VARIoT IoT vulnerabilities database

Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ AAA (authentication, authorization, and accounting) Authentication, authorization, and billing management for network usage ( Access management ) It is a mechanism for doing. Cisco IOS Then AAA It is possible to determine the privilege level of the authenticated user by using and to set authorization for specific commands for each level. Cisco IOS Implemented in AAA The command authorization function includes Tcl Shell mode (tclsh) There is a problem that authorization check is not properly executed for the command executed by. Tcl Shell mode is supported AAA Use the command authorization function IOS A device may be able to execute arbitrary commands with elevated privileges if exploited by a local attacker.Please refer to the “Overview” for the impact of this vulnerability. Cisco IOS is prone to a remote AAA command authorization-bypass vulnerability. This issue allows remote attackers to bypass AAA command authorization checks and to gain elevated access to affected devices. This issue is documented by Cisco bug ID CSCeh73049http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCeh73049. TITLE: Cisco IOS AAA Command Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA18613 VERIFY ADVISORY: http://secunia.com/advisories/18613/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Cisco IOS R12.x http://secunia.com/product/50/ Cisco IOS 12.x http://secunia.com/product/182/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious, local users to bypass certain security restrictions. Note: It has also been reported that an authenticated user is automatically placed into the Tcl Shell mode if a previous user goes into Tcl Shell mode and terminates the session before leaving the Tcl Shell mode. This may help to exacerbate the vulnerability. SOLUTION: Fixes are available (see patch matrix in vendor advisory). http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml PROVIDED AND/OR DISCOVERED BY: The vendor credits Nicolas Fischbach of COLT Telecom. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web". Kerio WinRoute Firewall is prone to a remote denial-of-service vulnerability. An attacker can exploit this vulnerability to crash the affected service, effectively disabling the firewall. This may aid in further attacks. Kerio WinRoute firewall is an enterprise gateway firewall suitable for small and medium businesses. There are loopholes in Kerio WinRoute's handling of specific web browsing operations, and remote attackers may use the loopholes to perform denial-of-service attacks on the firewall. TITLE: Kerio WinRoute Firewall Web Browsing Denial of Service SECUNIA ADVISORY ID: SA18589 VERIFY ADVISORY: http://secunia.com/advisories/18589/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote SOFTWARE: Kerio WinRoute Firewall 6.x http://secunia.com/product/3613/ DESCRIPTION: A vulnerability has been reported in Kerio WinRoute Firewall, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Update to version 6.1.4 Patch 2. http://www.kerio.com/kwf_download.html PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.kerio.com/kwf_history.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before 6.1.4 Patch 1 allow remote attackers to cause a denial of service via multiple unspecified vectors involving (1) long strings received from Active Directory and (2) the filtering of HTML. Kerio WinRoute Firewall is prone to multiple denial of service vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to crash the affected service, effectively disabling the firewall. This may aid in further attacks. Kerio WinRoute firewall is an enterprise gateway firewall suitable for small and medium businesses. Kerio WinRoute has loopholes when processing specific HTML data, and remote attackers may use the loopholes to perform denial-of-service attacks on the firewall. TITLE: Kerio WinRoute Firewall Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA18542 VERIFY ADVISORY: http://secunia.com/advisories/18542/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Kerio WinRoute Firewall 6.x http://secunia.com/product/3613/ DESCRIPTION: Two vulnerabilities have been reported in Kerio WinRoute Firewall, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the handling of certain data when performing HTML content filtering may be exploited to cause a DoS. 2) An error in the handling of overly long strings fetched from the Active Directory may be exploited to cause a DoS. Some other errors, which may be security related, have also been fixed. SOLUTION: Update to version 6.1.4 Patch 1. http://www.kerio.com/kwf_download.html PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.kerio.com/kwf_history.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. plural F-Secure Anti-Virus The product contains a buffer overflow vulnerability.Arbitrary code could be executed by a third party. F-Secure is prone to multiple vulnerabilities when handling archives of various formats. The application is affected by a remote buffer overflow vulnerability when handling malformed ZIP archives. A successful attack can facilitate arbitrary code execution and result in a full compromise. Specially crafted ZIP and RAR archives can also bypass detection. This may result in arbitrary code execution or a malicious code infection. TITLE: F-Secure Anti-Virus Archive Handling Vulnerabilities SECUNIA ADVISORY ID: SA18529 VERIFY ADVISORY: http://secunia.com/advisories/18529/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: >From remote SOFTWARE: F-Secure Personal Express 6.x http://secunia.com/product/6885/ F-Secure Internet Security 2006 http://secunia.com/product/6883/ F-Secure Internet Security 2005 http://secunia.com/product/4300/ F-Secure Internet Security 2004 http://secunia.com/product/3499/ F-Secure Internet Gatekeeper for Linux 2.x http://secunia.com/product/4635/ F-Secure Internet Gatekeeper 6.x http://secunia.com/product/3339/ F-Secure Anti-Virus for Workstations 5.x http://secunia.com/product/457/ F-Secure Anti-Virus for Windows Servers 5.x http://secunia.com/product/452/ F-Secure Anti-Virus for Samba Servers 4.x http://secunia.com/product/3501/ F-Secure Anti-Virus for MIMEsweeper 5.x http://secunia.com/product/455/ F-Secure Anti-Virus for Microsoft Exchange 6.x http://secunia.com/product/454/ F-Secure Anti-Virus for Linux 4.x http://secunia.com/product/3165/ F-Secure Anti-Virus for Firewalls 6.x http://secunia.com/product/451/ F-Secure Anti-Virus for Citrix Servers 5.x http://secunia.com/product/5198/ F-Secure Anti-Virus Client Security 6.x http://secunia.com/product/5786/ F-Secure Anti-Virus Client Security 5.x http://secunia.com/product/2718/ F-Secure Anti-Virus 5.x http://secunia.com/product/3334/ F-Secure Anti-Virus 2006 http://secunia.com/product/6882/ F-Secure Anti-Virus 2005 http://secunia.com/product/4299/ F-Secure Anti-Virus 2004 http://secunia.com/product/3500/ DESCRIPTION: Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malware to bypass detection or malicious people to compromise a vulnerable system. 2) An error in the scanning functionality when processing RAR and ZIP archives can be exploited to prevent malware from being detected. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller. ORIGINAL ADVISORY: http://www.f-secure.com/security/fsc-2006-1.