From sec-adv at secunia.com Fri Oct 2 11:36:09 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 18:36:09 -0000 Subject: [SEC] [SA36931] Cerberus FTP "USER" Command Denial of Service Message-ID: <20091002183609.29065.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Cerberus FTP "USER" Command Denial of Service SECUNIA ADVISORY ID: SA36931 VERIFY ADVISORY: http://secunia.com/advisories/36931/ DESCRIPTION: Francis Provencher has discovered a vulnerability in Cerberus FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the handling of multiple "USER" commands, which can be exploited to cause a crash. The vulnerability is confirmed in version 3.0.6. Other versions may also be affected. SOLUTION: Restrict network access to the affected service. PROVIDED AND/OR DISCOVERED BY: Francis Provencher, Protek Research Lab ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 12:37:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 19:37:51 -0000 Subject: [SEC] [SA36873] Serv-U "SITE SET TRANSFERPROGRESS ON" Denial of Service Message-ID: <20091002193751.12896.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Serv-U "SITE SET TRANSFERPROGRESS ON" Denial of Service SECUNIA ADVISORY ID: SA36873 VERIFY ADVISORY: http://secunia.com/advisories/36873/ DESCRIPTION: A vulnerability has been reported in Serv-U, which can be exploited by malicious users to cause a DoS (Denial of Service). An error within the handling of the "SITE SET TRANSFERPROGRESS ON" command can be exploited to crash the server. Successful exploitation requires valid user credentials and that "SITE SET" commands are enabled. The vulnerability is reported in Serv-U versions 7.0.0.1 through 8.2.0.3. SOLUTION: Fixed in version 9.0.0.1. Disable the "SITE SET" command. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.serv-u.com/releasenotes/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 13:38:37 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 20:38:37 -0000 Subject: [SEC] [SA36919] AOL SuperBuddy ActiveX Control "SetSuperBuddy()" Memory Corruption Message-ID: <20091002203837.32095.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: AOL SuperBuddy ActiveX Control "SetSuperBuddy()" Memory Corruption SECUNIA ADVISORY ID: SA36919 VERIFY ADVISORY: http://secunia.com/advisories/36919/ DESCRIPTION: trotzkista has discovered a vulnerability in the AOL SuperBuddy ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error in the Sb.SuperBuddy.1 ActiveX control (sb.dll). This can be exploited to cause a memory corruption via malformed arguments passed to the "SetSuperBuddy()" ActiveX method. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in sb.dll version 9.5.0.1. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: nine:situations:group::trotzkista ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_aol_91_superbuddy.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 14:37:25 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 21:37:25 -0000 Subject: [SEC] [SA36942] SugarCRM Cross-Site Scripting Vulnerability Message-ID: <20091002213725.19280.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: SugarCRM Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA36942 VERIFY ADVISORY: http://secunia.com/advisories/36942/ DESCRIPTION: A vulnerability has been reported in SugarCRM, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 5.2.0i and prior, 5.0.0l and prior, and 4.5.1p and prior. SOLUTION: Update to version 5.2.0j, 5.0.0m, or 4.5.1q. PROVIDED AND/OR DISCOVERED BY: Takeshi Terada of Mitsui Bussan Secure Directions, reported via JPCERT/CC ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN84396512/index.html http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000065.html SugarCRM: http://www.sugarcrm.com/forums/showthread.php?t=52401 http://www.sugarcrm.com/forums/showthread.php?t=52402 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 15:23:10 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 22:23:10 -0000 Subject: [SEC] [SA36910] Red Hat update for elinks Message-ID: <20091002222310.16499.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for elinks SECUNIA ADVISORY ID: SA36910 VERIFY ADVISORY: http://secunia.com/advisories/36910/ DESCRIPTION: Red Hat has issued an update for elinks. This fixes a weakness and a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. 1) A weakness is caused due to eLinks reading gettext catalogs from potentially untrusted paths. For more information: SA25169 2) An error within the "get_entity_string()" function in src/intl/charsets.c can be exploited to cause a static buffer overflow and e.g. cause a crash or potentially execute arbitrary code via a specially crafted HTML file. SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com PROVIDED AND/OR DISCOVERED BY: 2) Reported by Jakub Wilk in a Debian bug report. ORIGINAL ADVISORY: RHSA-2009-1471: https://rhn.redhat.com/errata/RHSA-2009-1471.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347 http://pasky.or.cz/gitweb.cgi?p=elinks.git;a=commit;h=341d54151f69d087112e1514b928e3fcc1810194 OTHER REFERENCES: SA25169: http://secunia.com/advisories/25169/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 15:01:42 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 22:01:42 -0000 Subject: [SEC] [SA36917] Ubuntu update for openoffice.org Message-ID: <20091002220142.31922.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for openoffice.org SECUNIA ADVISORY ID: SA36917 VERIFY ADVISORY: http://secunia.com/advisories/36917/ DESCRIPTION: Ubuntu has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA35036 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2.diff.gz Size/MD5: 95676554 0a1a6eb3dde1cf96ea2891d33ecc865a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2.dsc Size/MD5: 5294 7d5ca89719582d9f5a406bd552e57de8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1.orig.tar.gz Size/MD5: 278946187 4c601e202718781f5b6cf5f95c20974e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-common_2.4.1-1ubuntu2.2_all.deb Size/MD5: 9697162 c4c2062b392bb61a6182e7de5ba34995 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev-doc_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3287408 0abe1001f09eb9265e5ac5d914cee359 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-mobiledev_2.4.1-1ubuntu2.2_all.deb Size/MD5: 94292 30dd0f9bf1bc39ecfa0b7751f0759ded http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-java-common_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2610568 04bf739adc86f9757f24848e3ccd1fa7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-in_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2568 20660eed5cd0091fbf94e37dbab68003 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-za_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2556 b52bcd20fea92e80c64ce9cf44a4dcee http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-qa-api-tests_2.4.1-1ubuntu2.2_all.deb Size/MD5: 1289714 078cb7b1fc131c51f525e61d372ec626 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-andromeda_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2768798 cd154d9dbfd6193ba24e749f16508541 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-crystal_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3484234 a6bb3f21abe9574825d7256ad87e0c9b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-human_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3927394 d63f91d98ed76b0cf29c1bc75eff92d6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-industrial_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3082964 cf676f7265d91c2d5da2bca387d40c4b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-tango_2.4.1-1ubuntu2.2_all.deb Size/MD5: 3098776 b73b012c4b63cc5358912f9758670e48 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ttf-opensymbol_2.4.1-1ubuntu2.2_all.deb Size/MD5: 335408 5c52afd53c50d756f13c8914cbee7895 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/broffice.org_2.4.1-1ubuntu2.2_all.deb Size/MD5: 87902 ceda99d94c883246dbc9d4c7be17136c http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-dtd-officedocument1.0_2.4.1-1ubuntu2.2_all.deb Size/MD5: 33362 dc9646fefe5caadbc03398e9ffe6bb72 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-style-hicontrast_2.4.1-1ubuntu2.2_all.deb Size/MD5: 2070990 006f0c5f849f3d61410fa1a156780a17 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 145360 615882a696fa2c22fe116fb8ea33a6af http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 851638 ff3629f2140398b1c2c6e3619afc4915 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 1986552 7fdd961e38dd19cfd7d37c2e17d01533 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 4501114 b8a01ec447f9cc764e35c6be9a645fd1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 28198218 ea6a0d92c71d192cd9a15dea53276b5f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2643226 efc1db0707ef4e1d03e8917950056061 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2039816 9ef2d9ddcce5b3f6c4a5ddcadd722eeb http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 70766 2872c6970ca1637ed50f22757dfbb723 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 6275646 bc5a520308f869eb237e4467fa179642 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2871490 1bdded2e338bc4813a08d37b4f889d1d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 69052 36da98f94aca8cdcfc16599026e5dddd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 159116 94134c1a68a8e805a98c93cb4fbbfc2c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 492120 d92c6ab64db9e5999c3992c231c98fc0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 170710 0db6c24716a44f77f7d99202b40f2e16 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 257526 839ea21110e71c4f7debeec36f639814 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 48580 e275f310b86a8e08a744930223e4c549 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 532058 dbfeab03552307c5059958e9844aac63 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 5439258 a2260427ff3815dd9033c453a28a08fd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 5034 94444618d449ec1e7e961c578801473c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 98086 acec29ea565909fc5a4e63f7b39e77b3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 282946 518f39c05232ddcc615c4fad95834f85 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 2479158 cfd722c1d9adc5767d2390f15ff4fd23 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 383284 b3e67a866738c51b31ad37d5afa32e17 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 546236 aa0d76e270efdae7691f8e7dd86e74e2 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 888956 ef88e4a416f4290dc6711189bf0a8b6d http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_amd64.deb Size/MD5: 457170 a31b3f7e334c80e8c306fee86bfd6feb i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 146002 00545844067d669920370b4359277761 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libuno-cil_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 191958 1d6e79fd6f383c28292c9a5a3a35c685 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 809702 5be32453dce78cccb6b95eefb6a422b9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 1897132 c2bbcbb3e4a8cc6e575a603a68c15344 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 4199652 26ae12da98bacb7b2ae6363e3ddfc0c7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 26771936 275853c4c17d45d54db682988dffefc3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 2597610 a2ae147f30f74121d070cc8f0fcaa22a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 1953802 ba2d504c8f2dab53ed2e7add1de7f98c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 66064 9d09363d12832affcd321c18a7452ec0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 5929788 741801258841c6b4e73813e5cc6184bc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 2210084 63a71a1480dc64ab199c9a6cf248549b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 64766 635fe1e71a295f0285caf3e5a58a097b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 148618 01de0177f4f1786b6b592f8e81edd824 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 481746 a4b48bb4ef577f5e67131fef30c62650 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 159154 5c48448cf47ff5ab1c3521d0a16daa43 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 243944 164e95d3f40210a10c000aaedc2ced08 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 48418 10fe39da23ef00794412b9713d46f573 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 523516 f0f1da654192004fd3336b3e9e6be435 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 5172628 6bd1f41ab002f964296ba47eb1831d40 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 5028 5adf92c402b6640ab59eb836c3175d62 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 93534 158440adeed23d52c9732f9b6d9e3ccb http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 283178 f437ae7aa10df3d05abe74b8ebc5e47e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 2385528 0b90c0b7174e106ecb2b10b0396eb4f3 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 30192 23a3364dd2a9b86577872c5ecc5b12e6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 358592 bf6d98b755c87a8b1facefaf3a86c48e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-1ubuntu2.2_i386.deb Size/MD5: 321120 8c6ea05bdfaf25100c7e42b6eb83d520 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 539044 9f22d4fe5343e634414a32f9e4a1b96b http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 849790 d0e7bf9c625a7133a141f18f0c15bd6e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_i386.deb Size/MD5: 423362 85d0caea094863e792716ea5a878ca6b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 145920 35f39e738cf0b8978da17b45cf0cdd34 http://ports.ubuntu.com/pool/main/o/openoffice.org/libuno-cil_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 192422 3ea2d4ea3fe5c2ef260b606b47f29a5e http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 833278 86261c1da5ec0ff964dfc2fdbe6b60fb http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 1971110 e16d8762edecfbdff793e67c1c23494b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 4285460 4f329d8c9a9a2183e79286ca4ea3f93e http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 27469674 a69679e1c17655b16ea139d58ba19385 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2635104 179ed4317c0ae7c279520cac0fa7c29b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2009738 77beba0d86afaf4b92505ba51e3eae6f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 67232 0515a35573f2e318571682ba8d5c0058 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 6049356 882a7be3d75d53e03929ba600f53b13c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2429620 86b419fd19ba60ee23c2b9db834e88ac http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 66798 3a57395e794ef0373cae01fca03d5b07 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 151676 b27987f4ec10efc44e1eec1ab476eae0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 494222 c581fe4b223e7d575c36247af5f7631e http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 162284 fc9cf7a1ef528f86666a3e272e406afd http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 249466 0cef6807c918082712e631d495925581 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 48404 41b55e20ce86eabf1c9acde47eb54824 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 529356 f405b35e22e539ef4c990220058d9fa3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 5292384 80d714c0ce8dd47baf8f95cec5699c75 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 5026 a166e661512a80448d7bb41219345b5c http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 96202 e117cd59a8950fbdd12be6e34536efa2 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 283208 6e74f988c3d123194244eb5d739dc3a2 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 2420444 98b31f97dd565e7ef894f8514e80843c http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 30840 97e5abe4cdc278f98b70aef4df965b50 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 379568 88276bac5e123f2046539f27944a038e http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 323334 04984924c5acda4e92da65b1fa618044 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 547952 f235a95b9310e2f371122f27a594776b http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 874614 420a8b78d0439451c9677a7ffb3513fd http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_lpia.deb Size/MD5: 433546 14a73da494284254276f5353eef7cad2 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 145904 98deb96b5f61b43fcae16b514c23f009 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 665938 a3452867a471118b3f9824ed61dcda92 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 1388070 e252314cb896fa1450a556fe8dc2806f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 3406698 d21246c7bda2c3d1fb827bbb924b5e3d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 22851682 880ca25b0132d68b4aa094cfffbc2a3b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 2425676 6b183f62dcd13049656c3c7f3b51cdaa http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 