> >>> where can we receive a invite code to test? >>> >>> ------------------------------ >>> *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: >>> full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan >>> support >>> *Sent:* 05 January 2010 02:33 >>> *To:* full-disclosure at lists.grok.org.uk >>> *Subject:* [Full-disclosure] iiScan - Full-function web application >>> security scanning platform for free >>> >>> Dear all friends: >>> >>> iiScan is pleased to announce our new gerneration of Web Application >>> Security Evalution Platform which is totally FREE. It provides web >>> security >>> as a service through the Cloud, no installation of hardware or >>> software is >>> needed. Here is some description: >>> >>> i) New generation of web application security evaluation platform >>> iiScan provide a cloud-computing based security service which >>> focus on web >>> application security. With iiScan, you can get your web >>> application assessed >>> by iiScan expert and the only thing you have to do is clicking the >>> START >>> botton. After that, a report contained all details of >>> vulnerabilities or >>> risks of your website will be sent to your mailbox. Then you can >>> fix it and >>> make your website safer. >>> >>> ii) iiScan can detect and test most Web Vulnerabilities without >>> manual >>> intervention : >>> SQL injection >>> Cross Site Scripting (XSS) >>> File Upload Vulnerability >>> Information Leakage >>> Insecure Direct Object References >>> Buffer overflow >>> Path Traversal >>> OS Commanding >>> Session Fixation >>> XPath Injection >>> ?? >>> >>> iii) Rich Statements >>> The statements we offered include abundant informations. You can >>> find all >>> the details about every vulnerabilities and fix it with our >>> suggestion. We >>> also provide report for web develop and testing engineer. >>> >>> iv) Easy to use >>> There is no longer technical research which difficult to >>> comprehend and no >>> process of configuration items. Through iiScan,you are the >>> security expert >>> of web application security. And you can finish the security >>> assessment of >>> web application deeply and thoroughly through only several clicks. >>> >>> v) Absolute free >>> Security as a basic service should be provided free,so we firmly >>> believe >>> that the security industry needs revolution. As a new free service >>> provider >>> , we build the domestic first and only assessment platform of >>> security >>> assignment of web application which full functions are free. In >>> the iiScan >>> platform,the basic policy of scanning is absolute free. >>> >>> We hope our work can help you. More information please visit >>> http://www.iiScan.com/ >>> Demo video can be found here http://www.iiscan.com/help/manual >>> >>> Sincerely >>> >>> NOSEC iiScan support team >>> >>> support at iiscan.com >>> >>> >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEVAwUBS0OJobIvn8UFHWSmAQJunwf/aTFSbS4bCbZcagB/kjVRShcvcvicEXhR > qVs+NNSfSWVKQjmMWScr876jEct2G+UC/clgjAJ6VU4lWBrOtyd0NojI2p8Sit1L > 4pID6RKO03GwS6t2b+i8jO2xn8els7ZTNlN5HOQdprkej0h7pn0LDeey7eiwz8EN > 2HknuNDr5dWz35s5YIU7xhQZv75AWfWcVfeAgAHDIDvxXGYWAMBzSxWKdCdgaghO > sh9oLF5/BZ42SjMx+b20SwwU8/agxaGOvWlZlWX+TDy8cDZQtoacnES/MZ9rSUnp > 5Bi6WcwdgcOryiw+1fEeh8pCeSOBgjA1pl5z5o9vuwbwsRQ8LvrtpQ== > =T4X5 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Adriel T. Desautels ad_lists at netragard.com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ From guiscombatti at gmail.com Wed Jan 6 01:50:36 2010 From: guiscombatti at gmail.com (Guilherme Scombatti) Date: Tue, 5 Jan 2010 23:50:36 -0200 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: <4b43e738.8802be0a.2a3a.ffff9791@mx.google.com> References: <4B4389A1.6070905@propergander.org.uk> <9052F234-CBC1-4EF9-A073-C360B0B56094@netragard.com> <4b43e738.8802be0a.2a3a.ffff9791@mx.google.com> Message-ID: Thanks for the codes To use the scan you have to upload into a site a .txt file with a code. []?z On Tue, Jan 5, 2010 at 11:28 PM, Vincent Chao wrote: > Well, it's amazing, I got some invite codes, you can use these: > 51465e06c8e0de8e > cd1d4118b64e9ae3 > f021712b986ea8e9 > bb02fce148b77f0f > 5ad40949d5041697 > 75281443357973e4 > 9d2a0edff5f0a973 > 8451d2ff81c26050 > 35a6cfb3579b8873 > 26e27b5c07114abc > -----Original Message----- > From: full-disclosure-bounces at lists.grok.org.uk > [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Adriel T. > Desautels > Sent: Wednesday, January 06, 2010 3:38 AM > To: mrx > Cc: full-disclosure at lists.grok.org.uk > Subject: Re: [Full-disclosure] iiScan - Full-function web application > security scanning platform for free > > Code please! > > On Jan 5, 2010, at 1:49 PM, mrx wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > I too would like an invitation code. > > Thank you > > > > regards > > mrx > > > > Guilherme Scombatti wrote: > >> Yes, > >> > >> I want an invite code to test > >> > >> On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie > >> wrote: > >> > >>> Hi. > >>> > >>> where can we receive a invite code to test? > >>> > >>> ------------------------------ > >>> *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: > >>> full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan > >>> support > >>> *Sent:* 05 January 2010 02:33 > >>> *To:* full-disclosure at lists.grok.org.uk > >>> *Subject:* [Full-disclosure] iiScan - Full-function web application > >>> security scanning platform for free > >>> > >>> Dear all friends: > >>> > >>> iiScan is pleased to announce our new gerneration of Web Application > >>> Security Evalution Platform which is totally FREE. It provides web > >>> security > >>> as a service through the Cloud, no installation of hardware or > >>> software is > >>> needed. Here is some description: > >>> > >>> i) New generation of web application security evaluation platform > >>> iiScan provide a cloud-computing based security service which > >>> focus on web > >>> application security. With iiScan, you can get your web > >>> application assessed > >>> by iiScan expert and the only thing you have to do is clicking the > >>> START > >>> botton. After that, a report contained all details of > >>> vulnerabilities or > >>> risks of your website will be sent to your mailbox. Then you can > >>> fix it and > >>> make your website safer. > >>> > >>> ii) iiScan can detect and test most Web Vulnerabilities without > >>> manual > >>> intervention : > >>> SQL injection > >>> Cross Site Scripting (XSS) > >>> File Upload Vulnerability > >>> Information Leakage > >>> Insecure Direct Object References > >>> Buffer overflow > >>> Path Traversal > >>> OS Commanding > >>> Session Fixation > >>> XPath Injection > >>> ?? > >>> > >>> iii) Rich Statements > >>> The statements we offered include abundant informations. You can > >>> find all > >>> the details about every vulnerabilities and fix it with our > >>> suggestion. We > >>> also provide report for web develop and testing engineer. > >>> > >>> iv) Easy to use > >>> There is no longer technical research which difficult to > >>> comprehend and no > >>> process of configuration items. Through iiScan,you are the > >>> security expert > >>> of web application security. And you can finish the security > >>> assessment of > >>> web application deeply and thoroughly through only several clicks. > >>> > >>> v) Absolute free > >>> Security as a basic service should be provided free,so we firmly > >>> believe > >>> that the security industry needs revolution. As a new free service > >>> provider > >>> , we build the domestic first and only assessment platform of > >>> security > >>> assignment of web application which full functions are free. In > >>> the iiScan > >>> platform,the basic policy of scanning is absolute free. > >>> > >>> We hope our work can help you. More information please visit > >>> http://www.iiScan.com/ > >>> Demo video can be found here http://www.iiscan.com/help/manual > >>> > >>> Sincerely > >>> > >>> NOSEC iiScan support team > >>> > >>> support at iiscan.com > >>> > >>> > >>> > >>> _______________________________________________ > >>> Full-Disclosure - We believe in it. > >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>> Hosted and sponsored by Secunia - http://secunia.com/ > >>> > >> > >> > >> ------------------------------------------------------------------------ > >> > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.2 (MingW32) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > > > iQEVAwUBS0OJobIvn8UFHWSmAQJunwf/aTFSbS4bCbZcagB/kjVRShcvcvicEXhR > > qVs+NNSfSWVKQjmMWScr876jEct2G+UC/clgjAJ6VU4lWBrOtyd0NojI2p8Sit1L > > 4pID6RKO03GwS6t2b+i8jO2xn8els7ZTNlN5HOQdprkej0h7pn0LDeey7eiwz8EN > > 2HknuNDr5dWz35s5YIU7xhQZv75AWfWcVfeAgAHDIDvxXGYWAMBzSxWKdCdgaghO > > sh9oLF5/BZ42SjMx+b20SwwU8/agxaGOvWlZlWX+TDy8cDZQtoacnES/MZ9rSUnp > > 5Bi6WcwdgcOryiw+1fEeh8pCeSOBgjA1pl5z5o9vuwbwsRQ8LvrtpQ== > > =T4X5 > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > Adriel T. Desautels > ad_lists at netragard.com > -------------------------------------- > > Subscribe to our blog > http://snosoft.blogspot.