Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-200906-0065 CVE-2009-1162 Cisco AsyncOS of Spam Quarantine Cross-site scripting vulnerability in login page CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter. IronPort AsyncOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. IronPort series C, M, and X appliances running versions prior to AsyncOS 6.5.2 are vulnerable. IronPort series products are widely used mail encryption gateways. AsyncOS is the operating system used by this product, which is specially designed to deal with the bottleneck of concurrent communication and the limitation of file-based mail queues. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: IronPort AsyncOS "referrer" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA34895 VERIFY ADVISORY: http://secunia.com/advisories/34895/ DESCRIPTION: A vulnerability has been reported in IronPort AsyncOS, which can be exploited by malicious people to conduct cross-site scripting attacks. NOTE: IronPort Series S appliances are not affected. SOLUTION: Update to version 6.5.2, or apply fixes by using the upgrade command from the command line interface or by using the System Upgrade option in the graphical user interface (GUI). PROVIDED AND/OR DISCOVERED BY: Reported by an anonymous person. ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=18365 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0067 CVE-2009-1196 CUPS of directory-services Service disruption in functionality (DoS) Vulnerabilities CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw.". CUPS is prone to a denial-of-service vulnerability. A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. Common Unix Printing System (CUPS) is a common Unix printing system and a cross-platform printing solution in the Unix environment. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:283 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : October 19, 2009 Affected: Corporate 3.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147) Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow. (CVE-2009-0166) Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments (CVE-2009-0195). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0799) Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-0949) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1179) The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. (CVE-2009-1181) Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1196) Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problems. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Corporate 3.0: 86301a5d5c962256a88d4e15faba9bbf corporate/3.0/i586/cups-1.1.20-5.21.C30mdk.i586.rpm 378811817692045b489880711aa46c85 corporate/3.0/i586/cups-common-1.1.20-5.21.C30mdk.i586.rpm b0b493387f5b0a67eb1bfa7b2cda1152 corporate/3.0/i586/cups-serial-1.1.20-5.21.C30mdk.i586.rpm 7236d2f3677e5f6e2ea740e291e145d5 corporate/3.0/i586/libcups2-1.1.20-5.21.C30mdk.i586.rpm b6959ae680668c17cb2dc84077bfb1a8 corporate/3.0/i586/libcups2-devel-1.1.20-5.21.C30mdk.i586.rpm 902b2ecfff8325312ad095425ec6b31b corporate/3.0/SRPMS/cups-1.1.20-5.21.C30mdk.src.rpm Corporate 3.0/X86_64: 633954b881b4a13641c71f5d8937d70e corporate/3.0/x86_64/cups-1.1.20-5.21.C30mdk.x86_64.rpm b1f94eafb660f6df4f1a7bf5a59f48b7 corporate/3.0/x86_64/cups-common-1.1.20-5.21.C30mdk.x86_64.rpm 6962c849474e00d4381f68ce0d700baa corporate/3.0/x86_64/cups-serial-1.1.20-5.21.C30mdk.x86_64.rpm 775f8c2232eb751dae3fbd5aa347c31b corporate/3.0/x86_64/lib64cups2-1.1.20-5.21.C30mdk.x86_64.rpm ec752b939267cf785a76161388d63b89 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.21.C30mdk.x86_64.rpm 902b2ecfff8325312ad095425ec6b31b corporate/3.0/SRPMS/cups-1.1.20-5.21.C30mdk.src.rpm Multi Network Firewall 2.0: c998b8245740f55a475014ab84aa72c6 mnf/2.0/i586/cups-1.1.20-5.21.M20mdk.i586.rpm caff03b6b69c0dc6dcf5b0e56bc583c3 mnf/2.0/i586/cups-common-1.1.20-5.21.M20mdk.i586.rpm f4f7b5894f97f371dcaa84347170642c mnf/2.0/i586/cups-serial-1.1.20-5.21.M20mdk.i586.rpm ae0eb99fdc9ce79efff159a5dcd3d64e mnf/2.0/i586/libcups2-1.1.20-5.21.M20mdk.i586.rpm 8e701f7caa03cd8d1bb42566965506e6 mnf/2.0/i586/libcups2-devel-1.1.20-5.21.M20mdk.i586.rpm 10e3ff36714b79b806b62137b3d7d246 mnf/2.0/SRPMS/cups-1.1.20-5.21.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK3OH6mqjQ0CJFipgRAsUOAKDHMqs7e509FxXN+hRs3MuoXG+hbACgxBLI 92SOL+8x2GTGblZj+/qsM7o= =ZAtW -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for cups SECUNIA ADVISORY ID: SA35340 VERIFY ADVISORY: http://secunia.com/advisories/35340/ DESCRIPTION: Red Hat has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. 1) A use-after-free error exists within the scheduler directory service. This can be exploited to e.g. crash cupsd by sending a CUPS browse packet at a specific moment. This can be exploited to e.g. 3) An error in the processing of IPP tags below 16 can be exploited to crash the server. For more information: SA34481 SOLUTION: Updated packages are available via Red Hat Network. PROVIDED AND/OR DISCOVERED BY: 1) Swen van Brussel 2) Reported by the vendor. ORIGINAL ADVISORY: RHSA-2009-1083: http://rhn.redhat.com/errata/RHSA-2009-1083.html OTHER REFERENCES: SA34481: http://secunia.com/advisories/34481/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0617 CVE-2009-0949 CUPS  of  ippReadIO  Denial of service in functions  (DoS)  Vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务 . 在处理包含有两个IPP_TAG_UNSUPPORTED标签的特质IPP时,CUPS的cups/ipp.c文件中的ippReadIO()函数没有正确地初始化ipp结构,这可能导致受影响的应用崩溃 . cups/ipp.c文件中的ippReadIO()函数负责初始化表示当前IPP请求中不同标签的ipp结构: /----------- 1016 ipp_state_t /* O - Current state */ 1017 ippReadIO(void*src, /* I - Data source */ 1018 ipp_iocb_tcb, /* I - Read callback function */ 1019 int blocking, /* I - Use blocking IO? */ 1020 ipp_t *parent,/* I - Parent request, if any */ 1021 ipp_t *ipp) /* I - IPP data */ 1022 { 1023 int n;/* Length of data */ 1024 unsignedchar buffer[IPP_MAX_LENGTH + 1], 1025 /* Data buffer */ 1026 string[IPP_MAX_NAME], 1027 /* Small string buffer */ 1028*bufptr; /* Pointer into buffer */ 1029ipp_attribute_t*attr; /* Current attribute */ 1030ipp_tag_t tag; /* Current tag */ 1031ipp_tag_t value_tag; /* Current value tag */ 1032ipp_value_t *value;/* Current value */ 1035DEBUG_printf((\"ippReadIO(\\%p, \\%p, \\%d, \\%p, \\%p)\n\", src, cb, blocking, 1036parent, ipp)); 1037DEBUG_printf((\"ippReadIO: ipp->state=\\%d\n\", ipp->state)); 1039if (src == NULL || ipp == NULL) 1040return (IPP_ERROR); 1041 1042switch (ipp->state) 1043{ 1044case IPP_IDLE : 1045ipp->state ++; /* Avoid common problem... */ 1046 1047case IPP_HEADER : 1048if (parent == NULL) - -----------/ 在上面的代码中,通过几个不同的标签属性对报文进行计数。如果所发送的IPP报文标签属性低于0x10,CUPS就会认为是IPP_TAG_UNSUPPORTED标签: /----------- else if (tag < IPP_TAG_UNSUPPORTED_VALUE) { /* * Group tag...Set the current group and continue... */ if (ipp->curtag == tag) ipp->prev = ippAddSeparator(ipp); else if (ipp->current) ipp->prev = ipp->current; ipp->curtag= tag; ipp->current = NULL; DEBUG_printf((\"ippReadIO: group tag = \\%x, ipp->prev=\\%p\n\", tag, ipp->prev)); continue; } - -----------/ 由于CUPS处理这类标签的方式,如果报文中包含有两个连续的IPP_TAG_UNSUPPORTED,就会将IPP结构的最后一个节点初始化为NULL,这会在cupsdProcessIPPRequest函数试图读取attr结构的name字段时导致崩溃. /----------- /* * \'\'cupsdProcessIPPRequest()\'\' - Process an incoming IPP request. */ int /* O - 1 on success, 0 on failure */ cupsdProcessIPPRequest( cupsd_client_t *con)/* I - Client connection */ ... if (!attr) { /* * Then make sure that the first three attributes are: * * attributes-charset * attributes-natural-language * printer-uri/job-uri */ attr = con->request->attrs; if (attr && !strcmp(attr->name, \"attributes-charset\") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_CHARSET) charset = attr; else charset = NULL; ... - -----------/. CUPS is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when processing two consecutive IPP_TAG_UNSUPPORTED tags in specially crafted IPP (Internet Printing Protocal) packets. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The ippReadIO() function in CUPS's cups/ipp.c file did not properly initialize the ipp structure when processing a idiosyncratic IPP that contained two IPP_TAG_UNSUPPORTED tags, which could crash the affected application. =========================================================== Ubuntu Security Notice USN-780-1 June 03, 2009 cups, cupsys vulnerability CVE-2009-0949 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.14 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.5 Ubuntu 8.10: cups 1.3.9-2ubuntu9.2 Ubuntu 9.04: cups 1.3.9-17ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Anibal Sacco discovered that CUPS did not properly handle certain network operations. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.diff.gz Size/MD5: 101447 1edf4eb6127965001092ac72fc5743ea http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.dsc Size/MD5: 1060 4843503dffb5c5268a64499cb2cf279e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.14_all.deb Size/MD5: 998 ee02e19aab490d9d97b6d3eb0f0808e4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 36236 8f3c604623813d67800c2f06686ccd1b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 81894 166216227002808778e9a01798409a37 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 2287028 141ace9ca050db86cdef9b44e620c13b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 6094 f338b2ae622333497e2cda10f26590e9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 77648 40846208a23006cab7c7bd52813a6343 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 25756 5b703a78f78465181f785715ef7036cc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_amd64.deb Size/MD5: 130344 6c9d54d7f6c8069d8d69652bf6dbddd7 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 34762 08037502d74a512a07b184c2999d32ad http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 77992 260347aa2b7f4ec59fcaa1d29a16e0c3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 2254260 49e00eabc519426ee5413864c4bdb251 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 6092 0a515dd0fdd48eb70da0b5bfe3019f08 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 76752 7ee453f379433e22b9451e6282669797 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 25740 28af462a2e8f13620bb1b70cef1cd08e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_i386.deb Size/MD5: 122538 200a588a83e668f621ca41bc41a13413 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 40462 3937e3b6cb8f6cda2f1e450518a4e136 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 89516 bf845949727422d0ae4d550966d34c72 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 2301634 8bf6a7e2fcff62817459186c189673d1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 6094 cb2ff11f6c55d69b99f39e64ad399774 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 79292 b137122dde7459d5653e024b4d3b5852 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 25744 7765abc3cea993a82a638458202892e5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_powerpc.deb Size/MD5: 128304 69634210a2fa2a8af2383a12b657a568 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 35390 f4a5a9207d6494c05a7820cdbf2cadf9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 78720 423336f4bf4be9292f49f31ab6cac3dc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 2287900 4833fae9ab11ecd3721faef405ad8167 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 6094 ebae0d6eb86d9e3f4fff77c860f1693c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 76568 7d1814766e366021fc136cb6577880b9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 25746 a4eacdcf7d078a8200660cf0bb37c694 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_sparc.deb Size/MD5: 124034 6fd4c6c86596379e32fc228ed15cf4dc Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.diff.gz Size/MD5: 135129 091bf3e7ac7e1a1f074dc15d08c2c4d5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.dsc Size/MD5: 1441 9cf7f2d9b00a22af8e8ccdfbe234fd8e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz Size/MD5: 4700333 383e556d9841475847da6076c88da467 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.5_all.deb Size/MD5: 1144240 9c3908b1639d493bcc580368adbfa3a3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 37530 c252102dbd39005b010fff629e4daf2c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 89980 2d95b8b2a44cfa62603335d6211f5fd1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 1880552 e94141a55ae34eb9ac5be1b941268f5b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 60804 9e8d5476cccb6ea9ac0d0eaf1db9c615 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 50216 5de274a35fa3cbea87c9245b179364b5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 344920 6a966e90749cbaf815c511717b84abaa http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_amd64.deb Size/MD5: 178092 3d4bda40ecf7c2091cc173b79658d6c9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 36952 2c6053368cf2a00f66197eca444af3b5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 88394 0c572acada7273e30b15bcb3cc2874cb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 1863054 68e5cbd5fd1ed11bee4fef0c4e79de7f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 60082 062ad31917eedc6e5003e990807d838b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 49852 9ac15961d63d2fd6f4ce702e688a8985 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 339354 8b842a2c754dc36a307aa64e613fe4c7 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_i386.deb Size/MD5: 174938 58ab39cc15878a158487fb858af9958d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 36658 536346a17e6b5035307bdf1ce04b3799 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 88744 2141679378e4e3700c78c09ec936e1da http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 1865310 094ffb6f741440a18fca28d50b29ead0 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 60488 8681c7ebbe8e781fb7b3348b00da9de9 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 50808 dce50fc21c292b77ff3d0f21946cf23e http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 337014 84ca26401f9ae81f3d9f535f0361dd0c http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_lpia.deb Size/MD5: 173878 1f3e4888d7cf574b1c62aa092c852b8a powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 46918 6e9a925312380561f2299f66cb134357 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 110820 b7b8c667cf96cfe0d60c1f2d1ba96628 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 1949102 2d78cac8f6b3c758ac337c791de433a3 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 59926 0c7f18be806b6467c39dd1955c6e4685 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 54920 9403a69f365361e033707d5914a92f52 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 341668 0ee868915ef0bd3e177244f931ec7b5d http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_powerpc.deb Size/MD5: 183836 e45a7d338ce136c48abf6c5cce3b6f6b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 38028 e556e3eecc385e35b5c790046f91cec9 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 91034 84e2052f3fd9e57363b13779fe3fb30f http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 1897852 30481f2e4dff5ba7e8d465d0771360c8 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 57826 72589c6d350921d2ac7d5a4207c5b78a http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 48216 59e887dda48b748158c7083d50fb6405 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 341372 0976433618733b76b21104715594256e http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_sparc.deb Size/MD5: 173768 853ddf9a445d28cdf2740957676b50cd Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.diff.gz Size/MD5: 329287 0f1eabafd9f35ce1c7103f131976af91 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.dsc Size/MD5: 2043 5c406df0ddf6c7f849147bbccb4350bb http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.2_all.deb Size/MD5: 1162826 78ce799e56015d07969aea1b1e5750fe http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58238 c04c758e79b5d28dec48637c8c73b549 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58252 588dfe9e578fb1a17daf2faa5fab8774 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58244 0fa4c07b2e66a7d0c106071d283d7edc http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58236 f163f465b79566c194364d14ebb49608 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58252 afd476b79ec34e694d19f360a2cbc64c http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.2_all.deb Size/MD5: 4526 bd17a9f9600e53f3c5ce3b18a2cae590 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.2_all.deb Size/MD5: 58240 b1702f69d74e496859096eb6101e5139 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 37300 2e18f255477200b6320afa7e6903508f http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 119744 9c484968a2250bd303c305df9d53943f http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 1682962 e7fa53ce69537cd609e8d88e1873e9cc http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 2172504 b4d5b2ce9603e2b36374b100dbf9ada7 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 352190 8bbf84d00818cf88c0f3d048fa425cf1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 173268 01abbe7f859eef7e9e5d453792b96f76 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 61314 73a75d935ccb41f7827bfeff0bf8f9ec http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_amd64.deb Size/MD5: 52312 263e4265a47473eff3b416b896907103 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 36226 c8d3d0df62f93d519369f37ab0d337bf http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 115328 65483c26c3e0efe02922a59beeb0d833 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 1542716 c3737d9cfb6277985baf83bf4a449150 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 2139250 edef8688cd2fe57ac989b4bad50022ac http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 345992 e4adcaea69f8ae947f1ca0b63af74ffd http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 170194 fd8ab14aafda63f2f41cbd4885be0d81 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 60534 5064205f7a26e8ed1a543932e6aad79e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_i386.deb Size/MD5: 51718 e663a435f42d39438e5fdf1ed599c7cb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 36014 b9a880feca8d481df4f9495cec8b8121 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 114512 1617fc04bc3c063dcb8bbc884050c6b2 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 1571962 7b061e95651696885125af95d7b08532 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 2135962 8695e326f9876ed3c3012becfaeed0f4 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 342968 9887c91b3ac9427b240317f6eb6d8bf0 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 168430 e13502a0fda3165d41d92f156f2ade21 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 60630 63b43b5b90c7f271d8ffc491d50c77e0 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_lpia.deb Size/MD5: 52386 f0ee10297823f8aa39049a1f9cff34bb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 43564 e3d68dd451cae339f4629e36363e27b4 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 138160 8d11bd04570c0738af0b35ecef8ca018 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 1663540 3f5d9437ffe6df630cde4ad4b4fbbe35 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 2264222 6c49653a70198b67692c220135fe5428 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 347966 72a14e0a64f503365475c436fa45ac39 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 177464 2615af3dce1a5b56c001adcbab649264 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 61256 b021d0be4915346dfc22203556c56ce4 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_powerpc.deb Size/MD5: 57436 a9463cb0014dba068fe6ad3dd05b7693 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 37216 b30aec0d4f3cff1d59594c1272002e93 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 117640 35ca75a0021841529ed85691ba0496bc