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. F-Secure is prone to multiple vulnerabilities when handling archives of various formats. The application is affected by a remote buffer overflow vulnerability when handling malformed ZIP archives. A successful attack can facilitate arbitrary code execution and result in a full compromise. Specially crafted ZIP and RAR archives can also bypass detection. This may result in arbitrary code execution or a malicious code infection. TITLE: F-Secure Anti-Virus Archive Handling Vulnerabilities SECUNIA ADVISORY ID: SA18529 VERIFY ADVISORY: http://secunia.com/advisories/18529/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: >From remote SOFTWARE: F-Secure Personal Express 6.x http://secunia.com/product/6885/ F-Secure Internet Security 2006 http://secunia.com/product/6883/ F-Secure Internet Security 2005 http://secunia.com/product/4300/ F-Secure Internet Security 2004 http://secunia.com/product/3499/ F-Secure Internet Gatekeeper for Linux 2.x http://secunia.com/product/4635/ F-Secure Internet Gatekeeper 6.x http://secunia.com/product/3339/ F-Secure Anti-Virus for Workstations 5.x http://secunia.com/product/457/ F-Secure Anti-Virus for Windows Servers 5.x http://secunia.com/product/452/ F-Secure Anti-Virus for Samba Servers 4.x http://secunia.com/product/3501/ F-Secure Anti-Virus for MIMEsweeper 5.x http://secunia.com/product/455/ F-Secure Anti-Virus for Microsoft Exchange 6.x http://secunia.com/product/454/ F-Secure Anti-Virus for Linux 4.x http://secunia.com/product/3165/ F-Secure Anti-Virus for Firewalls 6.x http://secunia.com/product/451/ F-Secure Anti-Virus for Citrix Servers 5.x http://secunia.com/product/5198/ F-Secure Anti-Virus Client Security 6.x http://secunia.com/product/5786/ F-Secure Anti-Virus Client Security 5.x http://secunia.com/product/2718/ F-Secure Anti-Virus 5.x http://secunia.com/product/3334/ F-Secure Anti-Virus 2006 http://secunia.com/product/6882/ F-Secure Anti-Virus 2005 http://secunia.com/product/4299/ F-Secure Anti-Virus 2004 http://secunia.com/product/3500/ DESCRIPTION: Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malware to bypass detection or malicious people to compromise a vulnerable system. 2) An error in the scanning functionality when processing RAR and ZIP archives can be exploited to prevent malware from being detected. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller. ORIGINAL ADVISORY: http://www.f-secure.com/security/fsc-2006-1.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page.". Cisco CallManager is susceptible to a remote privilege escalation vulnerability. This issue is due to a failure of the application to properly enforce access controls. This issue is only exploitable when Multi Level Administration is enabled, and users are granted read-only administrative access via the CCMAdmin Web interface. TITLE: Cisco Call Manager CCMAdmin Privilege Escalation SECUNIA ADVISORY ID: SA18501 VERIFY ADVISORY: http://secunia.com/advisories/18501/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network SOFTWARE: Cisco CallManager 4.x http://secunia.com/product/5363/ Cisco CallManager 3.x http://secunia.com/product/2805/ DESCRIPTION: A vulnerability has been reported in Cisco CallManager, which can be exploited by malicious users to gain escalated privileges. The vulnerability is caused due to an error in the CCMAdmin web page. The vulnerability affects the following versions: * Cisco CallManager 3.2 and earlier * Cisco CallManager 3.3, versions earlier than 3.3(5)SR1 * Cisco CallManager 4.0, versions earlier than 4.0(2a)SR2c * Cisco CallManager 4.1, versions earlier than 4.1(3)SR2 SOLUTION: Fixes are available (see patch matrix in vendor advisory). http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml#software PROVIDED AND/OR DISCOVERED BY: The vendor credits CNLabs of Switzerland. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. Cisco IOS SGBP is prone to a remote denial of service vulnerability. This issue arises on devices that have been configured to run SGBP. A successful attack causes a device to hang and fail to respond to further requests. It should be noted that a system watchdog timer will detect this condition after a delay and restart the device. Internet Operating System (IOS) is an operating system used on CISCO routers. Remote attackers can use this loophole to launch denial-of-service attacks on the device. A specially crafted UPD message can cause a denial of service in the Cisco IOS-provided SGBP implementation. Sending the above message to port 9900 of an affected device can cause it to freeze and stop responding or transmitting traffic. The vulnerability is caused due to an error in the handling of the SGBP protocol (Stack Group Bidding Protocol). This can be exploited to cause a vulnerable device to become unresponsive and trigger a hardware reset by sending a specially crafted UDP datagram to port 9900. SOLUTION: Fixes are available for IOS 12.0, 12.1, 12.2, 12.3, and 12.4 (see patch matrix in vendor advisory). http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml#software PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. Linksys BEFVP41 routers are susceptible to a remote denial of service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. This issue allows remote attackers to crash affected devices, denying service to legitimate users. Reportedly, attackers must be located on the internal network, and be able to pass traffic through the router to exploit this issue. It may also be possible from the external side of the network, but this has not been confirmed. The vulnerability has been reported in version 2.0 with firmware revision 1.01.04. SOLUTION: Use the device on trusted networks only. PROVIDED AND/OR DISCOVERED BY: Paul ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727. Cisco CallManager There is a service disruption (DoS) There are vulnerabilities that are put into a state.Service disruption by a third party (DoS) There is a possibility of being put into a state. CallManager is susceptible to multiple remote denial of service vulnerabilities. These issues are documented in Cisco bugs CSCea53907, CSCsa86197, CSCsb16635 and CSCsb64161, which are available to Cisco customers. Attackers may exploit these vulnerabilities to crash the affected service, effectively denying service to legitimate users. Cisco CallManager (CCM) is a set of call processing components based on the Cisco Unified Communications solution of Cisco. Under certain circumstances, CCM will keep the TCP connection open indefinitely until the CCM service is restarted or the server is restarted. Successful exploitation of these vulnerabilities could result in a denial of service attack, causing high CPU usage, interrupting service, or restarting the server, which could then cause the phone to become unresponsive, log off the phone from the CCM, or restart the CCM. TITLE: Cisco CallManager Connection Handling Denial of Service SECUNIA ADVISORY ID: SA18494 VERIFY ADVISORY: http://secunia.com/advisories/18494/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network SOFTWARE: Cisco CallManager 3.x http://secunia.com/product/2805/ Cisco CallManager 4.x http://secunia.com/product/5363/ DESCRIPTION: Some vulnerabilities has been reported in Cisco CallManager, which can be exploited by malicious people to cause a DoS (Denial of Service). 