1597462 8b8ede0294d89003b6964f0ffa37409b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 60854 850b0cfed49b8d5485aaf001ccfdcdb1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 5059622 f8a0bed278b86a10b52a876d7c2d6540 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 81034 1dcfb09a4001154b4c105b64a6ff7d6f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 155504 ebf445a050898b93d62620758409581a http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 384382 eefc22ea00e88ab39b0a0bd2c831cf4d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 155298 ccdc9d4f68c4ad8535276ae43a18ab22 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 204416 b591186ad95b669affa8c17a4ea9a6ee http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-qa-tools_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 230448 2be73a977a7b6ab361e32e1ef5d8d5a0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 4198242 c894e4c3a3e57f3d2a361c9298f2871f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 4974 6732d91357ee1907c0184b21e4178348 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 104662 77c576dfe34990dead3f4ffffe2bb826 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 283174 c5ebc5105611c0f746b27bec4b760bdb http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 1696320 2033f71a9159adb429fdfdf948e73248 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 35854 76ec10e0e614cbe761159d64846b272f http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 278992 e46bb0fc60e6e06a6490c41ea0403c65 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 318710 0a0d1afa6d2256985a5800f6c7d23c89 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 595688 18fad1fc8b5380931376d8fd0ac89916 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-1ubuntu2.2_powerpc.deb Size/MD5: 566818 f33fe5544fe10846f6f21d6e9345abf6 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2.diff.gz Size/MD5: 96556714 6b1fc5e84667c1a89c0f20f68bb69535 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2.dsc Size/MD5: 6343 7827108e62fa41ac4f7f87896836be86 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1.orig.tar.gz Size/MD5: 278946187 4c601e202718781f5b6cf5f95c20974e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-common_2.4.1-11ubuntu2.2_all.deb Size/MD5: 9699822 cfe3a799b987d2db5f91e85f1508365b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev-doc_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3296442 a059a9b34a477d52303039847db95a4a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-emailmerge_2.4.1-11ubuntu2.2_all.deb Size/MD5: 6614 4e8b9a0d18902e9050e0ab6fb3e9e72e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-mobiledev_2.4.1-11ubuntu2.2_all.deb Size/MD5: 98178 32c630b16709ced569db14493bb53bc6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-java-common_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2679596 4ac4ea309b4e13011feddea5c802dbdc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-in_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2576 208cb1b6f242bdcb443ba5616ee2cc48 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-za_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2566 cb2701ef20d71d8c750d2947d5721a82 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-andromeda_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2768802 d709b4c3bba8a9d82da434ee06204194 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-crystal_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3484486 91ccf7b95d41c380b1470f66b5a0f730 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-human_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3927978 58cf6fb0c9475b4239a43824c092a865 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-industrial_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3083014 3c77f4fce31f181c5451a1f58e4ef48c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-tango_2.4.1-11ubuntu2.2_all.deb Size/MD5: 3098486 9661b83ca85e527c3bc356985eec3a52 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ttf-opensymbol_2.4.1-11ubuntu2.2_all.deb Size/MD5: 340880 a12d12cb6aed7161d17bf6840d63a33d http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/broffice.org_2.4.1-11ubuntu2.2_all.deb Size/MD5: 88008 7a5abab4665577902424a47081d3bb65 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-basetypes1.0-cil_1.0.10.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 291944 d57dd5fe3590f955993eb8df4ed6b46e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-cppuhelper1.0-cil_1.0.13.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 289826 23e30f905459cfda8b18e64cf5682ff5 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-types1.1-cil_1.1.13.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 449738 0536af224d2bbc4a0fa699c9fcf6dabe http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-ure1.0-cil_1.0.13.0+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 291028 c25d49751f29bc483a45e4ca3b56347c http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-dtd-officedocument1.0_2.4.1-11ubuntu2.2_all.deb Size/MD5: 33416 b3b8421901241baa10d241f543a4fd6a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-qa-api-tests_2.4.1-11ubuntu2.2_all.deb Size/MD5: 1359602 ccced278c98e23c5f00e1275689c729c http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1-11ubuntu2.2_all.deb Size/MD5: 212194 eaf44849ced46a2bdad07cfdf0f21a15 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-style-hicontrast_2.4.1-11ubuntu2.2_all.deb Size/MD5: 2070824 2ed0457d5de80785f82b1b0220a64226 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 148096 fe84cbeeaf5685cb17df358c6fba7026 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 534860 c77f6dbecd50ec896a81e99b5a740fb4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 1911312 ef719069cb3c20a44a971eb04bce96ac http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 4376834 41935b189b7e2e0f13eaf1d0f8ed2d26 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 27298398 50636b12222a99aecaec48b8c485dfda http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 2613380 9e074bf7e844eb3d4b906752d640049d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 1979662 1cc2a071331307391afc5b47b0d6994e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 68184 6e209ece6b82cbac5ae448b948aa3bed http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 6131142 bc3e27921610be3b2d79c71fdc6d1b87 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 2839648 ece542a195ca64f20b75f819928966e5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 67848 968231c0288275717590f040b3914206 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 157262 0891d181989c7a32e046589dc1d81983 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 469436 40033dc175dbbd760bf0a7ea8598873e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 166132 88f4ca43e28a344aa67e67927fb75b65 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 251562 dc379740a7ff923c23398b4a007c975e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 47758 8632f1efb0ef7726a6a3b62f3ba6f7e8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 640840 49aac60a5a414a0ac6307af9c19ac27f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 5345406 94d4494771e4e95733036ae2c2afb938 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 5022 c48ad4a065d41858622768679dcef2b6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 94368 cb42a5c04d280a74ad804e00d7be14d7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 288468 c824d7c3e80057f9b48aa4293e85cd50 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 2396758 7625d21a9547fdcf4cc03cc1266c8196 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 24928 74de92708bda64387fb5be3b6e5e7688 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 31080 04bb57e3ee17f553db40143641cb114a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 344416 ebdcf39a99f94099b3f5f7c84381dd3d http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 263452 8d93ed32372c07b82baccba0bc779297 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 538576 49ab7f8a2224a8e0756d450b66f266ba http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_amd64.deb Size/MD5: 460646 f9a0fba9877faa628525120980275129 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 148556 c6b4e4688dc7ce25989e3a687ac3140e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 499760 c87d06d1d7e19162cb2ea4855f9d4bc7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 1831406 27d559abc6059d13d724eb1595a2003a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 4116788 64cd2fd4cd2c016c5cae6db3099f68ea http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 26118918 df633b670b3e7516f8529832083eab0a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 2561366 8bad1840ba5cbfa00f7f2bc638acfa19 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 1906754 29bf12010722cb31d4e9c576a5b7b076 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 63854 ff37786290730fc6291000c0cfb1bb2f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 5827814 862f4a74d8662ad6564aa718cd3d2314 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 2173864 e0b91d4e6a0188cd7531107d40227022 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 64196 ad799248554bb9a08b5fe4780b815945 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 148382 5ffe22441e6d1c003c0dc32a1af4acc9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 451458 1665a3ad303acf015f690378aeca19ab http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 156820 64c35c9e96406c77acdc0aef4bd2432a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 241264 2d9325dad83d35ba3a013413d18ef50b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 47602 435b42d01a0cefbb3cb3abe9590e440f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 605984 95f738641b17110ebe9ebd32a9f70009 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 5094400 c53b46e0e949b450a7488eef48e2484a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 5016 06db5937e6ed1d02a667e60d10143166 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 90900 5b5eb3a793f82589f8281da6dfaa91bc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 288664 22a8d674d5a68f96da2801d8a59c0b33 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 2319828 ae9085d24582e35523ad2dd95dc89431 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 24570 5f69524baf931ceacd1f4f40573f0c6e http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 30306 ac52ab76fb6639100ed480d6ab6b0383 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 337790 e75a699e659644ea9dc3bdd47d860336 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 325700 b45e5b5b30f75f49cd0cb3e660387503 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 257646 3ccf460af7d76d3fc5d9bee0a9129822 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_i386.deb Size/MD5: 529500 3bc46fae95c134a6d046c6c4bcf092de http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_i386.deb Size/MD5: 428374 ead00259a7840519da9c4a45a7325f5d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 148576 43a419312d7fb799cbe5f3fd3e259f8c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 519894 bc6f0667d92cc59e348c340962563686 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 1889816 f4ec9bcf748289508c81b3fb5a7d87a3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 4177174 396a79a2b9093ae8ace083cf1c6e7752 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 26663668 834caf87b1bd13f65c0c3dabe6736f47 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 2594714 8d1176557390d6a308ebc3776341306c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 1954460 22499acadb7beaaff925f236c720c19d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 64726 865d88c5a5c2c64f581e85ee63d3305d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 5909776 7a60298986223882590dcd63f49bbc61 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 2362672 92ea54da2d5c5c72c74ea325d5b65bff http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 65430 df55c2ec7bb20021d72181bf37ee7e5f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 150748 62589ba8ce1bddaaa4561f0e6d72ed85 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 462376 e3d2639b25e9f885fe10187f6fd1f473 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 158552 179ae1cb22e333da0ff458492dc07684 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 243478 79e139bf2748f723800ad09adcb357ce http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 47584 ef25705dbb9e89be15370746a87766b4 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 629654 eaf37a785fe40667b7290ba39c3201e8 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 5198874 1dcee9c3d3b39a18776c8d782acee83a http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 5022 939c959ad324d8bcb8b4adfbeeda57b7 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 93202 d9657c5749786cb7031b06800d78fe4e http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 288686 98ba9cee532d10d203b640b70108def4 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 2352480 e05ce4df994899c6791c14b8e27501db http://ports.ubuntu.com/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 24572 e9e83897e3f83c97e6860e804f1daaf0 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 30540 a0dfc1dfd4a27f907a5f8fc5bb3ee087 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 359934 fd96160e93a9289b9f45c518b534377f http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 326550 d0309e22109b30c4070437a3da4c95b2 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 263422 ec736933c36f8932876a330a5ff53a27 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 534638 99980e10a68c1987992c196ac595efd0 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_lpia.deb Size/MD5: 436944 f05e03c5361b7f89e70c3734e016880f powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 148592 4b193d2b5a3d49c90a0d6e9628e8247b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 369822 1fd9b4692741e0d6f1b0e9002ce65a1d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 1265230 ff6525dde918647ba17349698bf30e21 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 3179346 e050a0d2773579509b731d1bc28d3441 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 21129032 9e73fbfb801f3eaea97c598e603e880f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 2231622 cb6f8b4a4bd885c025929e5b6437d206 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 1468218 3006afe523e76e471fe0dbe48c3cf5ac http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 58382 ba6ce47fa5b329366c290a43bc003cad http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 4751028 b610a94e9f2469725e2904fe56c5a02d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 63016 4c08599d20f4179bf94752294a8caa68 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 133530 3ba444ec8510cf2b51dcba6d6bb3cdc2 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 339838 4f4be152340d12941def5889fbc29fe3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 137482 5ebd91e0f3656980eb23f91856dbeb12 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 197006 83dc9d9735b03139b3e2c31ed71b54ce http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 3986368 ca26fb978aceeb79e9620a90e0fb55e7 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 4962 79793e51aada7119bd917b982408d5ae http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 86844 48f370f215bd10b89974049d6e930d9d http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 288656 bdd7e51513a5aa05f0fa1fdcf6dee3e4 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 1641998 4037ae6b41632b3aa8d525b4a586b397 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 29850 06adafa4a4dac532c0e854a238e03129 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 210860 1ef1e12ee481e9d4dfae10c81df99bc6 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 320882 4dcfc85a0891910780c098f72eecba69 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 222748 1dc4400208b0762445fdea569ddd954a http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 211718 d5df29267faf63d27335f7b3a04046a1 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_powerpc.deb Size/MD5: 424478 debb990f9e46af1acb108c116f360a18 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 147288 fdb40b94050dc37c920cc5a5e18347dd http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 453036 d8f01197fe1bedea80fcd0983ea805a3 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 1586096 648792e4a07fd92eecab498777f80a8c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 3637938 d17f522cd9fae247900d8e2e58dec991 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 23374932 475a23e2d7db6bb475a85c4c865abdc1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 2488874 9445cf62aabb1fcefbdc9ebbc8e278e5 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 1635174 e5a430592d30ef3188d889a3011bf527 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 59358 082b359d7278210a5ff2fbbcf352afc0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 5175920 f50d4ce89e63a02cd7ec4ccc3f07ef29 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 2160900 