http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 1490704 f143b16a5a811b517cc968d9e628feb9 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 2200938 91b1621927bd5feb83bd1dd8fa20005d http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 344786 c5e02a1f344ddc4e10b91b255ac869dd http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 166318 e6bfc6840275b954311c4544667d6193 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 57848 f4c6f5c70fd1ec7a95c322186e86c487 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_sparc.deb Size/MD5: 49796 52f0c961942e4a0b8e85ed3b6d4953a4 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.diff.gz Size/MD5: 331113 386644ef646604fa3ea0f18a3440dd94 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.dsc Size/MD5: 1984 974758acb855004824caa579913a402f http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.1_all.deb Size/MD5: 1165116 0fea2201baecec1a63153ca024cf85b3 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60220 78f1df511789d7c6fa564df73ae3737e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60230 dd363c3548b1d7bab16bb595ac2d8682 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60222 3fe72599089459e0533070ee35696c96 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60218 33922120f0f3b6d755691c6cd31a983a http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.1_all.deb Size/MD5: 4520 4944980239da17a124a13b5eb08814af http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60204 578a4a096679845a551abab4687ecd07 http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.1_all.deb Size/MD5: 60220 404eae856385b1def832fb0474551e51 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 37310 824835ae3f5e791b0ced4e0bfa0094aa http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 119750 d3562b6435de311fdfdd3f5a433beafe http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 1658120 811f80a88d0fdcee20f41383b313d073 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 2168616 178ada0830fa6b64f1b2a28f43ba68d5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 352130 b9502f3daaa52d057a815e6a11433707 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 177068 fedd91d5e3094e813b85c910e6f950ab http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 61260 68d03afa62ffd74aa517c588cd32017d http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_amd64.deb Size/MD5: 52220 715bc18c530db346e2faad81789af0a0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 36212 f8a3d3701b170c1637b469b1abcde7c6 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 115324 062953a515a6c8b27c75c7539472f9f4 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 1517622 a3c1f3ad98db97230d25ba20acfa4c11 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 2134800 0cde4fc0fac7b7682f0a53f38caedbc4 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 345990 2bc3076c1ad6c67c5858f62714ab4a3b http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 173740 c44041d8784eae4ac9400a0d3b9b9138 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 60488 c923e354bf04dbafff5339ea6d18433e http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_i386.deb Size/MD5: 51530 b03604b87ea464a7f97e26272582ee18 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 36032 2be317cc9206baaff256b4325072589a http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 114486 8c27d1961b1aa8a73f3c342ae6ae92f8 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 1546154 0d3adaac793d357587ce7cc4275fe55f http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 2132166 9ae39e3c42178dd9b384fc8bc8a13d82 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 342936 2cff2dcc4b5cd9e54046bd97f2ca1bed http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 171954 a2ea14f0324efa3d936f8a31730d0c9d http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 60678 4594a7764c86b427ff76b2700a294ddc http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_lpia.deb Size/MD5: 52340 86b3bb0d4279f78231d1bdd0e1dbc3fb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 43578 302e5e3849b99d0a12e2ff4f96be71d1 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 138164 5e62e249891ed196a7eb21466205fd7b http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 1633586 15e374d5ff627a56713f2a7ce61ef616 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 2256002 66dd6a9c74b750671c86e90163941953 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 347906 cb12b0143262bdbe01a6e69584947228 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 182450 c07ea0fed64ca677713c8a9362a38467 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 61302 934f995a352040b03daf4b4462da2892 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_powerpc.deb Size/MD5: 57414 31f122cc6a44e90c362dda241b98648c sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 37204 d11aa276b3c4049110c587b2131d1207 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 117558 c29f382879fce337b440b71cb3a88b3d http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 1462180 9c40f63f4c088299eec0d97317c53a3a http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 2201794 00f9c319e7fd6b9eeed508baba656d21 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 344712 9f8df2c64cff337847abca91c4e3fb1f http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 169558 555c2de1cc4ff90754500bb42947453e http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 57850 d5d1dc89040b20f04c6a99d14524a6d1 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_sparc.deb Size/MD5: 49686 46af0e0b82ed5cc1d562909eacd9a35c . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:282-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : December 7, 2009 Affected: 2008.0 _______________________________________________________________________ Problem Description: Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0163) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. (CVE-2009-0166) Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments (CVE-2009-0195). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0799) Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-0949) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1179) The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. (CVE-2009-1181) Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1182) The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file. (CVE-2009-1183) Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problems. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY a3mQtrfvoibfn29OFAfdSn0= =lTbL -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . For the oldstable distribution (etch), this problem has been fixed in version 1.2.7-4+etch8 of cupsys. For the stable distribution (lenny), this problem has been fixed in version 1.3.8-1+lenny6 of cups. For the testing distribution (squeeze), this problem will be fixed soon. For the unstable distribution (sid), this problem will be fixed soon. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.dsc Size/MD5 checksum: 1094 42b2e4d0d1709d31270cbd0361ded3f4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.diff.gz Size/MD5 checksum: 109744 c73260161da939be7517c6ff0c5493cb Architecture independent packages: http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch8_all.deb Size/MD5 checksum: 921366 4cec0d4b82b768bd42c801e87831eec9 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch8_all.deb Size/MD5 checksum: 46424 bc032e7d1c4520843b540d3bb238d3a3 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 72856 a2c626b3f8dd8e43cecc395c5cf9ef03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 1614886 8286658ca407d05ecc87ea4cd2dc870a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 183730 f2c644de893bf0ca28868cfecefca04d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 85916 7233e6ec6bb857653d2829cd80012d41 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 1093518 e6544fc0edd973d09a1e00652991845b http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 96030 23aca27ae72c081612fb247cfd9e33da http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 39332 a931e92b73c1004f4c8ed110c01ac728 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 175552 8bb48e7fdb170d74a14e65aecee3b230 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 1087540 1e71685c6620845318d49cf1fcf5feb0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 87128 281a245270d6c2dcd7f0e1a6fc7d0b12 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 37572 c0491559f8465d610a0577cc23f00de5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 162892 42d1cf5ceaa5ed7a95f16b869e6df97f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 80862 511e522206e17f759cd7c56e934f08bd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 1572040 e2582ab015e6e3a3858b713d6f159a34 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 53056 d4c82327123ddc2c0e48c804634603ae http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 142418 d9314cb33230b9c6dbe571671b14adda arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 1023048 8b559f55ae312c59e22a113fd6928c5f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 36758 cb2e80f86795f10af3fc100aa4506def http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 1567912 776f4974949a31b3facd38b302b8097a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 78698 6122e3902076dd2c3247dd4b5a56a660 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 48958 92730848f69e8540412fdf8bdfb96c1f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 85496 230c5b107dff69eca6f8d6241277a95f http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 154962 8803b8b5ac7a11e3a2cf5a40f389d049 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 131674 22e1a6767fc65ac920a5ce245743f9fd hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 154688 26ee139a8daabd621479d73ac2d04a16 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 1628398 beed29d0d6a15e33a83206acf3380cce