VARIoT IoT vulnerabilities database

VAR-200709-0221 | CVE-2007-4822 | Buffalo AirStation WHR-G54S Web Management Cross-Site Request Forgery Vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html. Buffalo AirStation WHR-G54S is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to use a victim's cookie credentials to perform actions with the application.
This issue affects Buffalo AirStation WHR-G54S 1.20; other versions may also be affected. For example visit (1) ap.html and (2) filter_ip.html.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Buffalo AirStation WHR-G54S Cross-Site Request Forgery
SECUNIA ADVISORY ID:
SA26712
VERIFY ADVISORY:
http://secunia.com/advisories/26712/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
OPERATING SYSTEM:
Buffalo AirStation WHR-G54S
http://secunia.com/product/15671/
DESCRIPTION:
Henri Lindberg has reported a vulnerability in Buffalo AirStation
WHR-G54S, which can be exploited by malicious people to conduct
cross-site request forgery attacks.
The management interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the
request. This can be exploited to perform certain actions when a
logged in administrator is tricked into visiting a malicious
website.
The vulnerability is reported in WHR-G54S version 1.20.
SOLUTION:
Do not browse untrusted sites while being logged in to the
administrative section of the device.
PROVIDED AND/OR DISCOVERED BY:
Henri Lindberg
ORIGINAL ADVISORY:
http://www.louhi.fi/advisory/buffalo_070907.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0365 | CVE-2007-4733 | Aztech DSL600EU In the router Web Vulnerability connected to interface |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077. Dsl 600Eu Router is prone to a remote security vulnerability
VAR-200709-0395 | CVE-2007-4786 | Cisco Adaptive Security Appliance AAA Authentication Feature Information Disclosure Vulnerability |
CVSS V2: 4.3 CVSS V3: 5.3 Severity: MEDIUM |
Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information. The issue arises in the Authentication, Authorization and Accounting (AAA) feature when troubleshooting the ASA server.
An attacker can exploit this issue to access users' authentication credentials. Information obtained may lead to further attacks.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
The weakness is caused due to Cisco ASA not correctly sanitising log
messages of the "test aaa-server" command before sending them to
syslog. This can lead to the disclosure of sensitive information like
usernames and passwords.
The error occurs when a user with privilege level 15 or above
executes the "test aaa-server" command and logging level 5
(notifications) is activated.
SOLUTION:
Update to 8.0.2.11 for the 8.0 train, 7.2.2.34 for the 7.2 train,
7.1.2.61 for the 7.1 train, and 7.0.7.1 for the 7.0 train.
PROVIDED AND/OR DISCOVERED BY:
Lisa Sittler, CERT/CC.
ORIGINAL ADVISORY:
US-CERT VU#563673:
http://www.kb.cert.org/vuls/id/563673
http://www.kb.cert.org/vuls/id/MIMG-74ZK93
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0397 | CVE-2007-4788 | Cisco CSM Service disruption (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.2a, allow remote attackers to cause a denial of service (CPU consumption or reboot) via sets of out-of-order TCP packets with unspecified characteristics, aka CSCsd27478.
A remote attacker can exploit these issues to cause the affected devices to become unresponsive and possibly to reset. The Catalyst Content Switching Module (CSM) is an integrated server load-balancing line card for the Catalyst 6500 and 7600 series that improves the response time of client communications to endpoints. There is a denial of service vulnerability when the Catalyst content exchange module processes malformed traffic. Remote attackers may use this vulnerability to cause service unavailability.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
1) An unspecified error exists when processing certain TCP packets
that were received out of order. This can be exploited to cause a
high CPU load or a device reload due to a FPGA4 exception with
icp.fatPath length error by sending specially crafted TCP packets to
a vulnerable system.
2) An unspecified error exists within the "service termination"
option, which can be exploited to cause a PGA4 exception 1 IDLE error
under a high network load by sending specially crafted TCP packets to
a vulnerable system.
Vulnerability #1 is reported in CSM 4.2 prior to 4.2.3a and CMS-S
2.1prior to 2.1.2a. Vulnerability #2 is reported in CSM 4.2 prior to
4.2.7 and CMS-S 2.1 prior to 2.1.6.
SOLUTION:
Apply updated versions. See vendor advisory for details.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d3b.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0190 | CVE-2007-4789 | Cisco CSM Service disruption (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Content Switching Modules (CSM) 4.2 before 4.2.7, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.6, when service termination is enabled, allow remote attackers to cause a denial of service (reboot) via unspecified vectors related to high network utilization, aka CSCsh57876.
A remote attacker can exploit these issues to cause the affected devices to become unresponsive and possibly to reset. The Catalyst Content Switching Module (CSM) is an integrated server load-balancing line card for the Catalyst 6500 and 7600 series that improves the response time of client communications to endpoints. There is a denial of service vulnerability when the Catalyst content exchange module processes malformed traffic. Remote attackers may use this vulnerability to cause service unavailability.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
1) An unspecified error exists when processing certain TCP packets
that were received out of order. This can be exploited to cause a
high CPU load or a device reload due to a FPGA4 exception with
icp.fatPath length error by sending specially crafted TCP packets to
a vulnerable system.
2) An unspecified error exists within the "service termination"
option, which can be exploited to cause a PGA4 exception 1 IDLE error
under a high network load by sending specially crafted TCP packets to
a vulnerable system.
Vulnerability #1 is reported in CSM 4.2 prior to 4.2.3a and CMS-S
2.1prior to 2.1.2a. Vulnerability #2 is reported in CSM 4.2 prior to
4.2.7 and CMS-S 2.1 prior to 2.1.6.
SOLUTION:
Apply updated versions. See vendor advisory for details.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d3b.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0378 | CVE-2007-4746 | Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) Vulnerability to perform administrator operations in firmware etc. |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier have default passwords for the sypixx and root user accounts, which allows remote attackers to perform administrative actions, aka CSCsj34681. Multiple Cisco Video Surveillance products are prone to authentication vulnerabilities.
Attackers can exploit these issues to gain administrative privileges on affected devices.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Cisco Video Surveillance IP Gateway and Services Platform
Authentication Bypass
SECUNIA ADVISORY ID:
SA26721
VERIFY ADVISORY:
http://secunia.com/advisories/26721/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, System access
WHERE:
>From local network
OPERATING SYSTEM:
Cisco Video Surveillance IP Gateway Encoder/Decoder 1.x
http://secunia.com/product/15611/
Cisco Video Surveillance Services Platform and Integrated Services
Platform 1.x
http://secunia.com/product/15612/
DESCRIPTION:
Some vulnerabilities have been reported in Cisco Video IP Gateway and
Services Platform, which can be exploited by malicious people to
bypass certain security restrictions and compromise a vulnerable
system. This can be exploited to gain administrative
shell access by connecting to the vulnerable service, but requires
knowledge of the default password.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0379 | CVE-2007-4747 | Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) Vulnerability to perform administrator operations in firmware etc. |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729.
Attackers can exploit these issues to gain administrative privileges on affected devices.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Cisco Video Surveillance IP Gateway and Services Platform
Authentication Bypass
SECUNIA ADVISORY ID:
SA26721
VERIFY ADVISORY:
http://secunia.com/advisories/26721/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, System access
WHERE:
>From local network
OPERATING SYSTEM:
Cisco Video Surveillance IP Gateway Encoder/Decoder 1.x
http://secunia.com/product/15611/
Cisco Video Surveillance Services Platform and Integrated Services
Platform 1.x
http://secunia.com/product/15612/
DESCRIPTION:
Some vulnerabilities have been reported in Cisco Video IP Gateway and
Services Platform, which can be exploited by malicious people to
bypass certain security restrictions and compromise a vulnerable
system.
2) The Cisco Video Surveillance Services Platform and Integrated
Services Platform devices contain a default password for the "sypixx"
and "root" accounts. This can be exploited to gain administrative
shell access by connecting to the vulnerable service, but requires
knowledge of the default password.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0141 | CVE-2007-3752 | Apple iTunes Vulnerable to buffer overflow in handling music files |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file. Apple iTunes is prone to a heap-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects versions prior to iTunes 7.4. Apple iTunes is a media player program. This overflow can be triggered if a user is tricked into opening a malicious music file, causing the player to terminate unexpectedly or execute arbitrary code.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Apple iTunes Music File Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA26725
VERIFY ADVISORY:
http://secunia.com/advisories/26725/
CRITICAL:
Highly critical
IMPACT:
DoS, System access
WHERE:
>From remote
SOFTWARE:
iTunes 7.x
http://secunia.com/product/12131/
iTunes 6.x
http://secunia.com/product/5882/
iTunes 5.x
http://secunia.com/product/7864/
iTunes 4.x
http://secunia.com/product/2916/
DESCRIPTION:
A vulnerability has been reported in Apple iTunes, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified boundary error when
processing album cover art. This can be exploited to cause a buffer
overflow via a specially crafted music file.
Successful exploitation may allow execution of arbitrary code.
SOLUTION:
Update to version 7.4.
iTunes 7.4 for Mac:
http://www.apple.com/support/downloads/itunes74formac.html
iTunes 7.4 for Windows:
http://www.apple.com/support/downloads/itunes74forwindows.html
PROVIDED AND/OR DISCOVERED BY:
The vendor credits David Thiel, iSEC Partners
ORIGINAL ADVISORY:
http://docs.info.apple.com/article.html?artnum=306404
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200709-0429 | CVE-2007-4654 | Cisco CSS series 11000 Device Cisco WebNS Service disruption in (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. Sshield is prone to a denial-of-service vulnerability
VAR-200708-0511 | CVE-2007-4634 | Cisco CUCM In SQL Injection vulnerability |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. Call Manager is prone to a sql-injection vulnerability.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Cisco CallManager / CUCM Cross-Site Scripting and SQL Injection
SECUNIA ADVISORY ID:
SA26641
VERIFY ADVISORY:
http://secunia.com/advisories/26641/
CRITICAL:
Moderately critical
IMPACT:
Cross Site Scripting, Manipulation of data
WHERE:
>From remote
SOFTWARE:
Cisco Unified Communications Manager 4.x
http://secunia.com/product/5363/
Cisco Unified CallManager 4.x
http://secunia.com/product/12534/
Cisco Unified CallManager 3.x
http://secunia.com/product/2805/
DESCRIPTION:
Some vulnerabilities have been reported in Cisco Unified CallManager
and Unified Communications Manager (CUCM), which can be exploited by
malicious people to conduct cross-site scripting and SQL injection
attacks.
1) Input passed to unspecified parameters to the admin or user logon
pages is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.
2) Input passed to unspecified parameters to the admin or user logon
pages is not properly sanitised before being used in SQL queries.
This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code.
The vulnerabilities affect Cisco CallManager and Unified
Communications Manager prior to the following versions:
* 3.3(5)sr2b
* 4.1(3)sr5
* 4.2(3)sr2
* 4.3(1)sr1
SOLUTION:
Update to version 3.3(5)sr2b, 4.1(3)sr5, 4.2(3)sr2, or 4.3(1)sr1.