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/1ec367ab/attachment.html From tmorgan at vsecurity.com Wed Jan 6 01:15:19 2010 From: tmorgan at vsecurity.com (Timothy D. Morgan) Date: Tue, 5 Jan 2010 17:15:19 -0800 Subject: [Full-disclosure] HTTP Digest Integrity: Another look, in light of recent attacks Message-ID: <20100106011519.GS2231@sentinelchicken.org> Hello, Some of you may be interested in this short technical note which includes some recent observations about TLS renegotiation and other issues: http://www.vsecurity.com/download/papers/HTTPDigestIntegrity.pdf Comments welcome, tim Introduction ============ Recent history has proven that web communications security is highly lacking in redundancy. That is, simple breaks in common protocols, such as SSL/TLS or the authentication mechanisms which support it, often lead to catastrophic gaps in security. Recent examples of this fragile architecture abound, and even when protocols and implementations themselves are sound, research indicates browser user interfaces continue to leave room for serious attacks. This paper explores how the seldom-used HTTP digest authentication protocol can be used to mitigate certain recent forms of attack, including SSL/TLS renegotiation and some types of HTTP request smuggling. ... From jlevitsk at joshie.com Wed Jan 6 01:39:22 2010 From: jlevitsk at joshie.com (Joshua Levitsky) Date: Tue, 5 Jan 2010 20:39:22 -0500 Subject: [Full-disclosure] Security app In-Reply-To: <21D96872-C698-4B2A-810C-D5663EE05529@thegoodhacker.com> References: <21D96872-C698-4B2A-810C-D5663EE05529@thegoodhacker.com> Message-ID: On Tue, Jan 5, 2010 at 3:44 PM, Will McAfee wrote: > I am an iPhone app developer working on a security toolkit app. My > question is simple. What would you find most useful in a security > tool app? > Some ideas... /etc/services - searchable list /etc/protocols - searchable list subnet/supernet calculator with CIDR nmap with ability to save results in app as well as email them nbtstat with ability to save results in app as well as email them bonjour discovery of hosts on same subnet as phone along with list of services on each host http://cve.mitre.org/cve/ <- searchable -- Joshua Levitsky, MCSE, CISSP http://www.jnuxhosting.net http://www.jnux.net http://blog.joshie.com/ [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] Sent from Yorktown Heights, NY, United States -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/87b90bf7/attachment.html From zwell.nosec at gmail.com Wed Jan 6 02:46:58 2010 From: zwell.nosec at gmail.com (Vincent Chao) Date: Wed, 6 Jan 2010 10:46:58 +0800 Subject: [Full-disclosure] iiScan - Full-function web application security scanning platform for free In-Reply-To: References: <4B4389A1.6070905@propergander.org.uk> <9052F234-CBC1-4EF9-A073-C360B0B56094@netragard.com> <4b43e738.8802be0a.2a3a.ffff9791@mx.google.com> Message-ID: <4b43f9ad.100bca0a.27d7.50e2@mx.google.com> Yep, so nobody can use it to hack some others site, only can check yourselves. I think that?s the reason ;) From: Guilherme Scombatti [mailto:guiscombatti at gmail.com] Sent: Wednesday, January 06, 2010 9:51 AM To: Vincent Chao Cc: Adriel T. Desautels; full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] iiScan - Full-function web application security scanning platform for free Thanks for the codes To use the scan you have to upload into a site a .txt file with a code. []?z On Tue, Jan 5, 2010 at 11:28 PM, Vincent Chao wrote: Well, it's amazing, I got some invite codes, you can use these: 51465e06c8e0de8e cd1d4118b64e9ae3 f021712b986ea8e9 bb02fce148b77f0f 5ad40949d5041697 75281443357973e4 9d2a0edff5f0a973 8451d2ff81c26050 35a6cfb3579b8873 26e27b5c07114abc -----Original Message----- From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Adriel T. Desautels Sent: Wednesday, January 06, 2010 3:38 AM To: mrx Cc: full-disclosure at lists.grok.org.uk Subject: Re: [Full-disclosure] iiScan - Full-function web application security scanning platform for free Code please! On Jan 5, 2010, at 1:49 PM, mrx wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I too would like an invitation code. > Thank you > > regards > mrx > > Guilherme Scombatti wrote: >> Yes, >> >> I want an invite code to test >> >> On Tue, Jan 5, 2010 at 2:37 PM, McGhee, Eddie >> wrote: >> >>> Hi. >>> >>> where can we receive a invite code to test? >>> >>> ------------------------------ >>> *From:* full-disclosure-bounces at lists.grok.org.uk [mailto: >>> full-disclosure-bounces at lists.grok.org.uk] *On Behalf Of *iiScan >>> support >>> *Sent:* 05 January 2010 02:33 >>> *To:* full-disclosure at lists.grok.org.uk >>> *Subject:* [Full-disclosure] iiScan - Full-function web application >>> security scanning platform for free >>> >>> Dear all friends: >>> >>> iiScan is pleased to announce our new gerneration of Web Application >>> Security Evalution Platform which is totally FREE. It provides web >>> security >>> as a service through the Cloud, no installation of hardware or >>> software is >>> needed. Here is some description: >>> >>> i) New generation of web application security evaluation platform >>> iiScan provide a cloud-computing based security service which >>> focus on web >>> application security. With iiScan, you can get your web >>> application assessed >>> by iiScan expert and the only thing you have to do is clicking the >>> START >>> botton. After that, a report contained all details of >>> vulnerabilities or >>> risks of your website will be sent to your mailbox. Then you can >>> fix it and >>> make your website safer. >>> >>> ii) iiScan can detect and test most Web Vulnerabilities without >>> manual >>> intervention : >>> SQL injection >>> Cross Site Scripting (XSS) >>> File Upload Vulnerability >>> Information Leakage >>> Insecure Direct Object References >>> Buffer overflow >>> Path Traversal >>> OS Commanding >>> Session Fixation >>> XPath Injection >>> ?? >>> >>> iii) Rich Statements >>> The statements we offered include abundant informations. You can >>> find all >>> the details about every vulnerabilities and fix it with our >>> suggestion. We >>> also provide report for web develop and testing engineer. >>> >>> iv) Easy to use >>> There is no longer technical research which difficult to >>> comprehend and no >>> process of configuration items. Through iiScan,you are the >>> security expert >>> of web application security. And you can finish the security >>> assessment of >>> web application deeply and thoroughly through only several clicks. >>> >>> v) Absolute free >>> Security as a basic service should be provided free,so we firmly >>> believe >>> that the security industry needs revolution. As a new free service >>> provider >>> , we build the domestic first and only assessment platform of >>> security >>> assignment of web application which full functions are free. In >>> the iiScan >>> platform,the basic policy of scanning is absolute free. >>> >>> We hope our work can help you. More information please visit >>> http://www.iiScan.com/ >>> Demo video can be found here http://www.iiscan.com/help/manual >>> >>> Sincerely >>> >>> NOSEC iiScan support team >>> >>> support at iiscan.com >>> >>> >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEVAwUBS0OJobIvn8UFHWSmAQJunwf/aTFSbS4bCbZcagB/kjVRShcvcvicEXhR > qVs+NNSfSWVKQjmMWScr876jEct2G+UC/clgjAJ6VU4lWBrOtyd0NojI2p8Sit1L > 4pID6RKO03GwS6t2b+i8jO2xn8els7ZTNlN5HOQdprkej0h7pn0LDeey7eiwz8EN > 2HknuNDr5dWz35s5YIU7xhQZv75AWfWcVfeAgAHDIDvxXGYWAMBzSxWKdCdgaghO > sh9oLF5/BZ42SjMx+b20SwwU8/agxaGOvWlZlWX+TDy8cDZQtoacnES/MZ9rSUnp > 5Bi6WcwdgcOryiw+1fEeh8pCeSOBgjA1pl5z5o9vuwbwsRQ8LvrtpQ== > =T4X5 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Adriel T. Desautels ad_lists at netragard.com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100106/2ed89fad/attachment-0001.html From kees at ubuntu.com Wed Jan 6 06:22:53 2010 From: kees at ubuntu.com (Kees Cook) Date: Tue, 5 Jan 2010 22:22:53 -0800 Subject: [Full-disclosure] [USN-879-1] Kerberos vulnerability Message-ID: <20100106062253.GC5365@outflux.net> =========================================================== Ubuntu Security Notice USN-879-1 January 06, 2010 krb5 vulnerability CVE-2009-3295 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: krb5-kdc 1.7dfsg~beta3-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Jeff Blaine, Radoslav Bodo, Jakob Haufe, and Jorgen Wahlsten discovered that the Kerberos Key Distribution Center service did not correctly verify certain network traffic. An unauthenticated remote attacker could send a specially crafted request that would cause the KDC to crash, leading to a denial of service. Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.1.diff.gz Size/MD5: 95600 0f70036295e4f7337d73e01d3b7ddd50 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.1.dsc Size/MD5: 1776 1a5055bfdee2cf24631432e8d8983636 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3.orig.tar.gz Size/MD5: 12235083 5219bf9a5c23d6a1d9d9687b918f632d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.7dfsg~beta3-1ubuntu0.1_all.deb Size/MD5: 2173960 6caa47c3ba8061e554d65f592415d8c7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 141814 eda6b542418104190e27399553f3d892 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 114192 72041faa19f14aacddc89f16251493aa http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 78406 6ef4f47c746830b751d1a5a7706e6b36 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 109852 ea8b046683279b077616ebe70fb80bb9 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 60558 ef09a9ba4d9a6bdadceb501885f36ed6 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 74144 152af5c5a52a7447dbff180e26d9e72d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 58378 d4a2fe9589f2f74e12ae92f3d9ced08a http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 353742 d8d61e8f8ea19b3dae6195d21db980c6 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 1496120 c53aa2eee46620c56a76cf54a81c1187 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 100822 3d0aa9a559c299f758a0a063db315624 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 41414 ec8382c8a07348a6f6be876c5fa23690 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 109280 b7a105f9d75e24656100e7a2f8351202 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 217508 f4171a1e642de9ddb2ed158868ac6fd0 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 70410 4b592e17ae38e54e0439ebb7a1bfc5af http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 111496 b3ee0bb8f93f255c3c67898b6c64a031 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 207966 dec2f0580508a7cdd302481aa438e120 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 72146 a8278458c3c895ebedc9261b6a66cb8a http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 85780 51ffc12ffb82ea820bdf0742d918e413 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_amd64.deb Size/MD5: 76994 c7ffca80c0c63c9974d43cb2683841dd i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 133034 16017c5f538cd73a6c5ab4e887f2bad8 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 107852 060280eebc2356be51d58455aab21091 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 71838 deeacbd6c8ed12b64c348da8245a9fa4 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 101906 f16b3c9050d1dd7ce6061238a7889ddd http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 57276 2571ebd0ffa3a13f908bf9eb67e0c924 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 69786 ea42861b21c9ef801ee076cae5a6706c http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 55950 fb6a92fbc279f97f8ece2a87fd65297b http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 337126 859d8b4a62da148f70dc78566f2a63cf http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 1477578 63fe0c129a36eea1295ed9ca95a12bd0 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 100848 1cb8492cd3974d358fd0aff7afc70958 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 39550 8c6ca0197f92cd26c61cb663afa35650 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 101430 a524159aad84253013d94e623bf30eba http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 195626 7b6dd1b4f96fa78c3a184fc46a70bacf http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 