VARIoT IoT vulnerabilities database

Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors. HP Network Automation is an automated network configuration management tool. ---------------------------------------------------------------------- http://secunia.com/research/ http://secunia.com/company/jobs/open_positions/reverse_engineer ---------------------------------------------------------------------- TITLE: HP Network Automation Unspecified Information Disclosure SECUNIA ADVISORY ID: SA44304 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44304/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44304 RELEASE DATE: 2011-04-25 DISCUSS ADVISORY: http://secunia.com/advisories/44304/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44304/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44304 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Network Automation, which can be exploited by malicious people to gain knowledge of potentially sensitive information. The vulnerability is caused due to an unspecified error. No more information is currently available. SOLUTION: Update to version 9.10 and apply hotfix 87674. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02666 SSRT100434: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02789514 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02789514 Version: 1 HPSBMA02666 SSRT100434 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Information Disclosure NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. This vulnerability could be exploited remotely resulting in information disclosure. References: CVE-2011-1725 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The hotfix can be obtained by contacting the normal HP Services support channel. Upgrade to HP Network Automation v9.10 Apply the 87674 hotfix HISTORY Version:1 (rev.1) - 21 April 2011 Initial Release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2wL4YACgkQ4B86/C0qfVm3RACdGY2kwBBl8P5VURaJoNpljewG RaYAoNOCkk+396TpOt+2ZxPqbNXhNHhK =E5ri -----END PGP SIGNATURE-----

The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. plural Adobe Product CoolType The library could execute arbitrary code or disrupt service ( Memory corruption ) There is a vulnerability that becomes a condition.Arbitrary code is executed or service operation is interrupted by a third party ( Memory corruption ) There is a possibility of being put into a state. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability due to a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader is an excellent PDF document reading software developed by Adobe Corporation of the United States. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure

SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a security vulnerability in the SAP NetWeaver web application server. Some of the unknown input is before the returning user. ITS Mobile Start and ITS Mobile Test lack sufficient filtering for it, and the attacker can exploit the vulnerability for cross-site scripting attacks. In addition, SAP NetWeaver Portal incorrectly limits error messages, and an attacker submits a specially crafted HTTP request to obtain the actual absolute path of the installed component. SAP Netweaver is prone to multiple unspecified cross-site scripting vulnerabilities and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. The information-disclosure vulnerability can allow the attacker to obtain sensitive information that can aid in launching further attacks. ---------------------------------------------------------------------- A step-by-step discussion of the latest Flash Player 0-day exploit: http://secunia.com/blog/210 ---------------------------------------------------------------------- TITLE: SAP NetWeaver Web Application Server Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44205 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44205/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44205 RELEASE DATE: 2011-04-15 DISCUSS ADVISORY: http://secunia.com/advisories/44205/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44205/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44205 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Onapsis has reported multiple vulnerabilities in SAP NetWeaver Web Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised in the ITS Mobile Start and ITS Mobile Test services before being returned to the user. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply fixes (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Mariano Nunez Di Croce, Onapsis ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1512134 Onapsis: http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-003 http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-004 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Invensys Wonderware inBatch is an industrial batch management software. There are three security vulnerabilities in Invensys Wonderware inBatch that exist in the GUIControls, BatchObjSrv, and BatchSecCtrl controls. Submitting a long string value to the property/method referenced by the control, enticing the client user to resolve, can trigger a denial of service attack, and successfully exploiting the vulnerability can execute arbitrary code in the context of the logged in user. Wonderware InBatch is prone to a denial-of-service vulnerability. Invensys Wonderware inBatch is prone to a remote stack-based buffer-overflow vulnerability that affects the inBatch BatchField ActiveX control. Failed exploit attempts will result in a denial-of-service condition. Invensys Wonderware inBatch 8.1 and 9.0 SP1 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Wonderware InBatch BatchField ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44336 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44336/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44336 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44336/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44336/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44336 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Wonderware InBatch, which can be exploited by malicious people to compromise a user's system. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply updates. Contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Jeremy Brown. ORIGINAL ADVISORY: Wonderware: http://iom.invensys.com/EN/pdfLibrary/Final.Tech.Alert.141.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The SAP GUI is a graphical user interface client for SAP software. An attacker can build a saplogon.ini file containing a specially crafted label that overwrites the files on the user's upgrade server, causing a buffer overflow when the user installs the upgrade. Successful exploitation of a vulnerability can execute arbitrary code in the context of an application. SAP GUI is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed attacks will cause denial-of-service conditions