2a49aa952d3ebe23365ba448f31038dc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 60896 d7285898ea8c80209f9906fcb943b607 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 133194 10b368eb0f396f97f437e731253ed7f1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 419988 18ede648295e39f8177273e2252843bc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 142738 941803df0773d5618251fedc9689bf1f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 203240 ed3dcc4a82220c02ae45e29e2e10fee7 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 47658 95fb5a4b6a75a3786ecab4911766892b http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 522484 aa2094a5790f811a1a4cef3317999b1d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 4457972 136921b241a13b20616f1dfccf5f3863 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 5012 c08f476664409ed064eb28ee4321845f http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 86996 a25d894ac23d4f6342c26582536c7174 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 288456 56a001498066c96949b5283758a2f791 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 2196126 89de4a54e4f23252c7653175c072a5f3 http://ports.ubuntu.com/pool/universe/o/openoffice.org/cli-uno-bridge_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 23918 891f79efe8a7f13518a2b2f1dc10eee0 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 28712 25c4c24002c49e189940448fa26de469 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-headless_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 289640 f5e47e8bd3ab22a203e0393019de49b8 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-ogltrans_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 322410 2d6f2d1f02f529d58e30768a92d52907 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 253414 5a001dbb394ffc24a3f8870f55a6c1bf http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-qa-tools_2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 504684 f40d90f796d66280d05a37c7b9f72747 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.5+OOo2.4.1-11ubuntu2.2_sparc.deb Size/MD5: 478786 31b33657c38330ab79ea169ef8b73079 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1.diff.gz Size/MD5: 97442512 8f44eed6b3f150111b39a16901db5231 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1.dsc Size/MD5: 6817 80f92826a8ad9e4b333ffddca72f93f7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1.orig.tar.gz Size/MD5: 332751214 834751a6604a2d87eadf9ccdbae06010 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-common_3.0.1-9ubuntu3.1_all.deb Size/MD5: 17243676 245e40054ef31b709cb4439f5b80e4fa http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev-doc_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3381850 9c19042943f49f1b3f96d3ddeaf8ccc8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-emailmerge_3.0.1-9ubuntu3.1_all.deb Size/MD5: 6772 131fa9aec477d0a7dd188b38bab432b9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-mobiledev_3.0.1-9ubuntu3.1_all.deb Size/MD5: 93906 5b5bcf14bb63b30bf66bd5221b3c53e3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-java-common_3.0.1-9ubuntu3.1_all.deb Size/MD5: 4281594 385eafe9b9dae8a52db1a5561709b974 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-in_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2700 5defdbf251c04c8a858036f6b85be2c5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-l10n-za_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2690 b56777e16efec851a8db6cf1cfdfc614 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-andromeda_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2409312 2dcb9cdc64657656991cca52586b6a91 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-crystal_3.0.1-9ubuntu3.1_all.deb Size/MD5: 4087320 a7370e0c3a7da25c9a06cd83760385d2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-galaxy_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3913206 0fb3921b375b085cd277f26d9189887a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-human_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3792598 d5b4fe4c86ebeaac711b10c950b53b4a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-industrial_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3697906 41625e972750d321f551d6ecdc934f49 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-style-tango_3.0.1-9ubuntu3.1_all.deb Size/MD5: 3710564 54f317c63415e7afa3a8e4cff19ac57b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ttf-opensymbol_3.0.1-9ubuntu3.1_all.deb Size/MD5: 253792 fe663dc1dc928f04694ca7b722a20f66 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/broffice.org_3.0.1-9ubuntu3.1_all.deb Size/MD5: 100956 82da3bc495068ed77df019103743ac8b http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-basetypes1.0-cil_1.0.12.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 209240 80748cf047e3434be6959b0010568c88 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-cppuhelper1.0-cil_1.0.15.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 207032 d7521224918dd897a70ffa10cce49fc9 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-oootypes1.0-cil_1.0.1.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 362686 d33bdebd6b2ad0a9c7d5495849eb7d0a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-ure1.0-cil_1.0.15.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 208298 835f6c314159afbafe8f136c8beefb3b http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/libuno-cli-uretypes1.0-cil_1.0.1.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 228596 e97aa312f67d596836cb6ac42e5c6dde http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-dtd-officedocument1.0_3.0.1-9ubuntu3.1_all.deb Size/MD5: 33342 34e50ef93b3e10653b3b7960735bbf63 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-report-builder_1.0.5+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 281084 c53186a8e753da0d98cd0989482b88b7 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-style-hicontrast_3.0.1-9ubuntu3.1_all.deb Size/MD5: 2386322 fe5eab566806c36b5db662fe4b022aa4 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-wiki-publisher_1.0+OOo3.0.1-9ubuntu3.1_all.deb Size/MD5: 662314 7e4bc031320a2822f6ca8af170f383bc amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 156904 d8f344a4be9545b3e9ee52de73c05def http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 553634 e580776905e6a234b966b8a5aa9d2c00 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 1987784 40787ae63ed35ef0f14c3f4496135ba7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 4238132 e495d61e6167516ca3954c68cd1daced http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 27047580 166facc0cb3898831baad2f3c42eeb3c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 2539424 50f6c0c914236714abdc87753aa6ae51 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 2056244 ed31ea4da97eddb704b971a8d398e725 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 68372 fee56d360ad5fe8c3e05ab3d8b4a27e9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 6553248 3994869ab913d19d0fdbcdfae2bb34a3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 3396564 5249ae0c58a50c2ff278a47210bed102 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 3016 68efb0a296296c887aee2f33842af1e0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 163322 89f43f688e19c9285350a8d3071add79 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 462124 2b883f3753a4ee86a5f2a057afeac846 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 90640 659d3ab33132bb0fd5b54e749dd2c117 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 250562 02ff82ccb80a9f11b49243d46a58f000 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 46078 f348111f84c046301d48ef130a6e2c99 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 896618 7d89f16e1f495d582af9b2a2e9f6d1f7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 5770212 1c1ba97ffde70255b7bfa99d742c2e99 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 5098 1e021015868753445b52dd26c6789eb3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 94210 b780895645daed19db5f5758d18c4f04 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 203634 45493f5ca2564588954bf4c590d6266c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 1113986 72914aa18e250356d075407cd31259ed http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 203504 0c95e8409f0c7248a1aa36575d7aa133 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 1435902 e0e624f9a7a51ef204aac248fff0cdc6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 25074 f31c2133fa415552c188f64dc7fc30f6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 31098 021019903841ea5043e1825896cea6f4 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 284146 5be22615591ed61cf83b5b68689c0ff1 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 880636 fa4808767f074b4a6483691ec85696e1 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 351122 8efd6635344eb00a65b5cfb8d2e966a3 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 915710 f6be9b282e331e3e82d51c658cc6295f http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_amd64.deb Size/MD5: 463096 5cd35661a1bdd6b28b0e5d43be39f6f0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 157416 30ae8d6a2672cfb541b02be08f2359a2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 526198 b3cf1324a46dc21e495c37bd9f583851 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1925606 6d6637863bc996e4e0bd73ed3a35a6c1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 4022280 5ac513ed5b08f77d7656a0636524e649 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 26054308 5fb79481138caca8a8b071168f667ad9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 2520024 23d8130aedffe9934801e064efcb6ff1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1995742 a1418fd1e585f5a651e907e95503e2d4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 64084 be82b3f1b8e4f584f8def447c3ebea97 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 6269176 046cbba6e6627025d2c8351eb9fd9379 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gcj_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 2602832 55c63d6ae33922466621890930128de8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 3012 4cf7b8c1d1b03363f0f9916e36440490 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 155206 5f812fd3e85b2cd78251bf8da01df8b1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 447048 53c3fb6467df7bd65714a7089fa353a4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 86056 25aa98c43739d64201bd7ee27ba0292a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 240256 5ebdae48b3278356e6e79d61c102e8ee http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 45914 d086ceb33f1b397091aa6bbffeb5eba5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 862882 fb78d5b7ca01ce5cfc64afecf967627d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 5606492 b9e4b8de9fc9c739b5b85c1459655e2e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 5096 ad878bf0e1b69282ca107a6152a1d006 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 90432 1002fc8c840f2f340940fbd1fe9704d3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 203932 22f6d6caf3f0bf567ac117cea886956f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1093140 f68016be49b9e0d8fa446d021374a419 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 203762 fa9c16f5696a4ee9865843110feacc1c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 1391614 489aab68ffe456deaef91e2d92c070ca http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/cli-uno-bridge_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 24644 8498f1b1605b91afc9a3e94376c3cd1a http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 30396 bea4bb5fe727fd7521d6ee56e381c0c7 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_i386.deb Size/MD5: 278704 2d7aaba783d5cf5f14641169e8150668 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 845412 41a7da195a1c4ad6a1bccaa9347a4d43 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 342546 50612f1e88bf70383a4971d45b977e79 http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 901162 4c45e1bd29999a4e6b4292b32d6c85dd http://security.ubuntu.com/ubuntu/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_i386.deb Size/MD5: 426458 2be6694d75ad639590a29ba9e3da6809 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 157406 63fb26decb775634a5ee8dbffd9f02d6 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 537080 0a11a0f23a68a65620024f26194e978f http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 1963214 5acc53445a71019d865465faac4225be http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 4072142 364d451de516da2de0f5f0292b378195 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 26450476 30f497b7031b7c8895337c1bc98aa949 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 2520798 5601420357f1bd992bbeabe6d59914f0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 2024112 46b23807cc6e816579dd4685844826f1 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 65354 fd1d9c74aaf07da7e4106efb0f28ab83 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 6338386 03a135bb4d74938ccb179e0aacd7fc89 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gcj_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 2827774 8d5578c0a0960f4edc6a041a1090ef59 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 3012 26c906b338fa138e0c89ca88cbc468c2 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 156634 6ec5f0599d68f9aa736e503a3d285ebc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 454876 ba323d60ce86c8506dac5ee2e9e7400d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 86782 c595a97690a3c722d69778160cec37c0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 241912 7e9b8f36b263f7b6c4c865411d2c1b00 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 45882 538d1a8aeb7b520cc9987047f6ebdd7a http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 880664 42e23d87669a957cb77049b435a9f1ae http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 5662754 b9f21918d3805ba1e532027e5608274d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 5094 ae2f09f0cb3551f1fa669aff948537f0 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 92876 8e8b3bb71bb3f7b2bfc63e2390bf2793 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 203934 af6e79485fb5cc4e1e9e5e2377c338f3 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 1095772 f3c5bdb5b4c51dd7b372082a7ff1f8eb http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 203772 b5217ec1e75c6c46ae3f968f65d891f5 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 1406692 4f0b4f4504efabc874ba40d3c8942624 http://ports.ubuntu.com/pool/universe/o/openoffice.org/cli-uno-bridge_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 24656 038d00bd473ae7efe5532db93580956e http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 30726 97f5c000e6e987514155fdb03504a4f7 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 280834 93e9a2edaf65353161b3298e1aa5b09d http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 856428 e5f02268ae7927a3d52544d088ff7431 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 351582 272f26cf2dc93f0f4fc2e66b21670250 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 905960 5088c420941a1748f34c4fe966f5a5a7 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_lpia.deb Size/MD5: 439698 76c16f38052d01729ce80ff7554ed9f1 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openoffice.org/libmythes-dev_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 157452 84f1b59f361b9f7d8dc1bf6479592e8d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base-core_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 381724 34180a5a311d9bd81cc39ce88609bf3c http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-base_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1668362 daa6a042fa9f93957403196ef52e30c5 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-calc_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 3855988 1f5397f401ffaebcd49afb824512e5f7 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-core_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 22694952 55987e4cc4cbcf1a29b02630785e1fe6 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-dev_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 2431828 4bf5ce654ffceee4a16fe429ae4a8ce8 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-draw_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1908712 7ecf5d8b27ae3a9b1bd5bc0b25b3037d http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-evolution_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 58218 d88682d2af2a988e2bfcca9ac28e86c0 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-filter-binfilter_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 5125392 3b740a2d8876e2ced3543bebddc03801 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gnome_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 3010 04bc17d2f5c63868150c92dabe1af147 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-gtk_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 145774 fb2e789d2a483de63a80b0170b21d159 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-impress_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 