http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 57246 07d89a1799a8b8daf3fb13f8c0b155d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 86802 f4e4a831a178e7e9df1f66a3af3633fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 172252 78031fa93b94ba44187e0986e82d6201 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 40370 b203925426b9411027184af8af2f73d6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 1037196 85cd25d326e4535a9a18921e1016788d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 91586 1ef7a9dd2be035a8504bd124e1da385d i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 137728 7f9d176b0cb1e5976ea06e58526a60f4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 87336 3b3b4ffad78f35ffc5e05941bdfc15bd http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 37416 3513b7cef1c51a35efd9ffd3c294e14d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 1000830 28dedcb611ed0538308122b860ba58c8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 53206 d0ae9184a84597d989b69fe7e25bc470 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 1560356 5a8dc9c147a9d5c82224478f64731f0f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 79744 40326a8b68de9dbe6987e39fe95a13f8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 160956 da17f9d144495fde4e4c8bbad95560e8 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 106218 609f68aa16bfd657583e8be99a2ad0c1 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 74386 f0259501885d635d40aab9308a1bfbf3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 192362 9009b4a91e64ab0a1c325bcaec97c2e0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 1108908 1db7bb18903f47d5de29482709e3ff78 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 1771178 f104a7cc65ef288cd7758bb2175709a0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 204522 8628cbc5cf2b22ed1d4eaeda2d7b4a60 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 46334 726f90dd146cd9d2d6ad964c0e718585 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 107424 c3c93da377fee4bf48f57778b305d5db mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 1098528 5a9e021f7509cbde95ef66da819c3228 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 150986 db510250f4f5aac631a743f04dc8054d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 36124 d8663fcdd8acb88018af29a3af61c9f6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 158310 776e9b5f14047779211e1262ae9f62d0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 76166 26a80a28871b162d72c2469a18ce6966 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 87110 f71b2aa6af126f5ae434e1381126fc34 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 1568290 ad4192ffb0d477ae964f6c3b039e52ac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 57678 da4e6ba9b1a61ad4bdc6a8e8d682fc61 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 87254 e2917b072751a45afba30498006b71c3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 150894 09067f14c0938ef6dbeb500256dd42f9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 1553678 c4168376ca4d74744e24be76ec159067 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 158842 f6d3053079e08de8e617272fd4a8489d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 1086490 e82ba4868d85ad36861a8aff82f6f72a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 36070 c67551d542db6a7b5081b8f0e1bdf30e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 57804 fa0c855349bfa38f31c82e83374ccdab http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 77446 936b8d1173c259822d9e5ae3e82eb357 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 41342 f5d1131ddc30cb780322237c47411177 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 1147440 23944aceda9e865a4aab581509bb4058 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 89404 9a0198042c3eb4ef053f720d20706c34 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 163446 75275152a9b69f479d4b0c6ae8fb3fa0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 1582758 4544b9bc4aaf231fe604449311f118b9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 89574 942740b75d722b0fcbf284bc05035e48 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 136242 5ef0278b80c263897d8942f9bc03631e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 51926 a35183dcb7bc3a0490b2ee1d8ed5ab3d s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 82334 745d2f27c678f02ad011fa15f1731560 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 1587692 d3c2245878121c7c16752f2b9949d0dc http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 166998 64e5615906a50a2c19ee5359a521a9f6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 52522 199020914a0d52a771d112c6b2823de8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 1037546 89b9f600cc2a513678446a2a2fcb5b81 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 88194 b376557a4f613fb65f46cbfae42050bf http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 144934 da63d5b24df68891c2806f0f514911e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 37422 3b0a8733a1ef7bf6fae8f00bb306bceb sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 78608 fb366ff39679d91c983deb2022ec0f0c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 159716 eb0065adeacdf8a7f23098195a515e03 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 86066 5c0f9c078202fbf4c2f9c7cae3c89057 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 1578044 a94273670520f2db0fd4767ecb93cc4c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 36060 b54d8ba11e9f8fd155e0b29f1609ebcd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 51832 cb3bf2ee0f2d4661cd8198f8da780d00 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 996840 5609f09834fb8eecc031ad52bb1ba550 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 138744 5e701d9b2c7941e857c143e7289c3a20 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.diff.gz Size/MD5 checksum: 185068 01548b71a9c9f8f3cd4c4e38be162e0c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.dsc Size/MD5 checksum: 1837 74c7cc9607928673ef30937fa74d154c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf Architecture independent packages: http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52146 7e655df3208e7b1c14e963e62d2a1f9e http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52174 ca30676d4f14b19d69f07948ec920645 http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52172 0745ebb9d35b06b2baed0946c9c4cdf4 http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 39dda2a8979e6d53d369a850a7287f98 http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 185cdcccb15621495bb4dd922824fb27 http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 7cfc925b6070373cb03f50e28ffcb5eb http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 1180808 ab548a8679a470d91055cb14a524f019 http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52166 808680daaacf24e6969a46b5821c05b4 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 37990 1d176c775ae611d5de6fc28debeac312 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 108462 bee5be572e1c162c31a2f2cb6fccd95b http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 118450 c6848af4b97d419426046f53c0a10c8b http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 445916 a291be3dfa900c17126ce9796d71db2a http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 2099172 fabc17ee844d661b518a4c35321c5128 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 1142836 46addc9aade19f27e42b443768023f94 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 179128 0c7440b785436020854b72114e9e7686 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 81496 5235f6c116886ee493467ff1e52dff9f amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 168874 34599b5781a04df793603da238d30224 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 61012 fcd44c54190e1f2212335b0f971b2241 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 1197270 584dbf166833f9f50a43137f1e2c04f7 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 2070558 64782a03e7391d3b983fe918b6d416a6 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 116780 317905cae4f2ba4acbdb62cc46b87e2a http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 401290 bdd244d1e6559d959eb803f8bd6abbf2 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 37236 b3642bfa15ff0fe3c6d983e031275da6 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 99702 17dbaea17495777f8ba8a2996acc3725 arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 387466 6ac7763fc0ade8a3703104cdd3c3357a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 97190 e274997fb4e49c281c21549b1120efb2 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 113164 eaa19c4d0964cd38613ab2c58f07ce26 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 2059026 ee1367a147b8c07bae9c87ccc87c4998 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 55342 c57db0444dc9193f0ab35e1a934400ec http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 155270 5f0300fb74cb89f6b9b7bb45537f4aec http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 1123418 df0367cba01ba9919f409b022dbe7c1b http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 36484 7294561d854c324dc268c8fb0d616a2a armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 1128236 5fb35a72133c870e444fe0b1250db6b2 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 38752 777da1a892c9d354f5e1ae2575b97d47 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 2075760 a850581323f50e10ded793a321763a39 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 387318 64dc6d3b023d3de8a9ad99c244555008 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 98356 96861930db8e85257fa250312839d177 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 119314 7a4acbab9f1600e266780b8e4edc8161 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 156808 a67d3ee08ed7bbcee2d90e45b4c5d9fc http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 54730 26bc079114200f249ee55182577d978b hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 102958 61cca5c9fe91de9823fe3b141df6cbfd http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 2118150 9a34c8fcfda89744ff1ed5cb57fdeae1 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 63136 dcc115ea567651075e3b7fbf73477f2c http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 406484 36b77c3f6c05df1f44b9a971b2fd3bc8 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 121714 30743045e4927713923ab1f3bb9e6360 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 1141670 a1d27d8aec34d3e1cefd8af9d680fdce http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 172628 bc5c1f4a039c3fb8dbfdd0dc36aa2f56 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 39974 b00448f41ec531188e029bc7173f5271 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 99256 289e9977f36773c117b6fcc6580b464f http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 1096046 28adf6b61f8bff81e19ee5b7fc464aac http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 60422 d4646115f417b7d56b1665283e914b42 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 115956 4db026d788ab7bcb923847491f46b8ca http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 2051272 6b1ce4707c65c46af6ae766ce9b50e99 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 165348 ffd04ab3b875fef36b26fe3dd1106996 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 393998 080d022507d07a4713b3f95acb7c22f6 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 38022 7990b6a4a8d217fe07e7e1bd0f9108ff ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 2281420 2adc4c08d3bc24c8d70acac31ca8421a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 123434 e3c1cbbd801a0ddd985e3b27c021b9d8 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 209034 5bfbe9000e4f1cafdbc66a6a94c20e7b http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 1149350 7f6b259e7f4ecc70accf51236efb3a5a http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 41278 1cee7bf398c2e2c7e4189f005cbb3444 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 139124 8ff9597b3e2cd534614a66531a5db361 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 447412 b59175ffef15d9b2e618b85ce6f8cff2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 86018 e5badf6982128286853fc360fc77a4d3 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 157842 c3652835b110a94fc5a5f9d20230e443 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 2047282 ce608c3fa6d89e7d7ff3e313f88fbef2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 98662 ddbba9bea120f9b7740adc8ceb45c3dc http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 108508 0a5b6ba27061cfa40e45cfc514d3ba0d http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 36010 a786245e49b8cabcaad41a5e92a5c884 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 65290 155e5959fac035fc8307800061913d35 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 1170866 11910e0f1ccbb2f3ba151cbfe8186696 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 405510 4f848ff0dd8f2b08f3fa3bb220a6f75c mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 158274 8c3b143ee488c17cf00cf7599bee331c http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 98792 74a91f31a602f6f2a0c04b4e72723b86 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 1156060 f3be7e74bd904dfdecc086bc6ee16bf5 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 403142 42cf44870e91355bb7a465dce52605ae http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 36142 daa9ed0b87002a002bece0890b1a6e12 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 65216 a1c8b686980e932f19a789430a4eafaa http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 2028136 a67cf50db9734a8175936ff5e2d45d5d http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 109968 23ff5d8a36aecd545c5cf210bc3873d5 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 394114 5309447c955f4decbe93f50802ed1805 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 1188662 f8438353bab0a00502a1687042c54961 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 61144 ac80e1cd5cc0661c10693d360e32c11d http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 174232 5938321743bda64571c6d0797f84dca1 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 104730 d5f60c53825c532dca34cb21f1c1d2fb http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 44212 d0b547b8cf87254ce65874df057468db http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 136102 34f3fbb1bf5519277c20944b3d118a6c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 2122006 f0e6902972831c2490b6f6bcbecd1ba0 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 101502 e48e528e2b3ee8140dcce180aae0feb8 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 37818 7f26d32ff01aa1088e424a16439d0990 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 171544 131841fd12d9331c312f8a28718fe8a1 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 399662 f80688352e705e1293d64bb211dcd568 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 2090700 7d406321bb349547bdbe43123fb770f3 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 118588 64d6969a96a76de52a7296c745116a48 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 1188192 365ee760b0b9b8dd869dd11f1f4c42f9 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 60716 634f2ba3cc0eb22c59252f15a1582770 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 390982 1235ace473b594360267daef5663c1b3 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 116666 3c08364f33b2594c4f8be8c0bfce7333 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 1051168 056faed5a5baf927d91b21b4fe624812 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 38374 6401223175cfcf9082f3fac43a4f9d42 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 2069062 4041871842ca0f29408c95c39f9cbb68 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 160772 6a682010c72d5d78f4a6efcfb3ed5955 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 57762 478e92cd02d8acb20a600d4ca61aba39 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 96996 37446d6e2f9dbf94122db96d1df00b9f These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkolko8ACgkQHYflSXNkfP+rjwCfWDGEVO8HeUkO9sF09pz0Nvwn 4GMAn3rgCfJK2rFC5dZyvIzTiyo6CiUb =6yYH -----END PGP SIGNATURE-----
VAR-200906-0279 CVE-2009-1717 Apple Mac OS X of Terminal Integer overflow vulnerability CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow. Apple Mac OS X is prone to an integer-overflow vulnerability affecting the Terminal application. An attacker can exploit this issue to execute arbitrary code in the context of the user running the vulnerable application. An attacker can exploit this vulnerability by tricking a user into using Terminal to connect to a remote system (such as opening a telnet: URL), causing a denial of service or executing arbitrary commands. For further product information on the TippingPoint IPS, visit: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Terminal. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of 'CSI[4' xterm window resizing escape code. When a very low negative value for (x, y) size is set, an integer overflow occurs resulting in a memory corruption. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3549 -- Disclosure Timeline: 2009-05-06 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * James King, TippingPoint DVLabs
VAR-201906-0001 CVE-2009-5156 ASMAX AR-804gu Command injection vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string. ASMAX AR-804gu Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Asmax Ar-804gu is a SOHO-class router device that provides ADSL, WiFi, and Ethernet interfaces. There is a script called script in the /cgi-bin/ directory of the Asmax Ar-804gu router web management interface. There is no restriction on the user access to the script in the LAN. If a remote attacker submits a malicious request with a system parameter, it can cause any shell command to be injected. Asmax Ar-804gu router is prone to a remote command-injection vulnerability because it fails to adequately restrict access to certain features. Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a complete compromise of the affected device. Asmax Ar-804gu with firmware version 66.34.1 is affected; other versions may also be vulnerable
VAR-200906-0059 CVE-2009-0950 Apple iTunes Vulnerable to buffer overflow CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon. Apple iTunes is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks before copying user-supplied data to an insufficiently sized buffer. Attackers can leverage this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attacks will likely cause denial-of-service conditions. Apple iTunes is a media player program. TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities http://dvlabs.tippingpoint.com/advisory/TPTI-09-03 June 2, 2009 -- CVE ID: CVE-2009-0950 -- Affected Vendors: Apple -- Affected Products: Apple iTunes -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the URL handlers associated with iTunes. When processing URLs via the protocol handlers "itms", "itmss", "daap", "pcast", and "itpc" an exploitable stack overflow occurs. Successful exploitation can lead to a remote system compromise under the credentials of the currently logged in user. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3592 -- Disclosure Timeline: 2009-04-09 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * James King, TippingPoint DVLabs . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Apple iTunes "itms" URI Handling Buffer Overflow SECUNIA ADVISORY ID: SA35314 VERIFY ADVISORY: http://secunia.com/advisories/35314/ DESCRIPTION: A vulnerability has been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system. Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 8.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Will Drewry. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3592 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0411 No CVE SonicWALL SSL-VPN 'cgi-bin/welcome/VirtualOffice' Remote Format String Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