The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685. Cisco IOS of PKI Because the feature does not prevent the use of a persistent cache for a particular public key, there are vulnerabilities that are bypassed for authentication or otherwise unaffected. The problem is Bug ID CSCth82164 Is the problem of CVE-2010-4685 Is a different vulnerability.Keys that have been disabled from valid IKE Through peer relationships, authentication can be bypassed or other details can be affected. Cisco IOS is prone to a security-bypass vulnerability. Exploiting this issue can allow attackers to bypass certain security restrictions. Cisco IOS 15.0 and 15.1 are vulnerable. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment. ---------------------------------------------------------------------- http://secunia.com/research/ http://secunia.com/company/jobs/open_positions/reverse_engineer ---------------------------------------------------------------------- TITLE: Cisco IOS OCSP Revoked Certificate Security Issue SECUNIA ADVISORY ID: SA44363 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44363/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44363 RELEASE DATE: 2011-04-27 DISCUSS ADVISORY: http://secunia.com/advisories/44363/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44363/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44363 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Cisco IOS, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an error in the OCSP functionality and can lead to a revoked certificate being successfully authenticated. SOLUTION: Update to versions 15.1(1)S1 or 15.1(2)T2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/docs/ios/15_1s/release/notes/15_1s_caveats_15_1_1s.html http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has an input validation error, and the input to the \"sort\", \"numPerPage\", \"page\", \"lastPage\", \"numPerpageb\", \"pageb\" and \"direction\" parameters passed to MessagingSystem/monitor/monitor.jsp is returned. The lack of filtering by users can lead to cross-site scripting attacks. The user lacks filtering before and can execute arbitrary HTML and script code on the target user's browser. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ---------------------------------------------------------------------- A step-by-step discussion of the latest Flash Player 0-day exploit: http://secunia.com/blog/210 ---------------------------------------------------------------------- TITLE: SAP NetWeaver Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44187 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44187/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44187 RELEASE DATE: 2011-04-14 DISCUSS ADVISORY: http://secunia.com/advisories/44187/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44187/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44187 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks. SOLUTION: Apply fixes (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) Alexandr Polyakov, Digital Security Research Group 2) Dmitriy Evdokimov, Digital Security Research Group ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1443367 https://service.sap.com/sap/support/notes/1490335 Digital Security Research Group (DSECRG-11-015, DSECRG-11-016): http://dsecrg.com/pages/vul/show.php?id=315 http://dsecrg.com/pages/vul/show.php?id=316 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Oracle has released advance notification regarding the April 2011 Critical Patch Update (CPU) to be released on April 19, 2011. The update addresses 73 vulnerabilities affecting the following software: Oracle Database Oracle Fusion Middleware Oracle Application Server Oracle Identity Management Oracle JRockit Oracle Outside In Technology Oracle WebLogic Server Oracle E-Business Suite Oracle Agile Technology Platform Oracle PeopleSoft Enterprise CRM Oracle PeopleSoft Enterprise ELS Oracle PeopleSoft Enterprise HRMS Oracle PeopleSoft Enterprise Portal Oracle PeopleSoft Enterprise People Tools Oracle JD Edwards OneWorld Tools Oracle JD Edwards EnterpriseOne Tools Oracle Siebel CRM Core Oracle InForm Oracle Sun Product Suite Oracle Open Office StarOffice/StarSuite Exploiting the most severe of these vulnerabilities may potentially compromise the database server or the host operating system. This BID is being retired. The following individual records exist to better document the issues: 46031 OpenOffice Multiple Remote Code Execution Vulnerabilities 46091 Oracle Java Floating-Point Value Denial of Service Vulnerability 46387 Oracle Java SE and Java for Business CVE-2010-4470 Remote Java Runtime Environment Vulnerability 46388 Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability 46391 Oracle Java SE and Java for Business Java Runtime Environment CVE-2010-4454 Remote Vulnerability 46393 Oracle Java SE and Java for Business CVE-2010-4468 Remote Java Runtime Environment Vulnerability 46394 Oracle Java SE and Java for Business Remote Code Execution Vulnerability 46395 Oracle Java SE and Java for Business CVE-2010-4467 Remote Java Runtime Environment Vulnerability 46397 Oracle Java SE and Java for Business CVE-2010-4450 Remote Java Runtime Environment Vulnerability 46398 Oracle Java SE and Java for Business CVE-2010-4448 Remote Java Runtime Environment Vulnerability 46399 Oracle Java SE and Java for Business CVE-2010-4471 Remote Security Vulnerability 46403 Oracle Java SE and Java for Business CVE-2010-4473 Remote Java Runtime Environment Vulnerability 46404 Oracle Java SE and Java for Business CVE-2010-4472 Remote Java Runtime Environment Vulnerability 46406 Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability 46767 Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability 47171 Oracle Solaris CVE-2011-0412 Password Hash Local Information Disclosure Weakness 47429 Oracle Database Server CVE-2011-0792 Remote Oracle Warehouse Builder Vulnerability 47430 Oracle Database CVE-2011-0806 Network Foundation Remote Vulnerability 47431 Oracle Database Server CVE-2011-0799 Remote Warehouse Builder Vulnerability 47432 Oracle Database Server CVE-2011-0804 Remote Database Vault Vulnerability 47434 Oracle E-Business Suite CVE-2011-0809 Web ADI Remote Vulnerability 47435 Oracle Outside In Technology Lotus 123 File Parsing Remote Code Execution Vulnerability 47436 Oracle Database Server CVE-2011-0793 Remote Database Vault Vulnerability 47437 Oracle Outside In Technology Microsoft CAB File Parsing Remote Code Execution Vulnerability 47438 Oracle Sun GlassFish/Java System Application Server Remote Authentication Bypass Vulnerability 47439 Oracle PeopleSoft Enterprise HRMS CVE-2011-0853 Remote PeopleSoft Enterprise HRMS Vulnerability 47440 Oracle E-Business Suite CVE-2011-0797 Applications Install Remote Vulnerability 47441 Oracle Database Server CVE-2011-0805 Remote UIX Vulnerability 47442 Oracle PeopleSoft Enterprise HRMS CVE-2011-0854 Remote PeopleSoft Enterprise HRMS Vulnerability 47443 Oracle Database Server CVE-2011-0785 Remote Oracle Help Vulnerability 47444 Oracle Sun Solaris 11 Express CVE-2011-0841 Remote Vulnerability 47445 Oracle PeopleSoft Enterprise HRMS CVE-2011-0858 Remote Talent Acquisition Manager Vulnerability 47446 Oracle E-Business Suite CVE-2011-0791 Remote Application Object Library Vulnerability 47448 Oracle PeopleSoft Enterprise HRMS CVE-2011-0857 Remote PeopleSoft Enterprise HRMS Vulnerability 47449 Oracle E-Business Suite CVE-2011-0796 Applications Install Local Vulnerability 47450 Oracle Sun Solaris CVE-2011-0800 Local Vulnerability 47451 Oracle Enterprise Manager Grid Control CVE-2011-0787 Remote Security Vulnerability 47452 Oracle JD Edwards EnterpriseOne Tools CVE-2011-0825 Remote Vulnerability 47453 Oracle PeopleSoft Enterprise HRMS CVE-2011-0859 Remote Global Payroll North America Vulnerability 47454 Oracle Supply Chain Product CVE-2011-0837 Remote Agile Technology Platform Vulnerability 47455 Oracle JD Edwards EnterpriseOne Tools CVE-2011-0824 Remote Vulnerabilty 47456 Oracle Peoplesoft Enterprise CVE-2011-0826 Remote Vulnerability 47459 Oracle PeopleSoft Enterprise HRMS CVE-2011-0860 Remote Global Payroll Spain Vulnerability 47460 Oracle PeopleSoft Enterprise CRM CVE-2011-0850 Remote Vulnerability 47461 Oracle JD Edwards EnterpriseOne Tools CVE-2011-0803 Remote Vulnerability 47462 Oracle PeopleSoft CVE-2011-0828 Remote PeopleSoft Enterprise Vulnerability 47463 Oracle Portal CVE-2011-0798 Remote Security Vulnerability 47464 Oracle JD Edwards OneWorld Tools CVE-2011-0818 Remote Vulnerability 47465 Oracle PeopleSoft Enterprise CVE-2011-0827 Remote Vulnerability 47466 Oracle JD Edwards