334830 bd24aa6b04c9706abe443bc53ff1ccbc http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-kde_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 79846 e5c8cc14e8175f568aa3a3380fe19c41 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-math_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 195372 6707ed25939b45bf12712a2d261b7397 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-officebean_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 47580 dfddac29beccd34db4065cf3901f0d03 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-report-builder-bin_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 783930 a06bedb72ea80c1d7bfb9bfc18257c40 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org-writer_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 5102014 7c34a1f60bf015223990ce4f0621a458 http://ports.ubuntu.com/pool/main/o/openoffice.org/openoffice.org_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 5094 9ad99c3526f9bbc43bb0fbed9bdceba6 http://ports.ubuntu.com/pool/main/o/openoffice.org/python-uno_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 86914 2948caae709a4320ee5cd9feb4c91a89 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 203662 88731b68dcde1e5fc14cce1fedd91223 http://ports.ubuntu.com/pool/main/o/openoffice.org/uno-libs3_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1004736 0a7c74bb7d06ef836f0b5e15851267f8 http://ports.ubuntu.com/pool/main/o/openoffice.org/ure-dbg_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 203486 cc170a0eb6b2bec54263c33ee04bcf3a http://ports.ubuntu.com/pool/main/o/openoffice.org/ure_1.4.1+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 1225748 0f6ab58fcbba174a0b9da8b69f7d8a28 http://ports.ubuntu.com/pool/universe/o/openoffice.org/mozilla-openoffice.org_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 30240 1deee7ed69e4401701b97684a37fe44f http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-kab_3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 270002 b168e16628134f18a36a9eee938d6653 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-pdfimport_0.3.2+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 790108 8f2f3741e94f01e7d2497283386dc9aa http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presentation-minimizer_1.0+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 310694 320f8c2abd6d975cb3805a7d0ca79f09 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-presenter-console_1.0+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 859202 9b39d721cc8d2b4a0fc048c91395e489 http://ports.ubuntu.com/pool/universe/o/openoffice.org/openoffice.org-sdbc-postgresql_0.7.6+OOo3.0.1-9ubuntu3.1_powerpc.deb Size/MD5: 426686 9b9fc3ccb35d3578af83d7132f173f35 ORIGINAL ADVISORY: USN-840-1: http://www.ubuntu.com/usn/usn-840-1 OTHER REFERENCES: SA35036: http://secunia.com/advisories/35036/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 15:37:45 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 22:37:45 -0000 Subject: [SEC] [SA36928] VMware Fusion Denial of Service and Privilege Escalation Message-ID: <20091002223745.31154.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: VMware Fusion Denial of Service and Privilege Escalation SECUNIA ADVISORY ID: SA36928 VERIFY ADVISORY: http://secunia.com/advisories/36928/ DESCRIPTION: Two vulnerabilities have been reported in VMware Fusion, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges. 1) An unspecified file permission error in the vmx86 kernel extension can be exploited to execute arbitrary code in the context of the host's system kernel. 2) An integer overflow error in the vmx86 kernel extension can be exploited to cause a DoS. The vulnerabilities are reported in version 2.0.5 and prior. SOLUTION: Update to version 2.0.6 build 196839. PROVIDED AND/OR DISCOVERED BY: The vendor credits Neil Kettle of Convergent Network Solutions. ORIGINAL ADVISORY: VMSA-2009-0013: http://lists.vmware.com/pipermail/security-announce/2009/000066.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 2 15:55:01 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 2 Oct 2009 22:55:01 -0000 Subject: [SEC] [SA36909] OSIsoft PI Server Insecure Authentication Process Security Issue Message-ID: <20091002225501.13030.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: OSIsoft PI Server Insecure Authentication Process Security Issue SECUNIA ADVISORY ID: SA36909 VERIFY ADVISORY: http://secunia.com/advisories/36909/ DESCRIPTION: A security issue has been reported in OSIsoft PI Server, which can be exploited by malicious people to potentially disclose sensitive information and manipulate certain data. The security issue is caused due to insufficient encryption being used during the authentication process. This can be exploited to potentially obtain login credentials and gain access to the PI Server databases. Successful exploitation requires that PI User accounts are in use. SOLUTION: Update to version 3.4.380 or later and migrate to the integrated Windows authentication, or follow the workaround steps described in the vendor's advisory. PROVIDED AND/OR DISCOVERED BY: Eyal Udassin, Jonathan Afek, and Yaron Budowsky of C4 Security ORIGINAL ADVISORY: C4 Security: http://www.scada-security.com/vulnerabilities/osisoft1.html OSIsoft: http://techsupport.osisoft.com/Bulletins/4/224a5434-ba62-41d1-83eb-244ba60da193.htm ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 11:34:09 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 18:34:09 -0000 Subject: [SEC] [SA36951] Debian update for mediawiki1.7 Message-ID: <20091005183409.26362.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for mediawiki1.7 SECUNIA ADVISORY ID: SA36951 VERIFY ADVISORY: http://secunia.com/advisories/36951/ DESCRIPTION: Debian has issued an update for mediawiki1.7. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA33133 SA33881 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1-9etch1.dsc Size/MD5 checksum: 911 7db727bfa3f6139e107af451a90df719 http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1.orig.tar.gz Size/MD5 checksum: 3256428 50b74e2b5c86fb94c7201b72d2037662 http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1-9etch1.diff.gz Size/MD5 checksum: 46880 f939cc99afd3ff4b330a35ce549fdd7e Architecture independent packages: http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7_1.7.1-9etch1_all.deb Size/MD5 checksum: 3341486 4d801e5ee141c2affd080437cafa7f0f alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_alpha.deb Size/MD5 checksum: 180506 526bd0d52438515635abc44afea9e618 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_amd64.deb Size/MD5 checksum: 137638 b63b1cd4bc45683507e765b5af1aea12 arm architecture (ARM) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_arm.deb Size/MD5 checksum: 140018 a9431b5e427703486a814ed2a7442d62 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_hppa.deb Size/MD5 checksum: 42988 0a7a434f0fcc81b7d8d5e80137ca6569 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_i386.deb Size/MD5 checksum: 122238 cc04873698abdbf03011336f533c2b06 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_ia64.deb Size/MD5 checksum: 231730 e3201066e1de24dc9a13d284ea4b685f mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_mips.deb Size/MD5 checksum: 42978 e92b925866416643905a835ab0a5ae2b mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_mipsel.deb Size/MD5 checksum: 42986 8c6b53cdf4af706debdc7eed12ae585b powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_powerpc.deb Size/MD5 checksum: 140584 47487edcc395a3a559e0d9eab8be653c sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/m/mediawiki1.7/mediawiki1.7-math_1.7.1-9etch1_sparc.deb Size/MD5 checksum: 143132 5e59318af766a1ede67f62ffd1843597 ORIGINAL ADVISORY: DSA-1901-1: http://lists.debian.org/debian-security-announce/2009/msg00222.html OTHER REFERENCES: SA33133: http://secunia.com/advisories/33133/ SA33881: http://secunia.com/advisories/33881/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 12:38:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 19:38:22 -0000 Subject: [SEC] [SA36956] OpenBSD XMM Exceptions Denial of Service Vulnerability Message-ID: <20091005193822.10315.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: OpenBSD XMM Exceptions Denial of Service Vulnerability SECUNIA ADVISORY ID: SA36956 VERIFY ADVISORY: http://secunia.com/advisories/36956/ DESCRIPTION: A vulnerability has been reported in OpenBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the processing of XMM exceptions, which can be exploited to e.g. cause a kernel panic. Successful exploitation requires that the system is running an i386 kernel. The vulnerability is reported in OpenBSD 4.4, 4.5, and 4.6. Other versions may also be affected. SOLUTION: Apply patches. OpenBSD 4.4: ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/i386/015_xmm.patch OpenBSD 4.5: ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.5/i386/008_xmm.patch OpenBSD 4.6: ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.6/i386/002_xmm.patch PROVIDED AND/OR DISCOVERED BY: The vendor credits Slava Pestov. ORIGINAL ADVISORY: http://marc.info/?l=openbsd-security-announce&m=125474331811594 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 13:37:49 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 20:37:49 -0000 Subject: [SEC] [SA36908] Red Hat update for xen Message-ID: <20091005203749.26701.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for xen SECUNIA ADVISORY ID: SA36908 VERIFY ADVISORY: http://secunia.com/advisories/36908/ DESCRIPTION: Red Hat has issued an update for xen. This fixes a weakness, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to PyGrub not properly honoring the "password" configuration option for para-virtualised guests, which e.g. allows to edit the guest's kernel boot parameters. Successful exploitation requires access to the guest's console. SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com PROVIDED AND/OR DISCOVERED BY: Reported via the Red Hat Issue Tracker. ORIGINAL ADVISORY: RHSA-2009-1472: https://rhn.redhat.com/errata/RHSA-2009-1472.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 14:34:41 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 21:34:41 -0000 Subject: [SEC] [SA36950] Debian update for openswan Message-ID: <20091005213441.14739.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for openswan SECUNIA ADVISORY ID: SA36950 VERIFY ADVISORY: http://secunia.com/advisories/36950/ DESCRIPTION: Debian has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA35522 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.diff.gz Size/MD5 checksum: 91729 e7772358f397628f18f8590b2381a360 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.dsc Size/MD5 checksum: 879 3210a5ae193686c4f7fcd54c7855d720 Architecture independent packages: http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch2_all.deb Size/MD5 checksum: 522838 0368797b593a98c90d6e06cbe6743413 http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch2_all.deb Size/MD5 checksum: 599200 1780b2e6a74358d4caf2bde57f3b8f17 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_alpha.deb Size/MD5 checksum: 1798002 0c82e879ab4437375188a65edc88dc3c amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_amd64.deb Size/MD5 checksum: 1675158 db6086977260bbb4bb122d1bab3d3af5 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_arm.deb Size/MD5 checksum: 1718930 99c1b3db0733aa752802d3bac61dee5a hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_hppa.deb Size/MD5 checksum: 1771158 7342b46f65862bee24eb47e6d19d3a33 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_i386.deb Size/MD5 checksum: 1698718 4149cea4bc3176f5882e4c7f84eabf56 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_ia64.deb Size/MD5 checksum: 1930186 e1026107147145804d91567013b23329 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mips.deb Size/MD5 checksum: 1692076 2b7f7d0c3bda2016453e91424c6a483a mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mipsel.deb Size/MD5 checksum: 1697442 5ab952bf26a3b392b5c9ef1406a24019 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_powerpc.deb Size/MD5 checksum: 1667696 e84e9f2d87d6cf1b544e650867877c4e s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_s390.deb Size/MD5 checksum: 1671262 7d9b4488c61b3261478e4598e2d1cbe9 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_sparc.deb Size/MD5 checksum: 1689370 f00222a3310c2758204de6ded56cfa4b -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.dsc Size/MD5 checksum: 1315 2eb502ff966ff81e9da9930889f6199c http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.diff.gz Size/MD5 checksum: 145354 d0ef8b06a64471210268de94f79bfcbe Architecture independent packages: http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny2_all.deb Size/MD5 checksum: 613180 a589be2a64b1715d209f9c28a5654ea6 http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny2_all.deb Size/MD5 checksum: 537728 e0f72fde54078d6fc805fe27f1a4c688 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_alpha.deb Size/MD5 checksum: 1825688 cecb628caabdc6848734f335e4b14813 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_amd64.deb Size/MD5 checksum: 1767032 12f084adacc24ebe4f03c6106b6ecc11 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_arm.deb Size/MD5 checksum: 1756446 b07bc1876b226a960afcf443cebdf868 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_armel.deb Size/MD5 checksum: 1736620 d3f87f7a3756ab47bedeb23cbabc7c29 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_hppa.deb Size/MD5 checksum: 1805586 c0d564fc0db6241a52bd5e20fadeecb9 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_i386.deb Size/MD5 checksum: 1722564 6d6f09820c51c80105b83c5369b94815 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_ia64.deb Size/MD5 checksum: 1964688 ccd9a5a84b6c9517f5cfa65aee91872d mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mips.deb Size/MD5 checksum: 1703500 c1570749962f3d983ce6ab3589ed60ae mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mipsel.deb Size/MD5 checksum: 1710082 1c220e8c8244141f67ae46267ed89844 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_powerpc.deb Size/MD5 checksum: 1710982 39f9f36c47954570d88c089ce23d7d32 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_s390.deb Size/MD5 checksum: 1695204 d6b47d731eddfd3a443aea2c5e233147 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_sparc.deb Size/MD5 checksum: 1717100 e0c7c8bab8e8da06ad88bfa47431b7b1 ORIGINAL ADVISORY: DSA-1898-1: http://lists.debian.org/debian-security-announce/2009/msg00219.html OTHER REFERENCES: SA35522: http://secunia.com/advisories/35522/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 15:01:15 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 22:01:15 -0000 Subject: [SEC] [SA36952] Fedora update for kernel Message-ID: <20091005220115.26878.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA36952 VERIFY ADVISORY: http://secunia.com/advisories/36952/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service), and by malicious people to cause a DoS. For more information: SA36136 SA36438 SA36707 SA36763 SOLUTION: Apply updated packages using the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2009-10165: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00058.html OTHER REFERENCES: SA36136: http://secunia.com/advisories/36136/ SA36438: http://secunia.com/advisories/36438/ SA36707: http://secunia.com/advisories/36707/ SA36763: http://secunia.com/advisories/36763/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 15:24:15 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 22:24:15 -0000 Subject: [SEC] [SA36949] IBM Informix Products Setnet32 Utility ".nfx" Processing Buffer Overflow Message-ID: <20091005222415.12060.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IBM Informix Products Setnet32 Utility ".nfx" Processing Buffer Overflow SECUNIA ADVISORY ID: SA36949 VERIFY ADVISORY: http://secunia.com/advisories/36949/ DESCRIPTION: bruiser has discovered a vulnerability in IBM Informix Client Software Development Kit (CSDK) and IBM Informix Connect, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of ".nfx" files. This can be exploited to cause a stack-based buffer overflow when an ".nfx" file having e.g. an overly long "HostList" entry is opened. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in setnet32.exe version 3.50.0.13752 included in IBM Informix CSDK version 3.50. Other versions may also be affected. SOLUTION: Do not open untrusted ".nfx" files. PROVIDED AND/OR DISCOVERED BY: Nine:Situations:Group::bruiser ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_ibm_setnet32.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 15:44:09 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 22:44:09 -0000 Subject: [SEC] [SA36837] Debian update for postgresql Message-ID: <20091005224409.26731.