Multiple SonicWALL SSL-VPN devices are prone to a remote format-string vulnerability because they fail to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Attackers may exploit this issue to run arbitrary code in the context of the affected application. Failed attempts may cause denial-of-service conditions. The following are vulnerable: SSL-VPN 200 firmware prior to 3.0.0.9 SSL-VPN 2000 firmware prior to 3.5.0.5 SSL-VPN 4000 firmware prior to 3.5.0.5
VAR-200905-0330 CVE-2009-1792 StoneTrip Ston3D StandalonePlayer and WebPlayer of system.openURL Arbitrary command execution vulnerability CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka S3DPlayer StandAlone) 1.6.2.4 and 1.7.0.1 and WebPlayer (aka S3DPlayer Web) 1.6.0.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the first argument (the sURL argument). S3DPlayer Web and Standalone are prone to a remote command-injection vulnerability because they fail to adequately sanitize user-supplied input data. Attackers can exploit this issue to execute arbitrary commands within the context of the affected application. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ StoneTrip S3DPlayers remote command injection 1. *Advisory Information* Title: StoneTrip S3DPlayers remote command injection Advisory ID: CORE-2009-0401 Advisory URL: http://www.coresecurity.com/content/StoneTrip-S3DPlayers Date published: 2009-05-28 Date of last update: 2009-05-28 Vendors contacted: StoneTrip Release mode: User release 2. *Vulnerability Information* Class: Command injection, Client side Remotely Exploitable: Yes Locally Exploitable: No Bugtraq ID: 35105 CVE Name: CVE-2009-1792 3. *Vulnerability Description* Ston3D is a cross-platform technology developed by StoneTrip [1], allowing applications developed with ShiVa product [2] to be run from various media. It is a platform for 3D real time development, specially designed to make games and other real time applications. Ston3D players come in two flavors: 1. Ston3D StandalonePlayer [3], 2. and Ston3D WebPlayer [4], which runs like an extension or plug-in within most popular web browsers. These players are vulnerable to a command injection vulnerability, which can be exploited by malicious remote attackers. The vulnerability is due to the Ston3D scripting language. It provides the function 'system.openURL()' which does not properly sanitize the input before using it. 4. *Vulnerable packages* 4.1. *Win32* . S3DPlayer Web v1.6.0.0 . S3DPlayer StandAlone v1.6.2.4 . S3DPlayer StandAlone v1.7.0.1 4.2. *MacOS* . S3DPlayer Web v1.6.0.0 . S3DPlayer StandAlone v1.6.2.4 4.3. *Linux* . S3DPlayer StandAlone v1.6.2.4 NOTE: Older versions are probably affected too, but they were not checked. 5. *Non-vulnerable packages* By the time this advisory was published, the vendor: 1. had not released patched versions of its products, 2. had not answered the requests made by Core Security for 3 weeks (see Section 9). Please contact StoneTrip for a fix. 6. *Vendor Information, Solutions and Workarounds* The vendor did not provide this information. A possible mitigation action would be to enable MIME type filtering in your IDS/proxies and block S3DPlayer traffic: /----------- application/x-ston3d-stk - -----------/ As a workaround, vulnerable users can also avoid this flaw by disabling the Ston3D Plugin in their web browsers: 6.1. *Mozilla Firefox* 1. Go to the *Tools* menu, and select *Options...* 2. Click on the *Main* tab 3. Click on the *Manage Add-ons...* 4. Disable *Ston3D Plugin* 6.2. *Safari* 1. Go to the *Safari* menu within Safari, and select *Preferences* 2. Click on the *Security * tab 3. Deselect *Enable plug-ins* 6.3. *Internet Explorer* Set the kill bit for control 7508D2BB-F085-45BF-8261-167C6DF4D477 (as explained in http://support.microsoft.com/kb/240797). Please contact StoneTrip for further information, patches and workarounds. 7. *Credits* This vulnerability was discovered and researched by Diego Juarez from Core Security Technologies. 8. *Technical Description / Proof of Concept Code* Ston3D is a cross-platform technology allowing applications developed with ShiVa product [2] to be run from various media, such as a website, CD/DVD or interactive equipment. This technology provides a scripting interface [5] based on the Lua programming language, within this interface the function 'system.openURL' is defined as follows: /----------- Prototype system.openURL(sURL, sTarget) --Call this function to open an URL. - -----------/ In the current implementation, the call 'system.openURL(sURL, sTarget)' with the parameter 'sURL' set as 'file://path/command' will ultimately execute the equivalent of calling /----------- system("open path/command"); - -----------/ By using platform specific delimiter characters this could allow arbitrary code execution in the context of the player. Find below the relevant code snippets from various platforms. 8.1. *Windows* /----------- .text:1000D64D test esi, esi .text:1000D64F mov eax, esi .text:1000D651 jnz short loc_1000D658 .text:1000D653 .text:1000D653 loc_1000D653: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const &amp;,Pandora::EngineCore::String const &amp;)+1CB .text:1000D653 mov eax, offset Name .text:1000D658 .text:1000D658 loc_1000D658: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const &amp;,Pandora::EngineCore::String const &amp;)+1D1 .text:1000D658 push 1 .text:1000D65A push offset Name ; lpDirectory .text:1000D65F push ecx ; lpParameters .text:1000D660 push eax ; lpFile .text:1000D661 push offset Operation ; "open" .text:1000D666 push 0 ; hwnd .text:1000D668 call ds:ShellExecuteA .text:1000D66E .text:1000D66E loc_1000D66E: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const &amp;,Pandora::EngineCore::String const &amp;)+1B0 .text:1000D66E test edi, edi .text:1000D670 jbe short loc_1000D67F .text:1000D672 test esi, esi .text:1000D674 jz short loc_1000D67F .text:1000D676 add esi, 0FFFFFFFCh .text:1000D679 push esi ; Memory .text:1000D67A call ebp ; __imp_free - -----------/ 8.2. *Linux* /----------- .text:08371334 mov [esp+5Ch+var_58], offset aOpen ; "open " .text:0837133C lea eax, [esp+5Ch+var_34] .text:08371340 mov [esp+5Ch+command], eax .text:08371343 call sub_8109FC0 .text:08371348 lea eax, [esp+5Ch+var_1C] .text:0837134C mov [esp+5Ch+var_58], eax .text:08371350 lea eax, [esp+5Ch+var_34] .text:08371354 mov [esp+5Ch+command], eax .text:08371357 call sub_8108F10 .text:0837135C lea eax, [esp+5Ch+var_34] .text:08371360 mov [esp+5Ch+command], eax .text:08371363 call sub_80DF660 .text:08371368 mov [esp+5Ch+command], eax .text:0837136B call _system .text:08371370 lea eax, [esp+5Ch+var_34] .text:08371374 mov [esp+5Ch+command], eax .text:08371377 call sub_80D92F0 .text:0837137C jmp short loc_8371398 - -----------/ 8.3. *MacOSX (x86)* /----------- __text:0005995B lea eax, (aOpen - 597ECh)[ebx] ; "open " __text:00059961 lea esi, [esp+5Ch+var_44] __text:00059965 mov [esp+5Ch+var_58], eax __text:00059969 mov [esp+5Ch+var_5C], esi __text:0005996C call __ZN7Pandora10EngineCore6StringC1EPKc ; Pandora::EngineCore::String::String(char const*) __text:00059971 mov [esp+5Ch+var_58], edi __text:00059975 mov [esp+5Ch+var_5C], esi __text:00059978 call __ZN7Pandora10EngineCore6StringpLERKS1_ __text:0005997D mov edx, [esp+5Ch+var_44] __text:00059981 test edx, edx __text:00059983 jz loc_59A5F __text:00059989 mov eax, [esp+5Ch+var_40] __text:0005998D test eax, eax __text:0005998F jz loc_59A5F __text:00059995 __text:00059995 loc_59995: ; CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const&amp;,Pandora::EngineCore::String const&amp;)+295 __text:00059995 mov [esp+5Ch+var_5C], eax __text:00059998 call _system __text:0005999D mov eax, [esp+5Ch+var_44] __text:000599A1 test eax, eax __text:000599A3 jnz loc_59AB2 __text:000599A9 nop dword ptr [eax+00000000h] - -----------/ 8.4. *MacOSX (PPC)* /----------- __text:00053D6C addi %r30, %sp, 0x90+var_38 __text:00053D70 addis %r4, %r31, 0x3F __text:00053D74 addi %r4, %r4, -0x29DC __text:00053D78 mr %r3, %r30 __text:00053D7C bl __ZN7Pandora10EngineCore6StringC1EPKc # Pandora::EngineCore::String::String(char const*) __text:00053D80 mr %r3, %r30 __text:00053D84 mr %r4, %r29 __text:00053D88 bl __ZN7Pandora10EngineCore6StringpLERKS1_ __text:00053D8C lwz %r0, 0x90+var_38(%sp) __text:00053D90 cmpwi cr7, %r0, 0 __text:00053D94 beq cr7, loc_53DA4 __text:00053D98 lwz %r3, 0x90+var_34(%sp) __text:00053D9C cmpwi cr7, %r3, 0 __text:00053DA0 bc 5, 4*cr7+eq, loc_53DAC __text:00053DA4 __text:00053DA4 loc_53DA4: # CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const&amp;,Pandora::EngineCore::String const&amp;)+394 __text:00053DA4 addis %rtoc, %r31, 0x3F __text:00053DA8 addi %r3, %rtoc, -0x5620 __text:00053DAC __text:00053DAC loc_53DAC: # CODE XREF: Pandora::ClientCore::HTTPConnectionManager::OpenURL(Pandora::EngineCore::String const&amp;,Pandora::EngineCore::String const&amp;)+3A0 __text:00053DAC bl _system __text:00053DB0 lwz %r0, 0x90+var_38(%sp) __text:00053DB4 cmpwi cr7, %r0, 0 __text:00053DB8 beq cr7, loc_53E24 __text:00053DBC b loc_53DF8 - -----------/ 9. *Report Timeline* . 2009-04-20: Core Security Technologies notifies the StoneTrip team of the vulnerability and announces its initial plan to publish the content on May 18th, 2009. 2009-04-21: The vendor asks Core for a technical description of the vulnerability. 2009-04-23: Technical details sent to StoneTrip team by Core. 2009-04-24: In addition to the technical details, a Proof of Concept was sent to StoneTrip team. 2009-04-28: Core asks the vendor to confirm the reception of the technical report. 2009-04-28: StoneTrip team notifies that the technical report has been received and that a vulnerability report will be sent to Core soon. 2009-05-07: Core requests a status update for this vulnerability and notifies its plan to publish the advisory on May 18th, 2009. No reply received. 