See vendor advisory for a patch matrix.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Gama SEC and Elliot Kendall from Brandeis
University.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200708-0509 | CVE-2007-4632 | Cisco IOS Problem with rewriting login settings |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105. Cisco IOS is prone to a remote authentication-bypass vulnerability because the software fails to properly ensure that password authentication is required.
Successfully exploiting this issue allows remote attackers to gain VTY access to vulnerable devices without requiring successful password authentication.
This issue is being tracked by Cisco bug ID CSCsa91175. Cisco IOS 12.2E, 12.2F, and 12.2S put a "no login" line in the VTY settings
VAR-200708-0510 | CVE-2007-4633 | CUCM Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. Cisco Unified CallManager and Unified Communications Manager are prone to multiple input-validation vulnerabilities because the applications fail to properly sanitize user-supplied input. These issues include a cross-site scripting vulnerability and an SQL-injection vulnerability.
A successful exploit may allow an attacker to steal cookie-based authentication credentials, execute malicious script code in a user's browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Cisco CallManager / CUCM Cross-Site Scripting and SQL Injection
SECUNIA ADVISORY ID:
SA26641
VERIFY ADVISORY:
http://secunia.com/advisories/26641/
CRITICAL:
Moderately critical
IMPACT:
Cross Site Scripting, Manipulation of data
WHERE:
>From remote
SOFTWARE:
Cisco Unified Communications Manager 4.x
http://secunia.com/product/5363/
Cisco Unified CallManager 4.x
http://secunia.com/product/12534/
Cisco Unified CallManager 3.x
http://secunia.com/product/2805/
DESCRIPTION:
Some vulnerabilities have been reported in Cisco Unified CallManager
and Unified Communications Manager (CUCM), which can be exploited by
malicious people to conduct cross-site scripting and SQL injection
attacks.
1) Input passed to unspecified parameters to the admin or user logon
pages is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.
2) Input passed to unspecified parameters to the admin or user logon
pages is not properly sanitised before being used in SQL queries.
This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code.
See vendor advisory for a patch matrix.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Gama SEC and Elliot Kendall from Brandeis
University.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200707-0675 | CVE-2008-1447 | Multiple DNS implementations vulnerable to cache poisoning |
CVSS V2: 5.0 CVSS V3: 6.8 Severity: MEDIUM |
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". ISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries.
Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.
This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
BIND 8 Predictable DNS Query IDs Vulnerability
SECUNIA ADVISORY ID:
SA26629
VERIFY ADVISORY:
http://secunia.com/advisories/26629/
CRITICAL:
Moderately critical
IMPACT:
Spoofing
WHERE:
>From remote
SOFTWARE:
ISC BIND 8.x.x
http://secunia.com/product/76/
DESCRIPTION:
Amit Klein has reported a vulnerability in BIND, which can be
exploited by malicious people to poison the DNS cache.
The vulnerability is caused due to predictable query IDs in outgoing
queries (e.g.
Reportedly, the probability to guess the next query ID is between 25%
and 43%, depending on the handled DNS traffic.
The vulnerability is reported in BIND 8.x versions prior to 8.4.7-P1.
NOTE: BIND 8.x has reached "End of Life".
PROVIDED AND/OR DISCOVERED BY:
Amit Klein
ORIGINAL ADVISORY:
ISC:
http://www.isc.org/index.pl?/sw/bind/bind8-eol.php
Trusteer:
http://www.trusteer.com/docs/bind8dns.html
OTHER REFERENCES:
US-CERT VU#927905:
http://www.kb.cert.org/vuls/id/927905
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 5
HPSBUX02351 SSRT080058 rev.5 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2010-10-12
------------------------------------------------------------------------------
Potential Security Impact: Remote DNS cache poisoning
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP-UX running BIND.
References: CVE-2008-1447
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2.
Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.
A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support.
The patch PHNE_37865 is available from: http://itrc.hp.com
The BIND v9.3.2 updates are available for download from: http://software.hp.com
HP-UX Release / Action
B.11.11 running v8.1.2
Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / BIND Depot name / Action
B.11.11 running v9.2.0 /
BIND920V15.depot /
Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / Action
B.11.23 running v9.2.0 /
Install PHNE_37865; Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / Action
B.11.11 running v9.3.2 /
Install revision C.9.3.2.7.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in
/etc/named.conf.
B.11.23 running v9.3.2 /
Install revision C.9.3.2.7.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in
/etc/named.conf.
B.11.31 running v9.3.2 /
Install revision C.9.3.2.3.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in
/etc/named.conf.
Note: Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
Note: Firewall configurations may need to be adjusted to allow DNS queries from random source ports to pass. In addition,
firewalls that forward DNS queries must not replace the random source ports.
MANUAL ACTIONS: Yes - NonUpdate
Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. Check firewall settings.
For B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates
For B.11.11 running v9.2.0 install BIND920v15.depot
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It
analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can
also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
AFFECTED VERSIONS
For BIND v8.1.2
HP-UX B.11.11
=============
InternetSrvcs.INETSVCS-RUN
action: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
For BIND v9.3.2
HP-UX B.11.11
=============
BindUpgrade.BIND-UPGRADE
action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
URL: http://software.hp.com
HP-UX B.11.23
=============
BindUpgrade.BIND-UPGRADE
BindUpgrade.BIND2-UPGRADE
action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
URL: http://software.hp.com
HP-UX B.11.31
=============
NameService.BIND-AUX
NameService.BIND-RUN
action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
URL: http://software.hp.com
For BIND v9.2.0
HP-UX B.11.11
=============
BINDv920.INETSVCS-BIND
action: install revision B.11.11.01.015 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
URL Contact HP Support for information on where to download depot.
HP-UX B.11.23
=============
InternetSrvcs.INETSVCS-INETD
InternetSrvcs.INETSVCS-RUN
InternetSrvcs.INETSVCS2-RUN
action: install patch PHNE_37865 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
URL: http://itrc.hp.com
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 16 July 2008 Initial release
Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information
Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2
Version:4 (rev.4) - 08 August 2008 Updated manual actions to include named.conf and firewall configuration setings
Version:5 (rev.5) - 12 October 2010 Updated version for BIND v9.2.0 depot for B.11.11
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters
of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAky2a6UACgkQ4B86/C0qfVkUHQCg0LlQ1F+QqU9M/rEbJ5I/LPdI
HU4AoPLWFY414ZayxcvKOiukOk0nPrVw
=51B3
-----END PGP SIGNATURE-----
.
Resolution
==========
All BIND users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/bind-9.4.2_p1"
Note: In order to utilize the query port randomization to mitigate the
weakness, you need to make sure that your network setup allows the DNS
server to use random source ports for query and that you have not set a
fixed query port via the "query-source port" directive in the BIND
configuration. The fix introduced a regression in the
library breaking the resolution of UTF-8 encoded record names. An
updated release is available which corrects this problem. For
reference, the original advisory text follows.
Multiple weaknesses have been identified in PyDNS, a DNS client
implementation for the Python language. Scott
Kitterman noted that python-dns is vulnerable to this predictability,
as it randomizes neither its transaction ID nor its source port.
Taken together, this lack of entropy leaves applications using
python-dns to perform DNS queries highly susceptible to response
forgery.
The Common Vulnerabilities and Exposures project identifies this
class of weakness as CVE-2008-1447. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. Among other things,
successful attacks can lead to misdirected web traffic and email
rerouting.
This update changes Debian's BIND 9 packages to implement the
recommended countermeasure: UDP query source port randomization. This
change increases the size of the space from which an attacker has to
guess values in a backwards-compatible fashion and makes successful
attacks significantly more difficult.
Note that this security update changes BIND network behavior in a
fundamental way, and the following steps are recommended to ensure a
smooth upgrade.
1. Make sure that your network configuration is compatible with source
port randomization. If you guard your resolver with a stateless packet
filter, you may need to make sure that no non-DNS services listen on on
the 1024--65535 UDP port range and open it at the packet filter. For
instance, packet filters based on etch's Linux 2.6.18 kernel only
support stateless filtering of IPv6 packets, and are therefore pose this
additional difficulty. (If you use IPv4 with iptables and ESTABLISHED
rules, networking changes are likely not required.)
2. Verify that the named process has been
restarted and answers recursive queries. (If all queries result in
timeouts, this indicates that networking changes are necessary; see the
first step.)
3. Verify that source port randomization is active. Check that the
/var/log/daemon.log file does not contain messages of the following
form
named[6106]: /etc/bind/named.conf.options:28: using specific
query-source port suppresses port randomization and can be insecure.
right after the "listening on IPv6 interface" and "listening on IPv4
interface" messages logged by BIND upon startup.
For additional certainty, use tcpdump or some other network monitoring
tool to check for varying UDP source ports. If there is a NAT device
in front of your resolver, make sure that it does not defeat the
effect of source port randomization.
4. If you cannot activate source port randomization, consider
configuring BIND 9 to forward queries to a resolver which can, possibly
over a VPN such as OpenVPN to create the necessary trusted network link.
(Use BIND's forward-only mode in this case.)
Other caching resolvers distributed by Debian (PowerDNS, MaraDNS,
Unbound) already employ source port randomization, and no updated
packages are needed. BIND 9.5 up to and including version
1:9.5.0.dfsg-4 only implements a weak form of source port
randomization and needs to be updated as well. For information on
BIND 8, see DSA-1604-1, and for the status of the libc stub resolver,
see DSA-1605-1.
The updated bind9 packages contain changes originally scheduled for
the next stable point release, including the changed IP address of
L.ROOT-SERVERS.NET (Debian bug #449148).