2) An error in the processing of connections to ports 2001, 2002, and 7727 can be exploited to fill up the Windows message queue by establishing multiple connections. This further leads to the Cisco CallManager restarting after a 30 second timeout. The following versions are affected: * Cisco CallManager 3.2 and earlier * Cisco CallManager 3.3, versions earlier than 3.3(5)SR1a * Cisco CallManager 4.0, versions earlier than 4.0(2a)SR2c * Cisco CallManager 4.1, versions earlier than 4.1(3)SR2 SOLUTION: Fixes are available (see patch matrix): http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml#software PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which (1) might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB remote debugging ONCRPC (aka wdbrpc) on UDP 17185, (2) reflect network data using echo (TCP 7), or (3) gain access without authentication using rlogin (TCP 513). ACT P202S VOIP WIFI Phone allows remote debugger connections and remote unauthenticated administrative access. Successful exploitation of these vulnerabilities could allow a remote attacker to obtain debugging information from the device or cause a denial of service. Other attacks are also possible. ACT P202S VOIP WIFI Phones running firmware version 1.01.21 is prone to these issues. Due to code reuse, other devices and versions may also be affected. TITLE: ACT WLAN Phone P202S Multiple Security Issues SECUNIA ADVISORY ID: SA18514 VERIFY ADVISORY: http://secunia.com/advisories/18514/ CRITICAL: Less critical IMPACT: Unknown, Security Bypass, Exposure of system information, DoS WHERE: >From local network OPERATING SYSTEM: ACT WLAN Phone P202S http://secunia.com/product/6843/ DESCRIPTION: Shawn Merdinger has reported some security issues in ACT WLAN Phone P202S, which can be exploited by malicious people to potentially disclose system information, potentially cause a DoS (Denial of Service), and bypass certain security restrictions. 2) An error caused due to the phone allowing connections to the echo service on port 7/tcp may be exploited to cause a DoS on other network devices. 3) An error caused due to the phone allowing connections to the rlogin service on port 513/tcp can be exploited to gain rlogin access to the phone without authentication. It has also been reported that the phone has a hardcoded NTP server. The security issues have been reported in version 1.01.21. SOLUTION: Restrict use to within trusted networks only. PROVIDED AND/OR DISCOVERED BY: Shawn Merdinger ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041434.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

ACT P202S VOIP WIFI is a wireless VOIP phone. MPM HP-180W VOIP WIFI phones have multiple security issues that can be exploited by remote attackers to gain access to sensitive information or administrator access. The ACT P202S VOIP WIFI phone allows remote debug connections and remote unauthorized management access. Successful exploitation of these vulnerabilities allows an attacker to obtain debug information or denial of service from the device. These include undocumented port UDP/17185 VxWorks WDB for remote debugging, undocumented port TCP/7 echo, undocumented port TCP/513 rlogin

Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks. ACT P202S VOIP WIFI Phone allows remote debugger connections and remote unauthenticated administrative access. Successful exploitation of these vulnerabilities could allow a remote attacker to obtain debugging information from the device or cause a denial of service. Other attacks are also possible. ACT P202S VOIP WIFI Phones running firmware version 1.01.21 is prone to these issues. Due to code reuse, other devices and versions may also be affected. TITLE: ACT WLAN Phone P202S Multiple Security Issues SECUNIA ADVISORY ID: SA18514 VERIFY ADVISORY: http://secunia.com/advisories/18514/ CRITICAL: Less critical IMPACT: Unknown, Security Bypass, Exposure of system information, DoS WHERE: >From local network OPERATING SYSTEM: ACT WLAN Phone P202S http://secunia.com/product/6843/ DESCRIPTION: Shawn Merdinger has reported some security issues in ACT WLAN Phone P202S, which can be exploited by malicious people to potentially disclose system information, potentially cause a DoS (Denial of Service), and bypass certain security restrictions. 2) An error caused due to the phone allowing connections to the echo service on port 7/tcp may be exploited to cause a DoS on other network devices. 3) An error caused due to the phone allowing connections to the rlogin service on port 513/tcp can be exploited to gain rlogin access to the phone without authentication. It has also been reported that the phone has a hardcoded NTP server. The security issues have been reported in version 1.01.21. SOLUTION: Restrict use to within trusted networks only. PROVIDED AND/OR DISCOVERED BY: Shawn Merdinger ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041434.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program. Check Point VPN-1 SecureClient is prone to a vulnerability that could allow an arbitrary file to be executed. The application attempts to execute an application without using properly quoted paths. Successful exploitation may allow local attackers to gain elevated privileges. Specific information about affected versions of Check Point VPN-1 SecureClient is unavailable at this time. This BID will be updated as further information is disclosed

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:164 http://www.mandriva.com/security/ _______________________________________________________________________ Package : tetex Date : August 14, 2007 Affected: 2007.0, 2007.1, Corporate 4.0 _______________________________________________________________________ Problem Description: Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. In addition, tetex contains an embedded copy of the GD library which suffers from a number of bugs which potentially lead to denial of service and possibly other issues. (CVE-2007-3472) The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. (CVE-2007-3473) Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 allow user-assisted remote attackers to have unspecified attack vectors and impact. (CVE-2007-3474) The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. (CVE-2007-3475) Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. (CVE-2007-3476) The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allows attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. (CVE-2007-3477) Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. (CVE-2007-3478) Updated packages have been patched to prevent these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3474 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3476 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3478 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: fb959e3f6f872b50954fa8da4fe3c419 2007.0/i586/jadetex-3.12-116.4mdv2007.0.i586.rpm 02e7b28c729ec9f57d5268daedee85e7 2007.0/i586/tetex-3.0-18.4mdv2007.0.i586.rpm 8b89557fbac6f6b37f78f2a2aee16569 2007.0/i586/tetex-afm-3.0-18.4mdv2007.0.i586.rpm f5169a380ec30b11a69b37c38e81555f 2007.0/i586/tetex-context-3.0-18.4mdv2007.0.i586.rpm f4dbfde981fd4658044222bc159ecd41 2007.0/i586/tetex-devel-3.0-18.4mdv2007.0.i586.rpm e0f85c8410194f78ba2aea95e4f9483b 2007.0/i586/tetex-doc-3.0-18.4mdv2007.0.i586.rpm 9753cb8ba53e41a19bdd46bd21d149e0 2007.0/i586/tetex-dvilj-3.0-18.4mdv2007.0.i586.rpm bf28b703c43dea8ddedd6b3dd31d6d4d 2007.0/i586/tetex-dvipdfm-3.0-18.4mdv2007.0.i586.rpm 456feadedb60e9b8f0fa653a4b8c242c 