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for postgresql SECUNIA ADVISORY ID: SA36837 VERIFY ADVISORY: http://secunia.com/advisories/36837/ DESCRIPTION: Debian has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges and cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions. For more information: SA36660 NOTE: CVE-2009-3229 and CVE-2009-3231 do not affect Debian GNU/Linux 4.0 (etch). SOLUTION: Apply updates packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1.dsc Size/MD5 checksum: 1134 0c5ec3d8c4af34cf555a3206ac8410f9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1.diff.gz Size/MD5 checksum: 40114 e1aa8128f80b1437f296c6e0a0772c9c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1.diff.gz Size/MD5 checksum: 36185 adb9c4e73892f87981641ce2649c04f4 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1.dsc Size/MD5 checksum: 1179 5c24c7277756756a8da4756523032bca http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18.orig.tar.gz Size/MD5 checksum: 11515037 34911f0a3e8ef5d1bd46f67cf96692fb http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26.orig.tar.gz Size/MD5 checksum: 10052172 fd007d094fdc8ac0ea850c7a38ae1c21 Architecture independent packages: http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-server-dev-7.4_7.4.26-0etch1_all.deb Size/MD5 checksum: 530802 2883dbdc70ad88eaebc064af9ba2f5d9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.18-0etch1_all.deb Size/MD5 checksum: 1514890 bf0d556c38afc0c87da2ac16579be0a8 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-doc-7.4_7.4.26-0etch1_all.deb Size/MD5 checksum: 1190930 b19cd49dca6d612da83a2e734c54ba66 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 641986 ea28011b561feb0c9538a4f1339d968e http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 129692 6bd567dc8fbb10e5468556909b2b2969 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 304662 40fb809d990925087642326ba8464ff8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 4505554 811fd44ebba518563bb216f82dac703e http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 393434 3a5d80a781f4581fa5875576ad5b0f22 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 198580 39acf52627f293699f61616e254939ea http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 211260 036c6f2f27942238e22a43f2176e7bd0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 188474 3d49b1b9305b5fe5e0f01adeec234ca5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 205186 e6379ede607185457848b87c61ec8a57 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 690404 ab7312df0861f348dd41406383f45c31 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 406760 4d0cb024dee5028e8eb6c0fae199f7c4 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 133050 e0da7f304a1687b2355a3a29b310e028 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 213704 0d62cf6ce316cec16040c24432d2341c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 134216 4f0086f498a07bccf4e2d64819333723 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 634048 3e2b3e6b33462c01d2678699b6ff3cf3 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 1177518 5501a5be6ce3d65f635903e58bec6853 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_alpha.deb Size/MD5 checksum: 3561802 4e159e8d42240dc1eed43cc38c45dc1f http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 199022 8ad1a920e4c0b8368224248dda98bd1f http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_alpha.deb Size/MD5 checksum: 1521744 46b55ea9529d77a2705414337fe0f7ee amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 596070 eac98d68065c1fe659b3cbc1afb9d66b http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 133314 0597875e1985d719e2edbac090a37ba7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 1468054 bcc4f535b1fbccb42a3c863fd1adf8a0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 633430 c830f47a4b0e3707675eab338810e367 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 197662 21953c2aa69db72c1e7dd3bb0f8222f2 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 652612 5fd14b39d8511471ad7f5372585871d1 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 207598 5fedd297aba7fdf7939fd17ba3b47b93 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 299612 ed0cd7dac27f87ed50d0247f5ba9a435 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 132392 c3930e591daa2e2599af35229da55c44 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 1133654 58f55a0fab95dfaf96f360f68edf3671 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 203378 6f8bd5f0076b4ac4ba5b211c10755d4c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 128806 d768e9dbc9ead8fa5ed4bd86789c0c1a http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 361154 527ba8dc92d7a182592bd7f3618c9334 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_amd64.deb Size/MD5 checksum: 3461632 2b6b50fd27932c22da0b791455fa2390 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 208592 ce542e554a41395a1e90568144355e38 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 197066 379803df9c76cac203cb1676082642cd http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 379112 9657c4086da5f5b7c94d494d18c71569 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 4384228 53ebc3a75509b2ac075796a4d4467f21 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_amd64.deb Size/MD5 checksum: 186920 4eaf45e3693e9f3beb72bd4a97818d19 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 634006 9ca20548d790c08eba7041dbfe707e7b http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_arm.deb Size/MD5 checksum: 288336 2ca03690c69ff469c98e260aad3921d7 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 132494 fe76a6cafdcf935110db49901f14ec69 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 197220 5c0b9f21f68183cc6b7abc1815fd92f9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_arm.deb Size/MD5 checksum: 186440 ed463b2f3839793d9120fb6d75f8ec80 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_arm.deb Size/MD5 checksum: 204652 18266d1cc0c4f3e682807c1f33b084e8 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 127030 23324a8ad20d7567fedf43bde35ba53a http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 130282 f66abe04e49733ae071c0c976fb7d6d5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 195908 8c8e9a0a12cae91a0e5565c447bc81cd http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 3406784 3c9c7ce483c5ccf98201aa799e46832d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 622050 ec88699d5fd5d523f5ee860ac4730d64 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_arm.deb Size/MD5 checksum: 366188 eefd15c53044bf0f9b5cf03027f48f58 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 1117686 b0e78ae33ffa5217fda999d3bccb15b7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 200746 78501e0d15a1238767b609e0fb829405 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_arm.deb Size/MD5 checksum: 345182 a1710cc2488e188da5c9b36b38ab19a0 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_arm.deb Size/MD5 checksum: 582628 38d8ee0d516c1b2fd756bd524c826ac8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 4310142 4bd5b1754cd9b03a95ff8a526fc1d4ec http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_arm.deb Size/MD5 checksum: 1435844 a0d8f342efaebcd63c8ec3bc0de300f8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_arm.deb Size/MD5 checksum: 208238 ee77d16a2f1047e42bc6451c8a7db855 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 1508738 21b37da0085eae6895f1f43608605c49 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 3885808 92e844f8816f4350bffc4e2f64d435a4 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 301538 a55cfbae9376993542e7e1a7f75544fe http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 366054 74720bbae5321ed1c3fb03b73bb3914d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 680792 eedc8851c14b68b8df75b844c5092d7b http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 4825394 9e17337d5183b9316dc78b6d52774e70 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 199570 a3982d2c473c0923900c616f216094a8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 210286 be139e4b362c066d91af0551f1a20661 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 214076 2de225a8289fb1aacb6b4b483bb04e5c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 129892 c38b7b07f56af10f0c88c31c5872adea http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 205916 725ec67f55c98d6c28599ad0467d9dd5 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 1167584 599b5175f0eadc42fec4cc5bec6bd02b http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 388104 c6b2ec6d8f40c57571fc79f60a5525d3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 634462 497d81c185ca32294d418ca3646f02ce http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 134684 1c09c23b5b387e1d131f89994c892061 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 135126 bbca84fc3f76d77a0fee0db32f9fc3b0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 200028 38cdd4a8b411cd76a7eabd08c62c7d68 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_hppa.deb Size/MD5 checksum: 637690 fafe918865b0e5dcc38ab3553d513949 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_hppa.deb Size/MD5 checksum: 188450 80336942b488ddb4fe774278aafd2c57 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 130674 ab610dec6ac26203cd4057432787a6ac http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 1116108 69bb16cdf05accd6038ead7d50a426be http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 574334 316adbffeba9994a85d6e537174eae41 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_i386.deb Size/MD5 checksum: 207092 16fa77ea07f45c2e1da786f0a6b3ee9d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 196046 46196ec9b4b40922a0eabee9f65b1f5a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 620694 b8afb34f7f2dd0b29ac257ae700b895d http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_i386.deb Size/MD5 checksum: 208634 a98795dba4c5b148a7417cd5bfb4ba4b http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 128438 4800ca32275a63a496b7f7282d7de38f http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_i386.deb Size/MD5 checksum: 295976 94252eb7cdc03e352a4cb72f4e13e2c3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 632924 5c0776fcdfd2cb52cfddef10dd6bab4b http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 4297716 1478f78bf5c1fa8e79a916773f37727a http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_i386.deb Size/MD5 checksum: 355028 7af3c29e6c1af62671ff943a5cf0a0d7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 203116 8c189c121c5dfc78ed72af9a35388199 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_i386.deb Size/MD5 checksum: 374256 45fd4846f187b8fbdef5b207943645cc http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_i386.deb Size/MD5 checksum: 186498 2a73520939bd5b786b6df222153533c0 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 132594 cbea14e452f4c28aa1a8fc83e6b83e93 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 197436 eaf2a4fb5f6987f20e4e8bf6da593eb7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_i386.deb Size/MD5 checksum: 1448484 1419b6ce2635e666dda08a97667fb3b9 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_i386.deb Size/MD5 checksum: 3400038 68566e8d150c9672d2fc9f69721afc74 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 1260622 2e366633dde66d8c0cd9f52bd14f05d9 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 140522 70aae884e320054dd156594b3b9a3a1d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 793288 a6cc855342ac8acd34c8c5ccc0732cb8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 219140 18d225dd4493187809d2055a53b3614f http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 3928116 5cd1c77d498ee0399ec1aead5a61f584 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 225164 31ce670d4ebc721544f3f1ccf364037a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 214638 29029606fac83c911e2ce43159bc5871 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 397434 40cb45830eacd79e0e549a7589016dca http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 633316 558fa80919baae1afebe0d0d0eeec308 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 140744 a336a4d95cb16405b8e9991851d83f49 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 205638 d8b011d7595092aebc84e3ce101cfe30 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 208220 ee023415db8b96c8628c114060f4faf3 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 132784 28739b04cda7696278d3ed0ccced2f50 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 190100 da4346d63a61fb1203a6a729bb513e8c http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 5120712 eaa77fe90e6af741d6bcb7b766dfb087 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 428254 13839f3c0d5094558869d50283eb4b65 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 324130 a67a94c6fc6234da119c51f483846d64 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_ia64.deb Size/MD5 checksum: 720394 ee1e3cb0a34c9ba86e54e048ca800284 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_ia64.deb Size/MD5 checksum: 1651584 4a347cc58d34a81bceb63667c276dcda mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_mips.deb Size/MD5 checksum: 364874 e1fd5a6d186774bf4af0585ab0ceb0a6 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 633780 0a8a5a12ae50aee7b794a5100e367a71 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 133142 af6dbeb134d97221496f6643bfd87c31 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 1461566 d5d31be85816bb2d9e835cd0308db345 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 131776 5d7ca1bcdb12e45d1c6e0bc3f2525aea http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 3706890 0f79ba2d25bd7c942ef5e03be729b64e http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 635308 0c46032483e871e5af64336e3d297494 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_mips.deb Size/MD5 checksum: 210648 48fa0cabb3bc75a611e37df01db443c7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 196306 803339de7496b76d9a609b1e12162175 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 581040 4a8b3e3242fa95186c1dca6e33730878 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 1129170 b487f630b0ab69afc1c64b6e42941350 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_mips.deb Size/MD5 checksum: 374014 62dea1309666ba57c5814043b93935a7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 197454 d7d39ecfba266cd1e1cbf58f3e1c80a1 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_mips.deb Size/MD5 checksum: 294772 5474109137db2f7813edd46dbc9d2dd7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_mips.deb Size/MD5 checksum: 205640 c92bfb396fa0c58a97da56d9a5bce526 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_mips.deb Size/MD5 checksum: 126040 882aa5294470184e3f830f14ff1359a1 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 198836 9064a98b60943042d990cfb30e7c725b http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_mips.deb Size/MD5 checksum: 4632418 551be2bf9b99debf88766bfdc52bdd93 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_mips.deb Size/MD5 checksum: 186436 e6c4e1afa9e4ef737d794e181f5e0649 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 295380 7fefc50eb87bc4062a0372167241c8db http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 186772 61f869fadaab59f4204ad93967224b3a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 199166 1fc6fc9de222e028a9502d7b5321252d http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 4319674 d79e8c35ad47b770624f5839becc6dd5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 364932 726270b7357059a2683f1d9a56a81fae http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 633368 40dee45813284ba24f6c04e844adb88f http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 631464 af03abe8f5876c9909a37f4f1661a227 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 372026 cb39ae09e19d750d43296c8bd8f5cd15 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 196706 38072bfe2aaca4f4c3fda252462a1925 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 1467470 26308f342881a841de45b3fb746e6bf7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 211052 2a572e6a0f83840a24f41e75205ff32a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 197676 7d3d56e7d43db5774372cdc95ec17a0d http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_mipsel.deb Size/MD5 checksum: 205966 93e6482b403d1f5a20f74cf7507e13aa powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 1138360 dd81195716bec06b82a3ab37bee3a6c0 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 632790 8de5609abdbb51d79463f0591ab57426 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 673790 49359be46a3d41294eef900efdb0f8a5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 1486766 f5cad69b522469bf981843fa79f10691 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 188102 5c5c7310456b98d6a14df168a09b1227 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 3771848 b63c177e4b113bf6f015a9f6da36a6e0 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 4680810 5044705621bd65f5706da71038ee9338 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 356596 9a8dcc42cf80378f38ded4ca8820992c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 297822 b0a44552d880fe9029d521705d89c394 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 