65224 6faf061c5fd541dd2136f2ea3a0c9b30 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 106142 ea50ee048bd8bd9e97abb3d6647c771e http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 192156 eba58c68cfb33214140b2db81a9ea9e9 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 68848 db36a1d9eb9987d1850e89d740ccbc6b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 80090 cf8318d426eaf6e86009abc803f35fb2 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_i386.deb Size/MD5: 70752 905d6d92b7e23e4aafdee8ae67bd82dc lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 133112 a11227793157afb52a759a04538e8c93 http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 107008 899e2d1e1b3aa9c2cdb60996ee0a32c9 http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 71252 e8d2f9c66861256682526ffb5866229a http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 102168 25c5beab3acc8477999c7d3b64244408 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 56792 1e6ab58007a2eb1521ce2c7f596a8a25 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 69888 cbd025fe863898f17837e51015251e6c http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 55598 6b0905a9661c6cb23bb7064205335d4f http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 334532 b3b9d4b9039010fd0927a59d53c4df86 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 1498290 937cda431eb453003a3d84cade3b3d5a http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 100830 3b4eece7651f92855f2da5376843d692 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 39260 b9b5adabb5b4b72bf4ecbba63789abe2 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 101990 31e82aa6dd83165e002b96557feded2f http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 192558 a81339a3a56d74f48a6638f26924e9d5 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 65360 6d32e7908356ba91726ab7cc6970fa8b http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 106228 2f3c03436b6063fcf301957444c817b5 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 192310 b221131242f4ce20420bace756fb3e4f http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 69072 a5a912fe34b0fea9f168aab60280e729 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 79900 bd4a2f2c26235664b3e35841acc29138 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_lpia.deb Size/MD5: 71048 500628b0d876d611b4898a85c843c7bb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 139004 4be83c313c12504f1486a77f3cf03191 http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 112848 e3bc1891d32d7f3b801b941b4e15a66b http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 77370 204bf28af33d688a1fff2a331bd6fba4 http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 116042 2b7b200d4790da9d98a7fb8c9c66fceb http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 58820 14622071b1bdd1f4dcfbc8993f90ea90 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 73232 8ef42ccceea4ff6bf7f7a206adad11f8 http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 57656 5ef7eee49aad2622175dc511ccd023bf http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 359380 6213040e8b8045ca5194196766b956fb http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 1534332 f394586b8826b6b49e1ce44be7b9dbcb http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 100848 706125e81a03e40bb3d6d3ef5b2513f9 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 40942 065fa3b04927e3f35b8f4bcc3357d861 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 107138 0ee540d7f40c91c8a1c125dda68a28ec http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 211358 c366db53003eae9fb1712f3aea8ff999 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 69306 5d479a574b0d127c803cbfde1f719d2d http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 111556 7f41a7f6f96120766f63e60a49c307b6 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 205322 0095b018bbab463bf4b99cdc518393b0 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 70620 293d09292c82a317d6991c751fdc888f http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 83386 ea165831a64d3b4a26953edbb345f9f8 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_powerpc.deb Size/MD5: 75874 5c05302498c98c1890656b2737f0b9d9 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 136176 4d6c792c757aaa9332af4fc8b4c6c4a7 http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 100576 813459d3611bc897520ca33267ca2e1d http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 70802 c645b90b796be0216ded7982442c441e http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 107748 eec49504685a92ff72a1ec9e64abf051 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 54852 29bf1e998a8e8a7ce55fa6a9a980bc36 http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 66434 3d75f56f0f3b726e922a69b73ee6dfd8 http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 53826 1dd03702ccc6323b766346d9e10eecb5 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 323932 e6b5f529ce6e08b056892efddb014ebf http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 1380636 c8502f360d738b3db837aaeee22f29e9 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 100844 050f042d05ddbb5aff743667ea77f0c2 http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 39160 155fb8b8c54b6fdbc5d53b2874f45bc3 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 103384 1a0e903cff10b57d81d778cc1f0328d7 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 208140 0cd727ac1b5074cf7eb93b31c996c4f5 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 67938 5efae98dfec7dd8de32b94a3811f61b4 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 105088 d69cb063782833f812e8978d46444e3c http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 191872 482bca110aae96a2499ce7703986e3b0 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 64422 d115c7576315885ffb301661cb3c0249 http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 83888 7d6aa6b1e76ce834023d89f75262a77b http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.1_sparc.deb Size/MD5: 72936 f28a758e820a12df37d69d532e3a12d4 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 235 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100105/9d480358/attachment.bin From dan at doxpara.com Wed Jan 6 07:59:37 2010 From: dan at doxpara.com (Dan Kaminsky) Date: Wed, 6 Jan 2010 08:59:37 +0100 Subject: [Full-disclosure] HTTP Digest Integrity: Another look, in light of recent attacks In-Reply-To: <20100106011519.GS2231@sentinelchicken.org> References: <20100106011519.GS2231@sentinelchicken.org> Message-ID: I haven't been wildly impressed by Digest as implemented in browsers, but it's a legitimate point that Digest has of at least *some* of the URI embedded into it, so the TLS reneg attack can be somewhat mitigated by leveraging that. Empirically though, this is going to be a big pain in the butt, not least of which is the dramatic change to the user experience. Ultimately, far and away the most common forms of auth are cookie based, with hidden variables being a close second. In both of these the password is accessible to the DOM. So the raw material is there to add an integrity layer to at least sensitive HTTPS transactions (everything is worthless for HTTP). But an advantage of your approach is that it applies generically to all browser/site communication, including Javascript containers like " for each field except for phone, phone2, and fax. These fields restrict the input size so simply put "" in these fields. 5. Click the 'submit' button in the lower right hand corner 6. On the resulting screen the company name XSS will appear. 7. To view the other company XSS attacks browse to index.php?m=companies&a=view&company_id=X where 'X' is the id of the new company. Alternatively you can click on the 'Projects' link in the top navigation then the 'new project' button in the upper right. Create a new project, selecting the newly created company, which will appear as a blank choice in the company drop down list. Save the project and then in the project list click on the company name. Impact Any user with the permissions to create new companies can expose other users of dotProject to XSS attacks. == Project === The project creation screen fails to filter form details before creating a new project. Proof of Concept 1. Log into dotProject as a user with privileges to create a new project 2. Click the 'Projects' link in the top navigation bar 3. Click the 'new project' button in the upper right 4. Fill in "" for the 'Project Name', 'URL', 'Starting URL', and 'Description' fields 5. Click the 'submit' button in the lower right hand corner 6. On the resulting screen the project name XSS will appear. 7. To view the other project XSS attacks browse to index.php?m=projects&a=view&project_id=X where 'X' is the id of the new project. Impact Any user with the permissions to create new projects can expose other users of dotProject to XSS attacks. == Task === The task creation screen fails to filter form details before creating a new task. Proof of Concept 1. Log into dotProject as a user with privileges to create a task 2. Click the 'Projects' link in the top navigation bar 3. Click on a project name to which the user account has permissions 4. Click the 'new task' button in the upper right 5. Fill in "" for the 'Task Name', 'Web Address', 'Description', and 'Description' fields 6. Click on the 'Dates' tab and select an appropriate date 7. Click the 'save' button in the lower right hand corner 8. On the resulting screen the task name XSS will appear. 9. To view the other task summary XSS attacks browse to index.php?m=tasks&a=view&task_id=X where 'X' is the id of the new task. Impact Any user with the permissions to create new tasks can expose other users of dotProject to XSS attacks. == Task Log === The task log creation screen fails to filter form details before creating a new task log. Proof of Concept 1. Log into dotProject as a user with privileges to create a task 2. Click the 'Tasks' link in the top navigation bar 3. Click on a task name to which the user account has permissions 4. Click the 'New Log' tab 5. Fill in "" for the 'Summary', and 'Description' fields, enter "">" for the 'URL' field 6. Click the 'update task' button in the lower right hand corner 7. On the resulting screen the task name XSS will appear. 