For the stable distribution (etch), this problem has been fixed in
version 9.3.4-2etch3.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your bind9 package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3.dsc
Size/MD5 checksum: 897 aeb15f8babb1e6e38367b9f19fea87da
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz
Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3.diff.gz
Size/MD5 checksum: 302126 521abea46b1104f2251cc398f30af303
Architecture independent packages:
http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch3_all.deb
Size/MD5 checksum: 189560 46ff778db82d2e171d292ecac93ea9b6
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 98154 bbdbcd3d0840f5ffcf4eaddf5a8c253f
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 1407380 ca8995875e76a25de6f32a47f62ea876
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 226088 93100774ae6da891caf9fa27a2134cdf
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 112616 bca5dcca8abff15f4f9cc911f9f94818
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 322286 677fdcf8e9a8c272a08ed47a79e09209
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 190084 87d64554a1cdde9f58cc850f7d5961a1
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 96508 48ba9fc0e884f093e95988bd4e088b9c
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 564862 7b23948d7c741d4f287698d28385ce71
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 188742 5dd8024a9864137f4529785fcc9c9231
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 116534 2e7dc9ea95bae40dc396ff504abb03bb
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_alpha.deb
Size/MD5 checksum: 115784 b961fd6c797a2d1422ae588bfc25ed9d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 224294 4d33744bb92300b061cad41dd8de7ea5
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 1111932 e43ced7eae496d7835247a068bef4a66
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 190742 9e39ced5d3464594b9dda6ce683fc653
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 319008 e36a35983ebc5061e8669ef7f004a851
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 552414 c93c2863bddd5661010ae3472e210aa8
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 95922 f114eb76add0d7dabad1d082d38ccf08
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 117072 a70d1d96ea01aa24fb9642e09133824f
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 187646 70372cec3522356dcd00901ea64714d4
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 111270 6dc6edfcca9fecb28c7e66d31ab14a74
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 114722 905d0f9b7b5ebc0308c54158e71d03cc
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_amd64.deb
Size/MD5 checksum: 96704 09d3c850f12a6c1f6eab4e800a118c87
arm architecture (ARM)
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 107888 b2ea4933e233a1af8dd1e5ee641999a2
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 112714 27b1fde9b144cacb1ae06a441d7c5787
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 116076 cafc3294083de02518ab5fe0f0488c3b
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 532206 a005bdff779fed950e4750231d0184b2
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 187364 72fdca60a20876be71b678028cefc316
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 95752 bce98b259a2821d59f6e6b441b491d77
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 182950 26a15d51a4e6f1ea1dda99ab4d3ea34c
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 217686 97f538e27ab7c765b514a9ce59869a41
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 95168 374d7f18915fc8eb6b775d272cf28f2e
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 1074498 fdada51888027e9c3e89961b31a48ded
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_arm.deb
Size/MD5 checksum: 311078 43d1c044b0cc81b072b8962ad3b8f019
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 96986 bba6d0a611b7088e284564b430f91405
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 97140 14f3dacd102208700660873637dea18b
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 185570 012eb78b091c0991988a95160df7d65d
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 115822 d717418b7ec770e5419e0941670eab19
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 543342 201331119c074430d503b68dc210e187
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 1258146 2f092d0708338d0a3ac8924218fee0d7
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 315070 bc8d94bec7b1c8cf80f64fb72d1f38e5
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 187942 1cd85afac13850d1807a5b50b9d3262f
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 114612 912dc2007ca7cb6097a3e6a4e98897e3
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 217378 49276452262a155ba17db2ad8c66e3e2
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_hppa.deb
Size/MD5 checksum: 113466 428d268ce8ad5386c1af758ca4cff2ce
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 106034 ce4d4a024472317185d4c6492b7d30df
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 180292 1fd02a86a31b68a8db2407904495a0db
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 94838 9dbc2734dd8b8bb7c3e7684faabea64e
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 206330 a22fb6cb47d6e449007d665b9e6d8c52
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 113162 b9bc5fa7f96313235a53ab6fd819b58b
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 472708 9edfb07c186a93aea1a2e602e0ee6335
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 94822 d2fc00416dc090a535b280f48eee7f46
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 169930 47c43c9738afb7ed72618930dc702ed3
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 296722 dd1979969210386fc36d119e19e12cc2
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 996528 56db22ee21e053443e72ccd11a25181b
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_i386.deb
Size/MD5 checksum: 110134 5491e4e33e43f1300840b62947690b7a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 232052 eb9215cb2ba71ded815b4ca6f0ac0744
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 99978 ceee4c1dc16fdf2d7fefe1aee6d8dd85
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 393324 553b67ca638482db8e1586d231f03abe
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 740264 a30c98b25296a147d47d7f44c8418883
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 127606 33d62368c2ce437e660708eb6b0ffe2b
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 216344 0a0b33f34dbeb744bd8af8ad8388048f
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 125806 3aafce71b9e4ecaf01602c409a355b54
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 1584302 d982b4443c38056cdeb80b327ee36f3a
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 117782 ae8ae735a8054ff473d305b06c90c68a
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 102432 4443f6e43cc1e4c7448965a0501bfe54
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_ia64.deb
Size/MD5 checksum: 280866 c20244c3a06177b934ac804b382b85c7
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 174012 cf61e15aa7c79b40ae94a3c1d08ba496
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 301476 4094fd919da162322ea07d62378cc664
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 110326 be73e626902012ca986d4192804017e7
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 180490 dde7f37a0a2456190461f5f26bf30ab6
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 1229398 37af92bf5074d9a260fd4ff5346dc4b8
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 211386 8083484e19ebc9099022954350c6baf7
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 94992 46f858e2ed33a864539476d25bd9b44f
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 94230 6bfa6b8d78c46567a341f6174f9aa874
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 491862 fc2d747a29c0116da5936b4964ef8146
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 113268 58fb17d2ee0415e13fdad4727534b6cc
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_mips.deb
Size/MD5 checksum: 107912 5834642a56bb9548510f8cd0a3ae766f
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 299514 0b5de102f7ddf83d497498b320613556
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 488260 7b85b99ea5c24f74e531bbd9056672e9
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 1205384 a3211957988d4aaae40776ff41cf6a01
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 113016 dddd0a37c778cd68696318a7adc1abcd
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 110254 6754bc57fcac807b5569531f7e821802
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 174148 23e91bbb42a44ca80535079660813277
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 179630 fa26c51aa248cb502ac54544bdd6ced0
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 210904 21784fc7019a384e78ecc94a10f4e315
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 94936 2068abe2f2e78675ad94ea28579efc87
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 107166 2cfce41a4fc41aa9986cdef01e09705d
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_mipsel.deb
Size/MD5 checksum: 94098 c95a157cfa3feef62450afdef3fe65a8
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 173606 9618a781d59f94f751e18db86cf6b948
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 112276 e786724068250eb53c475a3e51035d51
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 113842 4961da1e75c17f3f00621acfc06d10fe
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 488428 b777fc3fe13b319817f955f116b40e83
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 1167832 75f402f7bf328da5deee364f4266558d
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 96204 57ec688c7f24161e347054dc93fbd757
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 96170 77d5b9189a05f2b3dca7901bff6e56df
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 301276 dddf71278c1f4afbbc49019248f4328e
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 109288 8fd2b3005fcf95e3616ec8a77b3ad322
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 183310 b9eb85b58aaf29a3106d16410c0d379a
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_powerpc.deb
Size/MD5 checksum: 206830 b286690dde8d1412c2de3fa99f7d3c5b
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 114234 23a30b0e26db0210a1be48c4d44b6d7f
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 331864 7c3fab929f1e29873ecfc7c7c4b52ddc
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 116656 8abeeeb22e800f63e4b30e0c2dd974e0
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 1137342 820a17acdc24ef1dd0c1db7b8e6fc470
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 233948 635487d4e6ea4d15704bb14b8cf9236c
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 196598 2198086ee8c358aa3ed5046708a31f45
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 194704 c897d956b11161ae8e31e4bffb489883
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 118140 e5e11d59852a32dcd1b78b4aabd22fff
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 95664 050d558c3d06e520fb4e6c6cebd520c3
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 579484 6fc80f5cde0c2d01b49ae53f027eeecc
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_s390.deb
Size/MD5 checksum: 97786 5dda64259aa80e1c2e085e7fc2430299
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 300090 21095a9477d8db8bdbca300235ddc296
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 210606 8bd074b427b5f732c5584ca265bb2c28
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 1121664 2750abf3a8e3ffa54d1b15f6a5b6738e
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 94822 4e2634cf2561a237174a6863377b24cd
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 175248 4231a2791083fc82977535613d38ef2a
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 184036 aea98952994fb97c74df02ae4ed2f28d
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 107574 b6a3a3204c134d54dce2d8d79f77f647
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 493628 b5c5a9638091fd0d6543a405bfdefd53
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 94828 4657a6a42f7f2fac5ef96d273e9de4df
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 114258 32f88744a6e6e648377dda42ff910cbb
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_sparc.deb
Size/MD5 checksum: 111158 a59dbf1edb5518b09b2993049922c01a
These files will probably be moved into the stable distribution on
its next update.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SUSE Security Announcement
Package: bind
Announcement ID: SUSE-SA:2008:033
Date: Fri, 11 Jul 2008 09:00:00 +0000
Affected Products: openSUSE 10.2
openSUSE 10.3
openSUSE 11.0
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP1
SLE SDK 10 SP1
SLE SDK 10 SP2
SUSE Linux Enterprise Server 10 SP1
SUSE Linux Enterprise Desktop 10 SP2
SUSE Linux Enterprise Server 10 SP2
Vulnerability Type: DNS cache poisoning
Severity (1-10): 9
SUSE Default Package: no
Cross-References: CVE-2008-1447
Content of This Advisory:
1) Security Vulnerability Resolved:
DNS cache poisoning
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
6) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Problem Description and Brief Discussion
The bind daemon is responsible for resolving hostnames in IP addresses and
vice versa.
The new version of bind uses a random transaction-ID (TRXID) and a random
UDP source-port for DNS queries to address DNS cache poisoning attacks
possible because of the "birthday paradox" and an attack discovered by Dan
Kaminsky. Unfortunately we do not have details about Kaminsky's attack and
have to trust the statement that a random UDP source-port is sufficient to
stop it.
DNS servers that do not support recursive queries or do not use a cache
(authoritative only servers) are not vulnerable too.
Update packages of bind9 for SLES8 will be available soon.
The glibc stub resolver is known to be vulnerable too and we will publish
updates as soon as possible.
Note, a local attacker can always sniff DNS queries and generate spoofed
responses easily.
If you use the UDP source-port number of the DNS server in your firewall
configuration, for example to let DNS queries through your packetfilter,
then you have to take steps to adapt your filter rules to the new behavior
of the DNS server.
One that is authoritative only and accessible from the Internet to resolve
queries for your local systems that are available over the Internet. The
other system (caching) is not accessible over the Internet and can be used
by internal clients to recursively lookup names and addresses.
But we encourage you to install the bind update as soon as possible too.
If you use the latest update of pdns-recursor you are not vulnerable to
this attack.
For the glibc stub resolver bug you can install a local secure DNS for-
warder on your machine or make a DNS forwarder available for a protected
network.
