VARIoT IoT vulnerabilities database

SAP allows remote attackers to obtain potentially sensitive information such as operating system and SAP version via an RFC_SYSTEM_INFO RfcCallReceive request, a different vulnerability than CVE-2003-0747

Unspecified vulnerability in SAP Web Application Server before 6.40 patch 6 allows remote attackers to cause a denial of service (enserver.exe crash) via a certain UDP packet to port 64999, aka "two bytes UDP crash," a different vulnerability than CVE-2006-5785

The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password. Mozilla According to, there have been reports of phishing cases where this password manager issue was exploited. Mozilla Firefox is reportedly prone to an information-disclosure weakness because it fails to properly notify users of the automatic population of form fields in disparate URLs deriving from the same domain. Exploiting this issue may allow attackers to obtain user credentials that have been saved in forms deriving from the same website where attack code resides. The most common manifestation of this condition would typically be in blogs or forums. This may allow attackers to access potentially sensitive information that would facilitate the success of phishing attacks. Initial reports and preliminary testing indicate that this issue affects only Firefox 2. UPDATE: Firefox 2.0.0.10 is still vulnerable to the issue. UPDATE (March 17, 2008): Unconfirmed reports indicate that this issue affects Firefox 2.0.0.12; we will update this BID as more information emerges. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200703-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: SeaMonkey: Multiple vulnerabilities Date: March 09, 2007 Bugs: #165555 ID: 200703-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in SeaMonkey, some of which may allow user-assisted arbitrary remote code execution. Background ========== The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/seamonkey < 1.1.1 >= 1.1.1 2 www-client/seamonkey-bin < 1.1.1 >= 1.1.1 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description =========== Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects SeaMonkey. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. SeaMonkey also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions. All those vulnerabilities are the same as in GLSA 200703-04 affecting Mozilla Firefox. Impact ====== An attacker could entice a user to view a specially crafted web page or to read a specially crafted email that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code. It is also possible for an attacker to spoof the address bar, steal information through cache collision, bypass the local file protection mechanism with pop-ups, or perform cross-site scripting attacks, leading to the exposure of sensitive information, such as user credentials. Workaround ========== There is no known workaround at this time for all of these issues, but most of them can be avoided by disabling JavaScript. Note that the execution of JavaScript is disabled by default in the SeaMonkey email client, and enabling it is strongly discouraged. Resolution ========== Users upgrading to the following release of SeaMonkey should note that the corresponding Mozilla Firefox upgrade has been found to lose the saved passwords file in some cases. The saved passwords are encrypted and stored in the 'signons.txt' file of ~/.mozilla/ and we advise our users to save that file before performing the upgrade. All SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-1.1.1" All SeaMonkey binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-1.1.1" References ========== [ 1 ] CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 [ 2 ] CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 [ 3 ] CVE-2007-0776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776 [ 4 ] CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 [ 5 ] CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 [ 6 ] CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 [ 7 ] CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 [ 8 ] CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 [ 9 ] CVE-2007-0801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0801 [ 10 ] CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 [ 11 ] CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 [ 12 ] Mozilla Password Loss Bug https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200703-08.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Netscape Multiple Vulnerabilities SECUNIA ADVISORY ID: SA24289 VERIFY ADVISORY: http://secunia.com/advisories/24289/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access WHERE: >From remote SOFTWARE: Netscape 8.x http://secunia.com/product/5134/ DESCRIPTION: Multiple vulnerabilities have been reported in Netscape, which can be exploited by malicious people to bypass certain security restrictions, gain knowledge of sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. See vulnerabilities #1, #2, #6, and #7 for more information: SA24205 The vulnerabilities have been reported in version 8.1.2. SOLUTION: Do not browse untrusted sites and disable Javascript. ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2007/mfsa2007-02.html http://www.mozilla.org/security/announce/2007/mfsa2007-03.html http://www.mozilla.org/security/announce/2007/mfsa2007-06.html http://www.mozilla.org/security/announce/2007/mfsa2007-07.html OTHER REFERENCES: SA24175: http://secunia.com/advisories/24175/ SA24205: http://secunia.com/advisories/24205/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1336-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 22nd, 2007 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : mozilla-firefox Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2007-1282 CVE-2007-0994 CVE-2007-0995 CVE-2007-0996 CVE-2007-0981 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0778 CVE-2007-0045 CVE-2006-6077 Several remote vulnerabilities have been discovered in Mozilla Firefox. This will be the last security update of Mozilla-based products for the oldstable (sarge) distribution of Debian. We recommend to upgrade to stable (etch) as soon as possible. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2007-1282 It was discovered that an integer overflow in text/enhanced message parsing allows the execution of arbitrary code. CVE-2007-0994 It was discovered that a regression in the Javascript engine allows the execution of Javascript with elevated privileges. CVE-2007-0995 It was discovered that incorrect parsing of invalid HTML characters allows the bypass of content filters. CVE-2007-0996 It was discovered that insecure child frame handling allows cross-site scripting. CVE-2007-0981 It was discovered that Firefox handles URI withs a null byte in the hostname insecurely. CVE-2007-0008 It was discovered that a buffer overflow in the NSS code allows the execution of arbitrary code. CVE-2007-0009 It was discovered that a buffer overflow in the NSS code allows the execution of arbitrary code. CVE-2007-0775 It was discovered that multiple programming errors in the layout engine allow the execution of arbitrary code. CVE-2007-0778 It was discovered that the page cache calculates hashes in an insecure manner. CVE-2006-6077 It was discovered that the password manager allows the disclosure of passwords. For the oldstable distribution (sarge) these problems have been fixed in version 1.0.4-2sarge17. You should upgrade to etch as soon as possible. The stable distribution (etch) isn't affected. These vulnerabilities have been fixed prior to the release of Debian etch. The unstable distribution (sid) no longer contains mozilla-firefox. Iceweasel is already fixed. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.dsc Size/MD5 checksum: 1641 36715bb647cb3b7cd117edee90a34bfd http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.diff.gz Size/MD5 checksum: 553311 4ba992e60e5c6b156054c5105b1134ae http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d Alpha architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_alpha.deb Size/MD5 checksum: 11221890 5d8d1de73d162edf8ddbaa40844bb454 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_alpha.deb Size/MD5 checksum: 172696 42d5c31ec7a2e3163846c347f04773df http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_alpha.deb Size/MD5 checksum: 63574 238529b9d4ae396dc01d786d4fb843b4 AMD64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_amd64.deb Size/MD5 checksum: 9429140 8394fcd85a7218db784160702efc5249 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_amd64.deb Size/MD5 checksum: 166496 795a8ec3e1aa1b0a718ad6f4439670ef http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_amd64.deb Size/MD5 checksum: 62022 ef315cc90c3780ff151cd2271e913859 ARM architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_arm.deb Size/MD5 checksum: 8244544 71eaf9cb5418a77410ff12c7f36eb32b http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_arm.deb Size/MD5 checksum: 157966 5e2e22d04a33ccbc0e6b19b4c4d43492 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_arm.deb Size/MD5 checksum: 57358 6f34a7a02114e48cadc6860b86f75130 HP Precision architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_hppa.deb Size/MD5 checksum: 10301620 3700a0b7dcb0ab061b3521e2a3f232f9 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_hppa.deb Size/MD5 checksum: 169432 387b8fa52d406dfdd26c3adc3ccac615 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_hppa.deb Size/MD5 checksum: 62500 80addaf2d87b6952fdc9104c5fc9dfde Intel IA-32 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_i386.deb Size/MD5 checksum: 8919924 8fc67257357687c8611b3e4e5389aee4 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_i386.deb Size/MD5 checksum: 161684 6c989c4276e34c6031b6185418a8ddb1 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_i386.deb Size/MD5 checksum: 58896 7e48aa697c8c17f7d22de860a17e7dfd Intel IA-64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_ia64.deb Size/MD5 checksum: 11664142 aa008699700ba3c8b45d3a8961e99192 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_ia64.deb Size/MD5 checksum: 172030 e79af50f04490de310cda7f6ce652d44 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_ia64.deb Size/MD5 checksum: 66718 8cabdbf0919ac447c5d492ef6227d9af Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_m68k.deb Size/MD5 checksum: 8196148 e3544446b371fd7ed4b79e53f69b556a http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_m68k.deb Size/MD5 checksum: 160556 0164d4c0f675a020643ccedf94a55eb8 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_m68k.deb Size/MD5 checksum: 58168 b429907e69e8daa7d51e45552659da27 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mips.deb Size/MD5 checksum: 9954006 0eb0513fc950e7cd8abcae9666b24a7b http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mips.deb Size/MD5 checksum: 159496 ca0585a663a5470d3a62ae0786864beb http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mips.deb Size/MD5 checksum: 59170 22ea96156de56d046a7afd73d4857419 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mipsel.deb Size/MD5 checksum: 9831728 dda6865c7290fce658847f0909617c73 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mipsel.deb Size/MD5 checksum: 159060 e7a7c4db0f5df82f84ceef6827df2bea http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mipsel.deb Size/MD5 checksum: 58984 b0b02ac1c62041db8d377a7ff40c013c PowerPC architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge15_powerpc.deb Size/MD5 checksum: 8587718 8d219ce9e684b86babfe31db9d7d9658 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge15_powerpc.deb Size/MD5 checksum: 159762 41f3707945d5edae6ee1ac90bdef5cab http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge15_powerpc.deb Size/MD5 checksum: 60936 1a79408acd12828a3710393e05d99914 IBM S/390 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_s390.deb Size/MD5 checksum: 9667078 5838d957637b4d4c2c19afea0dd68db5 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_s390.deb Size/MD5 checksum: 167092 4dd6de7299014d5e0c13da8e480a7f3c http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_s390.deb Size/MD5 checksum: 61472 64d10c667ed4c6c12947c49f5cca8ff6 Sun Sparc architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_sparc.deb Size/MD5 checksum: 8680322 241cddabdf91eb14b0a6529ffc84a51d http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_sparc.deb Size/MD5 checksum: 160304 7887081b85d3ead3994a997608bbe22a http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_sparc.deb Size/MD5 checksum: 57718 4a4eeeb0815cb03d51f74965403911ad These files will probably be moved into the oldstable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGo5b7Xm3vHE4uyloRAsdgAKDTo6NxeylHh30syJpFeyF5/Yr/XwCdH188 NdI5zd36oN5mVqIDUsqYC3o= =/qY/ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-428-1 February 26, 2007 firefox vulnerabilities CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: firefox 1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1 Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1 libnspr4 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1 libnss3 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1 Ubuntu 6.10: firefox 2.0.0.2+0dfsg-0ubuntu0.6.10 libnspr4 2.0.0.2+0dfsg-0ubuntu0.6.10 libnss3 2.0.0.2+0dfsg-0ubuntu0.6.10 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious web site could exploit these to modify the contents or steal confidential data (such as passwords) from other opened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996) The SSLv2 protocol support in the NSS library did not sufficiently check the validity of public keys presented with a SSL certificate. A malicious SSL web site using SSLv2 could potentially exploit this to execute arbitrary code with the user's privileges. (CVE-2007-0008) The SSLv2 protocol support in the NSS library did not sufficiently verify the validity of client master keys presented in an SSL client certificate. (CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-1092) Two web pages could collide in the disk cache with the result that depending on order loaded the end of the longer document could be appended to the shorter when the shorter one was reloaded from the cache. It is possible a determined hacker could construct a targeted attack to steal some sensitive data from a particular web page. The potential victim would have to be already logged into the targeted service (or be fooled into doing so) and then visit the malicious site. (CVE-2007-0778) David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using custom cursor images and a specially crafted style sheet. (CVE-2007-0779) Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.diff.gz Size/MD5: 176831 76744cf2123e13143408e37deb2311c0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1.dsc Size/MD5: 1063 eac4c86acb16ad4cf85604e5cc9f441c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb Size/MD5: 50314 d17e00b536378e1710c918f2b834e513 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_all.deb Size/MD5: 51208 abdc905b5e3c31c05a427defdc9035bc amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb Size/MD5: 3167242 