EnterpriseOne Tools CVE-2011-0819 Remote Vulnerability 47467 Oracle PeopleSoft Enterprise ELS CVE-2011-0851 Remote Vulnerability 47468 Oracle JD Edwards OneWorld Tools CVE-2011-0823 Remote Vulnerability 47469 Oracle JD Edwards EnterpriseOne Tools CVE-2011-0810 Remote Vulnerability 47470 Oracle PeopleSoft CVE-2011-0861 Remote PeopleSoft Enterprise HRMS Vulnerability 47471 Oracle PeopleSoft CVE-2011-0840 Remote PeopleSoft Enterprise PeopleTools Vulnerability 47472 Oracle Peoplesoft Enterprise CVE-2011-0856 Remote Vulnerability 47473 Oracle InForm CVE-2011-0855 Remote Vulnerability 47475 Oracle Application Server CVE-2011-0795 Remote Security Vulnerability 47476 Oracle Sun Solaris CVE-2011-0829 Local Vulnerability 47477 Oracle Solaris CVE-2011-0812 Local Solaris Vulnerability 47478 Oracle Solaris CVE-2011-0839 Local Solaris Vulnerability 47479 Oracle Oracle JD Edwards EnterpriseOne and OneWorld Tools CVE-2011-0836 Remote Vulnerability 47480 Oracle Solaris CVE-2011-0820 Remote Kernel Vulnerability 47481 Oracle OpenSSO & Java System Access Manager CVE-2011-0847 Remote Vulnerability 47483 Oracle Java Dynamic Management Kit CVE-2011-0849 Remote Vulnerability 47484 Oracle Siebel CVE-2011-0833 Remote Siebel CRM Core Vulnerability 47486 Oracle Siebel CVE-2011-0834 Remote Siebel CRM Core Vulnerability 47487 Oracle Java System Access Manager Policy Agent CVE-2011-0846 Remote Web Proxy Agent Vulnerability 47488 Oracle Siebel CVE-2011-0843 Remote Siebel CRM Core Vulnerability 47489 Oracle Application Server CVE-2011-0789 Remote Security Vulnerability 47490 Oracle OpenSSO & Java System Access Manager CVE-2011-0844 Remote Vulnerability 47491 Oracle Solaris CVE-2011-0801 Local Vulnerability 47492 Oracle Solaris CVE-2011-0813 Local Kernel Vulnerability 47493 Oracle Sun Solaris CVE-2011-0821 Local Vulnerability 47494 Oracle Solaris CVE-2011-0790 Local Vulnerability

Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port. Tor is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information to launch further attacks. Versions prior to Tor 0.2.2.24 are vulnerable

The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the code responsible for authenticating users. The GernalUtilities.pm file contains code to validate sessions by parsing cookie values without sanitization. The faulty logic simply checks for the existence of a particular file, without verifying its contents. By using a directory traversal technique an attacker can point the cgisess cookie value to an arbitrary file that exists on the server and thus bypass authentication. This issue may allow websites to bypass certain security restrictions and gain access to potentially sensitive information. This issue was introduced in McAfee Firewall Reporter 5.1.0.6. ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-117 April 11, 2011 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: McAfee -- Affected Products: McAfee Firewall Reporter -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 10522. -- Vendor Response: McAfee states: Fixed February 9, 2011 Bulletin modified April 11, 2011: https://kc.mcafee.com/corporate/index?page=content&id=SB10015 -- Disclosure Timeline: 2010-09-22 - Vulnerability reported to vendor 2011-04-11 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Andrea Micalizzi aka rgod -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi . ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: McAfee Firewall Reporter Web Interface Security Bypass Vulnerability SECUNIA ADVISORY ID: SA44110 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44110/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44110 RELEASE DATE: 2011-04-14 DISCUSS ADVISORY: http://secunia.com/advisories/44110/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44110/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44110 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in McAfee Firewall Reporter, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is reported in version 5.1.0.6. SOLUTION: Update to version 5.1.0.13. PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi (rgod) via ZDI ORIGINAL ADVISORY: McAfee: https://kc.mcafee.com/corporate/index?page=content&id=SB10015 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-117/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6.x through 10.x, and NEC IP38X series routers with firmware 6.x through 10.x, do not properly handle IP header options, which allows remote attackers to cause a denial of service (device reboot) via a crafted option that triggers access to an invalid memory location. Multiple routers provided by Yamaha contain a denial-of-service vulnerability. Multiple routers provided by Yamaha contain a denial-of-service (DoS) vulnerability due to an issue in processing IP packets. Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote attacker may cause a denial-of-service (DoS). The Yamaha RT Series Router is a high speed broadband router device. A security vulnerability exists in the Yamaha RT series router when parsing IP packets, allowing an attacker to perform a denial of service attack on the device. Successful exploits will cause the device to crash, denying service to legitimate users. ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: Yamaha RT Series Routers IP Header Parsing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44087 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44087/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44087 RELEASE DATE: 2011-04-12 DISCUSS ADVISORY: http://secunia.com/advisories/44087/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44087/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44087 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Yamaha RT Series Routers, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when parsing certain IP header options and can be exploited to cause a device to reboot via a specially crafted packet. Please see the vendor's advisory for the list of affected products and versions. SOLUTION: Update to a fixed firmware version if available or restrict access to trusted hosts only. Please see the vendor's advisory for more details. ORIGINAL ADVISORY: Yamaha: http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN55714408.html JVN: http://jvn.jp/en/jp/JVN55714408/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors. Pure-FTPd in SUSE is prone to a local insecure-file-permissions vulnerability. A local attacker can exploit this issue to overwrite certain files. This may lead to privilege escalation; other attacks may also be possible. ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: SUSE pure-ftpd Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA44039 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44039/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44039 RELEASE DATE: 2011-04-08 DISCUSS ADVISORY: http://secunia.com/advisories/44039/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44039/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44039 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has acknowledged a vulnerability in the pure-ftpd package for SUSE Linux Enterprise Server, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error related to a world-writable folder created by the "OES pure-ftpd Netware extensions", which can be exploited to manipulate system files and gain escalated privileges. Further information is currently not available. SOLUTION: Apply updated packages via the zypper package manager. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SUSE-SU-2011:0306-1: https://hermes.opensuse.org/messages/7849430 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

vtiger CRM is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. vtiger CRM 5.2.1 is vulnerable; other versions may also be affected.

Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and earlier, 5.5 through 5.5 patch 4, and 6.0 through 6.0 patch 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Password Vault Web Access (PVWA) provided by Cyber-Ark Software, Ltd. contains a cross-site scripting vulnerability. Password Vault Web Access (PVWA) is a module in the Privileged Identity Management Suite that allows access via a web portal. PVWA contains a cross-site scripting vulnerability.An arbitrary script may be executed on the web browser of an user who is logged on. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: Cyber-Ark PIM Suite Password Vault Web Access Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44058 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44058/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44058 RELEASE DATE: 2011-04-09 DISCUSS ADVISORY: http://secunia.com/advisories/44058/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44058/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44058 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cyber-Ark PIM Suite, which can be exploited by malicious people to conduct cross-site scripting attacks. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN11424086/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000023.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Fiberhome HG-110 is an ADSL router device. The Fiberhome HG-110 has a cross-site scripting attack that can lead to the disclosure of sensitive information or unauthorized access to system sensitive files. Fiberhome HG-110 is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to view arbitrary local files and directories within the context of the webserver. This may let the attacker steal cookie-based authentication credentials and other harvested information, which may aid in launching further attacks. Fiberhome HG-110 firmware 1.0.0 is vulnerable other versions may also be affected

tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option. Local attackers may exploit this issue to gain elevated privileges; other attacks may also be possible. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2212-1 security@debian.org http://www.debian.org/security/ Nico Golde April 7, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tmux Vulnerability : privilege escalation Problem type : local Debian-specific: yes CVE ID : CVE-2011-1496 Debian bug : 620304 Daniel Danner discovered that tmux, a terminal multiplexer, is not properly dropping group privileges. The oldstable distribution (lenny) is not affected by this problem, it does not include tmux. For the stable distribution (squeeze), this problem has been fixed in version 1.3-2+squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 1.4-6. For the testing distribution (sid), this problem has been fixed in version 1.4-6. We recommend that you upgrade your tmux packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2eFbcACgkQHYflSXNkfP/NsgCfcy8X81nTclGCQSWTXxX1/wDF o3kAnR7KmINuzH+MnbAls9Vf8Ewib/Bc =jUL0 -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: Debian update for tmux SECUNIA ADVISORY ID: SA44081 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44081/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44081 RELEASE DATE: 2011-04-09 DISCUSS ADVISORY: http://secunia.com/advisories/44081/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44081/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44081 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for tmux. The security issue is caused due to the application not dropping group privileges and can be exploited to perform certain actions using permissions of the "tmux" group. SOLUTION: Apply updated packages via the apt-get package manager. PROVIDED AND/OR DISCOVERED BY: Reported by Daniel Danner in a Debian bug report. ORIGINAL ADVISORY: DSA-2212-1: http://www.debian.org/security/2011/dsa-2212 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL Router Classic allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the PortRule_Name parameter. The device is produced by ZyXEL, it seems it has no other name than the brand "O2 DSL Router Classic". As an example, the form at /Forms/PortForwarding_Edit_1 accepts javascript code for the parameter PortRule_Name, which will be permanently stored. Also, the form has no protection against CSRF. A sample code that will inject permanent javascript when called by a user who is logged into his router: <form id="form1" method="post" action="http://192.168.1.1/Forms/PortForwarding_Edit_1"> <input name="PortRule_Name" value='"><script>alert(7)</script>'> <input name="PortRule_SPort" value="77"> <input name="PortRule_EPort" value="77"> <input name="PortRule_SrvAddr" value="10.0.0.1" > <script> var frm = document.getElementById("form1"); frm.submit(); </script> This is just an example, all forms in the router interface are vulnerable to CSRF and, if they accept text input, to XSS. The vulnerability has been disclosed to O2 in advance without any reply. Disclosure Timeline 2011-02-03: Vendor contacted 2011-04-07: Published advisory This vulnerability was discovered by Hanno Boeck, http://www.hboeck.de, of schokokeks.org webhosting

The O2 DSL Router Classic is a router. O2 DSL Router Classic has a cross-site request forgery vulnerability. An attacker could exploit the vulnerability to execute arbitrary instructions in the context of a user session. This may aid in other attacks. Other attacks are also possible

vtiger CRM is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. vtiger CRM 5.2.1 is vulnerable; other versions may also be affected.

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. The ISC dhclient contains a vulnerability that could allow a remote attacker to execute arbitrary code on the client machine. Apple From Apple Time Capsule and AirPort Base Station (802.11n) Firmware update for has been released.Crafted DHCP Any command may be executed by processing the response. A remote attacker can exploit this issue through a rogue DHCP server. Additionally for Corporate Server 4 and Enterprise Server 5 ISC DHCP has been upgraded from the 3.0.7 version to the 4.1.2-P1 version which brings many enhancements such as better ipv6 support. Packages for 2009.0 are provided as of the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 http://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1-RELNOTES https://www.isc.org/software/dhcp/advisories/cve-2011-0997 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 0fe2b147ebdba8b68f69ddc27160db5c 2009.0/i586/dhcp-client-4.1.2-0.4mdv2009.0.i586.rpm f4ee7090da2bec5cb4482f2fa21beb8b 2009.0/i586/dhcp-common-4.1.2-0.4mdv2009.0.i586.rpm a4a5bd2f2d8f4d40a4c60d5dde55307c 2009.0/i586/dhcp-devel-4.1.2-0.4mdv2009.0.i586.rpm 814bc88e335fb03901f326300ae92961 2009.0/i586/dhcp-doc-4.1.2-0.4mdv2009.0.i586.rpm ec52571bb8002e9394b1eb6e6fc95b64 