3) Special Instructions and Notes
Please restart the bind daemon after the update.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST
Online Update (YOU) tool. YOU detects which updates are required and
automatically performs the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing <file.rpm> with the filename of the
downloaded RPM package.
x86 Platform:
openSUSE 11.0:
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/bind-9.4.2-39.2.i586.rpm
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/bind-chrootenv-9.4.2-39.2.i586.rpm
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/bind-devel-9.4.2-39.2.i586.rpm
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/bind-doc-9.4.2-39.2.i586.rpm
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/bind-libs-9.4.2-39.2.i586.rpm
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/bind-utils-9.4.2-39.2.i586.rpm
openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/bind-9.4.1.P1-12.5.i586.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/bind-chrootenv-9.4.1.P1-12.5.i586.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/bind-devel-9.4.1.P1-12.5.i586.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/bind-doc-9.4.1.P1-12.5.i586.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/bind-libs-9.4.1.P1-12.5.i586.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/bind-utils-9.4.1.P1-12.5.i586.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-9.3.5P1-0.1.i586.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-chrootenv-9.3.5P1-0.1.i586.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-devel-9.3.5P1-0.1.i586.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-doc-9.3.5P1-0.1.i586.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-libs-9.3.5P1-0.1.i586.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-utils-9.3.5P1-0.1.i586.rpm
x86-64 Platform:
openSUSE 11.0:
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/bind-libs-32bit-9.4.2-39.2.x86_64.rpm
openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/bind-libs-32bit-9.4.1.P1-12.5.x86_64.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-libs-32bit-9.3.5P1-0.1.x86_64.rpm
Sources:
openSUSE 11.0:
http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/bind-9.4.2-39.2.src.rpm
openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/bind-9.4.1.P1-12.5.src.rpm
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/bind-9.3.5P1-0.1.src.rpm
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
Open Enterprise Server
http://support.novell.com/techcenter/psdb/aa846ea840c9bf29e6974f3b6913e550.html
Novell Linux POS 9
http://support.novell.com/techcenter/psdb/aa846ea840c9bf29e6974f3b6913e550.html
Novell Linux Desktop 9
http://support.novell.com/techcenter/psdb/aa846ea840c9bf29e6974f3b6913e550.html
SUSE SLES 9
http://support.novell.com/techcenter/psdb/aa846ea840c9bf29e6974f3b6913e550.html
SUSE Linux Enterprise Server 10 SP1
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
SUSE Linux Enterprise Server 10 SP2
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
SLE SDK 10 SP2
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
SUSE Linux Enterprise 10 SP2 DEBUGINFO
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
SLE SDK 10 SP1
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
SUSE Linux Enterprise Desktop 10 SP1
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
SUSE Linux Enterprise Desktop 10 SP2
http://support.novell.com/techcenter/psdb/555065b7278085ce1ce7a6e84b6f07aa.html
______________________________________________________________________________
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
______________________________________________________________________________
6) Authenticity Verification and Additional Information
- Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file
and run the command
gpg --verify <file>
replacing <file> with the name of the file where you saved the
announcement. The output for a valid signature looks like:
gpg: Signature made <DATE> using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team <security@suse.de>"
where <DATE> is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
- Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.
The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, replacing <file.rpm> with the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.
- SUSE runs two security mailing lists to which any interested party may
subscribe:
opensuse-security@opensuse.org
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security+subscribe@opensuse.org>.
opensuse-security-announce@opensuse.org
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
<opensuse-security-announce+subscribe@opensuse.org>.
=====================================================================
SUSE's security contact is <security@suse.com> or <security@suse.de>.
The <security@suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular, the
clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever
with respect to the information contained in this security advisory.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Ruby: Multiple vulnerabilities
Date: December 16, 2008
Bugs: #225465, #236060
ID: 200812-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in Ruby that allow for
attacks including arbitrary code execution and Denial of Service.
Background
==========
Ruby is an interpreted object-oriented programming language. The
elaborate standard library includes an HTTP server ("WEBRick") and a
class for XML parsing ("REXML").
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/ruby < 1.8.6_p287-r1 >= 1.8.6_p287-r1
Description
===========
Multiple vulnerabilities have been discovered in the Ruby interpreter
and its standard libraries. Drew Yao of Apple Product Security
discovered the following flaws:
* Arbitrary code execution or Denial of Service (memory corruption)
in the rb_str_buf_append() function (CVE-2008-2662).
* Arbitrary code execution or Denial of Service (memory corruption)
in the rb_ary_stor() function (CVE-2008-2663).
* Memory corruption via alloca in the rb_str_format() function
(CVE-2008-2664).
* Memory corruption ("REALLOC_N") in the rb_ary_splice() and
rb_ary_replace() functions (CVE-2008-2725).
* Memory corruption ("beg + rlen") in the rb_ary_splice() and
rb_ary_replace() functions (CVE-2008-2726).
Furthermore, several other vulnerabilities have been reported:
* Tanaka Akira reported an issue with resolv.rb that enables
attackers to spoof DNS responses (CVE-2008-1447).
* Akira Tagoh of RedHat discovered a Denial of Service (crash) issue
in the rb_ary_fill() function in array.c (CVE-2008-2376).
* Several safe level bypass vulnerabilities were discovered and
reported by Keita Yamaguchi (CVE-2008-3655).
* Christian Neukirchen is credited for discovering a Denial of
Service (CPU consumption) attack in the WEBRick HTTP server
(CVE-2008-3656).
* A fault in the dl module allowed the circumvention of taintness
checks which could possibly lead to insecure code execution was
reported by "sheepman" (CVE-2008-3657).
* Tanaka Akira again found a DNS spoofing vulnerability caused by the
resolv.rb implementation using poor randomness (CVE-2008-3905).
* Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial
of Service (CPU consumption) vulnerability in the REXML module when
dealing with recursive entity expansion (CVE-2008-3790).
Impact
======
These vulnerabilities allow remote attackers to execute arbitrary code,
spoof DNS responses, bypass Ruby's built-in security and taintness
checks, and cause a Denial of Service via crash or CPU exhaustion.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Ruby users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.6_p287-r1"
References
==========
[ 1 ] CVE-2008-1447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
[ 2 ] CVE-2008-2376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376
[ 3 ] CVE-2008-2662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
[ 4 ] CVE-2008-2663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
[ 5 ] CVE-2008-2664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
[ 6 ] CVE-2008-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
[ 7 ] CVE-2008-2726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
[ 8 ] CVE-2008-3655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655
[ 9 ] CVE-2008-3656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656
[ 10 ] CVE-2008-3657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657
[ 11 ] CVE-2008-3790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790
[ 12 ] CVE-2008-3905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-17.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
HP TCP/IP Services for OpenVMS 5.7 ECO5 package is available from the
following location:
The HP TCP/IP Services for OpenVMS 5.7 ECO5 kits for both Integrity and Alpha
platforms have been uploaded to HP Support Center website. Customers can
access the kits from Patch Management page. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
(These vulnerabilities were reported by Keita Yamaguchi.)
== DoS vulnerability in WEBrick ==
An error exists in the usage of regular expressions in
"WEBrick::HTTPUtils.split_header_value()". This can be exploited to
consume large amounts of CPU via a specially crafted HTTP request.
(This vulnerability was reported by Christian Neukirchen.)
== Lack of taintness check in dl ==
An error in "DL" can be exploited to bypass security restrictions and
call potentially dangerous functions.
(This vulnerability was reported by Tanaka Akira.)
Affected packages:
Pardus 2008:
ruby, all before 1.8.7_p72-16-4
ruby-mode, all before 1.8.7_p72-16-4
Pardus 2007:
ruby, all before 1.8.7_p72-16-13
ruby-mode, all before 1.8.7_p72-16-4
Resolution
==========
There are update(s) for ruby, ruby-mode. You can update them via Package
Manager or with a single command from console:
Pardus 2008:
pisi up ruby ruby-mode
Pardus 2007:
pisi up ruby ruby-mode
References
==========
* http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
* http://secunia.com/advisories/31430/
------------------------------------------------------------------------
--
Pınar Yanardağ
http://pinguar.org
_______________________________________________
Full-Disclosure - We believe in it. Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
References: MS08-037 (CVE-2008-1447, CVE-2008-1454), MS08-038 (CVE-2008-1435), MS08-039 (CVE-2008-2247, CVE-2008-2248), MS08-040 (CVE-2008-0085, CVE-2008-0086, CVE-2008-0106, CVE-2008-0107).
Patches released by Microsoft after MS06-051 are covered by monthly Security Bulletins.
For the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do
For patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146
For patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147
For patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148
For patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140
The Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx
NOTE: The SMA must have all pertinent SMA Service Packs applied
Windows 2000 Update Rollup 1
Customers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=179111&taskId=101&prodTypeId=12169&prodSeriesId=315667
Windows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028.
NOTE: Patch installation instructions are shown at the end of this table.
-------------------------------------------------
MS Patch - MS08-037 Vulnerabilities in DNS Could Allow Spoofing (953230)
Analysis - Patch will run successfully.
-------------------------------------------------
MS Patch - MS08-038 Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
Analysis - SMA does not have this component.
Action - Patch will not run successfully. Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
Analysis - SMA does not have this component.
Action - Patch will not run successfully. Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Analysis - SMA does not have this component.
Action - Patch will not run successfully. Customers should not be concerned with this issue
-------------------------------------------------
Installation Instructions: (if applicable)
Download patches to a system other than the SMA
Copy the patch to a floppy diskette or to a CD
Execute the patch by using Terminal Services to the SMA or by attaching a keyboard, monitor and mouse to the SMA.
Note: The Microsoft Windows Installer 3.1 is supported on SMA v2.1.
Corrected: 2008-07-12 10:07:33 UTC (RELENG_6, 6.3-STABLE)
2008-07-13 18:42:38 UTC (RELENG_6_3, 6.3-RELEASE-p3)
2008-07-13 18:42:38 UTC (RELENG_7, 7.0-STABLE)
2008-07-13 18:42:38 UTC (RELENG_7_0, 7.0-RELEASE-p3)
CVE Name: CVE-2008-1447
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>. Background
BIND 9 is an implementation of the Domain Name System (DNS) protocols.
The named(8) daemon is an Internet Domain Name Server. DNS requests
contain a query id which is used to match a DNS request with the response
and to make it harder for anybody but the DNS server which received the
request to send a valid response.
II.
III. Impact
The lack of source port randomization reduces the amount of data the
attacker needs to guess in order to successfully execute a DNS cache
poisoning attack. This allows the attacker to influence or control
the results of DNS queries being returned to users from target systems.
IV.