01f67e394a7b569df52fd02513712811 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb Size/MD5: 217230 bc5d29d293abc4665c052c0fc76aef79 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb Size/MD5: 83544 d7978eba50c0e82d4e3606240e38e3fa http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_amd64.deb Size/MD5: 10311286 4ea4f615c24ecceae90e7b432ddb5e4a i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb Size/MD5: 3167298 571b158ab384827e881ab52d05c7afcb http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb Size/MD5: 210744 0092218d208b41e1a72b1303a77b3238 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb Size/MD5: 75946 21eda2226572b3c3143f8e4ab8145ba6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_i386.deb Size/MD5: 8712048 66138335623748c529c3050084ceadaa powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 3167330 7cdba77a564720cf82ea475eace3aef5 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 214166 630d44a2240aa9d8790de3db3e9b05ff http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 79138 f4b3d39d326f77acde26161d1d66c84b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 9899346 9066e6747aa0337985a1f29f4e64cffd sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb Size/MD5: 3167284 e6726b6ed59b5c083796ae93c6eedc64 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb Size/MD5: 211730 b1f127d2df48b09c7b404f09754c71be http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb Size/MD5: 77516 8b430af0eadfa18b180f2637fafa7a5e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.5.10.1_sparc.deb Size/MD5: 9227232 727146f6c93a565f8aabda0a1bbfc80b Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.diff.gz Size/MD5: 177547 396588ea856af87e8137682342648d1d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.dsc Size/MD5: 1120 1625dcf8053738851d0a2978b6f0e315 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10.orig.tar.gz Size/MD5: 44679183 d55d439c238064ddcedb8fabb6089ff2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb Size/MD5: 50410 66f8a212fb4dbf22b9c8abbb21650d2c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_all.deb Size/MD5: 51296 8dc3631d49303156f74ba2e0ad72c744 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 47439362 0e8e0cc7f0385fc74a953610f7f41c11 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 2804532 a9c1cd1a790a715b6ad58785cb0eea01 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 217360 f217f66f7563f80f309e065a44a08cfb http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 83620 0b3738208c8069b8a5449a59ae604293 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 9553646 c66621583e808b88663b200ad3238f7a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 220158 e4f1cc5b0c2edc41cf1e4c6aa3051a33 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 163484 e1c0ab1f05132b717751783ccc0c22c1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 245468 10d43347432618aaa140c081c20ed10f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_amd64.deb Size/MD5: 710556 53cb8cc7e3a7d346630184980df34ff5 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 44003676 a53682ff42f56d8dd494c96d2e3817d5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 2804534 281bc91e92c6224df7c77b4ce2840e1b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 210766 0d2d6ecfaa6ad0b629fc78159a8ba0f3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 75992 fc370791f6533f01409d3b369505766a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 8044874 cbda163790d814d785831358cb53cabc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 220160 2067d9432ff164e7344bd8142bb026ff http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 148072 274cd0206aafa1a5ad02dbe279a37216 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 245474 ed709e80de120a795d79df237b6dd421 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_i386.deb Size/MD5: 616162 766f3224ad0924ae1d47c6970a2bfd16 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 48831230 a594a826614ab062cb8e12a5e67a7115 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 2804524 01b3f645267c4b3b166a6dcdebe099cf http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 214208 d5563084e7a175423a1a27d98270c5a7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 79110 fa20295177cf290ee980127c3ed1ff33 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 9215262 f641d7657a284bd049c75d5119512013 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 220160 b684d9f82943b8698b9f369737cd318a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 160684 0919604b7e446d0a7923968ee1d0357b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 245472 d9e5620a0672e46e89a90123430e78ae http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 655490 5c4225025b12a75900899859c6b616d1 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 45406824 2ade39640c714000138eec2c5b8691f9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 2804570 0f0d35704d9f00e41c3ccce5535cb9ce http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 211712 f88704bb8c6671debcfae882f408c607 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 77564 d5b89bc054fb2c6cf0089b04c727d0a7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 8571602 6eb03eae7ffb19c3afc766a016d2e723 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 220156 a92bbd2e0e9a936355abeaae9376264c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 150554 85be23282c348b3de7bf3786aa56a5a6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 245474 dd03340bae55531e40a887ad5204c774 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1_sparc.deb Size/MD5: 599816 04b5ea1db1aa17f292481d913eddecb5 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.diff.gz Size/MD5: 322293 4d8894d022833e46c25d5e6ce269ee5b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10.dsc Size/MD5: 1218 c6708c7c771a995e0ec709cc022ce61a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg.orig.tar.gz Size/MD5: 46466665 f6dad051f9995ebba310e8cd6497ae9f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 236878 52d4d42a0881949da47a5f7946d2edec http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 55668 a379aaf8d4f67465c0e71aaa852a3b8a http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 55762 aea5774743b8e3bc90c8349099e9c423 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 55776 85b1c150c432f3fc2038a5ff3a5804ed http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 56574 91e46691914551281676003e3b6589bb amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 50341952 381fc5626f047660d2bdd680824db54d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 3120906 263ed42e4bdbcc4ba3010744cb900160 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 90062 198b64dcde3d7e1eb9bed2aeb32ce808 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 10399974 e3adef875d5fefa75c56fdf614183bdc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 225444 9a1465fcc7386edba0fb81d00079066e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 168168 1ccb3b97ed970c07bbdf6fb769f2e4b5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 250820 df7c647e48cb8941a0421d5f1a5c4661 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 862110 87c01e4266d1c06d1097e5f8a58806d2 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 49498816 4c61ffe25628585a91e1d90180997343 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 3111488 1ec3b0bbe8564828421f381ed8b0d5fb http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 83792 91c2b8d2410921fd6e19c742e9552550 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 9225462 4c0d2cb608ee830bdc38b7f8d89f9a33 