2007.0/i586/tetex-dvips-3.0-18.4mdv2007.0.i586.rpm 596d3a551105ed4ae7504069d97ea15b 2007.0/i586/tetex-latex-3.0-18.4mdv2007.0.i586.rpm 0fa6f2279adff2c0e49e021342684962 2007.0/i586/tetex-mfwin-3.0-18.4mdv2007.0.i586.rpm 4dfbc03ccff172c0031f3b66f49f2e67 2007.0/i586/tetex-texi2html-3.0-18.4mdv2007.0.i586.rpm 3fe94235dcf1d60559c5e22dcb661135 2007.0/i586/tetex-xdvi-3.0-18.4mdv2007.0.i586.rpm 50face08da8982afdcaa653c46d23893 2007.0/i586/xmltex-1.9-64.4mdv2007.0.i586.rpm 63549bc50b3b654e72be1947d1b3d79b 2007.0/SRPMS/tetex-3.0-18.4mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 3ba044a5b0cbd36b27fa8ebd60d51e8d 2007.0/x86_64/jadetex-3.12-116.4mdv2007.0.x86_64.rpm 94b050b17693804a81e68107b37aade8 2007.0/x86_64/tetex-3.0-18.4mdv2007.0.x86_64.rpm dca2d262c4345720681e776de7aaf3b5 2007.0/x86_64/tetex-afm-3.0-18.4mdv2007.0.x86_64.rpm 6387c4e3923b174732ea42e1c1961f31 2007.0/x86_64/tetex-context-3.0-18.4mdv2007.0.x86_64.rpm 9e31f83c40c6bf2bd0528fd8debc7da0 2007.0/x86_64/tetex-devel-3.0-18.4mdv2007.0.x86_64.rpm b61e81383f6becccb285e0e9e3c04fc8 2007.0/x86_64/tetex-doc-3.0-18.4mdv2007.0.x86_64.rpm ff32dc4e3ee6c9ce2e7160e0e2e8d000 2007.0/x86_64/tetex-dvilj-3.0-18.4mdv2007.0.x86_64.rpm d4bf450a8fc9da8d97cb03a5fd895e5d 2007.0/x86_64/tetex-dvipdfm-3.0-18.4mdv2007.0.x86_64.rpm 9bb0bb329efda5960b7c43cab4bb60a8 2007.0/x86_64/tetex-dvips-3.0-18.4mdv2007.0.x86_64.rpm a6e2b2af59a022db1ccc897d78fd3df1 2007.0/x86_64/tetex-latex-3.0-18.4mdv2007.0.x86_64.rpm 6fdee1957e97c37034bafd9546071553 2007.0/x86_64/tetex-mfwin-3.0-18.4mdv2007.0.x86_64.rpm a10d83249b768f676eabcbdc8d1def85 2007.0/x86_64/tetex-texi2html-3.0-18.4mdv2007.0.x86_64.rpm 71907f30dc7beb72245329e3df4f3d13 2007.0/x86_64/tetex-xdvi-3.0-18.4mdv2007.0.x86_64.rpm 824f5631d126e96851540ce059f378a6 2007.0/x86_64/xmltex-1.9-64.4mdv2007.0.x86_64.rpm 63549bc50b3b654e72be1947d1b3d79b 2007.0/SRPMS/tetex-3.0-18.4mdv2007.0.src.rpm Mandriva Linux 2007.1: 81f9fad03bffde4848b2684b0beaf1be 2007.1/i586/jadetex-3.12-129.3mdv2007.1.i586.rpm 240f0698cc266be75607780ca95f7df9 2007.1/i586/tetex-3.0-31.3mdv2007.1.i586.rpm adaa2d6fa7128e0c1ef125c5b2a27bd1 2007.1/i586/tetex-afm-3.0-31.3mdv2007.1.i586.rpm 143aa48143998f5ffd5877fb348c06c3 2007.1/i586/tetex-context-3.0-31.3mdv2007.1.i586.rpm 3a3b1e82a1fb3e2260eeac49bd038d44 2007.1/i586/tetex-devel-3.0-31.3mdv2007.1.i586.rpm 98781fd21fae15a9d190387bb7c894fa 2007.1/i586/tetex-doc-3.0-31.3mdv2007.1.i586.rpm 162cc4138d291f34e17589dcbaf47e02 2007.1/i586/tetex-dvilj-3.0-31.3mdv2007.1.i586.rpm c290665965a32365750302b66998cf9c 2007.1/i586/tetex-dvipdfm-3.0-31.3mdv2007.1.i586.rpm 521a43054786848837cadf65d7373adb 2007.1/i586/tetex-dvips-3.0-31.3mdv2007.1.i586.rpm db59616b644d2d040bf20bba50b98a52 2007.1/i586/tetex-latex-3.0-31.3mdv2007.1.i586.rpm 42b078d4e8b5ecfa43cecd105cfd9973 2007.1/i586/tetex-mfwin-3.0-31.3mdv2007.1.i586.rpm d80a680507279c769af4eac68342779e 2007.1/i586/tetex-texi2html-3.0-31.3mdv2007.1.i586.rpm 6ad4a6a5df7c31302c0d8f0294b441fe 2007.1/i586/tetex-usrlocal-3.0-31.3mdv2007.1.i586.rpm a636c345e691cfcad8bb057aa724ca32 2007.1/i586/tetex-xdvi-3.0-31.3mdv2007.1.i586.rpm 81cb470114d43d4ba480c7ef38ad8f9b 2007.1/i586/xmltex-1.9-77.3mdv2007.1.i586.rpm 1fe7e7ec1366f1c03208b9acf2c6e4dc 2007.1/SRPMS/tetex-3.0-31.3mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 931bdcfab39b511372c0fe1667cdec9b 2007.1/x86_64/jadetex-3.12-129.3mdv2007.1.x86_64.rpm be2917b026909b9fe2d6f54425f0ae01 2007.1/x86_64/tetex-3.0-31.3mdv2007.1.x86_64.rpm 3927b9a088b3dbbb035ab504724224fa 2007.1/x86_64/tetex-afm-3.0-31.3mdv2007.1.x86_64.rpm 5e0dc9457f6e864bfd097e52540ca691 2007.1/x86_64/tetex-context-3.0-31.3mdv2007.1.x86_64.rpm c360e8b3bb98ee7f7467028038e97e1a 2007.1/x86_64/tetex-devel-3.0-31.3mdv2007.1.x86_64.rpm d48d985a35aa93c17c45349c28c0b243 2007.1/x86_64/tetex-doc-3.0-31.3mdv2007.1.x86_64.rpm eb67ec1e91e422ecfa36f1cbbac8971a 2007.1/x86_64/tetex-dvilj-3.0-31.3mdv2007.1.x86_64.rpm 851858c723458b732e522a3c0e61369c 2007.1/x86_64/tetex-dvipdfm-3.0-31.3mdv2007.1.x86_64.rpm a0eda317da29934a5633f42b177a530f 2007.1/x86_64/tetex-dvips-3.0-31.3mdv2007.1.x86_64.rpm 753c701f03329627fb9e39753981e843 2007.1/x86_64/tetex-latex-3.0-31.3mdv2007.1.x86_64.rpm d994a4854aba90786bbd9a4ec3c12019 2007.1/x86_64/tetex-mfwin-3.0-31.3mdv2007.1.x86_64.rpm e655586388e11bf71063402efc3a7753 2007.1/x86_64/tetex-texi2html-3.0-31.3mdv2007.1.x86_64.rpm 9d5f65b626bd71949a07e6c7431817e0 2007.1/x86_64/tetex-usrlocal-3.0-31.3mdv2007.1.x86_64.rpm 55315fd53192e1d99eee611c658d803e 2007.1/x86_64/tetex-xdvi-3.0-31.3mdv2007.1.x86_64.rpm 64af62bd89fcac2a4ffad45a8eae77d6 2007.1/x86_64/xmltex-1.9-77.3mdv2007.1.x86_64.rpm 1fe7e7ec1366f1c03208b9acf2c6e4dc 2007.1/SRPMS/tetex-3.0-31.3mdv2007.1.src.rpm Corporate 4.0: ded203c11a86b123fb65dccf7ebefe7b corporate/4.0/i586/jadetex-3.12-110.6.20060mlcs4.i586.rpm 02ca90145d6b09cdd92bc9906a9dfa41 corporate/4.0/i586/tetex-3.0-12.6.20060mlcs4.i586.rpm 9af4a0c59bf34cb69ec03feeecc10b51 corporate/4.0/i586/tetex-afm-3.0-12.6.20060mlcs4.i586.rpm c4a7cdb06beb70e2652fee997cd5acd1 corporate/4.0/i586/tetex-context-3.0-12.6.20060mlcs4.i586.rpm 4d4e89d588e0ec5a1a30659b194e53a7 corporate/4.0/i586/tetex-devel-3.0-12.6.20060mlcs4.i586.rpm 7ae26e309360bdfdb9c5c503b0d4edf9 corporate/4.0/i586/tetex-doc-3.0-12.6.20060mlcs4.i586.rpm 302004f96913e500079054ecb03adda9 corporate/4.0/i586/tetex-dvilj-3.0-12.6.20060mlcs4.i586.rpm 00cd5bce374228d46b18d5b2210639f9 corporate/4.0/i586/tetex-dvipdfm-3.0-12.6.20060mlcs4.i586.rpm f216bf18966462b172832a6f8a27fd78 corporate/4.0/i586/tetex-dvips-3.0-12.6.20060mlcs4.i586.rpm f1b3b6fcb547e477570f1311fa7367a0 corporate/4.0/i586/tetex-latex-3.0-12.6.20060mlcs4.i586.rpm 86eb52c3286302e3343928a7bdeb9548 corporate/4.0/i586/tetex-mfwin-3.0-12.6.20060mlcs4.i586.rpm a769eab0038bac03e47a72b634f79e19 corporate/4.0/i586/tetex-texi2html-3.0-12.6.20060mlcs4.i586.rpm fd8530a3177047b3dd9ad9f5c1116020 corporate/4.0/i586/tetex-xdvi-3.0-12.6.20060mlcs4.i586.rpm 7d647f0f6d3db2a9a0f3b6be1fcb672c corporate/4.0/i586/xmltex-1.9-58.6.20060mlcs4.i586.rpm 8118fdc39814ac5d79b8763a5eaeee61 corporate/4.0/SRPMS/tetex-3.0-12.6.20060mlcs4.src.rpm Corporate 4.0/X86_64: 03656d00a3a0ab1847acb665ef68d947 corporate/4.0/x86_64/jadetex-3.12-110.6.20060mlcs4.x86_64.rpm df2818955a171b5e682b2e481ea456f0 corporate/4.0/x86_64/tetex-3.0-12.6.20060mlcs4.x86_64.rpm b33cd2edda19f78a7fc67d5fff165b0a corporate/4.0/x86_64/tetex-afm-3.0-12.6.20060mlcs4.x86_64.rpm 7d5818ed21c76ed6ea5db364fb4e9693 corporate/4.0/x86_64/tetex-context-3.0-12.6.20060mlcs4.x86_64.rpm 58f46f75a1d4df827911727ebacbc352 corporate/4.0/x86_64/tetex-devel-3.0-12.6.20060mlcs4.x86_64.rpm edc968cfaa147eb6c0a44d367945cdee corporate/4.0/x86_64/tetex-doc-3.0-12.6.20060mlcs4.x86_64.rpm cbb35ba57e6b7e4ff5e1f7746a556dba corporate/4.0/x86_64/tetex-dvilj-3.0-12.6.20060mlcs4.x86_64.rpm 64037dfd41b52942db831d5d1db263ae corporate/4.0/x86_64/tetex-dvipdfm-3.0-12.6.20060mlcs4.x86_64.rpm 521ac94898d0dd328a72b41a897cac77 corporate/4.0/x86_64/tetex-dvips-3.0-12.6.20060mlcs4.x86_64.rpm 7b08d2c8978a0d020d8bd29478e9300c corporate/4.0/x86_64/tetex-latex-3.0-12.6.20060mlcs4.x86_64.rpm 2c8045b7090444ae36576040d4106399 corporate/4.0/x86_64/tetex-mfwin-3.0-12.6.20060mlcs4.x86_64.rpm 3124bf387e243377003b3bf21d34b6b9 corporate/4.0/x86_64/tetex-texi2html-3.0-12.6.20060mlcs4.x86_64.rpm 88ea09f36b9281e64061a2ca25d10719 corporate/4.0/x86_64/tetex-xdvi-3.0-12.6.20060mlcs4.x86_64.rpm e34498cb80e93ccd2b592ff8a722b985 corporate/4.0/x86_64/xmltex-1.9-58.6.20060mlcs4.x86_64.rpm 8118fdc39814ac5d79b8763a5eaeee61 corporate/4.0/SRPMS/tetex-3.0-12.6.