To limit the machines able to perform recursive queries, add an ACL in
named.conf and limit recursion like the following:
acl example-acl {
192.0.2.0/24;
};
options {
recursion yes;
allow-recursion { example-acl; };
};
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE or 7-STABLE, or to the
RELENG_7_0 or RELENG_6_3 security branch dated after the correction
date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 6.3 and
7.0 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 6.3]
# fetch http://security.FreeBSD.org/patches/SA-08:06/bind63.patch
# fetch http://security.FreeBSD.org/patches/SA-08:06/bind63.patch.asc
[FreeBSD 7.0]
# fetch http://security.FreeBSD.org/patches/SA-08:06/bind7.patch
# fetch http://security.FreeBSD.org/patches/SA-08:06/bind7.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/bind
# make obj && make depend && make && make install
# cd /usr/src/usr.sbin/named
# make obj && make depend && make && make install
NOTE WELL: This update causes BIND to choose a new, random UDP port for
each new query; this may cause problems for some network configurations,
particularly if firewall(s) block incoming UDP packets on particular
ports. The avoid-v4-udp-ports and avoid-v6-udp-ports options should be
used to avoid selecting random port numbers within a blocked range. Consequently it is strongly recommended that these options not
be used to specify fixed port numbers.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
src/contrib/bind9/bin/named/client.c 1.1.1.2.2.5
src/contrib/bind9/bin/named/server.c 1.1.1.2.2.4
src/contrib/bind9/lib/dns/api 1.1.1.2.2.5
src/contrib/bind9/lib/dns/dispatch.c 1.1.1.1.4.4
src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.1.4.3
src/contrib/bind9/lib/dns/resolver.c 1.1.1.2.2.8
RELENG_6_3
src/UPDATING 1.416.2.37.2.8
src/sys/conf/newvers.sh 1.69.2.15.2.7
src/contrib/bind9/bin/named/client.c 1.1.1.2.2.3.2.1
src/contrib/bind9/bin/named/server.c 1.1.1.2.2.2.2.1
src/contrib/bind9/lib/dns/api 1.1.1.2.2.3.2.1
src/contrib/bind9/lib/dns/dispatch.c 1.1.1.1.4.2.2.1
src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.1.4.1.2.1
src/contrib/bind9/lib/dns/resolver.c 1.1.1.2.2.6.2.1
RELENG_7
src/contrib/bind9/bin/named/client.c 1.1.1.6.2.2
src/contrib/bind9/bin/named/server.c 1.1.1.6.2.2
src/contrib/bind9/lib/dns/api 1.1.1.6.2.2
src/contrib/bind9/lib/dns/dispatch.c 1.1.1.4.2.2
src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.3.2.2
src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.2
RELENG_7_0
src/UPDATING 1.507.2.3.2.7
src/sys/conf/newvers.sh 1.72.2.5.2.7
src/contrib/bind9/bin/named/client.c 1.1.1.6.2.1.2.1
src/contrib/bind9/bin/named/server.c 1.1.1.6.2.1.2.1
src/contrib/bind9/lib/dns/api 1.1.1.6.2.1.2.1
src/contrib/bind9/lib/dns/dispatch.c 1.1.1.4.2.1.2.1
src/contrib/bind9/lib/dns/include/dns/dispatch.h 1.1.1.3.2.1.2.1
src/contrib/bind9/lib/dns/resolver.c 1.1.1.9.2.1.2.1
- -------------------------------------------------------------------------
VII
VAR-200709-0415 | CVE-2007-4753 | Thomson ST 2030 SIP Service disruption on telephones (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via (1) an empty SIP message or (2) a SIP INVITE message with a malformed To header, different vectors than CVE-2007-4553. This vulnerability CVE-2007-4553 Is a different vulnerability.Denial of service by a third party via the following message ( Device hang ) There is a possibility of being put into a state.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Thomson SpeedTouch 2030 Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA26587
VERIFY ADVISORY:
http://secunia.com/advisories/26587/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
>From remote
OPERATING SYSTEM:
Thomson SpeedTouch 2030 VoIP Phone
http://secunia.com/product/15497/
DESCRIPTION:
A vulnerability has been reported in the Thomson SpeedTouch 2030 VoIP
phone, which can be exploited by malicious people to cause a DoS
(Denial of Service).
The vulnerability is caused due to an unspecified error in the
handling of INVITE messages and can be exploited to crash the device
by sending a specially crafted INVITE message containing a "/"
character after the version in the "Via:" field.
The vulnerability is reported in software version 1.52.1. Other
versions may also be affected.
SOLUTION:
Use the device in a trusted network environment only.
PROVIDED AND/OR DISCOVERED BY:
Humberto J. Abdelnur, Radu State, and Olivier Festor
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065433.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200708-0441 | CVE-2007-4553 | Thomson ST 2030 SIP Service disruption on telephones (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a '/' (slash) instead of the required space following the SIP version number. Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages.
Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users.
This issue affects Thomas SpeedTouch 2030 firmware 1.52.1; other versions may also be affected.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Thomson SpeedTouch 2030 Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA26587
VERIFY ADVISORY:
http://secunia.com/advisories/26587/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
>From remote
OPERATING SYSTEM:
Thomson SpeedTouch 2030 VoIP Phone
http://secunia.com/product/15497/
DESCRIPTION:
A vulnerability has been reported in the Thomson SpeedTouch 2030 VoIP
phone, which can be exploited by malicious people to cause a DoS
(Denial of Service).
The vulnerability is reported in software version 1.52.1.
SOLUTION:
Use the device in a trusted network environment only.
PROVIDED AND/OR DISCOVERED BY:
Humberto J. Abdelnur, Radu State, and Olivier Festor
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065433.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200708-0443 | CVE-2007-4555 | Ipswitch WS_FTP Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to create a new admin account. WS_FTP is prone to a cross-site scripting vulnerability.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Ipswitch WS_FTP Server Script Insertion Vulnerability
SECUNIA ADVISORY ID:
SA26529
VERIFY ADVISORY:
http://secunia.com/advisories/26529/
CRITICAL:
Moderately critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
SOFTWARE:
WS_FTP Server 6.x
http://secunia.com/product/14782/
DESCRIPTION:
John Harwold has discovered a vulnerability in Ipswitch WS_FTP
Server, which can be exploited by malicious users to conduct script
insertion attacks.
Parameters passed to valid FTP commands are not properly sanitised
before the command is logged.
The vulnerability is confirmed in WS_FTP Server 6. Other versions may
also be affected.
SOLUTION:
Restrict access to the WS_FTP server to trusted users only.
PROVIDED AND/OR DISCOVERED BY:
John Harwold, VDA Labs
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065441.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200708-0612 | CVE-2007-3847 |
Apache HTTP Server of mod_proxy Service disruption in modules (DoS) Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200708-0487 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. Apache HTTP Server of mod_proxy The module includes modules/proxy/proxy_util.c When an invalid data header is processed in the service, the read operation is executed beyond the buffer area, resulting in an interruption in service operation. (DoS) There is a vulnerability that becomes a condition.When processing a specially crafted data header by a third party, the proxy server cache processing crashes and disrupts service operation (DoS) It may be in a state. The Apache mod_proxy module is prone to a denial-of-service vulnerability.
A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). ===========================================================
Ubuntu Security Notice USN-575-1 February 04, 2008
apache2 vulnerabilities
CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,
CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
apache2-mpm-perchild 2.0.55-4ubuntu2.3
apache2-mpm-prefork 2.0.55-4ubuntu2.3
apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10:
apache2-mpm-perchild 2.0.55-4ubuntu4.2
apache2-mpm-prefork 2.0.55-4ubuntu4.2
apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04:
apache2-mpm-event 2.2.3-3.2ubuntu2.1
apache2-mpm-perchild 2.2.3-3.2ubuntu2.1
apache2-mpm-prefork 2.2.3-3.2ubuntu2.1
apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10:
apache2-mpm-event 2.2.4-3ubuntu0.1
apache2-mpm-perchild 2.2.4-3ubuntu0.1
apache2-mpm-prefork 2.2.4-3ubuntu0.1
apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from
an HTTP request when it is reflected back in an error message, which
could result in browsers becoming vulnerable to cross-site scripting
attacks when processing the output. With cross-site scripting
vulnerabilities, if a user were tricked into viewing server output
during a crafted server request, a remote attacker could exploit this
to modify the contents, or steal confidential data (such as passwords),
within the same domain. This was only vulnerable in Ubuntu 6.06.
(CVE-2006-3918)
It was discovered that when configured as a proxy server and using a
threaded MPM, Apache did not properly sanitize its input. By default, mod_proxy is disabled in
Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set,
which could result in browsers becoming vulnerable to cross-site
scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a
character set, which could result in browsers becoming vulnerable
to cross-site scripting attacks when processing the output. By
default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available,
allowed for cross-site scripting attacks. By default, mod_status is
disabled in Ubuntu. (CVE-2007-6388)
It was discovered that mod_proxy_balancer did not sanitize its input,
which could result in browsers becoming vulnerable to cross-site
scripting attacks when processing the output. By default,
mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable
in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to
dereference a NULL pointer. By
default, mod_proxy_balancer is disabled in Ubuntu. This was only
vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set,
which could result in browsers becoming vulnerable to cross-site
scripting attacks when processing the output. By default,
mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. An error
has been discovered in the recall_headers() function in mod_mem_cache
(CVE-2007-1862). The mod_cache module does not properly sanitize
requests before processing them (CVE-2007-1863). The Prefork module
does not properly check PID values before sending signals
(CVE-2007-3304). The mod_proxy module does not correctly check headers
before processing them (CVE-2007-3847).
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
==========
[ 1 ] CVE-2006-5752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
[ 2 ] CVE-2007-1862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862
[ 3 ] CVE-2007-1863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
[ 4 ] CVE-2007-3304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
[ 5 ] CVE-2007-3847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
[ 6 ] CVE-2007-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2007 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01182588
Version: 1
HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-10
Last Updated: 2007-10-10
Potential Security Impact: Remote Unauthorized Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2007-3847, CVE-2007-3304
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00
BACKGROUND
To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended action has been taken.
AFFECTED VERSIONS
For IPv4:
HP-UX B.11.11
=============
hpuxwsAPACHE
action: install revision B.2.0.59.00.0 or subsequent
restart Apache
URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
For IPv6:
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
=============
hpuxwsAPACHE,revision=B.1.0.00.01
hpuxwsAPACHE,revision=B.1.0.07.01
hpuxwsAPACHE,revision=B.1.0.08.01
hpuxwsAPACHE,revision=B.1.0.09.01
hpuxwsAPACHE,revision=B.1.0.10.01
hpuxwsAPACHE,revision=B.2.0.48.00
hpuxwsAPACHE,revision=B.2.0.49.00
hpuxwsAPACHE,revision=B.2.0.50.00
hpuxwsAPACHE,revision=B.2.0.51.00
hpuxwsAPACHE,revision=B.2.0.52.00
hpuxwsAPACHE,revision=B.2.0.53.00
hpuxwsAPACHE,revision=B.2.0.54.00
hpuxwsAPACHE,revision=B.2.0.55.00
hpuxwsAPACHE,revision=B.2.0.56.00
hpuxwsAPACHE,revision=B.2.0.58.00
hpuxwsAPACHE,revision=B.2.0.58.01
hpuxwsAPACHE,revision=B.2.0.59.00
action: install revision B.2.0.59.00.0 or subsequent
restart Apache
URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
END AFFECTED VERSIONS
RESOLUTION
HP has made the following available to resolve the vulnerability.