203804 657d563fe0ed9b81221abc83de6ef54b http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 129404 6661532b10f17d0ed76245c2284fac96 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 374370 83bc2016f7edaa5bab30b22831f3e6d4 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 134670 ccf51f43b650577bb31e78a54da78d6c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 209110 6c7ed988f3d906d496351bc5f809f1a9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 198170 903938be6effc066bb7ee0e5f02caf32 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 211722 caae95a5849c54874224eee0c8ca1d52 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 633332 a4affac6ba89e68caa42ff89f914ff75 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_powerpc.deb Size/MD5 checksum: 199438 7239a2f5e84489d6f57addbb6360844a http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_powerpc.deb Size/MD5 checksum: 132714 161e9af76dede8c4f86f65f56e75eec6 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 1142270 a9f7b028790df3fa468c1c4c3c068a9a http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 3820184 468020f8c4b47e83b2df3847f57f486d http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 127828 be56b9cb5e2f79c9c6bf93e8c22a2da7 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 633346 7739515af290e6c281fda2b409896a2f http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 614508 cfee7de77ecab4c9192166f1513ca728 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_s390.deb Size/MD5 checksum: 363258 bc25e3b65a4775b9ac3b045e8b41808e http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 4747752 27af473a35d4728c25604fa469595db6 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 202298 4d99972056e606dc6d60f9e122a6208f http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_s390.deb Size/MD5 checksum: 187438 6ee343d02091ffc458e270e2521c30ec http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 198148 546a62f14052cd7b3ca2754706129223 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 132434 3afe06b52c3f278b44338f0b60d2dc85 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 663034 b97c13fcbb556ffb691081d1e7aab32b http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_s390.deb Size/MD5 checksum: 211340 36509f8ca1e7fde071980fb6ea3dc5f5 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_s390.deb Size/MD5 checksum: 374656 a8fe1197897d5f5f0f892a2e6a07fb49 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_s390.deb Size/MD5 checksum: 208790 a2f0c57991819082821de4559a95a25f http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_s390.deb Size/MD5 checksum: 302432 43bed1c2f20c28725e6b880dd4695ea3 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_s390.deb Size/MD5 checksum: 133182 8c086be58a8219393682848a31ba5954 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 1488100 4ef422c5c2981f86409aaf22a4a732c8 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_s390.deb Size/MD5 checksum: 198424 20d6b5bdc63fba0cd18aac9e3692c8c6 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 197498 ce19d6469e96aaeb923c9dee28f0538c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-compat2_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 185870 c00fb9fafb0ebcd46c0601afd8d5ada3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq4_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 292508 5699dcff917d3d4fcb5779f1aec18e8c http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpgtypes2_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 206804 b7d3469627bc8ed4aec7d7b2869b001c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 133236 c8a3767ca1143972b21b174cb2fb277a http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 201862 1bd2a7fdad1c22a98948194064c2959a http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg-dev_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 370016 d03c93098aed0cafb222e9ead4c2067d http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 127908 0a614d81792f02fdd890abb3e5b91754 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 582370 d97f2cc0bfe3e07eb02734bf0017fcf3 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-client-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 1458034 0170b94c4625c2949da771b90c25bb88 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 196410 ba2b103f4566a6b6501dfa39fa9e0b98 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 633720 65f3bdc5d197a37268d666c16980b791 http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 4627136 2ae39bb60634bfb797ef7aca80b8796c http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 3696996 51cb4009fd32c3828cf6d3aaca80dd7d http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-client-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 1110124 89d5fa80226a9ffe67060ce8fe6a48b1 http://security.debian.org/pool/updates/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.26-0etch1_sparc.deb Size/MD5 checksum: 131326 c2b50a6825c27ce1de1eb3712095dbfe http://security.debian.org/pool/updates/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 634892 cb73e302eb389e71cdc8b442e36944c9 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libecpg5_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 206154 68c8ab5f8d87d86dafc391d50668a819 http://security.debian.org/pool/updates/main/p/postgresql-8.1/libpq-dev_8.1.18-0etch1_sparc.deb Size/MD5 checksum: 345206 4f863879698bfdb1491087dc33fcaed4 -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8.orig.tar.gz Size/MD5 checksum: 13841845 14a82ab269c114d72986daf75129aabf http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1.dsc Size/MD5 checksum: 1665 d12c48d393363e14ffbf1f8e611b3cd0 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1.diff.gz Size/MD5 checksum: 44031 fd0a3effe3d87a4ed48a87de1854171c Architecture independent packages: http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.8-0lenny1_all.deb Size/MD5 checksum: 2140236 72b025b1f3b64a3c3f0e1a135c5862d4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240748 f0b071cad328759e58621d07ff413b9a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240848 e3cb10ca2f54100389d5ca941252eb06 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-doc_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240690 fb2d66d14bda224779dd974e92d70fd9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql_8.3.8-0lenny1_all.deb Size/MD5 checksum: 240882 f16537d67137730a4025b5d52ce3798e alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 259604 a469fd8bbdbd670a740ba071e3cb33f9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 466306 8e072dfa400bfacadef4538966e6990b http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 606938 fd812a88b9c5764c6041086b4a55d10f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 249784 b60a85361f52ec7c5c1f93f8414e582a http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 377110 9640f85d0e35aaf0462789cbc055dacb http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 270722 3e321cf9fc968fcc36f0ef65964d5aa2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 269958 df323e8f23c748b0e6473f0bf7e22fb2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 1690662 b398b51cff5bfd521b5b771a790eed3a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 814574 7024653f3e069f715a8c0a0d6dc40740 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 268050 edd46d36d1aac5af12d1b21a48f463a1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 464204 b6fcc60bf794494de185ff38c6a4fb53 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 261160 cd0a0334cc03e61af6b318e758af7d45 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_alpha.deb Size/MD5 checksum: 5255622 ef15387fb5234dc335093ec06fe61c1b amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 262090 e3f420bfba3a84a3fba95a4f8bc584e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 813482 a365fd323ff6dae2c533dbae83449e35 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 259602 b97bd9b55ad2cda9e35274a652362ae4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 248766 cba413a638d8d0282569381dd3ef2a5b http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 1687032 e58d273e75992c29d7f6092d79164a10 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 378250 8a130804ab23615dd72403347ff6651e http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 5345480 a82350903c9710ec049747f5d74ecd0b http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 446844 05889d3c55a5dfff516f2ba8fe1ef3a1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 269836 04627e7d2fb1593960a725eb7fdc1108 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 268372 11a8a8e8030f9f6c71627380ff7bbfc9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 606054 4a2a29b3f6b997e5b077189c9ad480f2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 270210 a92c3888ebcda5e6ce2d6a48ed360d3e http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_amd64.deb Size/MD5 checksum: 459246 99833fc1649defebb97fbba3c76043cf arm architecture (ARM) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 450404 b9e623923a9a231cab4c644305925963 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 267158 6eb4f7cb30eaab9eb635400b3ed30f9b http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 259644 e80b48d8a4ccc52d4cf757f4af3f72b8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 430280 3ea893984555727738e1e81746daf672 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 261384 fe467a12a68adce26dc6ec5cb058be53 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 1646974 e62979cee6b9c361ebed54b98f6daa05 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 566558 24b7a6f7c99b6598f0821b7e23874a14 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 247918 0537041c52d023be1a4c5edfcdb4f6ad http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 266374 ed27f93c3b8a613ea4f3da8c81ccfc68 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 5219534 003088694c2600d21df45280284c20b7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 268478 e4174541915ab083f5e5aa1590e23970 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 812296 6ce802f84f06e2f1725072956993e714 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_arm.deb Size/MD5 checksum: 363784 25c105daea9b2b8f6fd1101a89d651e4 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 809624 ab2bf5a7846b943c3e4067ff75480dd3 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 5232298 f3e0b7550bd9b24eae35a13481b8bf0a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 1650326 fd5e34fa747ad79bbb53b9cf004b8ff5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 266422 34ee8a3c45553a47011e9457def0c288 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 247572 e7fe861c8afeaabb8e5213aea3dfdcf7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 453836 5777d23d9b45bc0405d3de48349dc7a5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 432386 8ec948401afa9189158af4874e3fd39b http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 271274 2fa4168a980223eddd2585d36dae5ec7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 261416 686ac13edd1b8059e701347ec4268ac8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 269230 3dd13a938cb0a63e332ec0968a2d9d43 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 363976 6b95aa61b5f7aea50d5592b5b2c6b68d http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 259226 8d2d7d192b279e28be32e7ea54a13aab http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_armel.deb Size/MD5 checksum: 582680 7044966f606b656ffa6a4440f5cb10c8 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 263914 098a97cdf9a6a02c5251f0cde09b1f16 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 465904 19698faa72e35687ce40b71ad800b695 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 274886 fcd64f05bbe5eacbd16abf2ee737a282 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 380578 403df81134854d2e78a442dd23cdc172 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 270222 01f708244476511ba1e49b2a77fe319f http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 621412 42acd8c0d45cde67866601979ab90312 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 448340 0004bf134ff1ab1e5cb707874fd2f76f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 273024 2772bd07a3effe27dd2699b42ae26031 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 5793274 94ffb6b3b17aed401aec9f188926d963 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 819188 31f3642fbc3ce751a18b82d557983e20 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 1722738 916f615eb119f2a4eeb4ffec50bc04f4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 249224 60cc6cab310983bf4ae9a440c9d17218 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_hppa.deb Size/MD5 checksum: 261108 307091d57037e20ee7232f403c6a6dad i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 247882 9e2dd1e807ef99713396ed7324493d52 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 259416 615abd898f0528c5e3a8d4c77af61748 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 1657816 9e15ae86be7d7bcd4d1ae1023f366bc8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 5228714 a0e6790f2e0baacb9894c0fe6bb627e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 434434 990f4c1e3e1aaf24af16e369cbbebd83 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 268856 09d7c962cb2c57fc0e51f8bcd43e1ccc http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 812464 cd9f7739f1bb870c71a04f3e5d9334d7 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 570002 271807a0cd3e0b754c7ccd4c93676c97 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 451198 1bf295cd2899fde3b97ce825ea9841e1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 266454 b07f946b8f7a2e24b40b7289d762307f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 269470 2a1086e333a5bcf830a7109e4c1e173c http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 258384 c74d1313ac7310b77df6a34e0978caf5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_i386.deb Size/MD5 checksum: 369600 d519996a3609b81be6419c8ee3639bd2 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 401870 e72a6a0b2e304e5ee2087bed10501996 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 286890 0ba5c32f9d96a8486ad828edb2c4b905 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 6259748 3d267fb7cdf05721794e1174cac4bae2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 280908 979b31d95ce39e0d87eec465b87ee85a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 267030 4fbaae87e88b0ebccb8c5ad76f5fae24 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 251622 77d2dddd72eeffc63d862442886f5cc5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 723666 be907e37c3afb43bf86a1af33b490bc6 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 822416 b31511637397a103df97b13052a4b3a6 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 281942 728ddbd06895556817ffb1ccd8dfb884 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 486690 6315f80aca82a90f397172acc7e5e5fd http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 512586 556622b1019baa5fbbc836cb67da1831 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 275382 a87477409fd7290bf57d93f272cd970d http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_ia64.deb Size/MD5 checksum: 1870298 4eb8d0c4eeeacaa587f447a4148dc380 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 369386 f069d481ec70a73a85e2c2815758ced1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 259156 a995763486976c61742dc3be17ea85e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 247918 3650928d4b26439cd6bf17305fb00793 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 262758 2c88de6013633e95141e8ba3e4d71c87 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 1671072 cf33882208e4879c90c977b973755545 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 268810 85be3a52c15bd8715fc1bfa00eba7708 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 5553876 2632b0f0e3cf29fb4e8ea681ff09b02f http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 260724 ea7a52d06e5972870fe795a87dc8c539 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 271824 0a60e2563af5c5da3cfe81783100cb1e http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 571842 18b34ab1c54634ee259e6a787bfd0919 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 450492 8d3bca10fa23aebdf086ff412dea2a3c http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 449416 be1cc8fc1422d1f44536bc9a2b4422e4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_mips.deb Size/MD5 checksum: 807884 3a04c534b1558b022a443ab1442a54cf mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 262588 f29329c0c53ee930c0ae96d372035cb8 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 568030 50e67d2d80b9acd2a33a7af57ce28fbb http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 807864 8448fd744a35167d02042298a97f903d http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 1668570 ca20db947485b8a82d78668792a0ea8a http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 447668 e450142c7a52d0268850081da53ee2f4 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 260628 