8. To view the other task log XSS attacks browse to index.php?m=tasks&a=view&task_id=X where 'X' is the id of the task. Impact Any user with the permissions to create new task logs (virtually all dotProject users) can expose other users of dotProject to XSS attacks. == Files === The file attachment screen fails to filter form details before creating a new file attachment. Proof of Concept 1. Log into dotProject as a user with privileges to create a file 2. Click the 'Files' link in the top navigation bar 3. Click on a 'new folder' button in the upper right 4. Fill in "" for the 'Folder Name', and 'Description' fields 5. Click on the 'new file' button in the upper right 6. Observer the 'Folder name' XSS 7. Fill in "" for the 'Description' field and choose a file to upload 8. Click the 'submit' button in the lower right hand corner 9. On the resulting screen the file description XSS will appear. Impact Any user with the permissions to create new files can expose other users of dotProject to XSS attacks. == Events === The events screen fails to filter form details before creating a new events. Proof of Concept 1. Log into dotProject as a user with privileges to create an event 2. Select 'Event' from the '-New Item-' drop down in the upper right or navigate to index.php?m=calendar&a=addedit 3. Fill in "" for the 'Event Title', and 'Description' fields 4. Click on the 'submit' button in the lower right 5. Observe the XSS at the View Event screen index.php?m=calendar&a=view&event_id=X where 'X' is the id of the new event. Impact Any user with the permissions to create new events can expose other users of dotProject to XSS attacks. == Contacts === The contacts screen fails to filter form details before creating a new events. Proof of Concept 1. Log into dotProject as a user with privileges to create a new contact 2. Select 'Contact' from the '-New Item-' drop down in the upper right or navigate to index.php?m=contacts&a=addedit 3. Fill in "" for every field 4. Click on the 'submit' button in the lower right 5. Observe the XSS at the View Contact screen index.php?m=contacts&a=view&contact_id=X where 'X' is the id of the new contact. Impact Any user with the permissions to create new contacts can expose other users of dotProject to XSS attacks. == Tickets === The Submit Trouble Ticket screen fails to filter form details before creating a new ticket. Proof of Concept 1. Log into dotProject as a user with privileges to create a new ticket 2. Click the 'Tickets' link in the top navigation bar or navigate to index.php?m=ticketsmith&a=post_ticket 3. Fill in "" for the 'E-mail' field 4. Click on the 'submit' button in the lower right 5. Observe the XSS at the View Contact screen index.php?m=ticketsmith&a=view&ticket=X where 'X' is the id of the new contact. Impact Any user with the permissions to create new tickets can expose other users of dotProject to XSS attacks. == Forums === The Add Forum screen fails to filter form details before creating a new forum. Proof of Concept 1. Log into dotProject as a user with privileges to create a new forum 2. Click the 'Forums' link in the top navigation bar or navigate to index.php?m=forums&a=post_ticket 3. Fill in "" for the 'Forum Name' and 'Description' fields 4. Click on the 'submit' button in the lower right 5. Observe the XSS at the Forums screen index.php?m=forums Impact Any user with the permissions to create new tickets can expose other users of dotProject to XSS attacks. == Forum Topics === The Forum Add Message screen fails to filter form details before creating a new topic. Proof of Concept 1. Log into dotProject as a user with privileges to create a new forum topic 2. Click the 'Forums' link in the top navigation bar or navigate to index.php?m=forums 3. Click on the name of a forum 4. Click on the 'start a new topic' button in the upper right 5. Fill in "" for the 'Subject' and 'Message' fields 4. Click on the 'submit' button in the lower right 5. Observe the XSS at the Forums topics screen or index.php?m=forums&a=viewer&forum_id=2&message_id=X where 'X' is the id of the topic Impact Any user with the permissions to create new tickets can expose other users of dotProject to XSS attacks. SQL Injection Vulnerabilities - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- SQL injection vulnerabilities could allow an attacker to expose sensitive data, such as password hashes, alter the database contents to introduce stored XSS vulnerabilities, reset administrative user passwords to allow escalation of privilege and other attacks that could lead to the compromise of data, user account credentials, or even the web server. The following URL's expose PHP functions that are vulnerable to SQL injection: index.php?m=departments&a=addedit&company_id=1' index.php?m=ticketsmith&a=view&ticket=1' index.php?m=files&a=index&tab=4&folder=1' Additionally some forms allow for SQL injection: * The ticket creation form index.php?m=ticketsmith&a=post_ticket does not properly sanitize single quotes in the Name or Email fields Default Credentials - -=-=-=-=-=-=-=-=-=-=-=- When dotProject is installed an administrative user named 'admin' is created with the default password of 'passwd'. Impact The default credentials are easily guessed and users are not forced to change them, leading to the potential for production sites to be deployed using these default credentials. Vulnerabilities in Included Libraries - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The TicketSmith module is generally full of holes, the version (0.6.3) included in dotProject being last updated in 2001. Request variables are not sanitized in any of the pages and are used for display as well as being interpolated in SQL queries without any sanitization. Final Notes - -=-=-=-=-=- This report is by no means meant to be exhaustive. Other vulnerabilities may exist in the tested version of dotProject. Hopefully these vulnerabilities will illuminate areas of code which can be updated to fix multiple vulnerability vectors. dotProject already contains defensive measures (such as the dPgetCleanParam function in includes/main_functions.php) that could possibly be used to quickly develop a patch for many of the bespoke vulnerabilities. Vendor Response - --------------- These issues have been fixed in the git repository and should be resolved in the next release of dotProject. - -- Justin C. Klein Keane http://www.MadIrish.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iPwEAQECAAYFAktGOKYACgkQkSlsbLsN1gDvfgcAs8RP/dsdpRuky0eGZx0j26D2 AFj5c/zEdVCvfXu6D8wb25HLV9vYz3E1BOOe7r8GL6MO/uydRaDtNhQIo1XlOCig X6ua3yRVnhBMHmLd8OS2xCeXwJGQZ9gPsYPwYpJteOKEDg2XPoW8kdip7eX53/6G 8/k9xn2Zox00YlivjczWhLHvO3ec3eIKMzZuiZhRxw3aDGdPaCfn0QipyZQAaP9D 2JamhY0Y+yuynswhG1M6B+qXV9Q8nFuDsa5OAn0MNXou3eo5UD9X8vT9Zn8Nd3ba N85eHVXpIqkXiS+zEV8= =RTF2 -----END PGP SIGNATURE----- From jmm at debian.org Thu Jan 7 19:41:56 2010 From: jmm at debian.org (Moritz Muehlenhoff) Date: Thu, 7 Jan 2010 20:41:56 +0100 Subject: [Full-disclosure] [SECURITY] [DSA 1967-1] New transmission packages fix directory traversal Message-ID: <20100107194156.GA5080@galadriel.inutil.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1967-q security at debian.org http://www.debian.org/security/ Moritz Muehlenhoff January 07, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : transmission Vulnerability : directory traversal Problem type : local(remote) Debian-specific: no CVE Id(s) : CVE-2010-0012 Dan Rosenberg discovered that Transmission, a lightwight client for the Bittorrent filesharing protocol performs insufficient sanitising of file names specified in .torrent files. This could lead to the overwrite of local files with the privileges of the user running Transmission if the user is tricked into opening a malicious torrent file. For the stable distribution (lenny), this problem has been fixed in version 1.22-1+lenny2. For the unstable distribution (sid), this problem has been fixed in version 1.77-1. We recommend that you upgrade your transmission packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2.diff.gz Size/MD5 checksum: 11339 ab8089177ea598bae94487142efb7c32 http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22.orig.tar.gz Size/MD5 checksum: 4931481 fcb56a527db138cfbe83e9cf7ed16179 http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2.dsc Size/MD5 checksum: 1481 9202a190563dc229b3297d9748692e66 Architecture independent packages: http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2_all.deb Size/MD5 checksum: 860 a61eae34864fe101ed5c2ec8a3511411 http://security.debian.org/pool/updates/main/t/transmission/transmission-common_1.22-1+lenny2_all.deb Size/MD5 checksum: 14854 7da6a8e90ea5ece48503cc2b6d5324b8 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_alpha.deb Size/MD5 checksum: 635620 03d3801c2313261d2f578c0a3b06db1a http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_alpha.deb Size/MD5 checksum: 493178 10bfd690bf97902a1ce556ff568c9161 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_amd64.deb Size/MD5 checksum: 526544 60fdd255828b74bfc5bf88e469924c7e http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_amd64.deb Size/MD5 checksum: 448664 da7f9bcffbb9f628b604d1f8421348cf arm architecture (ARM) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_arm.deb Size/MD5 checksum: 489984 1d3a15a43977376100420f4ebab67b13 http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_arm.deb Size/MD5 checksum: 424216 243ef4d6906701651cf12bf79fe2e682 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_armel.deb Size/MD5 checksum: 494624 87b5b59f5333471975ba277c37c30409 http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_armel.deb Size/MD5 checksum: 423284 a2470ec71ae32eb102bdb32d4043b40a hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_hppa.deb Size/MD5 checksum: 585786 eb020bdf5c04a602bac0c5d4a96f1712 http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_hppa.deb Size/MD5 checksum: 472772 061acf64ccd9332c01e8d4b56fc719b4 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_i386.deb Size/MD5 checksum: 480444 7d894d2e5dce801403fb1fb0385e9dce http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_i386.deb Size/MD5 checksum: 430638 09debafd690dd13fcf9b00d88e683667 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_ia64.deb Size/MD5 checksum: 873890 d09cdaa9330d8fd5935b483142cff1bf http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_ia64.deb Size/MD5 checksum: 598356 47d67a8a3cb1eaf311f315e02c94787f mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_mipsel.deb Size/MD5 checksum: 602890 6f77c487b8cf7f246afe29997bf49768 http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_mipsel.deb Size/MD5 checksum: 459878 9a20d17dde7469a1692bed53c69df681 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_powerpc.deb Size/MD5 checksum: 474194 3f884a72b8dae2c55b34b0718152c7ac http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_powerpc.deb Size/MD5 checksum: 579190 b9f6ad93935c1d9fc8b8a518b772eb9a s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_s390.deb Size/MD5 checksum: 551442 760fb4b9f138aad71d77b0ca67c26e78 http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_s390.deb Size/MD5 checksum: 465012 cd3ce00407b78d8e239f63a3598e3462 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/t/transmission/transmission-gtk_1.22-1+lenny2_sparc.deb Size/MD5 checksum: 430260 c67e263523811a0af5f059da732b6775 http://security.debian.org/pool/updates/main/t/transmission/transmission-cli_1.22-1+lenny2_sparc.deb Size/MD5 checksum: 465490 8b181731bfa4e815f63880f5a8195f68 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce at lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktGOKsACgkQXm3vHE4uyloMnACgyDf7J2vELG6J+p76Evkl/V76 jx0AnAkeSJ6e/qRFDbsU8hBG7LbdF9zI =+0ZG -----END PGP SIGNATURE----- From Valdis.Kletnieks at vt.edu Thu Jan 7 21:56:39 2010 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu) Date: Thu, 07 Jan 2010 16:56:39 -0500 Subject: [Full-disclosure] Geolocation Question In-Reply-To: Your message of "Thu, 07 Jan 2010 04:26:26 EST." References: Message-ID: <17172.1262901399@localhost> On Thu, 07 Jan 2010 04:26:26 EST, "McGhee, Eddie" said: > I only have one question how does Google get the information of MAC address's and locations. I suspect it's a case of bad reporting and they confused MAC and IP addresses: "For now, it works only on FiOS routers supplied by Verizon, and then only when users are logged in to the device's administrative panel." I'm guessing it works by poking the router, asking it what its upstream IP address is, and then geolocating that. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/66c98053/attachment.bin From dan at doxpara.com Thu Jan 7 22:07:01 2010 From: dan at doxpara.com (Dan Kaminsky) Date: Thu, 7 Jan 2010 23:07:01 +0100 Subject: [Full-disclosure] Geolocation Question In-Reply-To: <17172.1262901399@localhost> References: <17172.1262901399@localhost> Message-ID: No, he uses an XSS against the router to pull its wireless MAC, and then puts that into Firefox's location services API. That bounces off various wardriving sources and comes up with a latlong. On Thu, Jan 7, 2010 at 10:56 PM, wrote: > On Thu, 07 Jan 2010 04:26:26 EST, "McGhee, Eddie" said: > > > I only have one question how does Google get the information of MAC > address's and locations. > > I suspect it's a case of bad reporting and they confused MAC and IP > addresses: > > "For now, it works only on FiOS routers supplied by Verizon, and then only > when > users are logged in to the device's administrative panel." > > I'm guessing it works by poking the router, asking it what its upstream IP > address is, and then geolocating that. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/371fdd80/attachment.html From Valdis.Kletnieks at vt.edu Thu Jan 7 22:12:48 2010 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu) Date: Thu, 07 Jan 2010 17:12:48 -0500 Subject: [Full-disclosure] Geolocation Question In-Reply-To: Your message of "Thu, 07 Jan 2010 23:07:01 +0100." References: <17172.1262901399@localhost> Message-ID: <17881.1262902368@localhost> On Thu, 07 Jan 2010 23:07:01 +0100, Dan Kaminsky said: > No, he uses an XSS against the router to pull its wireless MAC, and then > puts that into Firefox's location services API. That bounces off various > wardriving sources and comes up with a latlong. OK, so it only works against wireless routers that have been wardriven already. Makes you wonder what's on those Google Street-View trucks besides a camera. ;) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/fde84550/attachment.bin From dan at doxpara.com Thu Jan 7 22:14:36 2010 From: dan at doxpara.com (Dan Kaminsky) Date: Thu, 7 Jan 2010 23:14:36 +0100 Subject: [Full-disclosure] Geolocation Question In-Reply-To: <17881.1262902368@localhost> References: <17172.1262901399@localhost> <17881.1262902368@localhost> Message-ID: On Thu, Jan 7, 2010 at 11:12 PM, wrote: > On Thu, 07 Jan 2010 23:07:01 +0100, Dan Kaminsky said: > > No, he uses an XSS against the router to pull its wireless MAC, and then > > puts that into Firefox's location services API. That bounces off various > > wardriving sources and comes up with a latlong. > > OK, so it only works against wireless routers that have been wardriven > already. Makes you wonder what's on those Google Street-View trucks > besides a camera. ;) > www.wigle.net and SkyHook have been doing this stuff for a while. Though I suppose there is that rule, "It's only creepy if Google does it" -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/ef005564/attachment.html From mrx at propergander.org.uk Thu Jan 7 22:50:25 2010 From: mrx at propergander.org.uk (mrx) Date: Thu, 07 Jan 2010 22:50:25 +0000 Subject: [Full-disclosure] Geolocation Question In-Reply-To: References: <17172.1262901399@localhost> <17881.1262902368@localhost> Message-ID: <4B466531.9010304@propergander.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dan Kaminsky wrote: > On Thu, Jan 7, 2010 at 11:12 PM, wrote: > >> On Thu, 07 Jan 2010 23:07:01 +0100, Dan Kaminsky said: >>> No, he uses an XSS against the router to pull its wireless MAC, and then >>> puts that into Firefox's location services API. That bounces off various >>> wardriving sources and comes up with a latlong. >> OK, so it only works against wireless routers that have been wardriven >> already. Makes you wonder what's on those Google Street-View trucks >> besides a camera. ;) >> > > www.wigle.net and SkyHook have been doing this stuff for a while. Though I > suppose there is that rule, "It's only creepy if Google does it" > Disabling ssid broadcast doesn't mitigate detection either, well not by more than a couple of minutes. If you don't need wireless access disable it. I used to think Microsoft were creepy. I still think Microsoft are creepy, especially after discovering the phone home features in Win 7. Google on the other hand are plain scary, thankfully unlike Microsoft they are entirely altruistic. mrx - -- Mankind's systems are white sticks tapping walls. Thanks Roy http://www.propergander.org.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS0ZlMbIvn8UFHWSmAQJBhQf+KewhGZYaTYtX7pkBgeGacEwvN4NEe7p8 tL2pWU/XHjrvZZ/N6q0okH0/Pw6KKgEd9zgPVkwst3HnM3af6d5NbGnczlP1NDWg vTljj602USAuFn0U7EaubQf2PbaFLbXHCKfe/0JOar3U4fxu27UAOegm214QcIsM 1oWp+FSSgh6+CaWwkBA5DGMtceyp+fPMQ5ktwIG0r4Yy02OGMojatMAPc+QRx8OA EEbwP8oh9QWYPrp4RX3YjcrOTYEx8kVBXdt/LL2A6wq34LeBcv6mRBIOyeULrKjn PMeC1s2fiKT5dJhr3ze1K3oum8wiNgiUE/Jrj8f6ueO0aFi/Knv72Q== =nLhe -----END PGP SIGNATURE----- From zdi-disclosures at tippingpoint.com Thu Jan 7 22:50:59 2010 From: zdi-disclosures at tippingpoint.com (ZDI Disclosures) Date: Thu, 7 Jan 2010 16:50:59 -0600 Subject: [Full-disclosure] ZDI-10-001: Novell iManager eDirectory Plugin Remote Code Execution Vulnerability Message-ID: ZDI-10-001: Novell iManager eDirectory Plugin Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-001 January 7, 2010 -- CVE ID: CVE-2009-4486 -- Affected Vendors: Novell -- Affected Products: Novell iManager -- Vulnerability Details: This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Novell iManager. Authentication is not required to exploit this vulnerability. The flaw exists in an application called by the iManager in order to handle importing/exporting of schema information. While importing/exporting from the schema, the sub-application fails to validate the length of its arguments while copying user-supplied data into statically allocated stack buffer. This can result in code execution under the privileges of the application. -- Vendor Response: Novell has issued an update to correct this vulnerability. More details can be found at: http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1 -- Disclosure Timeline: 2009-03-26 - Vulnerability reported to vendor 2010-01-07 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * 1c239c43f521145fa8385d64a9c32243 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ From Valdis.Kletnieks at vt.edu Thu Jan 7 22:54:12 2010 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu) Date: Thu, 07 Jan 2010 17:54:12 -0500 Subject: [Full-disclosure] Geolocation Question In-Reply-To: Your message of "Thu, 07 Jan 2010 23:14:36 +0100." References: <17172.1262901399@localhost> <17881.1262902368@localhost> Message-ID: <19163.1262904852@localhost> On Thu, 07 Jan 2010 23:14:36 +0100, Dan Kaminsky said: > On Thu, Jan 7, 2010 at 11:12 PM, wrote: > > OK, so it only works against wireless routers that have been wardriven > > already. Makes you wonder what's on those Google Street-View trucks > > besides a camera. ;) > www.wigle.net and SkyHook have been doing this stuff for a while. Though I > suppose there is that rule, "It's only creepy if Google does it" Not creepy, just a simple matter of scale. I'm fairly sure that Google's done several orders of magnitude more driving around than the other guys. Main Street in beautiful downtown Grundy, Virginia. Yes, it's that small. Yes, Google drove by. I wonder how many other wardrivers have hit Grundy. ;) http://maps.google.com/?ie=UTF8&ll=37.278588,-82.099366&spn=0,359.997028&z=19&layer=c&cbll=37.278685,-82.099343&panoid=C8d_pjVMpK6LG7b2lk8qIA&cbp=12,181.19,,0,5 (Full disclosure - Verizon did do a Wimax trial in Grundy serving about 1400 subscribers. So if anything, there should be *more* wardriving hitting Grundy than other similar small towns that that same Google drive-by drove through that day. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/ac64f5a2/attachment.bin From dan at doxpara.com Thu Jan 7 22:55:44 2010 From: dan at doxpara.com (Dan Kaminsky) Date: Thu, 7 Jan 2010 23:55:44 +0100 Subject: [Full-disclosure] Geolocation Question In-Reply-To: <19163.1262904852@localhost> References: <17172.1262901399@localhost> <17881.1262902368@localhost> <19163.1262904852@localhost> Message-ID: On Thu, Jan 7, 2010 at 11:54 PM, wrote: > On Thu, 07 Jan 2010 23:14:36 +0100, Dan Kaminsky said: > > On Thu, Jan 7, 2010 at 11:12 PM, wrote: > > > OK, so it only works against wireless routers that have been wardriven > > > already. Makes you wonder what's on those Google Street-View trucks > > > besides a camera. ;) > > > www.wigle.net and SkyHook have been doing this stuff for a while. > Though I > > suppose there is that rule, "It's only creepy if Google does it" > > Not creepy, just a simple matter of scale. I'm fairly sure that Google's > done several orders of magnitude more driving around than the other guys. > > I'm not. "Wigle has 18,837,276 points from 1,058,769,231 unique observations." -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/73b483e2/attachment.html From pschmehl_lists at tx.rr.com Thu Jan 7 23:25:48 2010 From: pschmehl_lists at tx.rr.com (Paul Schmehl) Date: Thu, 07 Jan 2010 17:25:48 -0600 Subject: [Full-disclosure] Geolocation Question In-Reply-To: <4B466531.9010304@propergander.org.uk> References: <17172.1262901399@localhost> <17881.1262902368@localhost> <4B466531.9010304@propergander.org.uk> Message-ID: <2C5638FE25D3554E7F329437@utd65257.utdallas.edu> --On Thursday, January 07, 2010 16:50:25 -0600 mrx wrote: > > I used to think Microsoft were creepy. I still think Microsoft are creepy, > especially after discovering the phone home features in Win 7. > Google on the other hand are plain scary, thankfully unlike Microsoft they > are entirely altruistic. > Or you are entirely naive. :-) -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson From mrx at propergander.org.uk Fri Jan 8 00:55:40 2010 From: mrx at propergander.org.uk (mrx) Date: Fri, 08 Jan 2010 00:55:40 +0000 Subject: [Full-disclosure] Geolocation Question In-Reply-To: <2B11BF19-BAE8-48A8-866F-186575D02AF0@doxpara.com> References: <17172.1262901399@localhost> <17881.1262902368@localhost> <4B466531.9010304@propergander.org.uk> <4B46786D.6060609@propergander.org.uk> <2B11BF19-BAE8-48A8-866F-186575D02AF0@doxpara.com> Message-ID: <4B46828C.4080103@propergander.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Agreed, there are a lot of things that "try to" phone home. I would have less dislike for MS data collection practices if there was a tick box along the lines of "disable all communication with MS servers" Perhaps with the exception of OS updates with the only information sent to MS being the current patch level of the machine to be updated. After all what other info do they need to update the OS? I concur with your appraisal of Google. That's why I use Scroogle, don't use Chrome and block analytics, syndication, adservices and doubleclick. I guess I am just paranoid. mrx ps I wish Thunderbird would default to the list when replying. Dan Kaminsky wrote: > There's lots of things that phone home, but as long as they're opt-in > and explicitly documented, I don't have a problem with it per se. > > Google can sure identify a heck of a lot more, and doesn't exactly > assail you with the opportunity to browse anonymously. > > > > > > > > On Jan 8, 2010, at 1:12 AM, mrx wrote: > > Dan, > > Windows 7 has a multitude if services that relay usage and hardware > data back to Microsoft. > I would be surprised if you are unaware of this. > > WGA or WAT. > Location awareness. > Smartscreen filter. > Searches defaulting to Live/Bing. > Windows problem reporting. > Windows online help and support. > Customer Experience Improvement Program. > Search string collection. > Windows Media Player. > > There are other services that contact MS with usage data. > > Much of the above is opt in, however MS recommend that these > "features" are enabled to ensure a safe and enhanced Windows experience. > As most computer users are consumers as opposed to knowledgeable > computer users, I would imagine the majority will accept and enable. > > Although MS may not be able to identify me personally, ie: name, > address, age, colour of eyes etc. They can get a pretty good profile > of my > surfing and computer usage habits along with my IP and MAC address. > And this is more information than I am prepared to share. > > Perhaps I am being paranoid, but I would prefer that MS not have a > clue what I do with my PC, what hardware it consists of, what software > I run > on it, or which websites I visit. > > http://news.softpedia.com/news/30-Windows-7-Features-Phone-Home-to-Microsoft-129592.shtml > > > http://news.zdnet.co.uk/software/0,1000000121,39544372,00.htm > > http://www.microsoft.com/windows/windows-7/m3/privacy-highlights.aspx > > I recently removed the RC version of win7 which I installed out of > curiosity. When I get around to buying the RTM I will run Wireshark > with the > OS for a while, opt in to all that MS recommend, and discover exactly > what data is shared with MS. I will then discover if my paranoia is in > fact warranted. > > mrx > > > > Dan Kaminsky wrote: >>>> phone home features? >>>> >>>> On Thu, Jan 7, 2010 at 11:50 PM, mrx wrote: >>>> >>>> Dan Kaminsky wrote: >>>>>>> On Thu, Jan 7, 2010 at 11:12 PM, wrote: >>>>>>> >>>>>>>> On Thu, 07 Jan 2010 23:07:01 +0100, Dan Kaminsky said: >>>>>>>>> No, he uses an XSS against the router to pull its wireless MAC, and >>>> then >>>>>>>>> puts that into Firefox's location services API. That bounces off >>>> various >>>>>>>>> wardriving sources and comes up with a latlong. >>>>>>>> OK, so it only works against wireless routers that have been >>>>>>>> wardriven >>>>>>>> already. Makes you wonder what's on those Google Street-View trucks >>>>>>>> besides a camera. ;) >>>>>>>> >>>>>>> www.wigle.net and SkyHook have been doing this stuff for a while. >>>> Though I >>>>>>> suppose there is that rule, "It's only creepy if Google does it" >>>>>>> >>>> Disabling ssid broadcast doesn't mitigate detection either, well not by >>>> more than a couple of minutes. >>>> If you don't need wireless access disable it. >>>> >>>> I used to think Microsoft were creepy. I still think Microsoft are >>>> creepy, >>>> especially after discovering the phone home features in Win 7. >>>> Google on the other hand are plain scary, thankfully unlike Microsoft >>>> they >>>> are entirely altruistic. >>>> >>>> mrx >>>> >>>> >>>>> > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >>>>> > - -- Mankind's systems are white sticks tapping walls. Thanks Roy http://www.propergander.org.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS0aCjLIvn8UFHWSmAQI3nQf/fESE130D7N4hgf913y3hEF/ziekTz7xc 4N/sYFLbkIMkwRPMg8oP7DJ8V4DHVR66NlGZBJtCLmWEKIHiZ8E5kCsrLH0hIFPS UV9Aa69tx67PnbigdQC022kzmA94xjg+6E6whz0mFIlEiXQ4hWYS8Os0utzSbLjJ PE2Lm7rrZYT/fJgfzkR8qm14HtmHGKzg5CJ8hQVZSZYeC3dZm/aXloCFURrAVR+H chsVzg0XoczPGChOssvuZV6woiWnm+6c+oZ56OfnJmBgyPW3H4UqOWMxCVfYxgbv Oo37uYh+AyRSFSw/0/3e8nSVMXTLwQCjd4i9Quh+1cJx2f7hvs6Jng== =qJzz -----END PGP SIGNATURE----- From jamie at canonical.com Fri Jan 8 01:02:05 2010 From: jamie at canonical.com (Jamie Strandboge) Date: Thu, 7 Jan 2010 19:02:05 -0600 Subject: [Full-disclosure] [USN-877-1] Firefox 3.0 and Xulrunner 1.9 regression Message-ID: <20100108010205.GL31725@severus.strandboge.com> =========================================================== Ubuntu Security Notice USN-877-1 January 08, 2010 firefox-3.0, xulrunner-1.9 regression https://launchpad.net/bugs/504516 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: firefox-3.0 3.0.17+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.17+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: abrowser 3.0.17+nobinonly-0ubuntu0.8.10.1 firefox-3.0 3.0.17+nobinonly-0ubuntu0.8.10.1 xulrunner-1.9 1.9.0.17+nobinonly-0ubuntu0.8.10.1 Ubuntu 9.04: abrowser 3.0.17+nobinonly-0ubuntu0.9.04.1 firefox-3.0 3.0.17+nobinonly-0ubuntu0.9.04.1 xulrunner-1.9 1.9.0.17+nobinonly-0ubuntu0.9.04.1 After a standard system upgrade you need to restart Firefox and any applications that use xulrunner to effect the necessary changes. Details follow: USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and added additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983) Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. (CVE-2009-3984) Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3985) Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 106101 19afe94e4dcb8ecb84ccf79ff72737f9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2732 a59368e4f862d49c83def04577cd478d http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly.orig.tar.gz Size/MD5: 11194865 28c350590008703dda403d887fcd8693 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 79705 042419ecd03864c3934dada98901a740 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2783 c408f1eb0c0e2d25f2e00f387a8b00b4 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly.orig.tar.gz Size/MD5: 41956499 67e8f22253c8cec38caf1821bd9237d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66452 bd4e5241f7f18d9442b9dcaee4ea4ebe http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66460 ca067655b07771ab54c84126f450e8ac http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66422 0059f36aaad72428678fa887d6d6b3a6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66408 d7b296af47d95903dd7f235aea24f1a8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66566 33b9bc7d4b25fc2bc24a527dd4588181 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66470 8b9fc06108721a90a32cfffe589901bc http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66424 bb4f915c822e4c4b0265e0c8b94ae2dd http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8972 1691e5a9524fa383511e385eb53bf7f8 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8956 831a7b26662a9fe2ed8498f1f17a424c http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66442 04cc0c8b1cd1b96746d5fcf829c8c0d3 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66410 20bf6d865c9221f55b9f2bfe9bf0378e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66402 bafc5bb36fe3e98b2b044edc8c450c8a http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8946 0ddbb81aa7d50adb62f1a09489a000f7 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66426 527d3fa6168f836eb043628b69d5ee87 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8936 31a586631ac172b548c96734c0aae284 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66398 bc52090c11155621d49e40801b1ae9fb http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 126024 9de0796e0c00a345c91f095207973c66 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.17+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 236036 e13d0dc1bf2ecb71d068b5f25591009a amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 9028 a3012f3528b286b9d1bef82cfb5a148d http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 29572 c44f6cd8fc3f2927076082d74c2f5aa7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 1092430 57954fca84de305a16538d3ba08980f9 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 4655422 7ca3dfa35a3ca52b1fda67d32bb6c070 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 48658 95344037e6d8bf0424d95e4e6c4cc2ff http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 9087578 3a7a7d270765e693bb97862c36c1ba75 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 9028 dae057a2f7db47751860c4da13990ffb http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 25726 55ba06629490f9cd3f586f08a746d7ff http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 1071578 154ad52da0de34748d2f0b56c32bf65a http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 4631176 