2009-05-15: Core requests an answer to the previous mail. No reply received. 2009-05-18: Core Advisories Team does not release the advisory as originally planned. Core re-schedules the advisory publication date to 26th May 2009. 2009-05-20: Core notifies StoneTrip that the advisory publication date was missed and that the last status requests were not replied. Core also notifies the vendor of the final release date (26th May 2009). 2009-05-28: After trying to contact the StoneTrip team several times without success, the advisory CORE-2009-0401 is published as 'User Release'. 10. *References* [1] http://www.stonetrip.com. [2] ShiVa, a platform for 3D real time development with focus in game development http://www.stonetrip.com/shiva/shiva-3d-game-engine.html. [3] http://www.stonetrip.com/ston3d-players/ston3d-standalone.html. [4] http://www.stonetrip.com/ston3d-players/ston3d-webplayer.html. [5] http://stdn.stonetrip.com. 11. *About CoreLabs* CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://www.coresecurity.com/corelabs. 12. *About Core Security Technologies* Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company's flagship product, CORE IMPACT, is the most comprehensive product for performing enterprise security assurance testing. CORE IMPACT evaluates network, endpoint and end-user vulnerabilities and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core Security Technologies augments its leading technology solution with world-class security consulting services, including penetration testing and software security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at http://www.coresecurity.com. 13. *Disclaimer* The contents of this advisory are copyright (c) 2009 Core Security Technologies and (c) 2009 CoreLabs, and may be distributed freely provided that no fee is charged for this distribution and proper credit is given. 14. *PGP/GPG Keys* This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFKHuAiyNibggitWa0RAgJTAJsEXfUBmIjxmY7X4hplONY/Z0DOJgCfUKxJ F9s8R8PuYBiIhvLANh3XmhE= =kU8D -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Ston3D "system.openURL()" Command Injection Vulnerability SECUNIA ADVISORY ID: SA35256 VERIFY ADVISORY: http://secunia.com/advisories/35256/ DESCRIPTION: A vulnerability has been reported in Ston3D, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the implementation of the "system.openURL()" script function. The vulnerability is reported in the following products and versions: * Ston3D Web Player version 1.6.0.0 * Ston3D StandAlone Player versions 1.6.2.4 and 1.7.0.1 SOLUTION: Do not browse untrusted websites or follow untrusted links. Do not open untrusted Ston3D files. Reportedly an update will be available for Ston3D Web Player later this month. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0261 CVE-2009-1472 ATEN KH1516i IP KVM Switch Java Vulnerability in a client program that gains access to the machine connected to the switch CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 has a hardcoded AES encryption key, which makes it easier for man-in-the-middle attackers to (1) execute arbitrary Java code, or (2) gain access to machines connected to the switch, by hijacking a session. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. The Java client executes arbitrary code. The Java client program connects to the kvm switch on port 9002 and then downloads and runs the new Java class. This connection is encrypted using AES, but the encryption key is hardcoded in the client program. An attacker acting as a man-in-the-middle can inject other Java classes, resulting in arbitrary Java code execution on the client machine
VAR-200905-0262 CVE-2009-1473 ATEN KH1516i IP KVM Switch Windows Vulnerability in a client program that could allow man-in-the-middle attacks CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The (1) Windows and (2) Java client programs for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not properly use RSA cryptography for a symmetric session-key negotiation, which makes it easier for remote attackers to (a) decrypt network traffic, or (b) conduct man-in-the-middle attacks, by repeating unspecified "client-side calculations.". RSA Vulnerability exists in decrypting network traffic or performing man-in-the-middle attacks due to improper use of cryptography.By a third party " Client-side calculation " Can be used to decrypt network traffic or perform man-in-the-middle attacks. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. This key agreement uses RSA in an insecure way, an attacker who can monitor the communication between the client and the switch can repeat the client's calculations and obtain the session key, and then use this key to decrypt the communication and reconstruct keystrokes, or Perform man-in-the-middle attacks to gain access to machines connected to the switch. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: ATEN KH1516i / KN9116 Multiple Vulnerabilities SECUNIA ADVISORY ID: SA35241 VERIFY ADVISORY: http://secunia.com/advisories/35241/ DESCRIPTION: Some vulnerabilities have been reported in ATEN KH1516i and KN9116, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, and potentially compromise a user's system. 1) An error exists in the key exchange process when negotiating a symmetric session key via RSA. This can be exploited extract the session key by intercepting traffic and e.g. potentially execute arbitrary code on connected machines via MitM (Man-in-the-Middle) attacks. 2) Mouse events are transferred between a client and the KVM switch via an unencrypted data channel. This can be exploited to inject e.g. arbitrary mouse clicks via MitM (Man-in-the-Middle) attacks. 3) The web interface session cookie does not contain the "Secure" attribute. This can be exploited to obtain the cookie and potentially gain access to connected machines by redirecting the user's browser to a HTTP connection. The vulnerabilities are reported in KH1516i and KN9116. Other products may also be affected. SOLUTION: Use the products in trusted networks only. PROVIDED AND/OR DISCOVERED BY: Jakob Lell from the TU Berlin computer security working group ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0263 CVE-2009-1474 ATEN KH1516i IP KVM Cookie acquisition vulnerability in Switch CVSS V2: 7.6
CVSS V3: -
Severity: HIGH
The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not (1) encrypt mouse events, which makes it easier for man-in-the-middle attackers to perform mouse operations on machines connected to the switch by injecting network traffic; and do not (2) set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. Multiple ATEN IP KVM switches are prone to multiple remote vulnerabilities and a weakness: - A security weakness may allow attackers to decrypt HTTP traffic. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. Insecure session ID cookie When a user connects to the device via HTTP on port 80, the device redirects the user to log in on port 443 (https) and obtains a session ID cookie. When the user returns to HTTP for various reasons, the attacker can sniff the session ID and use this to download the Windows/Java client program containing authentication data, and obtain Access to computers connected to the KVM switch. Since the first HTTP connection is not protected, a man-in-the-middle attacker can also inject some dynamic content so that the browser automatically reloads the HTTP site after login. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: ATEN KH1516i / KN9116 Multiple Vulnerabilities SECUNIA ADVISORY ID: SA35241 VERIFY ADVISORY: http://secunia.com/advisories/35241/ DESCRIPTION: Some vulnerabilities have been reported in ATEN KH1516i and KN9116, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, and potentially compromise a user's system. 1) An error exists in the key exchange process when negotiating a symmetric session key via RSA. This can be exploited extract the session key by intercepting traffic and e.g. potentially execute arbitrary code on connected machines via MitM (Man-in-the-Middle) attacks. 2) Mouse events are transferred between a client and the KVM switch via an unencrypted data channel. This can be exploited to inject e.g. arbitrary mouse clicks via MitM (Man-in-the-Middle) attacks. 3) The web interface session cookie does not contain the "Secure" attribute. This can be exploited to obtain the cookie and potentially gain access to connected machines by redirecting the user's browser to a HTTP connection. The vulnerabilities are reported in KH1516i and KN9116. Other products may also be affected. SOLUTION: Use the products in trusted networks only. PROVIDED AND/OR DISCOVERED BY: Jakob Lell from the TU Berlin computer security working group ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200905-0265 CVE-2009-1477 ATEN KH1516i IP KVM On the switch https Web In the interface https Session decryption vulnerability CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The https web interfaces on the ATEN KH1516i IP KVM switch with firmware 1.0.063, the KN9116 IP KVM switch with firmware 1.1.104, and the PN9108 power-control unit have a hardcoded SSL private key, which makes it easier for remote attackers to decrypt https sessions by extracting this key from their own switch and then sniffing network traffic to a switch owned by a different customer. - A remote code-execution vulnerability is present. - A security vulnerability may allow attackers to gain access to the session key. - A security vulnerability may allow attackers to gain access to mouse events. - A security vulnerability may allow attackers to gain access to the session ID. Attackers can exploit these issues to execute Java code, compromise and gain unauthorized access to the affected device connected to the KVM, gain access to the session key, and gain access to the session ID. Other attacks are also possible. IP KVM is a series of switch equipment developed by Taiwan Acer Technology Co., Ltd. All devices use the same SSL key KH1516i, KN9116, and PN9108 model devices use the same SSL key for the HTTPS web interface