07f5d333447b1d51ab558dc28dd52c4d http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 247864 c1169d2d869806eb2e8e1850d4201749 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 271798 d4cb1d759b3d8b38d76d5b598e4c020f http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 268742 262454de97b99e4f3f209ae404b1f427 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 259126 19fd2ca05b0bb08b18ca397d7f04cfa9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 369450 5672e197e8184d008cba9cdc6eafdcf5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 5203646 e1fffc4216cbdbc6a3eae3bee3b23abd http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_mipsel.deb Size/MD5 checksum: 449554 8eb95b6b897c48a6a490938915c402ce powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 248898 3e95ca309d8208e27495f7f0cd208646 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 1720440 b598c40ea5afa78b84f27fec6ea6805b http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 454880 483207936daf0d333f24db5845298b32 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 273188 d1d12a35918a9c1c6a61aa75f6421b55 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 374270 8d004381fec1e81675e840a2c5a88a36 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 269940 d35ffe1f102e659569d430d87e8cd8df http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 655332 0b00b3adad1e18acf28d468e586ce882 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 445492 3ce646399e05c078c25d79db08717238 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 264314 d51c3ad4d19bb37cc458473efcdcddaa http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 809424 b21c368784aba5f1eab78e433e14398f http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 5698764 2948a55a81f8dfb5dda2e5b4b0e87963 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 271352 ce4e853a390c79d0c5f70b3ae7100291 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_powerpc.deb Size/MD5 checksum: 262416 6eb6c36f7b64bf3990ba92fe9963f338 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 377882 8acd2e6a698050491912bd3f2d68a2d2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 614630 ebf558506b47d3b09cfe74289d1674a9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 463858 9cebbb1f5226c8b1a44888ba4abf58bd http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 272010 c13859216b2b7d43b4d7b3bbd9d8438a http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 272192 fab5f4c498788870fd5b54fd5a1e9582 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 259940 acbd95a41fb91d2e713fecd51c185d50 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 266672 83106482db57b645f339714d67f73c17 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 449232 d26a44aff1e9ce9114460d53e3a0c774 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 1707010 8f21c2c312d45692c175c8494f55943a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 809596 f15a97d969755e160e94c6ad817f4754 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 262854 a7c2ae1d7c31201e674bc3e27a90ed49 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 5742642 df7715a0d607605e1e9afd914c4f66e5 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_s390.deb Size/MD5 checksum: 249088 c0f0c1b3157a4c33eb151c59aa638944 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq-dev_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 434760 6fa671104e50df7dc22e1ca4889e4310 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-dev_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 440726 1226f3e0278d09ef570551333046a515 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-client-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 1652128 fdb4b1c8fd5fe21f74e9a285948ba01a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 265360 18ad96b5e437f31e960ea41d9d24d9e2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 258358 71e1bceaf9ae427ac275180bf57d02d9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 807260 343e7aebce4072b417c0b5dbdf0c58b2 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpgtypes3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 266856 a0f197c2e2ee05845cc700847969cab9 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg6_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 267094 6ef8b2fd622165d276686c26173d631a http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 565574 b88abc1b88934c72e459e08804653375 http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 259808 0ba43dc6b37614d1178ac0be1839afa1 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libpq5_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 367396 a00740a5b4483b797005eb130584e5de http://security.debian.org/pool/updates/main/p/postgresql-8.3/postgresql-8.3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 5440464 c0fd556c057a9734105b961e212d9713 http://security.debian.org/pool/updates/main/p/postgresql-8.3/libecpg-compat3_8.3.8-0lenny1_sparc.deb Size/MD5 checksum: 247460 55c93c096ecabc5376468eaa0756aeb8 ORIGINAL ADVISORY: DSA-1900-1: http://www.us.debian.org/security/2009/dsa-1900 OTHER REFERENCES: SA36660: http://secunia.com/advisories/36660/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 16:03:49 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 23:03:49 -0000 Subject: [SEC] [SA36941] XM Easy Personal FTP Server Directory Listing Denial of Service Message-ID: <20091005230349.7414.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: XM Easy Personal FTP Server Directory Listing Denial of Service SECUNIA ADVISORY ID: SA36941 VERIFY ADVISORY: http://secunia.com/advisories/36941/ DESCRIPTION: Platen has discovered a vulnerability in XM Easy Personal FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing directory listing FTP requests. This can be exploited to terminate the FTP service via overly large LIST or NLST requests. The vulnerability is confirmed in version 5.8.0. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Platen ORIGINAL ADVISORY: http://packetstormsecurity.org/0910-exploits/XM-ftp-dos.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 16:22:41 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 23:22:41 -0000 Subject: [SEC] [SA36945] FreeBSD Devfs / VFS NULL Pointer Dereference Privilege Escalation Message-ID: <20091005232241.25423.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: FreeBSD Devfs / VFS NULL Pointer Dereference Privilege Escalation SECUNIA ADVISORY ID: SA36945 VERIFY ADVISORY: http://secunia.com/advisories/36945/ DESCRIPTION: A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to a NULL pointer dereference error caused by a race condition within the devfs and VFS interaction. This can be exploited to e.g. execute arbitrary code with kernel privileges. NOTE: Additionally, the vendor provides an enhancement against NULL pointer exploits. SOLUTION: Update FreeBSD or apply patches. Fixed versions: 2009-05-18 10:41:59 UTC (RELENG_7, 7.2-STABLE) 2009-10-02 18:09:56 UTC (RELENG_7_2, 7.2-RELEASE-p4) 2009-10-02 18:09:56 UTC (RELENG_7_1, 7.1-RELEASE-p8) Patches: http://security.FreeBSD.org/patches/SA-09:14/devfs7.patch.asc PROVIDED AND/OR DISCOVERED BY: The vendor credits Przemyslaw Frasunek. ORIGINAL ADVISORY: http://security.freebsd.org/advisories/FreeBSD-SA-09:14.devfs.asc http://security.freebsd.org/advisories/FreeBSD-EN-09:05.null.asc ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 16:34:32 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 23:34:32 -0000 Subject: [SEC] [SA36922] Debian update for strongswan Message-ID: <20091005233432.6145.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for strongswan SECUNIA ADVISORY ID: SA36922 VERIFY ADVISORY: http://secunia.com/advisories/36922/ DESCRIPTION: Debian has issued an update for strongswan. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA35296 SA35522 NOTE: CVE-2009-1957 and CVE-2009-1958 do not affect Debian GNU/Linux 4.0 (etch). SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2.diff.gz Size/MD5 checksum: 58570 945cc03b76743138f14b9719a204fedb http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz Size/MD5 checksum: 3155518 8b9ac905b9bcd41fb826e3d67e90a33d http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2.dsc Size/MD5 checksum: 811 6787c4f1c81bc390d2d4c5ef7cd1f004 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_alpha.deb Size/MD5 checksum: 1210988 0ea0beeecfd0569a417cdd7a8890afa0 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_amd64.deb Size/MD5 checksum: 1100154 e7975b7c9593e6813b1ab2391488fd5e arm architecture (ARM) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_arm.deb Size/MD5 checksum: 1070960 49bb60a09eeffd0b82abea6a742099ea hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_hppa.deb Size/MD5 checksum: 1133960 e2fd0221197dfc3624ff95095453883a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_i386.deb Size/MD5 checksum: 1054160 3859569cbea184e01cb17158458a86e0 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_ia64.deb Size/MD5 checksum: 1453188 ef4f77c2fafc736399b1cf24eba13ab2 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_mips.deb Size/MD5 checksum: 1124320 b163fda8163d818f160658bc2b1a764c mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_mipsel.deb Size/MD5 checksum: 1129922 d6ae9af171b053e87e4cff2ed30588f1 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_powerpc.deb Size/MD5 checksum: 1097810 c9f14e78602cf64488374ff27edb9fa4 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_s390.deb Size/MD5 checksum: 1083894 3dac1f759f83817c674e29a9db14dc48 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch2_sparc.deb Size/MD5 checksum: 1030670 e52adc5269d580dd987d1a6a6d031872 -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3.diff.gz Size/MD5 checksum: 61133 b619f96758667d0968c5572c3014d8be http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3.dsc Size/MD5 checksum: 1602 1ea34a8afadc1d588b11d89d9e40a12b http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz Size/MD5 checksum: 3295212 92ddfaedd6698bc6640927def271d476 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_alpha.deb Size/MD5 checksum: 1301924 9b04ce068a381ae22f56649c68651986 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_amd64.deb Size/MD5 checksum: 1180738 035f9bb4259a1e3f2399680a1683a98f arm architecture (ARM) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_arm.deb Size/MD5 checksum: 1028530 f28fcfb750422e4f586510cd7f9f911a armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_armel.deb Size/MD5 checksum: 1035544 88390cad9b508b2c8fad0aa35dc8239e hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_hppa.deb Size/MD5 checksum: 1217010 94c648fa6a84688768e9b1a879a9f2db i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_i386.deb Size/MD5 checksum: 1099208 348f57f1abb9b9c29f7ce63454b6b52a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_ia64.deb Size/MD5 checksum: 1616200 0ce2671a1eaa92a58ffa749c08acbc83 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_mips.deb Size/MD5 checksum: 1159422 3147d506d48de6277ac13d313ba8a4f7 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_mipsel.deb Size/MD5 checksum: 1158848 1a4f6c94e451e86baa7cae2afecd037e powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_powerpc.deb Size/MD5 checksum: 1229396 4c9c95a6f7e1449d788b1fc467643a56 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_s390.deb Size/MD5 checksum: 1259906 78a3c024f40ccb2d2f2b82e30c978720 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny3_sparc.deb Size/MD5 checksum: 1143570 0acb2853fafd6396147fdb019cadc412 ORIGINAL ADVISORY: DSA-1899-1: http://www.us.debian.org/security/2009/dsa-1899 OTHER REFERENCES: SA35296: http://secunia.com/advisories/35296/ SA35522: http://secunia.com/advisories/35522/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 16:53:41 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 5 Oct 2009 23:53:41 -0000 Subject: [SEC] [SA36955] FreeBSD Privilege Escalation Vulnerabilities Message-ID: <20091005235341.21866.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: FreeBSD Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA36955 VERIFY ADVISORY: http://secunia.com/advisories/36955/ DESCRIPTION: Some vulnerabilities have been reported in FreeBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. 1) A use-after-free error caused by a race condition within the pipe "close()" implementation related to kqueues can be exploited to e.g. execute arbitrary code with kernel privileges. 2) A NULL pointer dereference error can be exploited to e.g. execute arbitrary code with kernel privileges. For more information: SA36945 NOTE: Additionally, the vendor provides an enhancement against NULL pointer exploits. SOLUTION: Update FreeBSD or apply patches. 2009-10-02 18:09:56 UTC (RELENG_6, 6.4-STABLE) 2009-10-02 18:09:56 UTC (RELENG_6_4, 6.4-RELEASE-p7) 2009-10-02 18:09:56 UTC (RELENG_6_3, 6.3-RELEASE-p13) Patches: 1) http://security.FreeBSD.org/patches/SA-09:13/pipe.patch.asc 2) http://security.FreeBSD.org/patches/SA-09:14/devfs6.patch.asc PROVIDED AND/OR DISCOVERED BY: The vendor credits Przemyslaw Frasunek. ORIGINAL ADVISORY: 1) http://security.freebsd.org/advisories/FreeBSD-SA-09:13.pipe.asc 2) http://security.freebsd.org/advisories/FreeBSD-SA-09:14.devfs.asc http://security.freebsd.org/advisories/FreeBSD-EN-09:05.null.asc OTHER REFERENCES: SA36945: http://secunia.com/advisories/36945/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 17:22:35 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 00:22:35 -0000 Subject: [SEC] [SA36930] Novell eDirectory Cross-Site Scripting Vulnerability Message-ID: <20091006002235.11591.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Novell eDirectory Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA36930 VERIFY ADVISORY: http://secunia.com/advisories/36930/ DESCRIPTION: Francis Provencher has reported a vulnerability in Novell eDirectory, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via parameters to dhost/modules is not properly sanitised before being returned to the user in an error message. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in eDirectory 8.8 SP5. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences in a proxy. PROVIDED AND/OR DISCOVERED BY: Francis Provencher, Protek Research Lab ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 17:39:00 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 00:39:00 -0000 Subject: [SEC] [SA36953] Fedora update for samba Message-ID: <20091006003900.29973.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for samba SECUNIA ADVISORY ID: SA36953 VERIFY ADVISORY: http://secunia.com/advisories/36953/ DESCRIPTION: Fedora has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious users to disclose sensitive information and cause a DoS (Denial of Service). For more information: SA36893 SOLUTION: Apply updated packages via the yum utility ("yum update samba"). ORIGINAL ADVISORY: FEDORA-2009-10172: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html FEDORA-2009-10180: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html OTHER REFERENCES: SA36893: http://secunia.com/advisories/36893/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 17:52:36 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 00:52:36 -0000 Subject: [SEC] [SA36937] Slackware update for samba Message-ID: <20091006005236.15077.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Slackware update for samba SECUNIA ADVISORY ID: SA36937 VERIFY ADVISORY: http://secunia.com/advisories/36937/ DESCRIPTION: Slackware has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious users to disclose sensitive information and cause a DoS (Denial of Service). For more information: SA36893 SOLUTION: Apply updated packages. Updated package for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/samba-3.0.37-i486-1_slack10.0.tgz Updated package for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/samba-3.0.37-i486-1_slack10.1.tgz Updated package for Slackware 10.2: ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/samba-3.0.37-i486-1_slack10.2.tgz Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/samba-3.0.37-i486-1_slack11.0.tgz Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/samba-3.0.37-i486-1_slack12.0.tgz Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/samba-3.0.37-i486-1_slack12.1.tgz Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/samba-3.2.15-i486-1_slack12.2.tgz Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/samba-3.2.15-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/samba-3.2.15-x86_64-1_slack13.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-3.4.2-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-3.4.2-x86_64-1.txz ORIGINAL ADVISORY: SSA:2009-276-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439 OTHER REFERENCES: SA36893: http://secunia.com/advisories/36893/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 5 18:25:46 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 01:25:46 -0000 Subject: [SEC] [SA36932] Kolab Server Cyrus IMAP Sieve Processing Buffer Overflow Message-ID: <20091006012546.10039.