2009.0/i586/dhcp-relay-4.1.2-0.4mdv2009.0.i586.rpm e7fed43b5db92babf8ca3acbd7210b7f 2009.0/i586/dhcp-server-4.1.2-0.4mdv2009.0.i586.rpm 18489ac449e257f1fa9aad9e7a054b45 2009.0/SRPMS/dhcp-4.1.2-0.4mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: b557459f67de2b8ec481d313d9a26cb2 2009.0/x86_64/dhcp-client-4.1.2-0.4mdv2009.0.x86_64.rpm b4ea7a9670866fff6cd3f4eb77073a84 2009.0/x86_64/dhcp-common-4.1.2-0.4mdv2009.0.x86_64.rpm 4f9a9c9a9815697e17a65b942771e31d 2009.0/x86_64/dhcp-devel-4.1.2-0.4mdv2009.0.x86_64.rpm df18345c665846817880f815af0ad0e8 2009.0/x86_64/dhcp-doc-4.1.2-0.4mdv2009.0.x86_64.rpm eac313ff664e3ea9f8e4c3818d7b7387 2009.0/x86_64/dhcp-relay-4.1.2-0.4mdv2009.0.x86_64.rpm 48cca35591072588de0e1b9f00ca88eb 2009.0/x86_64/dhcp-server-4.1.2-0.4mdv2009.0.x86_64.rpm 18489ac449e257f1fa9aad9e7a054b45 2009.0/SRPMS/dhcp-4.1.2-0.4mdv2009.0.src.rpm Mandriva Linux 2010.0: 88ba2b9d0ccfddf8b1b6f516851d08ce 2010.0/i586/dhcp-client-4.1.2-0.4mdv2010.0.i586.rpm 1475209ee7b9fb9b7f26ad5b20afcdcf 2010.0/i586/dhcp-common-4.1.2-0.4mdv2010.0.i586.rpm ea29d2bfd21b02a56057cd36dc21f43a 2010.0/i586/dhcp-devel-4.1.2-0.4mdv2010.0.i586.rpm 067c3ac4f7530e447f82bbe4326253a3 2010.0/i586/dhcp-doc-4.1.2-0.4mdv2010.0.i586.rpm 409516cfb0004d5f4522040b81433ce7 2010.0/i586/dhcp-relay-4.1.2-0.4mdv2010.0.i586.rpm a23871dfa6632571cdf4a2559941ad89 2010.0/i586/dhcp-server-4.1.2-0.4mdv2010.0.i586.rpm 265c9ec68af7e23baf8b1b6fcc4cc64f 2010.0/SRPMS/dhcp-4.1.2-0.4mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 403dfe148141d926bc2f5e31c18360ba 2010.0/x86_64/dhcp-client-4.1.2-0.4mdv2010.0.x86_64.rpm 2cd0331b9935442a68d606e1d58b0608 2010.0/x86_64/dhcp-common-4.1.2-0.4mdv2010.0.x86_64.rpm 80a31ea430793ce9d2269c9d31aa03bd 2010.0/x86_64/dhcp-devel-4.1.2-0.4mdv2010.0.x86_64.rpm d5053dc644215e70dfc5380afdbc90c4 2010.0/x86_64/dhcp-doc-4.1.2-0.4mdv2010.0.x86_64.rpm 377fe3099561dd0a795617977164b91f 2010.0/x86_64/dhcp-relay-4.1.2-0.4mdv2010.0.x86_64.rpm 57b98ba8696c7a7d20ab96a823f4ff0d 2010.0/x86_64/dhcp-server-4.1.2-0.4mdv2010.0.x86_64.rpm 265c9ec68af7e23baf8b1b6fcc4cc64f 2010.0/SRPMS/dhcp-4.1.2-0.4mdv2010.0.src.rpm Mandriva Linux 2010.1: 5b603213aa47a9772cf786ae6ee046da 2010.1/i586/dhcp-client-4.1.2-0.4mdv2010.2.i586.rpm 3046be07aaa09d1b39fcc8c07ef25e58 2010.1/i586/dhcp-common-4.1.2-0.4mdv2010.2.i586.rpm 1b5a481f6db0b53e666884cfda6ac44c 2010.1/i586/dhcp-devel-4.1.2-0.4mdv2010.2.i586.rpm 279beab531b59a715c946a00bd58fc48 2010.1/i586/dhcp-doc-4.1.2-0.4mdv2010.2.i586.rpm a328ab24b56f1ac03f8f420acd0a3806 2010.1/i586/dhcp-relay-4.1.2-0.4mdv2010.2.i586.rpm f7c61c55748270add2fe45d3245895c8 2010.1/i586/dhcp-server-4.1.2-0.4mdv2010.2.i586.rpm 30d4e8965d393765fb98b425889df126 2010.1/SRPMS/dhcp-4.1.2-0.4mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 27f78c74028b1ea64dbd596c05cfa83f 2010.1/x86_64/dhcp-client-4.1.2-0.4mdv2010.2.x86_64.rpm ab56614386900415fecba15f4c17db13 2010.1/x86_64/dhcp-common-4.1.2-0.4mdv2010.2.x86_64.rpm 535a2eb4b6a4b1f78f47201e0b4249c3 2010.1/x86_64/dhcp-devel-4.1.2-0.4mdv2010.2.x86_64.rpm 64e9bac6fe8f4dbee3e1aebd5d91e977 2010.1/x86_64/dhcp-doc-4.1.2-0.4mdv2010.2.x86_64.rpm 612892e71f2aeddfd8b55cd7ac220247 2010.1/x86_64/dhcp-relay-4.1.2-0.4mdv2010.2.x86_64.rpm 9bb46bca8de30ee4b99bfe09867a3924 2010.1/x86_64/dhcp-server-4.1.2-0.4mdv2010.2.x86_64.rpm 30d4e8965d393765fb98b425889df126 2010.1/SRPMS/dhcp-4.1.2-0.4mdv2010.2.src.rpm Corporate 4.0: f49d86732da26402b022b2d980049c03 corporate/4.0/i586/dhcp-client-4.1.2-0.4.20060mlcs4.i586.rpm acd985bc51c25cc42325befb357b0dcc corporate/4.0/i586/dhcp-common-4.1.2-0.4.20060mlcs4.i586.rpm c01506a802e46af23c8f10a72c6a0eb2 corporate/4.0/i586/dhcp-devel-4.1.2-0.4.20060mlcs4.i586.rpm 81522530fa5e97057d6eeea18ad7bec3 corporate/4.0/i586/dhcp-doc-4.1.2-0.4.20060mlcs4.i586.rpm 2ebfdf7ee9224b7403c4ab5e8370d9ab corporate/4.0/i586/dhcp-relay-4.1.2-0.4.20060mlcs4.i586.rpm c2bbacf8934b9e3dc78cdb49cd811ec9 corporate/4.0/i586/dhcp-server-4.1.2-0.4.20060mlcs4.i586.rpm ac3031a0c5dfeb6274aa28d669e66cba corporate/4.0/SRPMS/dhcp-4.1.2-0.4.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2747bf835e111141b9a91dc320eeab43 corporate/4.0/x86_64/dhcp-client-4.1.2-0.4.20060mlcs4.x86_64.rpm 0c998112346a5da94e09d55c996d6dff corporate/4.0/x86_64/dhcp-common-4.1.2-0.4.20060mlcs4.x86_64.rpm fd38ef505da0c593ef900895abeb1ddc corporate/4.0/x86_64/dhcp-devel-4.1.2-0.4.20060mlcs4.x86_64.rpm 69b3d6cbf21c46828de40a322fd1310d corporate/4.0/x86_64/dhcp-doc-4.1.2-0.4.20060mlcs4.x86_64.rpm c5acb788ae76e674952d656fa9b0d1a5 corporate/4.0/x86_64/dhcp-relay-4.1.2-0.4.20060mlcs4.x86_64.rpm e19db50139a291a7acd23491af5f8d54 corporate/4.0/x86_64/dhcp-server-4.1.2-0.4.20060mlcs4.x86_64.rpm ac3031a0c5dfeb6274aa28d669e66cba corporate/4.0/SRPMS/dhcp-4.1.2-0.4.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 7cbe686b047a6fd6f95cda44669e5862 mes5/i586/dhcp-client-4.1.2-0.4mdvmes5.2.i586.rpm af8b9fe15591b76c11f2257e0cb43a37 mes5/i586/dhcp-common-4.1.2-0.4mdvmes5.2.i586.rpm 2a22a53e6de1a9333c36c5cc250c5ac4 mes5/i586/dhcp-devel-4.1.2-0.4mdvmes5.2.i586.rpm 9ca551145fc79919000a61419e72de37 mes5/i586/dhcp-doc-4.1.2-0.4mdvmes5.2.i586.rpm e9faa5fae712882720b107eb02e51f1f mes5/i586/dhcp-relay-4.1.2-0.4mdvmes5.2.i586.rpm 8568f3bac9dd6654b63ebee94c33275e mes5/i586/dhcp-server-4.1.2-0.4mdvmes5.2.i586.rpm 0e5415cf40dde2931cd1b81aada5e7f7 mes5/SRPMS/dhcp-4.1.2-0.4mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 87ae497e9b94fb842718b4fbefb55474 mes5/x86_64/dhcp-client-4.1.2-0.4mdvmes5.2.x86_64.rpm 71d70558972e1f0729513fce69183de2 mes5/x86_64/dhcp-common-4.1.2-0.4mdvmes5.2.x86_64.rpm 0f12150d87816bd1770388d8dc309d21 mes5/x86_64/dhcp-devel-4.1.2-0.4mdvmes5.2.x86_64.rpm 0450f2a86dab4988d1c96a8e9747104f mes5/x86_64/dhcp-doc-4.1.2-0.4mdvmes5.2.x86_64.rpm 6a043f417310b6229e8fb8d967c12a8d mes5/x86_64/dhcp-relay-4.1.2-0.4mdvmes5.2.x86_64.rpm e4281f48c410412f60fd33f095b9199c mes5/x86_64/dhcp-server-4.1.2-0.4mdvmes5.2.x86_64.rpm 0e5415cf40dde2931cd1b81aada5e7f7 mes5/SRPMS/dhcp-4.1.2-0.4mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNotZnmqjQ0CJFipgRAsarAJ4zitKb2D4e53sOLX4vqvuPs5tLCACffyPE Y8Ya7GFbhILVKuKTG+Ps+3k= =EXBX -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . This issue is addressed by stripping shell meta-characters in dhclient-script. It is recommended that AirPort Utility 5.5.3 or later be installed before upgrading to Firmware version 7.6. These options are reused in an insecure fashion by dhclient scripts. For the oldstable distribution (lenny), this problem has been fixed in version 3.1.1-6+lenny5. For the stable (squeeze), testing (wheezy) and unstable (sid) distributions, this problem has been fixed in an additional update for isc-dhcp. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: dhcp security update Advisory ID: RHSA-2011:0840-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0840.html Issue date: 2011-05-31 CVE Names: CVE-2011-0997 ===================================================================== 1. Summary: Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (v. 3 ELS) - i386 Red Hat Enterprise Linux ES (v. 3 ELS) - i386 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. (CVE-2011-0997) Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for reporting this issue. All dhclient users should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 689832 - CVE-2011-0997 dhclient: insufficient sanitization of certain DHCP response values 6. Package List: Red Hat Enterprise Linux AS (v. 3 ELS): Source: dhcp-3.0.1-10.3_EL3.src.rpm i386: dhclient-3.0.1-10.3_EL3.i386.rpm dhcp-3.0.1-10.3_EL3.i386.rpm dhcp-debuginfo-3.0.1-10.3_EL3.i386.rpm dhcp-devel-3.0.1-10.3_EL3.i386.rpm Red Hat Enterprise Linux ES (v. 3 ELS): Source: dhcp-3.0.1-10.3_EL3.src.rpm i386: dhclient-3.0.1-10.3_EL3.i386.rpm dhcp-3.0.1-10.3_EL3.i386.rpm dhcp-debuginfo-3.0.1-10.3_EL3.i386.rpm dhcp-devel-3.0.1-10.3_EL3.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-0997.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is &lt;secalert@redhat.com&gt;. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFN5QSLXlSAg2UNWIIRAsdVAJ9mkD7RcbzsYOkK8JnEQsRSeelYuwCeNmZd LdK24/RBkJXiFOiY5pI8Eig= =HTuE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================== Ubuntu Security Notice USN-1108-1 April 11, 2011 dhcp3 vulnerability CVE-2011-0997 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: dhcp3-client 3.0.3-6ubuntu7.2 Ubuntu 8.04 LTS: dhcp3-client 3.0.6.dfsg-1ubuntu9.2 Ubuntu 9.10: dhcp3-client 3.1.2-1ubuntu7.2 Ubuntu 10.04 LTS: dhcp3-client 3.1.3-2ubuntu3.1 Ubuntu 10.10: dhcp3-client 3.1.3-2ubuntu6.1 In general, a standard system update will make all the necessary changes. Details follow: Sebastian Krahmer discovered that the dhclient utility incorrectly filtered crafted responses. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.3-6ubuntu7.2.diff.gz Size/MD5: 68426 b4a36d1b44e8276211cef0b9bfbb6ea5 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.3-6ubuntu7.2.dsc Size/MD5: 1428 2fe76544defdfa3d4ab61d548ea5bc03 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.3.orig.tar.gz Size/MD5: 870240 f91416a0b8ed3fd0601688cf0b7df58f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 221524 2cc3c7815cb6e6a2cc21d0c2a6286202 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 454060 4d6e00d001d85359af4777316c012038 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 131252 bf862b9ce2cc9888f9e617f42c0d8f77 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 321024 383390887daadd122e7e66a9896e0432 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_amd64.udeb Size/MD5: 177440 04a6bc2b53da66245b8b79b71d8f82ed http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_amd64.deb Size/MD5: 105842 9616c95d8f2d487fd330fb9b33c58474 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 196930 ebaee96958395481e8c9c25a6591c1a3 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 431162 6fec8eaee0c753e95193f507e3c2c1eb http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 117544 76fd573dc96ade71033c31e9965a1ede http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 289684 8d0c386dc142ca3e69766e26fa6ced00 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_i386.udeb Size/MD5: 152296 98cdda8ba797a8f3532e2db2c95f5329 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_i386.deb Size/MD5: 94176 369f369a8fd6b58df3e293a5264c8047 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 203612 da623d9e1694169cfc1de56f2e0df6e4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 435818 a6f18c0a5083885f0f3ad270a52f1ea9 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 130290 8ed50d04b1c91276b0bdf19b3cda3fcd http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 297742 95b7742e4fb7c4720add03965ef51b45 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_powerpc.udeb Size/MD5: 158466 61e6403a4a5db1783c43fbfe6ad74e8c http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_powerpc.deb Size/MD5: 96696 a7d275b7895e47d8141fab29a3db415b sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 200826 04fe774f2349b12af88465a96a4443b4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 434238 c71c8b52f5324385d13e3610e7bef30e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 126784 ca67a9bd308dfb73bf85906f53e8ae6b http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 294084 628696dfa6a0c9a2713b7fde4390d700 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-client-udeb_3.0.3-6ubuntu7.2_sparc.udeb Size/MD5: 156068 907d41b490e6155c580b83cec96e3f71 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.3-6ubuntu7.2_sparc.deb Size/MD5: 96810 d1559518c2fc467cf6244ee8cd29176b Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.6.dfsg-1ubuntu9.2.diff.gz Size/MD5: 97783 a2e0e7077df662a15c039c462ecd8e3d http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.6.dfsg-1ubuntu9.2.dsc Size/MD5: 1537 ccf77a9747dc8cbc6b65e0d94ab9c43b http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.0.6.dfsg.orig.tar.gz Size/MD5: 724045 e89ef34005c576ddbb229e3b4478f6e2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_amd64.udeb Size/MD5: 180140 9b8c326a22be742b43e2b8d9b07d4f86 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 242126 8053c2330e512d48f0318af10079c50a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 300696 15bbfae5ba97f27d0c896b886773f02b http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 124032 82fe33e521c7ee08b7a00596acc8cb8d http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 342596 40acd4d59e72be79a5c930254bee0223 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_amd64.deb Size/MD5: 114396 5e5c7a86cec5ef70f927cbf53fffec4d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_i386.udeb Size/MD5: 159988 7c2cd082adad4cdae500b88b9429ea24 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 221966 92748d084525779ad31fe09ae76ca8d5 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 281564 0e64a350c9599b473f42949dbaa44533 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 109818 5ef8d14534865cdf0b63699e54ab684a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 318748 205746468ea8d58f1babe96c28f46983 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_i386.deb Size/MD5: 103376 15e19ab3867304e29f59f3e97170f145 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_lpia.udeb Size/MD5: 158248 1ce010480a0ea9a1a8683995ab5c9b68 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 220236 d0c1551dde51da5503fe3be6288a23bb http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 279790 cf35fa8aaca649fd85366e684628a580 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 109062 d1ff75192f05906028ac9001483529da http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 316576 6f95deb3879a7c38c0f9cd1ba1ff0228 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_lpia.deb Size/MD5: 102310 d4b1c32f8c1d1a6383fc09580e46ec79 