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGwgCrmqjQ0CJFipgRAvxaAKD0oN2+nbJYsb/02Pfv7e91rH+OwQCgoNcD E25vkVsg47bEpt/Rv8lWmms= =oC5G -----END PGP SIGNATURE----- . The oldstable distribution (sarge) will be fixed later. For the stable distribution (etch) this problem has been fixed in version 1.6.1-2etch1. For the unstable distribution (sid) this problem has been fixed in version 1.6.3-2. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1-2etch1.dsc Size/MD5 checksum: 1472 8803903f046a6dc4dedd4ac56c65946e http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1-2etch1.diff.gz Size/MD5 checksum: 475994 1824b9ef1447a01ee8c66967e438a480 http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1.orig.tar.gz Size/MD5 checksum: 63070725 46ac2a71f5826a6ed149a62d501dacec Architecture independent components: http://security.debian.org/pool/updates/main/k/koffice/kivio-data_1.6.1-2etch1_all.deb Size/MD5 checksum: 682624 2e69c6bcc9ed69aa0e5e02d03dabbbb8 http://security.debian.org/pool/updates/main/k/koffice/koffice-data_1.6.1-2etch1_all.deb Size/MD5 checksum: 749178 53f5b7797feabd74638ab3d1c40de3c8 http://security.debian.org/pool/updates/main/k/koffice/koffice-doc-html_1.6.1-2etch1_all.deb Size/MD5 checksum: 521862 6f89297c5f78585a3195b4f1dfa4d8e0 http://security.debian.org/pool/updates/main/k/koffice/koffice-doc_1.6.1-2etch1_all.deb Size/MD5 checksum: 93980342 117c06038c2415622487cb8eca90105e http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1-2etch1_all.deb Size/MD5 checksum: 24142 d16c0268b5baea99c12d618820407f47 http://security.debian.org/pool/updates/main/k/koffice/kpresenter-data_1.6.1-2etch1_all.deb Size/MD5 checksum: 1899294 c265feaf7147b76a8b08dc5163099707 http://security.debian.org/pool/updates/main/k/koffice/krita-data_1.6.1-2etch1_all.deb Size/MD5 checksum: 28298660 7002f36839d7235f7930a9aebb61d8b8 http://security.debian.org/pool/updates/main/k/koffice/kword-data_1.6.1-2etch1_all.deb Size/MD5 checksum: 1771432 0d196375a5d78c46761cb594957998bc Alpha architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 1108642 c0a9748e6a8b06bd4760337c50fb4bc9 http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 1416526 63d10e6b0413276f4984c6ee1a1f7ef4 http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 3685836 4cd52cf0279ead62c5c27b4ba4748690 http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 1042606 5860acbde8964312a642d95248521dd1 http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 644290 ae2ae1362979dc473a01cc387d5c35e4 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 57351116 68a6d38ed08a13bb277edd0510713d13 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 410176 0ade2fb236e1a4de272293183dced082 http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 2851426 74b50c0dce747020b0fa60a7b6ae09d7 http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 196564 0b33033532bdbdaec98ebc6359336507 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 973152 558c8de17270e700b684bdea3dc0538e http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 1400282 9c6f0fa4c63d87c4b6a4abbb42e73d4d http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 3527402 40ea5a3879538efa216d0d042dd1da8f http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 2830608 b2782512c085831fcdf1bada564aa2f4 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 328838 8ef162f834ede62f020cd5b305db1dff http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 471756 d65c24860d6ff6deee63fc371112e328 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_alpha.deb Size/MD5 checksum: 2992058 246a8d6ca6d5c322272ef01951a03ae7 AMD64 architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 1051618 99268309b6e291808bd39fd1aa5923c5 http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 1364144 78da532e23bfa76ba089e2c33827697e http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 3455106 bac873079a141581d9ee7b1089a9ce58 http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 1038562 b214ed1b66c230575392726a44031b81 http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 607892 a6fd0f9037ecc2ba70733d50e5902c35 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 57305368 e697d967371e2439b902fcb5166395ce http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 385972 cb1579eaf143000144f43743114b447d http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 2651560 428862af9ba3242872c371621607b00e http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 195242 e739a63b63a23cbeede895ed2f0a931c http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 922860 2ccf49f64bbbc32bb4223ea526199caa http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 1326902 e375c794f932e6e60d65d9dc37069f8d http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 3315994 87643f89d09beabf45c69cfeb378963e http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 2681396 88e55be28dc902c7f4268d011bdb86a0 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 328690 f9fb605a9f6db4163b412e3a46ad8fa3 http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 456674 ef4896881ce5620f6cc0aa8b83a3dc83 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_amd64.deb Size/MD5 checksum: 2825902 1fc38774ab3d5032d63dd7adecb42d11 ARM architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_arm.deb Size/MD5 checksum: 920358 e5b94e799a52210da01b652bb909020a http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_arm.deb Size/MD5 checksum: 1290422 fd552f230e4694299407330ce4d97075 http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_arm.deb Size/MD5 checksum: 3688574 3e2c8d373960dfc33c45c973ad39a6e8 http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_arm.deb Size/MD5 checksum: 1028370 e49723ac5a31dac06820fd374eb2203f http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_arm.deb Size/MD5 checksum: 523940 7d549e5bd27227b375c10231dfdc9ba1 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_arm.deb Size/MD5 checksum: 93035104 0249038d77592ed6273bc19e70e690d2 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_arm.deb Size/MD5 checksum: 409496 fd079c72bbb1cb53f35b9ecf03526c64 http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_arm.deb Size/MD5 checksum: 2590168 dc543a0068f87cee0dca2df28408b096 http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_arm.deb Size/MD5 checksum: 186912 03455accf8e8eebc358abc5e422892d9 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_arm.deb Size/MD5 checksum: 841936 8ab2f2fd1ced4dbd6f9a5acb4eb08a0e http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_arm.deb Size/MD5 checksum: 1175522 afed6782754624635529f46f1c8e7981 http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_arm.deb Size/MD5 checksum: 3000812 98f7ae8f90816ac7fca4822b24c1fb37 http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_arm.deb Size/MD5 checksum: 2464376 04e344a5ff8c638a5b9527f78ebf34d8 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_arm.deb Size/MD5 checksum: 323212 74d5083c47034c965c9cdda377b2efdb http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_arm.deb Size/MD5 checksum: 459322 973cb0dbd0e550e2b4bba846b9918fc6 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_arm.deb Size/MD5 checksum: 2540184 ffa4896689ac97a98f49330364b59135 HP Precision architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 1140186 f4a24ad7541186d141760983038dd957 http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 1422950 bcde7a62ad9e6b186be429402c3e081b