5df501442482d225cda52b8e235def03 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 38506 6d07c0f1f94fcebf381dc5fe2d42eb35 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 7814718 126f0794b9f26b6e1e4876fd4dd60ad2 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 9024 fdcc58c89ad79c3a514327809f7c86f4 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 25340 378e0fe70f232c4009d6193937196da7 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 1068172 69d92d6901b51a280a0847030ec9dc54 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 4626800 efb67833ec00ef7a27065ee8d1e48b2d http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 37602 1cd3284453a7c2a0515f7289c4678d04 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 7701384 8a9f6d06a07fc9826e3f43bd2d913f27 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 9030 680f2509287f19823c7f453b3e7d9467 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 27506 842d42812d69dee6152b09d350856a26 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 1085530 8285b98225bde6402bbdbf6fb501ecc5 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 4622900 8bea81b4432b699709ac60a9c75de9fb http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 43676 ad7fe50389e51d053fc07d56af38b65f http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 8664142 1744d46783f40afba9b1ab76e0a91f65 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 123150 ce68070700dc72b63b4e718391f3d3ba http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2787 5664f43d7b71497fc56b41d0a5113721 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly.orig.tar.gz Size/MD5: 11194865 28c350590008703dda403d887fcd8693 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 251182 dd0944dce9ef2211722c9a332da6fffd http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2801 005574e693959421b369d5c021fe679e http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly.orig.tar.gz Size/MD5: 41956499 67e8f22253c8cec38caf1821bd9237d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69306 3228b289482bc4c349a68d71b48f2bf8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69206 14a2680fa11d02965c757e3add773961 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69216 594af5c38660c20c4aee2d6b39e01c08 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69184 ab018d8f332d5eb4e198678034f002bc http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69168 b13eee65aa3c74b26dff85ee9ec78ede http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69294 50d431f389842e268051b268a7949dc3 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69230 612eecbb3cf9c754cfc32bb6582c7da0 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69180 78de089b4c9a73a7b72361b465e530d1 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8970 99540248056ac67062fc67e55342890b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8960 b7751fe85933edb5866924ddaaedc5e4 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69204 2dc56854e8506d176a7678fadc123fa7 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69172 ff868278cbbfac71b2ebcc70b1f60aec http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69158 1c9ce927220ccb594b6e09e0da8b5303 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8948 670ec74fb88cb2b915fa6e448fe8e849 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69192 ff1123e8e1cadc3f7b5c39c31fd580da http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8940 6d2b028aa546c09997e69cc32c1a0e69 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69154 ce7ee2b4933e01752d4f420b947a0a53 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 128026 9b76a2f6a7e1920087a729b4d7fb9a07 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.17+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 237780 a64375f0e62135e819981042c1bae079 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 203910 87e05df9b0fe2459bb93b2c0f0bcb05f http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 202348 fba790960ceda6c70425a7a331c9c33c http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 69276 9d0f29666b04a19affa1bd5a2d1470e6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 88688 edaa54a924748b3883251f8489c6fc19 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 905446 9a0f4a1a1084be08f5ba8c81f5d953ef http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 4573954 223481fbd980cb5a8a55c947487b677e http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 47110 7b59e874aa4a0c41323ee2f7e87c72c7 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 8732944 27df454417f4cd83961508224416798a http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 22942 1e190d0bcd9fbb019016a0794d72df72 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 203914 39764db59bd513481598f560d0dc29b0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 202336 daf240ad570fbfdedc666b42e12b01a5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 69270 6e22171e4d5dbd1c2c888532fd30ad41 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 84766 18c5efd519417f55c90ee609de92537e http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 887752 5ab93b4441b656fa242f070975f294aa http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 4548378 f241bc377f1f6b0b875929362941954f http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 39370 d429b4cb59c90869a99ac1e8f7f20f0b http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 7563736 4f3ff68afd8230968821ac358c5decbb http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 22944 a41884189fc431c29e1ff3a831edb7ec lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 203908 759d915b04f31f0ab4fd51c7b612d721 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 202338 7f037b408860cc644594e8ef60e77ecd http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 69270 9024d47b43d86c49703e642d3946a595 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 84162 c64fa780b81be20c265a423f9b42ce3a http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 884994 610b212836f16b4b86bbd36d86a05e90 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 4546590 b15cd70ae563a37e3b4454883db6e1bc http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 38414 6067a151f80939c38eab3c3d14ddeb62 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 7458626 b786195beecf2d3592fa1ec8080050d5 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 22940 2282ca0e9581515cc50f656d34eee08d powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 203930 e77dc1ee9fa257d04002e1506d529c63 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 202336 96278b6e0c1eae19eb79fa9bfe7dabd7 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 69272 224fc406eb0d08417d75697d1c816d9b http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 86146 372411d8d0df3783e046b03a4c7a7ebe http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 899252 235bc39182fa8cdf8901974968946cd2 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 4540404 410cbfd45e8ac74a119dfa56a8e2f457 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 42404 4b7dc284e030ee5ac21c32438caf3852 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 8300412 e50dc75fdf2ba27bf4d9cfc50c0f95f2 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 22944 cfe7357dfe3ac975d1911904bc7f9354 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 203920 d7af07e9769bea0aea96ea4b9b72cdcb http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 202332 1d74acb1c9c88f633dd6444db55b82f8 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 69268 4241158415515fbbe8d4eacf9a073fda http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 83818 40bf3a87be20c90aaf687171d0336e6e http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 887404 d206096b110fc48ea3daad450567d77b http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 4527382 c2993fee16da67bae56425c5eacbae6e http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 37876 2a1d98f2b97dc9412e9d781af8772442 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 8120136 3f4e6f3f4bef1ace4595e2f27a1d8b2b http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 22954 cd5bf54a48214322e08123dd6cea6460 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1.diff.gz Size/MD5: 123345 da2ec794b520451fb202dcfb68b4939d http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1.dsc Size/MD5: 2787 f637c750fe44469cc599f65bee1020f5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly.orig.tar.gz Size/MD5: 11194865 28c350590008703dda403d887fcd8693 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1.diff.gz Size/MD5: 252083 13e97123e704c9a2a0a04076fcd85ffa http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1.dsc Size/MD5: 2801 bf6e800ff2fad9d8a9fcb420b43c6b01 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly.orig.tar.gz Size/MD5: 41956499 67e8f22253c8cec38caf1821bd9237d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69506 0764a60611aee7099140064400a0528a http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69406 1e98c9f8a068b8fe83444e6df546d3dc http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69418 e452abd76eb0ab154b63c301c529304e http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69382 92331bb7f7d4162b40f9a6abea77f743 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69366 1b5cc9451852f08a3bbfe67458a4c2dc http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69490 c6575d9a750b91ef50ca757514c377d6 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69430 7816551228e110531256bd5045b5db7e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69378 31c5d70d1ea870ecc149952dcbddeb9e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8968 3b10c907d9fe29619d0707f6bfaefba0 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8960 23e2f1898e1d43132e33e5fd884cc6cb http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69402 b9f3ec4901d276f3b5b5ef51e80c2e58 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69368 ddf93ad30bb97089fb92818757538e03 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69354 93b2d0cfd4704c718d3873e7d15d55fa http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8944 4282287c0fe79533e93941cb3cafc4ee http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69390 f038998c1b4f3a77507f63147b83fa03 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8930 3c2c1d5b888d71917e7cba37ea196236 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69352 92204b49506c79cc4ee89c2f86d14f9e http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 128348 3e80e97fe97fa2002c72648b922d86ef http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.17+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 238218 d7b0fb68346a3cf0528fdebbce15b19a amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 