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_powerpc.udeb Size/MD5: 177278 29a10d5d08bc3797b67770a4028758ff http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 242046 27324a8f5623a94ff813148a5267fb4b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 296498 4b8af066dc6c2481e4ff360800c04e74 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 122548 9ad8db4fbd23f1760d1bc123b01f014b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 341860 28075deaecbdc1d77166dcb1623a8c85 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_powerpc.deb Size/MD5: 112934 766413326d6486146da4aec03a2654bc sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.0.6.dfsg-1ubuntu9.2_sparc.udeb Size/MD5: 156574 742d54969d6dd68e7ac86ca00e1b1832 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 218754 60013fe472200e1bf45d9b02d80a244e http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 277066 bf1034124c51ddacf732c2887957a46e http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 113494 b50639e27d92c0ababba9fab23242d7d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 313426 b93d5ec9d7ea9717a79d6bf2bb80a285 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.0.6.dfsg-1ubuntu9.2_sparc.deb Size/MD5: 102930 df99654fbd9e6f5aba7f962adb9d6470 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.2-1ubuntu7.2.diff.gz Size/MD5: 141611 0cab5bee752928f3c9f0c8e1ded26167 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.2-1ubuntu7.2.dsc Size/MD5: 1955 a26905456538cd0d30e924e488302fc4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.2.orig.tar.gz Size/MD5: 799626 85901a9554650030df7d1ef3e5959fdf Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp-client_3.1.2-1ubuntu7.2_all.deb Size/MD5: 26206 905e286082551fcbc23916052de7e2fa amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_amd64.udeb Size/MD5: 208604 5bb8643607d5f416205174f97d443e8e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 270930 fa0267775f2471f0be30499bf121b6e7 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 332152 ee101e67b7ad97bd410e983da115484d http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 127130 0d4b4a1dc992d56f8c01d94990290910 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 395062 a5ab658903283a97dd658e5cdfe6a45e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 125444 6f12bfb86b46567aa8e2ecba8af1852e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_amd64.deb Size/MD5: 348242 8fe33e4a7afac6d5a952d0c158d7ed45 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_i386.udeb Size/MD5: 191210 64285abd7e68c517eefcf3ff5eecb909 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 252916 749769cec2a5d0cdfe5ddb67e6864270 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 315850 e0deb4932a763831adc3e73cf0f068fa http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 116650 434d9e26a1b3b5a4b5fd94bea2c581b4 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 372288 481d9d80e948895969b72be4b825fbb8 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 116424 49010850bef64719353588c5d88e6714 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_i386.deb Size/MD5: 326174 7f328cba4c811d5d56582328f1ad6b1d armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_armel.udeb Size/MD5: 174400 4ed674aa3f13c4c4012def78b6cfd62f http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 236228 c14a8f75dc70e363afb2e39b9b6c9b68 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 300026 8183f7371713d8ddc8bd2b8f8d979794 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 112806 41dcceea5abd7feac4f1f7465b3892b7 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 349366 ea2f47d49b065c252caeb33d9d273363 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 108672 f277fadf0e50c5325b20f8001f30108a http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_armel.deb Size/MD5: 301210 76887fde4612e80131c94a00b328a874 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_lpia.udeb Size/MD5: 187330 e70af0ba0633b7a10c666f2f2e30b017 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 249154 bde848f0444ac204f0781d848771b2e7 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 312056 e131e50d9159fb5a7cf92bd7532c6d5b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 115610 6bf9bc6ccc3986f7bda77f6e0929bd2b http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 368276 a5d4ce07f31b702817fb3d3961fd8a7b http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 114588 d030b6a51bf6eb1b682c88fcfc92cdda http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_lpia.deb Size/MD5: 321710 5c51aac0b4ea78167072cce854d63f47 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_powerpc.udeb Size/MD5: 199998 aff548b71963695089f418a502bc5e01 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 262344 a4799a7b4c6d6d91120ef36537485080 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 324014 c6be94d8dda2d47ea08c3f1277160eda http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 120394 4b35e8aa5a363a659daa6232a0a76501 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 382434 9c71333d4f8ccc12d14996fa42ba60b7 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 120310 32c5affaeb955349a26cae2bd9c92236 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_powerpc.deb Size/MD5: 335902 5460f8f32a30489940cf69855983ed3c sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.2-1ubuntu7.2_sparc.udeb Size/MD5: 203458 038c030a32c3d74e3d20cb4f8eaf5336 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 265862 67e06c4f7f5352a3248060245f41837c http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 324634 873eeaf81f86f69e1de8f2c9c2335fda http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 116874 4583b6c0cd5cf6abf8fc81ae1c5656a2 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 387388 d31379a7fe21d36761ce6d6e01d51ba7 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 121616 62ed8721ad7cfe9f45448c321be12340 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.2-1ubuntu7.2_sparc.deb Size/MD5: 341160 9e72b31fccc6ca7d33fcf814f7cca8be Updated packages for Ubuntu 10.