http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 3881236 c4cc616475bb6d0b84d9eb775fe8a720 http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 1044450 b43dc90b143a0500d0e00d2961f28081 http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 672616 a38b965d7e4ac4b754c6ebf270263507 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 58455432 d7f7b7b821cb513ca41c996315aa7d47 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 386048 ba6ae4b5faba3d0cec6be0551335463d http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 2908712 96922d60cd17540719756cf4af3c92b9 http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 199034 29f78b930cd6dfe392b522c30bb213d1 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 984478 f54eba9971ba7078232a9626e1c3ee47 http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 1416410 72673729092a5b4212016ef2055ed452 http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 3689546 7419c3fdf2d7201277c39fdf5377c2ff http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 2802504 3e5960f4c15a76ca9c179691dd5ab3e8 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 330684 ae8d445ed64e95ff681231bc0534fd42 http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 485828 9feaabcd6416cffcbc27bd4dde74963c http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_hppa.deb Size/MD5 checksum: 3029036 8cea29337457b83c32f6297339a494c6 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_i386.deb Size/MD5 checksum: 980190 f4be81a8009f863bf6721e4f3a16b93c http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_i386.deb Size/MD5 checksum: 1326084 0c9ab14a8b8dc6da4cb529809f699f1c http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_i386.deb Size/MD5 checksum: 3398144 e271073c83edd8f47b67c3d554ef7e9b http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_i386.deb Size/MD5 checksum: 1034216 d7613a66429bb1fc843635267c41a63b http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_i386.deb Size/MD5 checksum: 568798 bd21fb4cdcb38df87a9ee4b0ca64d240 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_i386.deb Size/MD5 checksum: 56006598 52d23597986042f8f337591ed502fe56 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_i386.deb Size/MD5 checksum: 386000 0ed91fbbd600e7cb42eb5efb9d85d72a http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_i386.deb Size/MD5 checksum: 2506782 fb93057f49c40a3acf783d2f9426e62a http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_i386.deb Size/MD5 checksum: 191696 cca27a7d7d5bef8ccb9a5d53cbe58119 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_i386.deb Size/MD5 checksum: 885662 0879e687ca4802a0151193ca8afbddcc http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_i386.deb Size/MD5 checksum: 1268928 fb27d21e132b3ea1fb247ad519a132b7 http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_i386.deb Size/MD5 checksum: 3055260 b6ff3e3397e0b0465480e04415e8fdf9 http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_i386.deb Size/MD5 checksum: 2593466 432572717307289bfdc872ba717c2df1 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_i386.deb Size/MD5 checksum: 326194 a368f1c66a5528ce46737b7e1ca7e333 http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_i386.deb Size/MD5 checksum: 446722 0c4c8e17ecb63803aff7bae8fafe849f http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_i386.deb Size/MD5 checksum: 2675546 4e058b6cc5b90595815d9dbda7a59306 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 1323456 925aad4ebeafc66f4998de915ae09860 http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 1584732 d17d5fbedffdd10e93a3b7d86358ce52 http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 4251520 ab78624f2d08dac200c3e20b5bf19eba http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 1056238 a3a52ddfea47d46de458d59352bb6b24 http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 771540 6690f408ba8fa4ef4ecd1a73b4772c15 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 56365486 7125b77704bb8e2b304ea164f7585ac0 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 386000 4b49d0fc87fe7a03cbfc6712627f56ef http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 3391526 2683fc3675c8e793464ad87ca3f93f2d http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 208120 9756fafdaecfdc668912210fa044fe90 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 1152768 6117dfc1f358b2d2db6c8c5d92909236 http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 1726202 2fedc322afbbee28524a3c1f6e91341f http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 4290248 2a15eab4658fb05c696018b4bb8a3e3a http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 3304152 2d4563e06a85b7062db5101cbcd70336 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 336316 1490d6f70aba215735834db4e1edac25 http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 502308 e50fc18dc135f51528d013393068f908 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_ia64.deb Size/MD5 checksum: 3612916 bbb901204646c24a3f21b22ef057c825 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_mips.deb Size/MD5 checksum: 958510 7442498bc1b82f80f7b38d1aa1e902df http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_mips.deb Size/MD5 checksum: 1287690 0dfe593418fefc7103955777578e2a00 http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_mips.deb Size/MD5 checksum: 3241864 ddc50e396f3394c6b3df81bb774f632b http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_mips.deb Size/MD5 checksum: 1030578 fd20281121242266beb235ddbc1885ac http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_mips.deb Size/MD5 checksum: 548568 c0e2f32aee7f20c1a74ef828ba6e0934 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_mips.deb Size/MD5 checksum: 59053876 8b841923347da07b80273f6290ab4d7f http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_mips.deb Size/MD5 checksum: 386028 fabfdbd1538fbeb4ec2fce871cbb7184 http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_mips.deb Size/MD5 checksum: 2359828 44d5ff2615b9e57a70fe4863642d8e2c http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_mips.deb Size/MD5 checksum: 190270 ae6e24a914527051ead4bee9c38b7971 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_mips.deb Size/MD5 checksum: 819092 82dfb56ae00edd29ccca6745c1f6a75e http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_mips.deb Size/MD5 checksum: 1163638 a7c0c84109ffc6e840c0fe727db68e6c http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_mips.deb Size/MD5 checksum: 3027964 fd10c7ea92ae22c46d47bbb74a33cb09 http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_mips.deb Size/MD5 checksum: 2389540 361a1addd403469ab65500b6a564160e http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_mips.deb Size/MD5 checksum: 322876 b4929e89a649eac069b3a980a6260f1a http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_mips.deb Size/MD5 checksum: 417726 3256ec7a0dc1288258beba132545d5e7 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_mips.deb Size/MD5 checksum: 2552384 968119fb5d1161714a573aaa4f954394 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 953254 7f19a8b262df1722fc47458bcb7e430e http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 1270304 85ab4899a87db84aea99ee9be0d9adfa http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 3189052 18aef5788347fed174587cc52d66a549 http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 1029818 4ad49862f52766652cc82b86a3d62dbc http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 