OS Release
Depot name
MD5 Sum
B.11.11 (IPv4)
HPUXWSA-B218-01-1111ipv4.depot
eb3bb933baac0f05e1e0809ef1e84eb2
B.11.11 (IPv6)
HPUXWSA-B218-01-1111ipv6.depot
540a56b155699336bcbfac0eaf87e3ce
B.11.23 PA-32
HPUXWSA-B218-01-1123-32.depot
2900a0cbea01b6905dc768680fbd5381
B.11.23 IA-64
HPUXWSA-B218-01-1123-64.depot
3be084d96e8a509692e37c71c0184014
B.11.31 PA-32
HPUXWSA-B218-01-1131-32.depot
861122eef70f1b53d68c5adafc64cdb5
B.11.31 IA-64
HPUXWSA-B218-01-1131-64.depot
8dc57222257fe27fb5994da16e91f9a4
The updates are available from:
ftp://ssrt1476:ssrt1476@hprc.external.hp.com/
ftp://ssrt1476:ssrt1476@192.170.19.100/
MANUAL ACTIONS: Yes - Update
Install Apache 2.0.59.00.0 or subsequent.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant:
HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically.
For more information see: https://www.hp.com/go/swa
HISTORY
Revision: 1 (rev.1) - 10 October 2007 Initial release
Third Party Security Patches:
Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy
7CP41v96ckMOtfU4yeG76pv2
=VMzd
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0010
Synopsis: VMware Hosted products update libpng and Apache HTTP
Server
Issue date: 2009-08-20
Updated on: 2009-08-20 (initial release of advisory)
CVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863
CVE-2006-5752 CVE-2007-3304 CVE-2007-6388
CVE-2007-5000 CVE-2008-0005
- ------------------------------------------------------------------------
1. Summary
Updated VMware Hosted products address security issues in libpng and
the Apace HTTP Server.
2. Relevant releases
VMware Workstation 6.5.2 and earlier,
VMware Player 2.5.2 and earlier,
VMware ACE 2.5.2 and earlier
3. Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
4. Solution
Please review the patch/release notes for your product and version
and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
------------------------
http://www.vmware.com/download/ws/
Release notes:
http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit
Windows 32-bit and 64-bit .exe
md5sum: 7565d16b7d7e0173b90c3b76ca4656bc
sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit
Linux 32-bit .rpm
md5sum: 4d55c491bd008ded0ea19f373d1d1fd4
sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit
Linux 32-bit .bundle
md5sum: d4a721c1918c0e8a87c6fa4bad49ad35
sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit
Linux 64-bit .rpm
md5sum: 72adfdb03de4959f044fcb983412ae7c
sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit
Linux 64-bit .bundle
md5sum: 83e1f0c94d6974286256c4d3b559e854
sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
-------------------
http://www.vmware.com/download/player/
Release notes:
http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe
md5sum: fe28f193374c9457752ee16cd6cad4e7
sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm
md5sum: c99cd65f19fdfc7651bcb7f328b73bc2
sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle
md5sum: 210f4cb5615bd3b2171bc054b9b2bac5
sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm
md5sum: f91576ef90b322d83225117ae9335968
sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle
md5sum: 595d44d7945c129b1aeb679d2f001b05
sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
----------------
http://www.vmware.com/download/ace/
Release notes:
http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance
AMS Virtual Appliance .zip
md5sum: 44cc7b86353047f02cf6ea0653e38418
sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit
Windows 32-bit and 64-bit .exe
md5sum: 0779da73408c5e649e0fd1c62d23820f
sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows
Windows .exe
md5sum: 0779da73408c5e649e0fd1c62d23820f
sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9
SLES 9 .rpm
md5sum: a4fc92d7197f0d569361cdf4b8cca642
sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4
RHEL 4 .rpm
md5sum: 841005151338c8b954f08d035815fd58
sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
5. References
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- ------------------------------------------------------------------------
6. Change log
2009-08-20 VMSA-2009-0010
Initial security advisory after release of Workstation 6.5.3,
Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- ------------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. Likewise, a similar crash
could occur on sites with a forward proxy configured if a user could
be persuaded to visit a malicious site using the proxy (CVE-2007-3847). On sites where
directory listings are used and the AddDefaultCharset directive was
removed from the configuration, a cross-site-scripting attack could
be possible against browsers that to not correctly derive the response
character set according to the rules in RGC 2616 (CVE-2007-4465).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
9bb73822e8ae92ba87aa8baa21d467d1 2007.0/i586/apache-base-2.2.3-1.2mdv2007.0.i586.rpm
1949631d7fc0f87c91ba5dd9e738e036 2007.0/i586/apache-devel-2.2.3-1.2mdv2007.0.i586.rpm
3fed692d7b2eefe64bdd5f557fb0d838 2007.0/i586/apache-htcacheclean-2.2.3-1.2mdv2007.0.i586.rpm
86b32442b40c9e8ee9ba4bc1def61157 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.i586.rpm
a6ca98077bee65a270a7777f6a3f3b60 2007.0/i586/apache-mod_cache-2.2.3-1.2mdv2007.0.i586.rpm
3bf50ab09740de6e718dc38e5320a3f7 2007.0/i586/apache-mod_dav-2.2.3-1.2mdv2007.0.i586.rpm
11e3dde4beab554a1523261979852fee 2007.0/i586/apache-mod_dbd-2.2.3-1.2mdv2007.0.i586.rpm
993926a12a2b5192059961a8bcbf4e2c 2007.0/i586/apache-mod_deflate-2.2.3-1.2mdv2007.0.i586.rpm
8553d309d0b537732375fbf0ab6c3187 2007.0/i586/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.i586.rpm
83a1fce76091ea660989b5b310d545ab 2007.0/i586/apache-mod_file_cache-2.2.3-1.2mdv2007.0.i586.rpm
c7799b98922ee0e2f5bd114a3b2f3816 2007.0/i586/apache-mod_ldap-2.2.3-1.2mdv2007.0.i586.rpm
b3e79d78c26282b39322910be91cd410 2007.0/i586/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.i586.rpm
6c72e3c58cb10447304328c2f863651a 2007.0/i586/apache-mod_proxy-2.2.3-1.2mdv2007.0.i586.rpm
a6d09de71a6b7bf7bb1cafc187777be7 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.i586.rpm
05eee18af88226fb76766a9b88d843a8 2007.0/i586/apache-mod_ssl-2.2.3-1.2mdv2007.0.i586.rpm
c499609426acef2255940cab04a28b5c 2007.0/i586/apache-mod_userdir-2.2.3-1.2mdv2007.0.i586.rpm
bcd0563b948d8958de5a8da12e5ecd85 2007.0/i586/apache-modules-2.2.3-1.2mdv2007.0.i586.rpm
5c4777a2db7fd28b233d1bcc1d570a70 2007.0/i586/apache-mpm-prefork-2.2.3-1.2mdv2007.0.i586.rpm
fa38945281388cfd4d37d2f98187a0b0 2007.0/i586/apache-mpm-worker-2.2.3-1.2mdv2007.0.i586.rpm
30e14fac38a58a8ab4bf59a6ecb59f9a 2007.0/i586/apache-source-2.2.3-1.2mdv2007.0.i586.rpm
9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
3301ff7aa05c7cb14eecfc82d1d7fe33 2007.0/x86_64/apache-base-2.2.3-1.2mdv2007.0.x86_64.rpm
f0f6cc2cc841959558ab0222d975a9cc 2007.0/x86_64/apache-devel-2.2.3-1.2mdv2007.0.x86_64.rpm
7bf4dbf62cd08717fc3704798d0c839d 2007.0/x86_64/apache-htcacheclean-2.2.3-1.2mdv2007.0.x86_64.rpm
ecb3772fac317f54303d1d67c2b1c7a2 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm
c6cb91541e0f7a24b337da09ee7eb248 2007.0/x86_64/apache-mod_cache-2.2.3-1.2mdv2007.0.x86_64.rpm
f39c5879ff62c5d8dcc41ae73d1ca0cd 2007.0/x86_64/apache-mod_dav-2.2.3-1.2mdv2007.0.x86_64.rpm
562dc2a4e6246fa7dde9986af40ec847 2007.0/x86_64/apache-mod_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm
7be58654d28b2fc0207c3e44370cd118 2007.0/x86_64/apache-mod_deflate-2.2.3-1.2mdv2007.0.x86_64.rpm
6e4314853613d0d9fdd048c8ee96a510 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.x86_64.rpm
5fd5dc78b84bb5579291d27f626cb660 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.2mdv2007.0.x86_64.rpm
d5eecb080611220807820106c24b1e22 2007.0/x86_64/apache-mod_ldap-2.2.3-1.2mdv2007.0.x86_64.rpm
bed61f6dcb6311d99fb97225a0b48849 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.x86_64.rpm
f0d3bb15ba884824380ef1cf0bd129b8 2007.0/x86_64/apache-mod_proxy-2.2.3-1.2mdv2007.0.x86_64.rpm
8f8969581110089a51cf506b8566315e 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.x86_64.rpm
1a40d73c8fbbae8868f09ef947407dad 2007.0/x86_64/apache-mod_ssl-2.2.3-1.2mdv2007.0.x86_64.rpm
0cd432c837a9ba4795bda96b1d3cc98c 2007.0/x86_64/apache-mod_userdir-2.2.3-1.2mdv2007.0.x86_64.rpm
f05d88bc8f9c163ca787c30e7bd84e52 2007.0/x86_64/apache-modules-2.2.3-1.2mdv2007.0.x86_64.rpm
f5431063918c470fa1ccd6e23db4c70d 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.2mdv2007.0.x86_64.rpm
0db10b3a236c2f59a93eb2bc6ee6c35d 2007.0/x86_64/apache-mpm-worker-2.2.3-1.2mdv2007.0.x86_64.rpm
71f52e6e3afba9d1d923cc64291eb98f 2007.0/x86_64/apache-source-2.2.3-1.2mdv2007.0.x86_64.rpm
9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.1:
e443a21ce0b058aede2aaf82d12d22f7 2007.1/i586/apache-base-2.2.4-6.3mdv2007.1.i586.rpm
6d17234fb69995d52c012bb22f52bab3 2007.1/i586/apache-devel-2.2.4-6.3mdv2007.1.i586.rpm
6a44621592a2320b6d0e9549eceea6a9 2007.1/i586/apache-htcacheclean-2.2.4-6.3mdv2007.1.i586.rpm
d0405211b42d562933cd2f802a4276bc 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.i586.rpm
3fd09fafa06eb4e08ad975f9972f28f8 2007.1/i586/apache-mod_cache-2.2.4-6.3mdv2007.1.i586.rpm
d61498465662a9c4a7f77f2dcc9438a7 2007.1/i586/apache-mod_dav-2.2.4-6.3mdv2007.1.i586.rpm
fbb6c3ccfd793a8f2b9889ed399d5aad 2007.1/i586/apache-mod_dbd-2.2.4-6.3mdv2007.1.i586.rpm
0e67be9eaacb5f8686acdd95d26b8b47 2007.1/i586/apache-mod_deflate-2.2.4-6.3mdv2007.1.i586.rpm
f1a050f23e3bc518b8aecd3c6cd5fd91 2007.1/i586/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.i586.rpm
d95079c4a7627fe47d529dbe99549023 2007.1/i586/apache-mod_file_cache-2.2.4-6.3mdv2007.1.i586.rpm