VAR-200906-0064 CVE-2009-0955 Apple QuickTime Vulnerable to arbitrary code execution for handling image description atoms CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue.". Apple QuickTime is prone to a vulnerability that occurs because the bit width of a number is increased without changing its sign in certain image description atoms. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Apple QuickTime is a very popular multimedia player. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0063 CVE-2009-0954 Apple QuickTime In CRGN Buffer overflow vulnerability in atom type processing CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. The application trusts the contents of the atom to contain a terminator during a copy operation. The application will copy user-supplied data into a heap-buffer until it identifies this terminator. This will allow one to overwrite heap-control structures which can be leveraged to achieve code execution from the context of the application. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista and Windows XP SP3. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ZDI-09-028: Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-028 June 2, 2009 -- CVE ID: CVE-2009-0954 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6698. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2008-12-17 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous * Damian Put -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ . ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0061 CVE-2009-0952 Apple QuickTime In compression PSD Vulnerability to execute arbitrary code related to image processing CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when the application parses a malformed .PSD image. While decoding the columns, rows and channels in the image header, the application trusts a different length for copying than used for allocating it. This results in a heap overflow and can lead to code execution under the context of the current user. Apple QuickTime is prone to a buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted image. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-026: Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-026 June 2, 2009 -- CVE ID: CVE-2009-0952 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8047. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2009-04-15 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Damian Put -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
VAR-200906-0062 CVE-2009-0953 Apple QuickTime In PICT Vulnerability to execute arbitrary code related to image processing CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the parsing of PICT files in QuickTime.qts. While processing data for opcode 0x8201 QuickTime trusts a value contained in the file and makes an allocation accordingly. The process then enters a loop whose terminating condition is controlled. The previously allocated heap buffer can be overflowed leading to arbitrary code execution under the context of the user running QuickTime. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-027: Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-027 June 2, 2009 -- CVE ID: CVE-2009-0953 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6664. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2008-12-17 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Sebastian Apelt (sebastian.apelt@siberas.de) -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
VAR-200906-0060 CVE-2009-0951 Apple QuickTime In FLC Vulnerability in arbitrary code execution related to processing of compressed files CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. User interaction is required to exploit this vulnerability in that the target must either open a malicious file, or visit a malicious web page.The specific flaw exists during decompression of a delta-encoded chunk. The algorithm to decompress the frame trusts a line specifier when calculating where to write decompressed data. This results in a relative write using attacker supplied values which can lead to remove code execution under the context of the current user. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-025 June 2, 2009 -- CVE ID: CVE-2009-0951 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6570. The specific flaw exists during decompression of a delta-encoded chunk. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2008-10-28 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
VAR-200906-0053 CVE-2009-0956 Apple QuickTime Vulnerable to arbitrary code execution related to user data atom handling CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero. Apple QuickTime is prone to a remote code-execution vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0034 CVE-2009-0185 Apple QuickTime In MS ADPCM Buffer overflow vulnerability in processing of encoded audio data CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially AVI crafted file. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ====================================================================== Secunia Research 02/06/2009 - Apple QuickTime MS ADPCM Encoding Buffer Overflow - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 ====================================================================== 1) Affected Software * Apple QuickTime version 7.6 NOTE: Other versions may also be affected. ====================================================================== 2) Severity Rating: Highly critical Impact: System access Where: Remote ====================================================================== 3) Vendor's Description of Software "Whether you are creating content for delivery on cell phones, broadcast or the Internet, or a software developer looking to take your application to the next level, QuickTime provides the most comprehensive platform in the industry." Product Link: http://www.apple.com/quicktime/ ====================================================================== 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the processing of MS ADPCM encoded audio data. ====================================================================== 5) Solution Update to version 7.6.2. ====================================================================== 6) Time Table 04/02/2009 - Vendor notified. 05/02/2009 - Vendor response. 25/05/2009 - Status update requested. 26/05/2009 - Vendor provides status update. 02/06/2009 - Public disclosure. ====================================================================== 7) Credits Discovered by Alin Rad Pop, Secunia Research. ====================================================================== 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2009-0185 for the vulnerability. Apple: http://support.apple.com/kb/HT3591 ====================================================================== 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://secunia.com/advisories/business_solutions/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/advisories/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://secunia.com/secunia_research/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/corporate/jobs/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/advisories/mailing_lists/ ====================================================================== 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-6/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ ====================================================================== . ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200906-0054 CVE-2009-0957 Apple QuickTime In JP2 Image Processing Buffer Overflow Vulnerability CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists during the parsing of malformed Jpen2000 image files. A field is read directly from the file and used to allocate memory for a structure. If the value read is smaller then the expected structure size then a memory corruption will occur which can be leveraged by an attacker to execute arbitrary code under the context of the current user. Apple QuickTime is prone to a heap-based buffer-overflow vulnerability. A remote attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Windows XP SP3, and Mac OS X. Versions of QuickTime prior to 7.6.2 have multiple security vulnerabilities that allow users to cause a denial of service or completely compromise a user's system through malformed media files. ---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Apple QuickTime PICT Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA35091 VERIFY ADVISORY: http://secunia.com/advisories/35091/ DESCRIPTION: A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to an error in the processing of "0x77" tags within PICT images, which can be exploited to cause a heap-based buffer overflow when the user opens a specially crafted PICT image or visits a malicious web site. This is related to vulnerability #30 in: SA35074 SOLUTION: Do not browse untrusted web sites. Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Damian Put and Sebastian Apelt, reported via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-09-021/ OTHER REFERENCES: SA35074: http://secunia.com/advisories/35074/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-029 June 2, 2009 -- CVE ID: CVE-2009-0957 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8153. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3591 -- Disclosure Timeline: 2009-04-28 - Vulnerability reported to vendor 2009-06-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Damian Put -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/