540902 73ea464420bba4307eb3f5aada0c87f5 http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 57158446 7e5f54707e11bf3dfbfefe762f093ef0 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 386028 f40359cd2cb7903eff7c7a68b96262bf http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 2320508 cf93f84747b6c65c31e374eb6ede2500 http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 189704 bd5662c1ecaf3a3fe7ddb9a7926573c6 http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 808498 fe192f9a64cd4fd2c641caa354911216 http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 1146604 59424f1e782b84468ddffcf7dce47196 http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 3003312 b1f9de7486def2643e1cb2d2e9bdb6e5 http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 2371280 1e2902447a38d776d43682aca475d896 http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 322764 4ed9ada93ae1031734128b8e21e5b396 http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 414920 fe4c9c1da30f2e28c97decb100692645 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_mipsel.deb Size/MD5 checksum: 2525352 8b75c3cc94fd3ddc77ec65483e79e6da Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 968956 db3737c32053b080375d1bab34869006 http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 1311628 500d5274d14c85015ff79f384cd5e9e7 http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 3306582 03236bc94677c9f1cbefd868ba8c2582 http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 1031196 d5b423ac9375207c93868a54dd1e2f17 http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 566984 67a0fe729fe1bb295faf1bb16e593dfc http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 55037420 8704c92d881cb66edf18a977a5d2a8b9 http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 386024 e17227b6d5f0a8a40a17f8c61c60ce0c http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 2458452 7359da294ab7739d92314cb35cc8712c http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 189892 6ae71030836bf1eae327ed4de88459bc http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 863754 d82e5a9117735135e08f033715928b7b http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 1242202 f9f41831f5384e2f27300a3337dd1caa http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 3070384 f8dc0a40f3a9675a986146ef4439a8ce http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 2542754 3152bc7240739a15551ee6fd7e9fd24e http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 324992 b06f7fde6b64e6a3d35e22e5e8ca7285 http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 448896 40876dccfa3a328cd1afa620b782f890 http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_sparc.deb Size/MD5 checksum: 2634778 a7a1f117b54a9a97a3e272e5a3e75c73 These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Background ========== KOffice is an integrated office suite for KDE. KWord is the KOffice word processor. KPDF is a KDE-based PDF viewer included in the kdegraphics package. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHC/wXuhJ+ozIKI5gRAhh+AJ0dKyYwWcqlfdkzH9BPsiOB37T+vQCfbBlI 7Gg6tQlmD0S9r3+mIxCBGPQ= =oXjB -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-496-1 August 03, 2007 koffice vulnerability CVE-2007-3387 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: kword 1:1.5.0-0ubuntu9.2 Ubuntu 6.10: kword 1:1.5.2-0ubuntu2.2 Ubuntu 7.04: kword 1:1.6.2-0ubuntu1.1 After a standard system upgrade you need to restart KWord to effect the necessary changes. ** REJECTED ** Do not use this application number. ConsultIDs: CVE-2007-3387. Reason: This application number is a duplicate of CVE-2007-3387. Background ========== teTeX is a complete TeX distribution for editing documents. Other vulnerabilities have also been discovered in the same file but might not be exploitable (CVE-2007-0650). Tetex also includes vulnerable code from GD library (GLSA 200708-05), and from Xpdf (CVE-2007-3387). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200710-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: PDFKit, ImageKits: Buffer overflow Date: October 18, 2007 Bugs: #188185 ID: 200710-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== PDFKit and ImageKits are vulnerable to an integer overflow and a stack overflow allowing for the user-assisted execution of arbitrary code. Background ========== PDFKit is a framework for rendering of PDF content in GNUstep applications. ImageKits is a collection of frameworks to support imaging in GNUstep applications. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 gnustep-libs/pdfkit <= 0.9_pre062906 Vulnerable! 2 gnustep-libs/imagekits <= 0.6 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ImageKits also contains a copy of PDFKit. Workaround ========== There is no known workaround at this time. Resolution ========== PDFKit and ImageKits are not maintained upstream, so the packages were masked in Portage. We recommend that users unmerge PDFKit and ImageKits: # emerge --unmerge gnustep-libs/pdfkit # emerge --unmerge gnustep-libs/imagekits As an alternative, users should upgrade their systems to use PopplerKit instead of PDFKit and Vindaloo instead of ViewPDF. References ========== [ 1 ] CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [ 2 ] GLSA 200709-12 http://www.gentoo.org/security/en/glsa/glsa-200709-12.xml Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200710-20.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . TITLE: GNOME gpdf Xpdf Multiple Integer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA18375 VERIFY ADVISORY: http://secunia.com/advisories/18375/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: GNOME 2.x http://secunia.com/product/3277/ DESCRIPTION: Some vulnerabilities have been reported in GNOME gpdf, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. The vulnerabilities are caused due to the use of a vulnerable version of Xpdf. For more information: SA18303 SOLUTION: Restrict use to trusted PDF files only. OTHER REFERENCES: SA18303: http://secunia.com/advisories/18303/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644. Cisco IOS Wireless access point that operates Cisco Aironet Wireless Access Points (WAP) Is illegal ARP When processing a request, there is a vulnerability where the physical memory on the device is exhausted and traffic cannot be processed.Device is out of service (DoS) It may be in a state. This issue is due to memory exhaustion caused by improper handling of an excessive number of ARP requests. This issue allows attackers who can successfully associate with a vulnerable access point to exhaust the memory of the affected device. As a result, the device fails to pass legitimate traffic until it has been rebooted. There is a loophole in Cisco Aironet's processing of ARP requests, and a remote attacker may use the loophole to carry out a denial of service attack on the device. This will cause the device to be unable to transmit traffic until it is powered off and reloaded, affecting the availability of the wireless access point, and may not be able to use management and packet forwarding services. This can be exploited by sending spoofed ARP messages to the management interface of the AP to continuously add entries to the ARP table of the device until the device runs out of memory. Successful exploitation causes the AP to be unable to pass traffic until the device is restarted, but requires the ability to send ARP messages