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 225434 5293ae8d41c018d4a956555c189fd7f6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 157774 cc2c474e306b1d80db79cdba936c2ee6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 250794 42e6e643fb73ae668e569ec3d5052ea9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 785948 fefc874278ea69ba2a8b518d6826e158 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 52033226 d7ddf5236086638446d6ea4775c833ee http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 3117424 0a5038c00b1997b6c7b72f16e1ca85e7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 85668 25e4f56d5311cc9e3a0ecaf28d6189ff http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 10067834 1758c9d69c571c0d7bf9ec20b74e2a33 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 225432 241089d26f31cb5e0816debe7b09a55d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 166830 dd932812a920701677df9b3bf9970023 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 250798 65cddc61ad6f809004d342dcdf07c2cc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 860802 217ffcce7a3a99cabd9b4cff500281a8 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 49550142 e432529be2a2c6b7b327ede81d2cc1c3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 3108058 4a2bc97252c385fe323b56b7fb03c64f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 83484 8d24e2420d7d2188a620674aa566956d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 9493984 e311cd75fa46ed1a47958f6883ea65aa http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 225444 fdcd4bf5450574bcbe7d3aca89dbc403 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 155678 a99e5fc7bef8c29e0e89c48288144fc6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 250800 dd3473d37b593e55c82f5dce245bebe0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.2+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 766616 ba23d67757ddc39888e92f6af56ec67d . Update: A regression was found in the latest Firefox packages provided where changes to library paths caused applications that depended on the NSS libraries (such as Thunderbird and Evolution) to fail to start or fail to load certain SSL-related security components. These new packages correct that problem and we apologize for any inconvenience the previous update may have caused. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1092 http://www.mozilla.org/security/announce/2007/mfsa2007-01.html http://www.mozilla.org/security/announce/2007/mfsa2007-02.html http://www.mozilla.org/security/announce/2007/mfsa2007-03.html http://www.mozilla.org/security/announce/2007/mfsa2007-04.html http://www.mozilla.org/security/announce/2007/mfsa2007-05.html http://www.mozilla.org/security/announce/2007/mfsa2007-06.html http://www.mozilla.org/security/announce/2007/mfsa2007-07.html http://www.mozilla.org/security/announce/2007/mfsa2007-08.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: 411bc0bdd8dc32950a84c77ed3319508 2007.0/i586/libmozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.i586.rpm 9ceb031931003fb861882f4455c6648b 2007.0/i586/libmozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.i586.rpm db615eadf763927182c8657d11b1ae54 2007.0/i586/libnspr4-1.5.0.10-2mdv2007.0.i586.rpm bd7dca3e972f552b5dd347822e17f1e1 2007.0/i586/libnspr4-devel-1.5.0.10-2mdv2007.0.i586.rpm bb4709aa4bf277e32c25e07d93641802 2007.0/i586/libnspr4-static-devel-1.5.0.10-2mdv2007.0.i586.rpm babf7d44d0340cd51f45249d3002180e 2007.0/i586/libnss3-1.5.0.10-2mdv2007.0.i586.rpm 19a967982b748b879b1904d5bcea174d 2007.0/i586/libnss3-devel-1.5.0.10-2mdv2007.0.i586.rpm 6333bab7a5d530836fa5a64383bcdd30 2007.0/i586/mozilla-firefox-1.5.0.10-2mdv2007.0.i586.rpm 72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 9fe9779d9d02f0aa73d28096cc237d00 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.x86_64.rpm 3c0a879b450f5c2569eb81d397a82906 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.x86_64.rpm 338d81330e754d5ffd22dea67c2fbfd2 2007.0/x86_64/lib64nspr4-1.5.0.10-2mdv2007.0.x86_64.rpm 0c840ec9a78c48d975db6bca80e53caa 2007.0/x86_64/lib64nspr4-devel-1.5.0.10-2mdv2007.0.x86_64.rpm 3f1ba2da63bf990b3958f184bdf4d96f 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.10-2mdv2007.0.x86_64.rpm cd9ef9efe9f859467a07bfc20899156d 2007.0/x86_64/lib64nss3-1.5.0.10-2mdv2007.0.x86_64.rpm d6243e7d7c76a5ff5a418f7304cdcff2 2007.0/x86_64/lib64nss3-devel-1.5.0.10-2mdv2007.0.x86_64.rpm 0fec2d70c6a797521304598b802d03b1 2007.0/x86_64/mozilla-firefox-1.5.0.10-2mdv2007.0.x86_64.rpm 72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm Corporate 3.0: 24fbf58752279b3a5ec8d186d7c6142b corporate/3.0/i586/libnspr4-1.5.0.10-1.1.C30mdk.i586.rpm cc59dd85bcdc065ed4ee7f3d299e971a corporate/3.0/i586/libnspr4-devel-1.5.0.10-1.1.C30mdk.i586.rpm 284b6bf1210fb854361a9af3062528e1 corporate/3.0/i586/libnspr4-static-devel-1.5.0.10-1.1.C30mdk.i586.rpm cf17ffa7ff1734b850c7f7a5b7f780ee corporate/3.0/i586/libnss3-1.5.0.10-1.1.C30mdk.i586.rpm 82e74bce4abb564958d0225bc94687d6 corporate/3.0/i586/libnss3-devel-1.5.0.10-1.1.C30mdk.i586.rpm 5af5da7a1f51c609568f03b2026c0687 corporate/3.0/i586/mozilla-firefox-1.5.0.10-1.1.C30mdk.i586.rpm df2d940bf4af073e1dc983c1143a8079 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.i586.rpm efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm Corporate 3.0/X86_64: be6fa4a501b973f9016716ae6ffb1b25 corporate/3.0/x86_64/lib64nspr4-1.5.0.10-1.1.C30mdk.x86_64.rpm a06bb78d6531ffac3e750236a0cb13de corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm 2f2dd393236be80e8f8ca226145115e7 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm 3a42bca7fd7ab26e65bf0a4ca7485db1 corporate/3.0/x86_64/lib64nss3-1.5.0.10-1.1.C30mdk.x86_64.rpm 68cef069c9e2d4f1336c58e8e5f126ca corporate/3.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm 0bd6c6adc8fd1be8d3b02fb5505c9330 corporate/3.0/x86_64/mozilla-firefox-1.5.0.10-1.1.C30mdk.x86_64.rpm 27262a966199c19006327fa21dab1f69 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm Corporate 4.0: 0f782ea68bc9177e333dd77c26eeec7f corporate/4.0/i586/libnspr4-1.5.0.10-1.1.20060mlcs4.i586.rpm 408511a886dd0619f4ae9a1d93137eeb corporate/4.0/i586/libnspr4-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 6b3ad9cf7c2f4b7a008c6fd9c584289b corporate/4.0/i586/libnspr4-static-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 31927dd82ca439052fe166e6b2864e07 corporate/4.0/i586/libnss3-1.5.0.10-1.1.20060mlcs4.i586.rpm 021eef345d030d8112f227b0b2c3a0f6 corporate/4.0/i586/libnss3-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 2485f65a1860840e7abe7cd5a447c538 corporate/4.0/i586/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.i586.rpm ef609ec54c3e70b47067668f68c74e65 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm 64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: fab1a497ea9801a29637f049e520422b corporate/4.0/x86_64/lib64nspr4-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 647d403327794eb30e81e6b91b407dd1 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 247c6c555fe4917bbdf3ae884ac309ba corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 710e426e4200912e2b4718d1c0613c58 corporate/4.0/x86_64/lib64nss3-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 2efe3ddeb772f3d706f429bccd34675c corporate/4.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 13e414365c4f1d3768a375cf29a40aa4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 261d63f5547804f20ee022290429c866 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm 64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF6H18mqjQ0CJFipgRAna2AJ9Qa8Vf923jNIzai9QzQOOS4NRETgCgyICD +eNPSjeb5EQGZ6E5dYWPNSM= =AgMP -----END PGP SIGNATURE-----

Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures. This vulnerability may allow an attacker to cause a denial-of-service condition. Successfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users. Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected. Note: Further information from Alastair Houghton reports that this issue cannot be exploited to execute arbitrary code. See the references for details. Attackers may also be able to exploit this issue for remote code execution, but this is reportedly unlikely

com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. The complete impact of this vulnerability is unclear, but may include execution of arbitrary code or denial of service. Service disruption (DoS) It may be in a state. Successfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users. Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected. Note: Further information from Alastair Houghton reports that this issue cannot be exploited to execute arbitrary code. See the references for details. This vulnerability is triggered if a user is tricked into loading a malicious DMG file, leading to arbitrary kernel mode code execution

Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, but the associated exploit code suggests that it is a buffer overflow. A buffer overflow vulnerability exists in the Netgear MA521nd5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. NetGear MA521 is an 802.11b wireless PC network card.  If a malformed frame (beacon or probe response) is received in the active scan mode, the MA521nd5.SYS driver of the MA521 will attempt to write to a memory location controlled by the attacker. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions. Note that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections. Version 5.148.724.2003 of the MA521nd5.SYS driver is vulnerable to this issue; other versions may also be affected. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: NetGear MA521 Wireless Driver Long Rates Memory Corruption SECUNIA ADVISORY ID: SA23036 VERIFY ADVISORY: http://secunia.com/advisories/23036/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: NetGear MA521 802.11b Wireless PC Card 5.x http://secunia.com/product/12673/ DESCRIPTION: Laurent Butti has reported a vulnerability in NetGear MA521 Wireless driver, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to cause a memory corruption via a specially crafted packet when the driver is running in active scanning mode. The vulnerability is reported in version 5.148.724.2003. SOLUTION: Turn off the wireless card when not in use. PROVIDED AND/OR DISCOVERED BY: Laurent Butti ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-18-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request. A buffer overflow vulnerability has been reported in the Netgear WG111v2.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions. The WG111v2.SYS driver is primarily used on Windows, but administrators should check Linux and BSD machines using the 'ndiswrapper' tool to determine if they are using a vulnerable instance of the driver. Note also that an attacker can exploit tthis vulnerability only from within the range of broadcast of 802.11 wireless connections. Version 5.1213.6.316 of the WG111v2.SYS driver is vulnerable to this issue; other versions may also be affected. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: NetGear WG111v2 Wireless Driver Beacon Request Buffer Overflow SECUNIA ADVISORY ID: SA22962 VERIFY ADVISORY: http://secunia.com/advisories/22962/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: NetGear WG111v2 Wireless Driver 1.x http://secunia.com/product/12649/ NetGear WG111v2 Wireless Driver 2.x http://secunia.com/product/12650/ DESCRIPTION: A vulnerability has been reported in NetGear WG111v2 wireless driver, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the WG111v2.SYS driver when handling beacon requests. SOLUTION: Turn off the wireless card when not in use to reduce the risk. PROVIDED AND/OR DISCOVERED BY: H D Moore ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-16-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. These isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: CA Personal Firewall HIPS Drivers Privilege Escalation SECUNIA ADVISORY ID: SA22972 VERIFY ADVISORY: http://secunia.com/advisories/22972/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: CA Personal Firewall 2007 9.x http://secunia.com/product/12660/ DESCRIPTION: Rub\xe9n Santamarta has reported some vulnerabilities in CA Personal Firewall, which can be exploited by malicious people to gain escalated privileges. The vulnerabilities are caused due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be exploited to modify some implemented callbacks via certain privileged IOCTLs. Other versions and products may also be affected. SOLUTION: Grant only trusted users access to affected systems. The vendor is reportedly working on the patches. PROVIDED AND/OR DISCOVERED BY: Rub\xe9n Santamarta, reversemode.com. ORIGINAL ADVISORY: Reversemode.com: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Local attackers can exploit these vulnerabilities to gain escalated privileges. Mitigating Factors: Local user account required for exploitation. Severity: CA has given these vulnerability issues a Medium risk rating. Customers running one of the affected products simply need to ensure that they have allowed this automatic update to take place. Determining if you are affected: To ensure that the update has taken place, customers can view the Help > About screen in their CA Personal Firewall product and confirm that their engine version number is 1.0.176 or higher. http://marc.theaimsgroup.com/?l=bugtraq&m=116379521731676&w=2 Changelog for this advisory: v1.0 - Initial Release Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com. For technical questions or comments related to this advisory, please send email to vuln@ca.com. If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research CA, One CA Plaza, Islandia, NY 11749 Contact http://www3.ca.com/contact/ Legal Notice http://www3.ca.com/legal/ Privacy Policy http://www3.ca.com/privacy/ Copyright (c) 2007 CA. All rights reserved

Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root privileges on client systems that use the packages. Apple Remote Desktop is prone to an insecure-default-permissions vulnerability. Successfully exploiting this issue allows attackers to alter the contents of packages that may subsequently be installed on remote computers. This facilitates the complete compromise of remote computers controlled by the vulnerable Remote Desktop server computer. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. Successful exploitation may allow execution of arbitrary code with "root" privileges on client systems when installing or updating the software. SOLUTION: Update to version 3.1. ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=304824 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Hawking Technology wireless router WR254-CA uses a hardcoded IP address among the set of DNS server IP addresses, which could allow remote attackers to cause a denial of service or hijack the router by attacking or spoofing the server at the hardcoded address. NOTE: it could be argued that this issue reflects an inherent limitation of DNS itself, so perhaps it should not be included in CVE. Wr254-Ca Wireless Router is prone to a denial-of-service vulnerability