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu3.1.diff.gz Size/MD5: 145049 762c8d99c1e8e1245830ff0cfc9c22cf http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu3.1.dsc Size/MD5: 1950 6fc0ed0a5f2f2897b25cb127fdf599bb http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3.orig.tar.gz Size/MD5: 804097 6ee8af8b283c95b3b4db5e88b6dd9a26 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp-client_3.1.3-2ubuntu3.1_all.deb Size/MD5: 27294 5873371bf57e765fd69a49ab238f7f5f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_amd64.udeb Size/MD5: 208924 47388e6df5a8a88758f893f0157f7a49 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 273438 3e968127e7212b682e23422ccd498a51 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 335524 c2231ce6ce81fa1a61f33b50879ea8e7 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 127748 31baa39d20b53e7200b146bb5e1dbc7a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 396594 05f2652d1223dbbf59bcfdb86503ec81 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 126830 2017ee773f9e4c4136e6604003978a72 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_amd64.deb Size/MD5: 349758 3a07e9f0c5b36e05024e98f2e01e7a36 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_i386.udeb Size/MD5: 191468 7efe2e4b59392afda8ef1c8d69aa04cd http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 256600 1b24883c7ee056fcbcda20cc1d82673e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 318512 8ad3080333f5d86ad40548de9cfced43 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 118816 c679db32ae992ca9f6fc5473e81df94a http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 376744 e3b708777fcd15c84240e43bf08b5d7e http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 117698 b0dfb728d6d9f69c9af3910744b1fbb8 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_i386.deb Size/MD5: 328168 617edc965494055443d2c43326c411d7 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_armel.udeb Size/MD5: 180926 3969ae580d52c38b45d63ac388cbbe4d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 246116 4956ee0ca5be72ee8ece1cd89ccf5082 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 309348 c8567f86659a5670b6c7167a106bf71a http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 115350 023f49615f6ca0a8f2367e816921fa8d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 361242 b8e92e0d7ee35dccf62349627513b3d5 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 113136 ecc1eca1107bf3d2a85145c87800f0a9 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_armel.deb Size/MD5: 314078 a09784b9e5545593b771e8db596b70ad powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_powerpc.udeb Size/MD5: 200432 0db5e288252f7cec9511aeedd6328a87 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 265410 78eb3d25b509d5d3669a33bf8603b0df http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 327180 9d47f9f6bd35ebd5e53e68ff8cf27473 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 121552 7d955d50534795154e471aea30341fe1 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 385370 dd7f5ffd85a725a8cb4f8fe6a067d0bb http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 121446 0ccdd1ca74fcd96be84596ce324f967e http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_powerpc.deb Size/MD5: 337410 54549752057dc73a3e35a158b871ea36 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu3.1_sparc.udeb Size/MD5: 212712 be3c531c2fffd6ad83501e44015a3532 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 277974 5a9ee5790cc705c845cd085c71d001b5 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 335174 22b404e90f206772c786f968392ecef1 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 121764 97643d01dd5dd3eb06859cb881312e6d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 402564 889e3a0882bebb5b4ceb4df3c805d883 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 126888 546ab5281e2ba4672471a30fce814e36 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu3.1_sparc.deb Size/MD5: 353712 64fcbf89ca8fd7af9aa2a9bd66739170 Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu6.1.diff.gz Size/MD5: 151417 604106743c8429a59b9b8af55de854f7 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3-2ubuntu6.1.dsc Size/MD5: 1962 792f947b2a6c3020c45ca1b56771c77e http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3_3.1.3.orig.tar.gz Size/MD5: 804097 6ee8af8b283c95b3b4db5e88b6dd9a26 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp-client_3.1.3-2ubuntu6.1_all.deb Size/MD5: 27778 319b0ce429e455b13a2248cc2cbe3491 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_amd64.udeb Size/MD5: 208588 f4d4d2a63016b2b9960654be7c04b9c5 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 274192 4005626ae7c8ed06bf15a1e014968ebd http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 335392 3f745248ea2b2c54e1771f1789cd13dc http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 128922 dc2dd29ead86d887a22da63f27ae9692 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 398270 ffd780e99cb19cc3884703ec930a68cb http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 126752 a4d3f03e0855ce6ef4cf6a75f33198d1 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_amd64.deb Size/MD5: 349942 430e5e501488da92c3b4e2f2a685912a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_i386.udeb Size/MD5: 190312 23ced3137d0e056d9ce13dd41e656af3 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 255768 07cfc1c5db7b6d8585e9a00513699049 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 317854 f9a58ae40c5f2645e17e2a9349f07edf http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 119094 9af94d26ecd3ce03c9d059ab8db5ff46 http://security.ubuntu.com/ubuntu/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 376052 2dd5ab42f28d13baab1d332c92fcdbcf http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 117472 9638997daef5f353621a3adea0f054d5 http://security.ubuntu.com/ubuntu/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_i386.deb Size/MD5: 327368 93d8a202391be7d55484901a7fa00f09 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_armel.udeb Size/MD5: 191162 ea1961dc40672d12302dcb3e0ae62c44 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 256344 fd6d84d8ca333a1e0cc0efc4c26df7cb http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 319110 4ed5fb07ce8a4997c1132f96e4c29e39 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 118586 ade0a8cfa1217ae39ff58bea47e4faa0 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 377976 7f26e7b4442f8b17b8178fc7b44e6720 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 118802 ee96894319dbf620dbf981a2493cefa0 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_armel.deb Size/MD5: 328204 3a65c3fb55385716b19bbb6fce72ab07 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client-udeb_3.1.3-2ubuntu6.1_powerpc.udeb Size/MD5: 199526 1a984e2503c1a015134cf94e273b768a http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-client_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 264952 7a2139af6f6681dae88cd826c04ce61e http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-common_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 326646 8a1aaf899283814de8b8bcca6125576d http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-dev_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 121952 90719742a1e133ae5edb9c5d6e72ad06 http://ports.ubuntu.com/pool/main/d/dhcp3/dhcp3-server_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 384922 1cb9a8d40d9405b061b28cd2236d3acd http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-relay_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 121542 81b420f37a81e5a05e5aadeaf1cb47c3 http://ports.ubuntu.com/pool/universe/d/dhcp3/dhcp3-server-ldap_3.1.3-2ubuntu6.1_powerpc.deb Size/MD5: 336918 26cba2f6096556526ce2a64556f571e5