204064 d222e4e9f1b2a6c1e0472514cfe02a08 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 202558 8777a875cab30bed38eff972cbc00699 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 69468 f619f2b77dfac2a366a40d1b28711540 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 88902 914f38fca90684fd2ac6ce23cf1370ad http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 905402 808d0122b8bc58057bb6ac058081758e http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 4573798 79a92d98ad7cb9946beddea6a68ec2ad http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 47120 c8dbf2b33525db9cb215b81309b9991c http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 8734024 43bf231b7d9013206dce9e8831058785 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 23176 735f737a2ff4b1442c6c97ace7385c86 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 204064 3054a667d1aec66fb4574f9e3ff32fd6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 202570 1051c740897122fac52190f6dc66207f http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 69466 23afca2538d9d2358ea01cb0bf2a144c http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 84962 1d49d9d66a5107ddd2456126546cba59 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 887772 7fb4eca3a1d5bd6a863a3d0134a90bf0 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 4548042 191613b3deacc316a9ef94b1812e1266 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 39368 39d31718b6ff14f5b69a25ce562cf635 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 7565096 d7fa847e6f667415f00bac3bd9e944f1 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 23178 290053bd6778b8c6dc601155aa86791d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 204062 9531f9ed8e0d419f2c2de7bb0d139ed2 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 202556 ae98c62e54dea058584b82a04dd75594 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 69466 8118a6fbf8fc2fcf9fd8dafbb2f955f1 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 84364 091618c6e4dad4c625ed128cf6bf87ed http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 884990 6e5defc2cbfcfa485a19ebd0c35f1549 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 4546338 d2d2d667c4730334f382b1ffda1c3ef8 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 38386 ebf844be0ac5c992b00b92847def81fc http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 7459390 97e0c27235e3a158e12502f95f864ae8 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 23176 5ba32033e0ff50fe1930a3904695f5e9 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 204064 a96f05875c301be1223712b6e84e1c14 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 202564 e60f1d074d65a55e74d004daa15cb131 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 69470 817af8ac95d05ef2cba8da76355507db http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 86344 bed1abfca1a55ac11ca100835db4f476 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 899264 5892972ece30bc0126eed1b0ef231c2f http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 4540546 44c9c9a8db1e0aca3a90bb8c43c46859 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 42418 67b773368df975b1391d76ac8959ae08 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 8300496 bbfbbb2d649aace9d72d87c43f0ce7ca http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 23182 32aa470347bad2533dfb8ef4d8951b5a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 204074 7430351c86cd611ad7bc1c8eeee389b7 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 202570 8b12db25c744634babd0025f11e0bd3f http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 69468 c0342784541db1d70577ea2e0efc1862 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 83978 1c3b39d1b739a9e303e2a9723589a6c4 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 887304 7236c0cc68c8886fc3da46e1717e780e http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 4527396 43c1c049ea58cfcaba430b1e9f494567 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 37816 f169a44ba4f0ac2da1b2c662c07b5afd http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 8121138 57879bad15c09205cd71f49c440ff73e http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.17+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 23180 ecbb8318e7fe009b157b8e0a2337e21d -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100107/3d576451/attachment.bin From jamie at canonical.com Fri Jan 8 01:03:32 2010 From: jamie at canonical.com (Jamie Strandboge) Date: Thu, 7 Jan 2010 19:03:32 -0600 Subject: [Full-disclosure] [USN-878-1] Firefox 3.5 and Xulrunner 1.9.1 regression Message-ID: <20100108010332.GM31725@severus.strandboge.com> =========================================================== Ubuntu Security Notice USN-878-1 January 08, 2010 firefox-3.5, xulrunner-1.9.1 regression https://launchpad.net/bugs/504516 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: firefox-3.5 3.5.7+nobinonly-0ubuntu0.9.10.1 xulrunner-1.9.1 1.9.1.7+nobinonly-0ubuntu0.9.10.1 After a standard system upgrade you need to restart Firefox and any applications that use xulrunner to effect the necessary changes. Details follow: USN-874-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and added additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3986) Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983) Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. (CVE-2009-3984) Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3985) David Keeler, Bob Clary, and Dan Kaminsky discovered several flaws in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3388, CVE-2009-3389) Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.5.7+nobinonly-0ubuntu0.9.10.1.diff.gz Size/MD5: 128326 9c43a61bea9183527630d057e246fdbc http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.5.7+nobinonly-0ubuntu0.9.10.1.dsc Size/MD5: 2940 50f7c1a9cb76736b95e0f74c0689dadb http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.5.7+nobinonly.orig.tar.gz Size/MD5: 44871531 fdf9997dcafc4fcb7bae2b0c803b7512 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1_1.9.1.7+nobinonly-0ubuntu0.9.10.1.diff.gz Size/MD5: 61062 35ebeb44bbcd4197864e22edb88edde3 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1_1.9.1.7+nobinonly-0ubuntu0.9.10.1.dsc Size/MD5: 2910 2aca7f7b399801e6db987b4d07b9e452 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1_1.9.1.7+nobinonly.orig.tar.gz Size/MD5: 44411311 eb6d23438bdf08c0f7fa8be4f10695bd Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73384 3c2b10c5e6ee82552905bd67c3f17abc http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73242 c349cc0e7f7036802368d7634feffbe6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73242 643d7488bf2ea8e64f1309c4ed5a86f5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73240 6fb7bf2b0c18954de263f4addc534115 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73298 4f613552e4cb4b506bd5741437cab2fc http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73398 e613137f3b56d9904dc400de6b3d57fa http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73260 d97180d863af2d6f452c903914ae96ae http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 8934 49b609fcc1796a10537250be33579fb0 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73258 85992111edf7a7a37cde6749e5f93e41 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 8934 d132403154eb5390029f3ed03423606b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73444 2f6edbecce814a10cf10c061ca9e94ae http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73244 be5307c4b2efabbb1af1167b5e0557ca http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73260 af232afd0018d0d7fe4a7ea8db3bab62 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73264 10f155e49c89dd6914a0202439ec83d7 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73248 7de96ea625e1d81313e58127cc1dd249 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73230 df156197aaefa019ba27b1deaf08abe1 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73248 f9bc6985464f99c80bdc383dae08c4ec http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73258 7198bb91fded86fa1c2e5b9309968278 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73230 028fdc0382876e0ce3504db44abba601 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.5.7+nobinonly-0ubuntu0.9.10.1_all.deb Size/MD5: 73248 130b1f1a81fa654bacf706b7eb3d535d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 207748 94ef8515920cf10f39eca5bcf6dd8126 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 206414 a777a1a42b7caec651fb3c401f979124 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.5.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 469966 2a357fb3f83fcd160cbd279a826f3bae http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.5.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 73320 d85920b2da374db99f78fae14eb65cd5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.5.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 93556 ff550d55542d121a7fd747009d0a2f8f http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.5.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 960362 3dd9084434f761760c221b3efa068e28 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1-dbg_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 59840962 f2148dfd6fa9c024b8352dc6dfaa6e0a http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1-dev_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 4793268 a90190b957a66c5a1f34a890020a4583 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1-gnome-support_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 47786 07aff3550af2c513d0cf86ba15774fee http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1-testsuite-dev_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 70626 f5224b62bf3b1841bcf0be1f62b3011b http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-1.9.1_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 9101766 e188e10960ef8b9811516dad8c898f0f http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.1/xulrunner-dev_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 26854 ef450d5e4818973b6bacedbed6197a49 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.1/xulrunner-1.9.1-testsuite_1.9.1.7+nobinonly-0ubuntu0.9.10.1_amd64.deb Size/MD5: 5590844 f1f39ee97e381bfba8f4ce328c726b9a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_i386.deb Size/MD5: 207744 a428dfdebf39fdbe68847ba6ee007c9c http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.5.7+nobinonly-0ubuntu0.9.10.1_i386.deb Size/MD5: 206416 3234ed6715842fe5171041f9af2f1d27 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.5.7+nobinonly-0ubuntu0.9.10.1_i386.deb Size/MD5: 46