b24dcaec7dc26c107ff0962d46c7b3a1 2007.1/i586/apache-mod_ldap-2.2.4-6.3mdv2007.1.i586.rpm
98e97b3bd11ca7939aef2bae47c2c497 2007.1/i586/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.i586.rpm
bffefef1346635e79f04d0ae56169ab1 2007.1/i586/apache-mod_proxy-2.2.4-6.3mdv2007.1.i586.rpm
0c5881d9e76e9ae20470a954200465ae 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.i586.rpm
21f665113f11b4b88330b887254023f8 2007.1/i586/apache-mod_ssl-2.2.4-6.3mdv2007.1.i586.rpm
192801a60a254a58b57e2f1377ce42c4 2007.1/i586/apache-mod_userdir-2.2.4-6.3mdv2007.1.i586.rpm
51fc25858a4ee79d2fd2cfe460c90708 2007.1/i586/apache-modules-2.2.4-6.3mdv2007.1.i586.rpm
d6256083a3df248847340d3c14ecb9ff 2007.1/i586/apache-mpm-event-2.2.4-6.3mdv2007.1.i586.rpm
1359ad128d2d7a24d9211cf7f0276e15 2007.1/i586/apache-mpm-itk-2.2.4-6.3mdv2007.1.i586.rpm
d65ac7009e90022455c79debf48cdbdb 2007.1/i586/apache-mpm-prefork-2.2.4-6.3mdv2007.1.i586.rpm
f1d8883b5e633cbb6e3832e7b3c4a4cb 2007.1/i586/apache-mpm-worker-2.2.4-6.3mdv2007.1.i586.rpm
947251a0ac81cb912bc4c900bb80e6e7 2007.1/i586/apache-source-2.2.4-6.3mdv2007.1.i586.rpm
299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
444c86d0a5711e30534400781c0cbcf1 2007.1/x86_64/apache-base-2.2.4-6.3mdv2007.1.x86_64.rpm
02514acbf20766b1486389ce4d3e1ed0 2007.1/x86_64/apache-devel-2.2.4-6.3mdv2007.1.x86_64.rpm
f6f4126d5a414d7ca686395173aaa3b4 2007.1/x86_64/apache-htcacheclean-2.2.4-6.3mdv2007.1.x86_64.rpm
1a45be10e44347c913d6493a0d3ad25f 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm
5e6df108e6fb0083ffe96810f41bc9ea 2007.1/x86_64/apache-mod_cache-2.2.4-6.3mdv2007.1.x86_64.rpm
31877eb202cbc9cf0869a3d7bc51b47a 2007.1/x86_64/apache-mod_dav-2.2.4-6.3mdv2007.1.x86_64.rpm
33a4ce4f105fbed60b2cdfc73fd524c6 2007.1/x86_64/apache-mod_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm
e093528141ed7cd178ae27743ed4ea69 2007.1/x86_64/apache-mod_deflate-2.2.4-6.3mdv2007.1.x86_64.rpm
697a3930734d4570db3aeadc0aac2032 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.x86_64.rpm
c8a20e21d7b07363c8efc8b23078a5e8 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.3mdv2007.1.x86_64.rpm
d42e4f3cc5ca6ac006d3e4bb7a750273 2007.1/x86_64/apache-mod_ldap-2.2.4-6.3mdv2007.1.x86_64.rpm
e8fc195d18dbb431257dd816bdfa7845 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.x86_64.rpm
ce7184cd8abf4aa7c98d47a64133c19f 2007.1/x86_64/apache-mod_proxy-2.2.4-6.3mdv2007.1.x86_64.rpm
98957b99a54cb32d6ba055d5f059b7ec 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.x86_64.rpm
17b824837cf63210790e6201154cb94a 2007.1/x86_64/apache-mod_ssl-2.2.4-6.3mdv2007.1.x86_64.rpm
5a2d9f93603eebdde04f8967a07b063d 2007.1/x86_64/apache-mod_userdir-2.2.4-6.3mdv2007.1.x86_64.rpm
44f0ad99c93ae8905a2d32b799dc1520 2007.1/x86_64/apache-modules-2.2.4-6.3mdv2007.1.x86_64.rpm
c5c469771e2f25683ddba3f694e28968 2007.1/x86_64/apache-mpm-event-2.2.4-6.3mdv2007.1.x86_64.rpm
b691f2e760bdd30c797e46269842a437 2007.1/x86_64/apache-mpm-itk-2.2.4-6.3mdv2007.1.x86_64.rpm
fa3551d06a7af5a31a040f90dd215a1d 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.3mdv2007.1.x86_64.rpm
8d2a09ba2b175cd36bbc0dc6dc4c18ea 2007.1/x86_64/apache-mpm-worker-2.2.4-6.3mdv2007.1.x86_64.rpm
7037cb86ca137f40364749a0933b432c 2007.1/x86_64/apache-source-2.2.4-6.3mdv2007.1.x86_64.rpm
299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm
Corporate 3.0:
5bbdb8ac0d8133c1b09d373cbe35f5ea corporate/3.0/i586/apache2-2.0.48-6.15.C30mdk.i586.rpm
e14dfcec88913b5245d683502ff684d1 corporate/3.0/i586/apache2-common-2.0.48-6.15.C30mdk.i586.rpm
642b4136b2e2915db59801888b41d1e6 corporate/3.0/i586/apache2-devel-2.0.48-6.15.C30mdk.i586.rpm
c8824d8aa09e4917f9b35b1c659b5181 corporate/3.0/i586/apache2-manual-2.0.48-6.15.C30mdk.i586.rpm
09af9e7945caec7163a12be1a14302ee corporate/3.0/i586/apache2-mod_cache-2.0.48-6.15.C30mdk.i586.rpm
374a782a9211ee321f31a4e716d6bb97 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.15.C30mdk.i586.rpm
88a31c94bc077aa0a91f000b839d4b69 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.15.C30mdk.i586.rpm
8e55a5d1949805b0a6a4f84d571ab4ff corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.i586.rpm
16b573b8a914ab130ac660cce8bddfdb corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.15.C30mdk.i586.rpm
68fdee10fc216a354849a6fc5d89e7cf corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.15.C30mdk.i586.rpm
9e75fe104df971a7a707efb0d6735288 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.i586.rpm
006f66a419a5f81085bc6fd74e4c1235 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.15.C30mdk.i586.rpm
f0910407a4042202cec58ebdb74127d3 corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.15.C30mdk.i586.rpm
43578ffa09c88aa636c6df329cebe81a corporate/3.0/i586/apache2-modules-2.0.48-6.15.C30mdk.i586.rpm
c5c8b21b0bbc8e57f81baa317ccba3f3 corporate/3.0/i586/apache2-source-2.0.48-6.15.C30mdk.i586.rpm
f38fcbb77b956304d63d36ad7b003b05 corporate/3.0/i586/libapr0-2.0.48-6.15.C30mdk.i586.rpm
aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm
Corporate 3.0/X86_64:
52f3a65b7c0e82d517e66d4b176aa33e corporate/3.0/x86_64/apache2-2.0.48-6.15.C30mdk.x86_64.rpm
b54119aca1142e9e9a848cbc18f2a5d0 corporate/3.0/x86_64/apache2-common-2.0.48-6.15.C30mdk.x86_64.rpm
e5ac1fdacf86a8214105cc13d3c439aa corporate/3.0/x86_64/apache2-devel-2.0.48-6.15.C30mdk.x86_64.rpm
1bc73ab39962a806585f1c669b8c1f7e corporate/3.0/x86_64/apache2-manual-2.0.48-6.15.C30mdk.x86_64.rpm
87af39a3721856a710383cd51815fbaf corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.15.C30mdk.x86_64.rpm
c03c3c1774c1baafaf44a4bb17ca74c6 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.15.C30mdk.x86_64.rpm
0ef802c1187c979d48db6ae4672fb21b corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.15.C30mdk.x86_64.rpm
c7d6772332baffc85fd1472e018f5546 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.x86_64.rpm
45965308167632623ff93de397d4041d corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.15.C30mdk.x86_64.rpm
17e2a48cc23d7983351706745c7cd553 corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.15.C30mdk.x86_64.rpm
5b047d484852dd9a2000028d8dcfb7e6 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.x86_64.rpm
a5f32074ec310263bc03648b81d44173 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.15.C30mdk.x86_64.rpm
79c4a90fa0ab3bfa8dbe9b12daeff4cd corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.15.C30mdk.x86_64.rpm
15af8e5591d5ff99f5c157a0c01d4174 corporate/3.0/x86_64/apache2-modules-2.0.48-6.15.C30mdk.x86_64.rpm
462316c74fff690d2e98116ddf614d54 corporate/3.0/x86_64/apache2-source-2.0.48-6.15.C30mdk.x86_64.rpm
20553b85bf243e5986af1a3551549ed8 corporate/3.0/x86_64/lib64apr0-2.0.48-6.15.C30mdk.x86_64.rpm
aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm
Corporate 4.0:
7d50fe1ac32dec6c4d57dd850950bdb1 corporate/4.0/i586/apache-base-2.2.3-1.2.20060mlcs4.i586.rpm
775785cf1a22f45a64d800fdfcc4a8bc corporate/4.0/i586/apache-devel-2.2.3-1.2.20060mlcs4.i586.rpm
79b64bb1793933f1c8b83e7eee2d4cfa corporate/4.0/i586/apache-htcacheclean-2.2.3-1.2.20060mlcs4.i586.rpm
eac03081a34897376d542b7032dd03c2 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.i586.rpm
2c223bb1645aadfba8e6d1d6a2c8756c corporate/4.0/i586/apache-mod_cache-2.2.3-1.2.20060mlcs4.i586.rpm
e4c4c07473f9644fc146e2f4d9ce95c8 corporate/4.0/i586/apache-mod_dav-2.2.3-1.2.20060mlcs4.i586.rpm
13f85bc068b14e497873c6028520580a corporate/4.0/i586/apache-mod_dbd-2.2.3-1.2.20060mlcs4.i586.rpm
aaa52a86e4a6d3e5322fa140edc5535a corporate/4.0/i586/apache-mod_deflate-2.2.3-1.2.20060mlcs4.i586.rpm
574e07826a89f78883f2cfb3ca224e8c corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.i586.rpm
451efb60480fd0680b6c4f955c46ccf4 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.i586.rpm
73fa350b85ea63a5b3f69d8d387474aa corporate/4.0/i586/apache-mod_ldap-2.2.3-1.2.20060mlcs4.i586.rpm
d2364f995210cdbbe324df10d49bef98 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.i586.rpm
145b17e675a42bed7b3a8c5ee883cf45 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.2.20060mlcs4.i586.rpm
92b82835be476736295c15954f2a9eb6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.i586.rpm
0dd6c7df0e3ea475b6b2d50ef4aa5ac0 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.2.20060mlcs4.i586.rpm
d579208689ec9a72a599bf3510bdf942 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.2.20060mlcs4.i586.rpm
6fd43dfcfc649c8bcd4692ba9ebeee07 corporate/4.0/i586/apache-modules-2.2.3-1.2.20060mlcs4.i586.rpm
9fbf1dde58f17e3f0f29a8c3f1e1b6b6 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.i586.rpm
72f26a52381b68a8bbc6e2fcc9c0ac8c corporate/4.0/i586/apache-mpm-worker-2.2.3-1.2.20060mlcs4.i586.rpm
99a935e7047a27043159b6555d3444c7 corporate/4.0/i586/apache-source-2.2.3-1.2.20060mlcs4.i586.rpm
07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
35a789ac173ed3cc0dda52270a194bad corporate/4.0/x86_64/apache-base-2.2.3-1.2.20060mlcs4.x86_64.rpm
e9df753a94dfb136780651ac743e50eb corporate/4.0/x86_64/apache-devel-2.2.3-1.2.20060mlcs4.x86_64.rpm
3964c83541baaf5af0ccc828282a1954 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.2.20060mlcs4.x86_64.rpm
554ea610010d5f361bcc87d75d8d0f6f corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm
051c20e0f062d50a01c51ebad7dcb96d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm
59a05bd258ba6b4729238885d2fc0273 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.2.20060mlcs4.x86_64.rpm
ceb391b54796f3ea763b81c5085da16c corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm
307726e1c4dfcca90093c19e3d17f504 corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.2.20060mlcs4.x86_64.rpm