The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions. (1) NtAssignProcessToJobObject function (2) NtCreateKey function (3) NtCreateThread function (4) NtDeleteFile function (5) NtLoadDriver function (6) NtOpenProcess function (7) NtProtectVirtualmemory function (8) NtReplaceKey function (9) NtTerminateProcess function (10) NtTerminateThread function (11) NtUnloadDriver function (12) NtWriteVirtualmemory function. Outpost Firewall PRO is prone to multiple local denial-of-service vulnerabilities because the application fails to properly handle unexpected input. Exploiting these issues allows local attackers to crash affected computers, denying service to legitimate users. Remote code-execution may be possible, but this has not been confirmed. Outpost Firewall PRO 4.0 (964.582.059) and 4.0 (971.584.079) are vulnerable to these issues; other versions may also be affected. Outpost Firewall is prone to a denial-of-service vulnerability. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. The vulnerability is caused due to an error within Sandbox.sys when handling the parameters of certain hooked functions. This can be exploited to cause a DoS by calling NtAssignProcessToJobObject, NtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver, NtOpenProcess, NtProtectVirtualMemory, NtReplaceKey, NtTerminateProcess, NtTerminateThread, NtUnloadDriver, and NtWriteVirtualMemory with specially crafted parameters. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Matousec Transparent Security ORIGINAL ADVISORY: Matousec Transparent Security: http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114, when the Browser-Only access feature is enabled, allows remote authenticated users to bypass access policies via a certain login method, a different issue than CVE-2006-4846. NOTE: some of these details are obtained from third party information. Citrix Access Gateway is prone to multiple vulnerabilities. Exploiting these issues may allow attackers to gain unauthorized access to certain resources. This BID will be updated when more details become available. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. SOLUTION: Apply hotfix AACE400W004: http://support.citrix.com/article/CTX110293 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Citrix: http://support.citrix.com/article/CTX111614 http://support.citrix.com/article/CTX111615 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Access Control (AAC) 4.2, when deployed on the Access Gateway appliance 4.2 through 4.2.2 allows remote authenticated users to "gain access to data" and obtain sensitive information via unspecified vectors. An attacker can exploit this issue to disclose sensitive information that may be used to gain unauthorized access to the application. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. 1) An error in the Browser-Only access feature may allow users access to certain protected resources. 2) An error in the login process may allow users access to certain protected resources. SOLUTION: Apply hotfix AACE400W004: http://support.citrix.com/article/CTX110293 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Citrix: http://support.citrix.com/article/CTX111614 http://support.citrix.com/article/CTX111615 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. PNG (Portable Network Graphics) Format image processing library libpng In png_set_sPLT() In the function sPLT In the chunk processing code section, PNG There is a problem that memory access violation occurs due to image processing.Web Pre-crafted, installed on site or attached to email png By browsing the file, service operation interruption (DoS) May be in a state. The 'libpng' graphics library is reported prone to a denial-of-service vulnerability. The library fails to perform proper bounds-checking of user-supplied input, which leads to an out-of-bounds read error. Attackers may exploit this vulnerability to crash an application that relies on the affected library. =========================================================== Ubuntu Security Notice USN-383-1 November 16, 2006 libpng vulnerability CVE-2006-5793 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: libpng10-0 1.0.18-1ubuntu3.1 Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.1 Ubuntu 6.10: libpng12-0 1.2.8rel-5.1ubuntu0.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Tavis Ormandy discovered that libpng did not correctly calculate the size of sPLT structures when reading an image. Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.diff.gz Size/MD5: 12960 3ae9ff536ba163efc00070487687399b http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18-1ubuntu3.1.dsc Size/MD5: 636 3af55a46b4ada05160527a49c5dd6671 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.0.18.orig.tar.gz Size/MD5: 506181 40081bdc82e4c6cf782553cd5aa8d9d8 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng2-dev_1.0.18-1ubuntu3.1_all.deb Size/MD5: 1166 160ce752a119a735d2abf03ec1f1dd55 http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng2_1.0.18-1ubuntu3.1_all.deb Size/MD5: 942 e3c40272cd978953acf3469dbda42a30 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_amd64.deb Size/MD5: 113890 e395ef9909e34cc4333fb868a7a794f2 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_amd64.deb Size/MD5: 197710 1b46e5c7e431d6640e319ca81f0634ad i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_i386.deb Size/MD5: 109224 e083cb785e2bc0225b47fee51c69b22b http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_i386.deb Size/MD5: 186536 476d8276b05d075552fc878547a17092 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_powerpc.deb Size/MD5: 111444 cda22be3ef3d978e4aa3c7111c7f7436 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_powerpc.deb Size/MD5: 196744 db0ae3294f47addab0ff52b4d134fff8 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-0_1.0.18-1ubuntu3.1_sparc.deb Size/MD5: 109078 26672912dc8d37ae7afbc57fba8cc477 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng10-dev_1.0.18-1ubuntu3.1_sparc.deb Size/MD5: 192902 458ef029777b12b5b4165e63d097c774 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.diff.gz Size/MD5: 16308 c13ba4eb92c046153c73cec343ba0dad http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.1.dsc Size/MD5: 652 ec80abc5bbe3fb9593374a6df3e5351d http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.1_all.deb Size/MD5: 842 db0b015e80f042a3311152aad1a1f96f amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_amd64.udeb Size/MD5: 69468 8c741fd0d0ff83068e6dd78bc2e026c1 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_amd64.deb Size/MD5: 113808 c86b5b27effab5f974f4f2c4ce743515 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_amd64.deb Size/MD5: 247500 6493fda0d94d75f2255cb48399fa5fec i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_i386.udeb Size/MD5: 66918 38259ac6fd9f0b4fc56e59b9b8fa75e4 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_i386.deb Size/MD5: 111304 440e23028cc1c9de3fb459f8969641d5 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_i386.deb Size/MD5: 239650 0235a7988ea235573758fd45a7500cf9 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_powerpc.udeb Size/MD5: 66284 ba2f362738e47667364a69a7425a4bae http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_powerpc.deb Size/MD5: 110738 27426cfb75acb15305d71a26d79ecf70 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_powerpc.deb Size/MD5: 245228 297d5a07d22ea0c2deb1e3a2da22cc7d sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.1_sparc.udeb Size/MD5: 63820 b28e9240844c87f288986efcfaa6d82b http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.1_sparc.deb Size/MD5: 108438 