to the management interface of the AP. SOLUTION: Update to IOS version 12.3-7-JA2. http://tools.cisco.com/support/downloads/pub/MDFTree.x?butype=wireless PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command. This password is static across all installations of the software. It is possible for those running software release 4.1.3 and later to change a portion of the default administrative password, effectively addressing the vulnerability. However, earlier versions do not provide this option. In addition, CS-MARS can also perform automated tasks to alleviate safety issues. Successful exploitation of this vulnerability will allow the attacker to obtain full management rights of the CS-MARS device. The password for the account reportedly cannot be changed. Successful exploitation requires logon to the administration command line interface with e.g. the "pnadmin" account. The vulnerability has been reported in versions prior to 4.1.3. SOLUTION: Update to version 4.1.3 or later and use the "passwd expert" command to change the root password. http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-mars?psrtdcat20e2 PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80. Cisco IP Phone 7940 is prone to a remote denial of service vulnerability. Successful exploitation causes the phone to restart. Cisco is tracking this issue as Cisco bug ID CSCef33398. Solaris is a commercial UNIX operating system developed and maintained by Sun. There is a buffer overflow vulnerability in the /usr/bin/uustat binary program of Solaris. An attacker who successfully exploits this vulnerability can completely control the return address of the execution function and execute arbitrary code with uucp user privileges. If the string length after the \"-S\" command line parameter is greater than or equal to 1152 bytes, it may cause the binary program to crash. The following example shows that the buffer is overflowed and the o1 register is completely overwritten by the letter A: bash-2.03\\% ls -l /usr/bin/uustat ---s--x--x 1 uucp uucp 62012 Jan 17 16:07 uustat bash-2.03$ /usr/bin/uustat -S `perl -e \'\'print \"A\"x3000\'\'` Segmentation Fault bash-2.03$ (gdb) info registers g0 0x0 0 g1 0xff315e98 - 13541736 g2 0x1cc00 117760 g3 0x440 1088 g4 0x0 0 g5 0x0 0 g6 0x0 0 g7 0x0 0 o0 0xff3276a8 -13470040 o1 0x41414141 1094795585 ... The vulnerability is caused due to an error in the IP Stack. SOLUTION: Update to firmware revision 7.1(1) or later, which have the capability to perform load control using TCP throttling. This prevents a device from reloading. PROVIDED AND/OR DISCOVERED BY: The vendor credits Knud Erik H\xf8jgaard. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792. PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. PHPNuke EV version 7.7 is vulnerable; earlier versions may also be affected. For more information: SA17543 The vulnerability has been confirmed in version 7.7-R1. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Originally reported in PHP-Nuke by sp3x. Reported in PHPNuke EV by Lostmon. ORIGINAL ADVISORY: http://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html OTHER REFERENCES: SA17543: http://secunia.com/advisories/17543/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title. This issue allows attackers to crash the display manager on Microsoft Windows XP, or cause a complete system crash on computers running Microsoft Windows 2000. Other operating systems where the affected display driver is available are also likely affected. Version 6.14.10.4308 of the Intel Graphics Accelerator driver is considered vulnerable to this issue. Other versions may also be affected. This issue will be updated as further information becomes available. This issue may be related to the one described in BID 10913 (Microsoft Windows Large Image Processing Remote Denial Of Service Vulnerability), but this has not been confirmed. Attempting to parse very long text in Mozilla Firefox triggers a buffer overflow that crashes the Windows Display Manager. This can potentially be exploited to cause a DoS e.g. by tricking a user to open a window to an overly long URL with the browser. Successful exploitation may cause the system to restart or cause the system to revert to a low resolution display mode. The vulnerability has been confirmed in version 6.14.10.4308. SOLUTION: Do not visit non-trusted websites or open non-trusted files. PROVIDED AND/OR DISCOVERED BY: $um$id ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command. Authentication is required to exploit this vulnerability.This specific flaw exists within the IMAP daemon. A lack of bounds checking during the parsing of long arguments to the FETCH verb can result in an exploitable buffer overflow. The vulnerability presents itself when the server handles a specially crafted IMAP FETCH command. This may result in memory corruption leading to a denial-of-service condition or arbitrary code execution. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system. TITLE: Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability SECUNIA ADVISORY ID: SA19168 VERIFY ADVISORY: http://secunia.com/advisories/19168/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote SOFTWARE: IMail Secure Server 2006 http://secunia.com/product/8651/ IMail Server 2006 http://secunia.com/product/8653/ Ipswitch Collaboration Suite 2006 http://secunia.com/product/8652/ DESCRIPTION: A vulnerability has been reported in Ipswitch IMail Server/Collaboration Suite, which can be exploited by malicious users to cause a DoS (Denial of Service). This can be exploited to cause a buffer overflow, which crashes the server. Ipswitch Collaboration Suite 2006 Premium Edition: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/ICS/ics-premium200603.exe Ipswitch Collaboration Suite 2006 Standard Edition: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/ICS/ics-standard200603.exe IMail Secure Server 2006: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imailsecure200603.exe IMail Server 2006: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imail200603.exe PROVIDED AND/OR DISCOVERED BY: The vendor credits 3Com's Zero Day Initiative. ORIGINAL ADVISORY: http://www.ipswitch.com/support/ics/updates/ics200603prem.asp http://www.ipswitch.com/support/ics/updates/ics200603stan.asp http://www.ipswitch.com/support/imail/releases/imsec200603.asp http://www.ipswitch.com/support/imail/releases/im200603.asp ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-06-003: Ipswitch Collaboration Suite Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-003.html March 13, 2006 -- CVE ID: CVE-2005-3526 -- Affected Vendor: Ipswitch -- Affected Products: Ipswitch Collaboration Suite 2006.02 and below -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability since December 13, 2005 by Digital Vaccine protection filter ID 3982. -- Vendor Response: >>From http://www.ipswitch.com/support/ics/updates/ics200603prem.asp: "IMAP: Corrected a vulnerability issue where a properly crafted Fetch command causes IMAP to crash with a buffer overflow (disclosed by TippingPoint, a division of 3Com)." -- Disclosure Timeline: 2005.12.13 - Vulnerability reported to vendor 2005.12.13 - Digital Vaccine released to TippingPoint customers 2006.03.13 - Public release of advisory -- Credit: This vulnerability was discovered by Manuel Santamarina Suarez aka 'FistFuXXer'. -- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/