1500f6520843c6604192e4a621d5b9f1 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm
e0ac5eb68e21253d33928fa28f0acb25 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm
21c68fdaf26b13ed2177bf458979df1e corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.2.20060mlcs4.x86_64.rpm
28ef0171caf2d11cca8fe4f0bf2473db corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm
019893e83acbfb730f79a8eb364ea042 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.2.20060mlcs4.x86_64.rpm
202b1fc0dd2d9364530abbbb13f799b0 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.x86_64.rpm
5cd3084106482b3f01b41cd716c702b8 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.2.20060mlcs4.x86_64.rpm
6a18ec0935144ead6f037f41e852a892 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.2.20060mlcs4.x86_64.rpm
622bb60b53fb48aef1b5a7fc94be3298 corporate/4.0/x86_64/apache-modules-2.2.3-1.2.20060mlcs4.x86_64.rpm
f573d1aef5f29f14f8764fce5ea31a1d corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.x86_64.rpm
842d5d6ef1c73fcb0b41b9ff18a75960 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.2.20060mlcs4.x86_64.rpm
1cae994b8a6fb2d2aa9a803d7bb3178d corporate/4.0/x86_64/apache-source-2.2.3-1.2.20060mlcs4.x86_64.rpm
07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
463f2a0de557bfcf7ae0655e5381b22f mnf/2.0/i586/apache2-2.0.48-6.16.M20mdk.i586.rpm
56117551a5480c85920263bcefb32c09 mnf/2.0/i586/apache2-common-2.0.48-6.16.M20mdk.i586.rpm
c7496b0bb82f802cd8d17819ee1308bc mnf/2.0/i586/apache2-devel-2.0.48-6.16.M20mdk.i586.rpm
6be15ca61d9a7cc4cc4c7e4e55c4ffd1 mnf/2.0/i586/apache2-manual-2.0.48-6.16.M20mdk.i586.rpm
766a15298990769f14e5ad00745b9c7f mnf/2.0/i586/apache2-mod_cache-2.0.48-6.16.M20mdk.i586.rpm
21d7b83f3e1b80874c5c007c6659c470 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.16.M20mdk.i586.rpm
417055a9758a47db50fcd7ec0a7d4047 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.16.M20mdk.i586.rpm
90d4aa462e8edf12c52216fa4eeac6a1 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.16.M20mdk.i586.rpm
fbeb5bc02ada67198541cb4e1c2b1b27 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.16.M20mdk.i586.rpm
0f2e617217d9f418182ca89bab9703f0 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.16.M20mdk.i586.rpm
50e9dc2b73be1f0f3a45ca7da1adbcbf mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.16.M20mdk.i586.rpm
8352541a45d2c76ab840ca6f4b070ffb mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.16.M20mdk.i586.rpm
5744f88c6e59f26418f1f3f531f30734 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.16.M20mdk.i586.rpm
874dc6a00a02630401f7efeadc93935e mnf/2.0/i586/apache2-modules-2.0.48-6.16.M20mdk.i586.rpm
efbd0f5ac6f292474d29f83d36bf86eb mnf/2.0/i586/apache2-source-2.0.48-6.16.M20mdk.i586.rpm
15bd1fcd65bd487b6fd5bba0a8ec530d mnf/2.0/i586/libapr0-2.0.48-6.16.M20mdk.i586.rpm
0e6b7bac08407b02457479763d27e885 mnf/2.0/SRPMS/apache2-2.0.48-6.16.M20mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHVGk3mqjQ0CJFipgRAi2wAKCPuJzkUkyI8lcVRJ3Vu6IbvxMFrQCg3Qxf
w5lEeF1m8B+hT513FJVA1po=
=c4oi
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it
VAR-200708-0292 | CVE-2007-4498 | Grandstream SIP Phone GXV 3000 Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message. \"GXV-3000是潮流科技(Grandstream)基于SIP和H.264标准的下一代高级IP视频电话.
GXV-3000在处理特定的消息序列时存在漏洞,远程攻击者可能利用此漏洞导致设备不可用.
如果向GXV-3000电话发送了以下两个消息序列的话,就会导致设备拒绝服务:
X ----------------------- INVITE -------------------> GXV-3000
X <------------------ 100 Trying ----------------- GXV-3000
X <--------------- 180 Ringing ------------------- GXV-3000
X ------------- 183 Session Progress -------> GXV-3000
X <-----------RTP - FLOW ------------------------ GXV-3000
\". Grandstream GXV-3000 phones are prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause the device to accept a phone while being unable to hang up. This effectively denies service to legitimate users because further calls will not be accepted by the device. "GXV-3000 is Grandstream's next-generation advanced IP video phone based on SIP and H.264 standards. GXV-3000 has a vulnerability when processing a specific message sequence.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Grandstream GXV3000 Eavesdropping and Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA26568
VERIFY ADVISORY:
http://secunia.com/advisories/26568/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Exposure of sensitive information, DoS
WHERE:
>From remote
OPERATING SYSTEM:
Grandstream GXV3000 IP Video Phone
http://secunia.com/product/15436/
DESCRIPTION:
A vulnerability has been reported in the Grandstream GXV3000 IP Video
Phone, which can be exploited by malicious people to cause a DoS
(Denial of Service) and eavesdrop with vulnerable devices.
The vulnerability is reported in firmware version 1.0.1.7. Other
versions may also be affected.
SOLUTION:
Reportedly fixed in version 1.0.1.12. Contact the vendor for more
information.
PROVIDED AND/OR DISCOVERED BY:
Humberto J. Abdelnur, Radu State, and Olivier Festor
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-200708-0284 | CVE-2007-4488 | Siemens Gigaset SE361 WLAN Router cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gigaset SE361 WLAN router with firmware 1.00.0 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI immediately following the filename for (1) a GIF filename, which triggers display of the GIF file in text format and an unspecified denial of service (crash); or (2) the login.tri filename, which triggers a continuous loop of the browser attempting to visit the login page. Siemens Gigaset SE361 WLAN The router contains a cross-site scripting vulnerability.By a third party URI Any part through Web Script or HTML May be inserted. Gigaset SE361 is prone to a cross-site scripting vulnerability
VAR-200708-0411 | CVE-2007-4459 |
Cisco IP Phone 7940 Service disruption in (DoS) Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-200708-0245, VAR-E-200708-0246 |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages. Cisco IP Phone 7940 and 7960 There is a service disruption ( Reboot device ) There is a vulnerability that becomes a condition.Service disruption by a third party via: ( Reboot device ) There is a possibility of being put into a state. \"Cisco 7940型IP电话是一种多功能通讯设备,通过IP网络传递语音信号.
Cisco 7940在处理特定的请求序列时存在漏洞,远程攻击者可能利用此漏洞导致设备不可用.
如果向Cisco 7940 IP电话发送了以下3个消息序列的话:
X ------------------------- INVITE -----------------------> Cisco
X <--- 481 transaction does not exists ----- Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------------------- OK ------------------------- Cisco
X <--- 481 transaction does not exists ----- Cisco
X ------------------------- OPTIONS--------------------> Cisco
或发送以下10个消息序列的话:
X ------------------------- INVITE -----------------------> Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------------- 200 OK ------------------------- Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------------- 200 OK ------------------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X ------------------------- INVITE -----------------------> Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------- 404 Not Found ------------------ Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X <--------------- 400 Bad Request --------------- Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------------- 200 OK ------------------------- Cisco
X ------------------------- INVITE -----------------------> Cisco
X <----------------100 Trying ------------------------- Cisco
X <--------------- 404 Not Found ------------------ Cisco
X <--------------- 404 Not Found ------------------ Cisco
X <--------------- 404 Not Found ------------------ Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------------- 200 OK ------------------------- Cisco
X <--------------- 404 Not Found ------------------ Cisco
X ------------------------- OPTIONS--------------------> Cisco
X <--------------------- 200 OK ------------------------- Cisco
X <--------------- 404 Not Found ------------------ Cisco
就会导致设备重启.
\". Cisco 7940/7960 phones are prone to multiple denial-of-service vulnerabilities.
A successful attack can allow remote attackers to crash or reboot an affected device.
Cisco 7940/7960 devices running firmware P0S3-08-6-00 and prior are reported vulnerable. "Cisco 7940 type IP A telephone is a multifunctional communication device that IP The network transmits voice signals. Cisco 7940 A vulnerability exists in the processing of a specific sequence of requests that could be exploited by a remote attacker to render the device unusable.
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Cisco IP Phone 7940 SIP Message Sequence Denial of Service
SECUNIA ADVISORY ID:
SA26547
VERIFY ADVISORY:
http://secunia.com/advisories/26547/
CRITICAL:
Less critical
IMPACT:
DoS
WHERE:
>From remote
SOFTWARE:
Cisco IP Phone 7940
http://secunia.com/product/1113/
DESCRIPTION:
The Madynes research team at INRIA Lorraine has reported some
vulnerabilities in Cisco IP Phone 7940, which can be exploited by
malicious people to cause a DoS (Denial of Service).
The vulnerabilities are caused due to errors within the handling of
certain SIP message sequences. These can be exploited to reboot the
device by sending a series of specially crafted SIP messages.
The vulnerabilities are reported in firmware version POS3-08-6-00.
SOLUTION:
Use only in a trusted network environment.
PROVIDED AND/OR DISCOVERED BY:
Madynes research team at INRIA Lorraine
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------