439feb51a430e75b0314ebd0bbe9eeaf http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.1_sparc.deb Size/MD5: 240068 f1d19c0623d6a875c240ae809f39cc37 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.diff.gz Size/MD5: 16419 341fce97b60457776d7d5b3045e98ab8 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.1.dsc Size/MD5: 659 128223fd1ee1485c1edda30965e2c638 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5.1ubuntu0.1_all.deb Size/MD5: 884 ff80da62782949d9ee6e2f45de7368d8 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_amd64.udeb Size/MD5: 68974 410bb02f1680b74c0b7bdfe75b6d4f6c http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_amd64.deb Size/MD5: 113470 595b09232667d5f45bfc94cbac2154e4 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_amd64.deb Size/MD5: 247126 af29f417517106cf651dab5c92ad52ee i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_i386.udeb Size/MD5: 69914 d335eae45c97a06251e2b1bb263a0f78 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_i386.deb Size/MD5: 114466 eb4ebc44ac004eddd4ac551f443d9196 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_i386.deb Size/MD5: 242864 a79b348098a3e5051a93dcc3bfc44f80 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_powerpc.udeb Size/MD5: 67592 c11829d98adc0dd16883d1b00c773691 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_powerpc.deb Size/MD5: 112146 e95acde5a5756fe1e8ae3085e160a437 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_powerpc.deb Size/MD5: 246662 eea28613a44952b49f1ebd1c9365c31e sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.1_sparc.udeb Size/MD5: 64644 0a019f09ea70eb9e0734542116919875 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.1_sparc.deb Size/MD5: 109320 c8c61d5fc9db2c8edf9ca933bc0aeea6 http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.1_sparc.deb Size/MD5: 241060 a4d7a38de962236150bbbb84be9c542f . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200611-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libpng: Denial of Service Date: November 17, 2006 Bugs: #154380 ID: 200611-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability in libpng may allow a remote attacker to crash applications that handle untrusted images. Background ========== libpng is a free ANSI C library used to process and manipulate PNG images. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libpng < 1.2.13 >= 1.2.13 Description =========== Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that a vulnerability exists in the sPLT chunk handling code of libpng, a large sPLT chunk may cause an application to attempt to read out of bounds. Impact ====== A remote attacker could craft an image that when processed or viewed by an application using libpng causes the application to terminate abnormally. Workaround ========== There is no known workaround at this time. Resolution ========== All libpng users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.13" References ========== [ 1 ] CVE-2006-5793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200611-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: FUJITSU Interstage Products Apache Tomcat Security Bypass SECUNIA ADVISORY ID: SA32234 VERIFY ADVISORY: http://secunia.com/advisories/32234/ CRITICAL: Not critical IMPACT: Security Bypass WHERE: >From remote SOFTWARE: Interstage Application Server 6.x http://secunia.com/advisories/product/13693/ Interstage Application Server 7.x http://secunia.com/advisories/product/13692/ Interstage Application Server 8.x http://secunia.com/advisories/product/13685/ Interstage Application Server 9.x http://secunia.com/advisories/product/15986/ Interstage Apworks 6.x http://secunia.com/advisories/product/13688/ Interstage Apworks 7.x http://secunia.com/advisories/product/13689/ Interstage Studio 8.x http://secunia.com/advisories/product/13690/ Interstage Studio 9.x http://secunia.com/advisories/product/15610/ Interstage Business Application Server 8.x http://secunia.com/advisories/product/13687/ Interstage Job Workload Server 8.x http://secunia.com/advisories/product/13686/ DESCRIPTION: A security issue has been reported in various FUJITSU Interstage products, which potentially can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to a synchronisation problem when checking IP addresses and can be exploited to bypass a filter valve that extends "RemoteFilterValve" and potentially gain access to protected contexts. SOLUTION: Patches are scheduled for release. Use a proxy or firewall to protect resources. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: FUJITSU: http://www.fujitsu.com/global/support/software/security/products-f/interstage-200806e.html JVN: http://jvn.jp/en/jp/JVN30732239/index.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . In addition, an patch to address several old vulnerabilities has been applied to this build. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-5793 [2] to the problem. ________________________________________________________________________ References: [0] http://www.libpng.org/pub/png/ [1] http://www.libpng.org/pub/png/libpng.html [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 ________________________________________________________________________ For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F) which you can retrieve from http://openpkg.org/openpkg.org.pgp. Follow the instructions on http://openpkg.org/security/signatures/ for details on how to verify the integrity of this advisory. ________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Comment: OpenPKG <openpkg@openpkg.org> iD8DBQFFXXaWgHWT4GPEy58RAhKOAJwMnHAAuITUWPEiMFaGMiBK9DattACeKq+J T9O+2CcdG0iwbDjXV1/Sl40= =6FRk -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:211 http://www.mandriva.com/security/ _______________________________________________________________________ Package : pxelinux Date : November 16, 2006 Affected: 2006.0, Corporate 4.0 _______________________________________________________________________ Problem Description: PXELINUX is a PXE bootloader. (CVE-2006-3334) It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12. (CVE-2006-5793) Packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 _______________________________________________________________________ Updated Packages: Mandriva Linux 2006.0: 0ea71d307e69d9edd950e75cabafd7c0 2006.0/i586/pxelinux-3.11-1.1.20060mdk.i586.rpm dff7ef13f57d61a451b77b00918e07cd 2006.0/i586/pxelinux-devel-3.11-1.1.20060mdk.i586.rpm a9c531ff69efb2df50a8a00311181f65 2006.0/SRPMS/pxelinux-3.11-1.1.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: deec78c2bf5e26ff7d7aab58cf5a2fc5 2006.0/x86_64/pxelinux-3.11-1.1.20060mdk.i586.rpm 52d33b5d03e87636fbda2e643dc60882 2006.0/x86_64/pxelinux-devel-3.11-1.1.20060mdk.i586.rpm a9c531ff69efb2df50a8a00311181f65 2006.0/SRPMS/pxelinux-3.11-1.1.20060mdk.src.rpm Corporate 4.0: b0d3ea9fb11f47f5b60d35e511c069cf corporate/4.0/i586/pxelinux-3.11-1.1.20060mlcs4.i586.rpm c34a3638a6042258306fa591a542f880 corporate/4.0/i586/pxelinux-devel-3.11-1.1.20060mlcs4.i586.rpm 68a203b1315849d3f690e2c5dd05b994 corporate/4.0/SRPMS/pxelinux-3.11-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 101bf5ce7b71092aa0d867475c71713b corporate/4.0/x86_64/pxelinux-3.11-1.1.20060mlcs4.i586.rpm b8e512bf0b8ce91b64fad1a69735360c corporate/4.0/x86_64/pxelinux-devel-3.11-1.1.20060mlcs4.i586.rpm 68a203b1315849d3f690e2c5dd05b994 corporate/4.0/SRPMS/pxelinux-3.11-1.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFFXL3imqjQ0CJFipgRAkroAJ4sGm9q7SW0Br8gzdmubaNuOQoJ0gCfSf1K rBftA0Q6CJxXrtfssMoX58E= =u2z8 -----END PGP SIGNATURE-----

Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. Apple Safari web browser is prone to a denial-of-service vulnerability when executing certain JavaScript code. An attacker can exploit this issue to crash an affected browser. Presumably, this issue may also result in remote code execution, but this has not been confirmed. Apple Safari 2.0.4 is vulnerable to this issue; other versions may also be affected. There is a vulnerability in Apple Safari's processing of very long regular expression matching strings. Remote attackers may use this vulnerability to execute arbitrary commands on the user's machine. If a Safari user is tricked into visiting a site that contains malicious JavaScript, a vulnerability in regular expression processing could be triggered, causing the browser to crash or execute arbitrary commands

Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field. A buffer overflow vulnerability exists in the Broadcom BCMWL5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Broadcom Wireless Driver Probe Response SSID Buffer Overflow SECUNIA ADVISORY ID: SA22831 VERIFY ADVISORY: http://secunia.com/advisories/22831/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: Broadcom NIDS 5.0 Wireless Driver 3.x http://secunia.com/product/12559/ DESCRIPTION: Johnny Cache has reported a vulnerability in Broadcom Wireless driver, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the BCMWL5.SYS device driver when handling probe response requests with a long SSID. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet. The vulnerability is reported in version 3.50.21.10. Other versions may also be affected. SOLUTION: Update to the latest version. Linksys: http://www.linksys.com/servlet/Satellite?c=L_Download_C2&childpagename=US%2FLayout&cid=1115417109934&packedargs=sku%3D1144763513196&pagename=Linksys%2FCommon%2FVisitorWrapper Turn off the wireless card when not in use. PROVIDED AND/OR DISCOVERED BY: Johnny Cache ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-11-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). D-LINK DWL-G132 is a high performance 802.11g wireless network card.  D-Link DWL-G132 wireless network card A5AGU.SYS driver has a stack overflow vulnerability. A remote attacker may use this vulnerability to execute arbitrary instructions on the user's machine. Because the overflow is triggered by a beacon frame, all network cards in the attack range are affected. The D-Link Wireless Device Driver for DWL-G132 devices is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions. The ASAGU.SYS driver is primarily used on the Microsoft Window operating system. Note, however, that Linux and BSD machines using the 'ndiswrapper' tool should determine if they are using a vulnerable instance of the driver. Note also that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections. Version 1.0.1.41 of the ASAGU.SYS driver is reported vulnerable; other versions may also be affected. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: D-Link DWL-G132 Wireless Driver Beacon Rates Buffer Overflow SECUNIA ADVISORY ID: SA22860 VERIFY ADVISORY: http://secunia.com/advisories/22860/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: D-Link Wireless USB Network Adapter Driver 1.x http://secunia.com/product/12585/ DESCRIPTION: H D Moore has reported a vulnerability in D-Link DWL-G132 Wireless driver, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet. PROVIDED AND/OR DISCOVERED BY: H D Moore ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-13-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614. Apple iChat is prone to multiple remote denial-of-service vulnerabilities. These issues affect the Bonjour functionality. Apple iChat 3.1.6 is reported affected; other versions may be vulnerable as well. Apple iChat is a video chat tool bundled with Apple's family of operating systems. Several denial-of-service vulnerabilities exist in iChat's Bonjour feature, which allows automatic discovery of computers. There are no restrictions on finding available contacts via mDNS queries, iChat will add the broadcasted _presence._tcp record even if the contact does not exist, so a malicious user can broadcast a fake record so that iChat users using Bonjour cannot discover more peers, unable to communicate reliably. Trying to start iChat Bonjour again will fail because mDNSResponder keeps a specially crafted record. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. The vulnerability exists due to an error in the "fpathconf()" syscall when it is called with an unsupported file type and can be exploited to cause a system panic. The vulnerability is confirmed in version 10.4.8. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Initially discovered in FreeBSD and reported in Mac OS X by Ilja Van Sprundel. ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-09-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI. Apple iChat contains a format string vulnerability. This vulnerability may allow a remote, unauthenticated attacker to execute arbitary code. A vulnerability in the way Apple Mac OS X handles corrupted Universal Mach-O Binaries may result in execution of arbitrary code or denial of service. Apple iChat is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. The vulnerability exists due to an error in the "fpathconf()" syscall when it is called with an unsupported file type and can be exploited to cause a system panic. The vulnerability is confirmed in version 10.4.8. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Initially discovered in FreeBSD and reported in Mac OS X by Ilja Van Sprundel. ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-09-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key. A vulnerability in the way Apple Mac OS X handles corrupted Universal Mach-O Binaries may result in execution of arbitrary code or denial of service. According to Apple information, iChat of Bonjour In message processing NULL Pointer Dereferencing causes the application to crash.Third parties on the local network can cause the application to crash. Apple iChat is prone to multiple remote denial-of-service vulnerabilities. These issues affect the Bonjour functionality. Apple iChat 3.1.6 is reported affected; other versions may be vulnerable as well. Apple iChat is a video chat tool bundled with Apple's family of operating systems. Several denial-of-service vulnerabilities exist in iChat's Bonjour feature, which allows automatic discovery of computers. There are no restrictions on finding available contacts via mDNS queries, iChat will add the broadcasted _presence._tcp record even if the contact does not exist, so a malicious user can broadcast a fake record so that iChat users using Bonjour cannot discover more peers, unable to communicate reliably. In addition, the iChat agent may have an exception when processing a specially crafted TXT key hash, resulting in a crash when sending a SIGTRAP signal to the process. Trying to start iChat Bonjour again will fail because mDNSResponder keeps a specially crafted record. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. The vulnerability exists due to an error in the "fpathconf()" syscall when it is called with an unsupported file type and can be exploited to cause a system panic. The vulnerability is confirmed in version 10.4.8. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Initially discovered in FreeBSD and reported in Mac OS X by Ilja Van Sprundel. ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-09-11-2006.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------