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Kolab Server Cyrus IMAP Sieve Processing Buffer Overflow SECUNIA ADVISORY ID: SA36932 VERIFY ADVISORY: http://secunia.com/advisories/36932/ DESCRIPTION: A vulnerability has been reported in Kolab Server, which can be exploited by malicious users to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information see vulnerability #1 in: SA36629 SOLUTION: Update the imapd package to the latest version (see vendor's advisory for details). ORIGINAL ADVISORY: http://kolab.org/security/kolab-vendor-notice-24.txt OTHER REFERENCES: SA36629: http://secunia.com/advisories/36629/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 11:39:53 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 18:39:53 -0000 Subject: [SEC] [SA36954] Joomla CB Resume Builder Component "group_id" SQL Injection Vulnerability Message-ID: <20091006183953.30460.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Joomla CB Resume Builder Component "group_id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA36954 VERIFY ADVISORY: http://secunia.com/advisories/36954/ DESCRIPTION: kaMtiEz has reported a vulnerability in the CB Resume Builder component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "group_id" parameter to index.php (if "option" is set to "com_cbresumebuilder" and "task" is set to "group_member") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: kaMtiEz ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 12:37:48 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 19:37:48 -0000 Subject: [SEC] [SA36898] HP LoadRunner XUpload ActiveX Control Insecure Method Message-ID: <20091006193748.13949.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: HP LoadRunner XUpload ActiveX Control Insecure Method SECUNIA ADVISORY ID: SA36898 VERIFY ADVISORY: http://secunia.com/advisories/36898/ DESCRIPTION: pyrokinesis has discovered a vulnerability in HP LoadRunner, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #2 in: SA28660 The vulnerability is confirmed in HP LoadRunner 9.5. Other versions may also be affected. SOLUTION: Set the kill-bit for the ActiveX control. PROVIDED AND/OR DISCOVERED BY: Nine:Situations:Group::pyrokinesis ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_hp_loadrunner.html OTHER REFERENCES: SA28660: http://secunia.com/advisories/28660/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 13:37:28 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 20:37:28 -0000 Subject: [SEC] [SA36900] FrontRange HEAT SQL Injection Vulnerabilities Message-ID: <20091006203728.31573.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: FrontRange HEAT SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA36900 VERIFY ADVISORY: http://secunia.com/advisories/36900/ DESCRIPTION: A vulnerability has been reported in FrontRange HEAT, which can be exploited by malicious people to conduct SQL injection attacks. Input passed as username and password while logging in to the Call Logging component is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow logging in as the last logged in user. The vulnerability is reported in version 8.01. Other versions may also be affected. SOLUTION: Grant only trusted users access to the affected component. PROVIDED AND/OR DISCOVERED BY: teknineutensil ORIGINAL ADVISORY: http://packetstormsecurity.org/0909-exploits/heat-sql.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 14:34:41 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 21:34:41 -0000 Subject: [SEC] [SA36933] Debian update for elinks Message-ID: <20091006213441.21081.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for elinks SECUNIA ADVISORY ID: SA36933 VERIFY ADVISORY: http://secunia.com/advisories/36933/ DESCRIPTION: Debian has issued an update for elinks. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA36910 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2.diff.gz Size/MD5 checksum: 30564 48727476dbfed45200797a0504fa6e4a http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1.orig.tar.gz Size/MD5 checksum: 3863617 dce0fa7cb2b6e7194ddd00e34825218b http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2.dsc Size/MD5 checksum: 872 870acbbc16c166c0e17669f435cf4478 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_alpha.deb Size/MD5 checksum: 496748 65a9e90caf0005912d0f307447bb7252 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_alpha.deb Size/MD5 checksum: 1264746 750b9c9425d331afdd84ae9e8ec397cc amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_amd64.deb Size/MD5 checksum: 457658 d35d0729240a9a3e4edf596fab8b5519 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_amd64.deb Size/MD5 checksum: 1219062 eeb677af4bd1f969062dcc49a6c5797f arm architecture (ARM) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_arm.deb Size/MD5 checksum: 1179258 2236eef0018c35106157254f1a9b5371 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_arm.deb Size/MD5 checksum: 417026 d6298439e61cfd390dc5f885fa6d3ce9 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_hppa.deb Size/MD5 checksum: 1249718 200ea460bf1c50c7c77fb818b99d6f93 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_hppa.deb Size/MD5 checksum: 481296 4d1ffd49415dc0f727fec71843e0cf1e i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_i386.deb Size/MD5 checksum: 423782 fd2bdd5f8d85049dd34e9d392cfb0d55 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_i386.deb Size/MD5 checksum: 1188386 6b5bd5cc0801cc98c5f89eb755036a58 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_ia64.deb Size/MD5 checksum: 1432996 3f1c8fd354685e153aa0bf6001811f72 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_ia64.deb Size/MD5 checksum: 624264 6ab1d3d6329c2fbbd366c7979846be04 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_mipsel.deb Size/MD5 checksum: 1223924 88dab6a6625382e7d7531f9f45f2fb6d http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_mipsel.deb Size/MD5 checksum: 466916 3f54531dc562935768748e8626c3cd8a powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_powerpc.deb Size/MD5 checksum: 450082 4cb3cbeda69cd02ddc99b132d26998c5 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_powerpc.deb Size/MD5 checksum: 1216856 ed85e75381a7bfdd094e21e0e16ecbfd s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_s390.deb Size/MD5 checksum: 1232366 5eafbb1dcf688fe54bd347afab8d6da8 http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_s390.deb Size/MD5 checksum: 470580 9da53a0cc795e3943c250a44810f006d sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/e/elinks/elinks-lite_0.11.1-1.2etch2_sparc.deb Size/MD5 checksum: 419686 6177d561615f0c17f9e46e3642899870 http://security.debian.org/pool/updates/main/e/elinks/elinks_0.11.1-1.2etch2_sparc.deb Size/MD5 checksum: 1186370 1f7db95ad501df7b756e3ccaf2dc754d ORIGINAL ADVISORY: DSA-1902-1: http://www.debian.org/security/2009/dsa-1902 OTHER REFERENCES: SA36910: http://secunia.com/advisories/36910/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 15:03:11 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 22:03:11 -0000 Subject: [SEC] [SA36935] Hyperic HQ Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <20091006220311.2663.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Hyperic HQ Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA36935 VERIFY ADVISORY: http://secunia.com/advisories/36935/ DESCRIPTION: Some vulnerabilities have been reported in Hyperic HQ, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed e.g. via the "typeId" parameter to mastheadAttach.do, the "eid" parameter to Resource.do, and via the "u" parameter to admin/user/UserAdmin.do is not properly sanitised before being returned to the user in an exception handler within hq/web/common/GenericError.jsp. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "Description" parameter is not properly sanitised before being returned to the user in an alert list. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions 3.2, 4.0, 4.1, 4.2-beta1, AMS 2.0.0.SR3 and tc Server 6.0.20.B. Other versions may also be affected. SOLUTION: Apply updates packages. Hyperic HQ 3.2: Update to 3.2.6 and apply patch. http://download.hyperic.com/dl/patch/hq.jar.3.2.6.1.zip Hyperic HQ 4.0: Update to 4.0.3 and apply patch. http://download.hyperic.com/dl/patch/hq.jar.4.0.3.1.zip Hyperic HQ 4.1: Update to 4.1.2 and apply patch. http://download.hyperic.com/dl/patch/hq.jar.4.1.2.1.zip Hyperic HQ 4.2-beta1: Update to Hyperic HQ 4.2-beta2 or later. AMS 2.0.0.SR3: Update to 2.0.0.SR4. tc Server 6.0.20.B Update to AMS 2.0.0.SR. PROVIDED AND/OR DISCOVERED BY: * Gast?n Rey and Pablo Carballo from Core Security Technologies * The vendor also credits Eric Searcy. ORIGINAL ADVISORY: SpringSource: http://www.springsource.com/security/hyperic-hq Core Security Technologies: http://www.coresecurity.com/content/hyperic-hq-vulnerabilities ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 15:24:52 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 22:24:52 -0000 Subject: [SEC] [SA36958] GNOME GLib "set_unix_mode()" Symlink Copy Insecure Permissions Message-ID: <20091006222452.21418.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: GNOME GLib "set_unix_mode()" Symlink Copy Insecure Permissions SECUNIA ADVISORY ID: SA36958 VERIFY ADVISORY: http://secunia.com/advisories/36958/ DESCRIPTION: A security issue has been reported in GNOME GLib, which can be exploited by malicious, local users to disclose potentially sensitive information and manipulate certain data. The security issue is caused due to an error in the "set_unix_mode()" function when setting file permissions. This can be exploited to gain read and write access to normally restricted files or directories. Successful exploitation requires that symlinks to protected files or directories are copied with an application using GLib (e.g. Nautilus). SOLUTION: Update to version 2.22.1. PROVIDED AND/OR DISCOVERED BY: Reported in an Ubuntu bug report. ORIGINAL ADVISORY: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/418135 https://bugzilla.gnome.org/show_bug.cgi?id=593406 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 15:41:18 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 22:41:18 -0000 Subject: [SEC] [SA36959] Ubuntu update for glib Message-ID: <20091006224118.1854.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for glib SECUNIA ADVISORY ID: SA36959 VERIFY ADVISORY: http://secunia.com/advisories/36959/ DESCRIPTION: Ubuntu has issued an update for glib. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information and manipulate certain data. For more information: SA36958 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6-0ubuntu1.2.diff.gz Size/MD5:36482 5a747f19839228824de8b801306697b1 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6-0ubuntu1.2.dsc Size/MD5: 1168 b073d48a3ef03f58d58a647ba6bc5152 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6.orig.tar.gz Size/MD5:6491460 65c594a471406a377bee8171a2ea43d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.16.6-0ubuntu1.2_all.deb Size/MD5:1131446 3554e3c1d7ff9e967b2a70118ed269d0 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-data_2.16.6-0ubuntu1.2_all.deb Size/MD5:968 8b2ba86fa2ce1c1ce6f87449a29ba398 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_amd64.deb Size/MD5:1177628 74b9bb38332276d8f27e84a2a989923c http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_amd64.deb Size/MD5: 824766 5d60a5bbee4bb5f5a503cf17b6b968d8 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_amd64.deb Size/MD5: 985446 30a551102c0dc05911b28d18f09094e2 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_amd64.deb Size/MD5:48396 5fbd8935fc8cdfbc87ddee9dd5ea906e http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_amd64.udeb Size/MD5:1307488 0e797f76924ae31a0a54f596207c1c18 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_i386.deb Size/MD5:1102278 322adce90ad9052eb05e97acb2bb3aed http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_i386.deb Size/MD5: 758442 d60d1a00d850acc2bf29301d2e708c94 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_i386.deb Size/MD5: 872458 21872fd8706eccc3260906e9e18b81f6 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_i386.deb Size/MD5:46706 5e4456b1527efd940e01c7aca7c65072 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_i386.udeb Size/MD5:1241052 ca6659a5062d06e9f95a794d25aa0bec lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_lpia.deb Size/MD5:1126498 a8cf538453e395b610fd43a0e1d3995c http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_lpia.deb Size/MD5: 749728 b8ab5b52627b33a02dc628518f6e8cc1 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_lpia.deb Size/MD5: 866292 d24055f7c9b3c22743b23b1db647f8c8 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_lpia.deb Size/MD5:46612 7b5d6df79a5cc8a2a776b0c67b30a889 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_lpia.udeb Size/MD5:1232302 fafbeb120762dfb6b82d401106729d21 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5:1166088 050d4dd8978470c1093993d6c90e596a http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5: 825162 ecffe44dd39ccfd545503ca4a71fa7e0 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5:1033488 700541c029701259dd63002d839e6b58 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_powerpc.deb Size/MD5:48212 365fa4ae6a0d78604327e3512fffb461 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_powerpc.udeb Size/MD5:1307814 dd8adeb8031b2bf15835c3c6ab294867 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.2_sparc.deb Size/MD5:1031494 f32564a7f6e9690edacbf0f780cef5eb http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.2_sparc.deb Size/MD5: 781614 be1710dc92c6743fa361e5e3e09b1ef9 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.2_sparc.deb Size/MD5: 954028 d0096984a450e243d3000477eb57fc68 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.2_sparc.deb Size/MD5:47426 adb02e18065700850fc14681a73ad940 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.2_sparc.udeb Size/MD5:1264164 2721162b1d7cb0a32ab3ba614d1be5c9 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2-0ubuntu2.2.diff.gz Size/MD5:35443 73649aa00b9d205898ae59e370fd9e9d http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2-0ubuntu2.2.dsc Size/MD5: 1590 a926c661d9c479a13a4411142bbf3c72 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2.orig.tar.gz Size/MD5:6792476 0f2bf241fc93d95a0bd599a9c2a352ca Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-data_2.18.2-0ubuntu2.2_all.deb Size/MD5:958 99a3c187fb42b5474cbd9084bd0030d0 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.18.2-0ubuntu2.2_all.deb Size/MD5:1152092 f2fe37185e9baeb1053d679532b8b065 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_amd64.deb Size/MD5:1248558 0e994c01e40a02dca07eb3e97dbc18bb http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_amd64.deb Size/MD5: 842792 4b0ac82667ecef56cc860beccdee293e http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_amd64.deb Size/MD5:1027690 ab9170d2e4e7a59cbacda17f4cd26a83 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_amd64.deb Size/MD5:44238 f554baa4009cb2f94d3a772b61588a66 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_amd64.udeb Size/MD5:1401396 b03b104e47ef33b7dc39dcdeaf19be90 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_i386.deb Size/MD5:1173950 6fca09b423847cd228c54bfb2cae0b8f http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_i386.deb Size/MD5: 771386 59fc2f39bf44711d3f71e931fac145d9 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_i386.deb Size/MD5: 910734 5b6b4f5f29cfdd0bc10feea8568fdc99 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_i386.deb Size/MD5:42770 2fc72afdfb182c5d98a6025c9781d50c http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_i386.udeb Size/MD5:1330248 b35f040211be097dde97b42cfb670434 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_lpia.deb Size/MD5:1195246 1e0c8d42046bb26ca77faf7f33e273c3 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_lpia.deb Size/MD5: 760718 e2715639702d39739133dc050359afe3 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_lpia.deb Size/MD5: 901700 0ef039e50122f10423ef12cf0983541c http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_lpia.deb Size/MD5:42636 b958b2a50e892a45c950ad2b85a935b0 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_lpia.udeb Size/MD5:1319542 25ac302084e325749e0b9fc1b4c7f0b3 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5:1237952 1e714a4b235f51b8d36a458878fbe093 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5: 845898 458dd666f452eb766156fbf3c6dad720 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5:1079876 8e0767a4ab92de24c1616ed8f4d528d3 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_powerpc.deb Size/MD5:44050 45fe62276a6a3b92281969762601f78f http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_powerpc.udeb Size/MD5:1404280 9cb23943f8aa9e63e80fe489caecca64 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.2_sparc.deb Size/MD5:1077380 058daceb636ddcd10164358265cb24ff http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.2_sparc.deb Size/MD5: 791034 83ee279d3e7824d6d39a2adfed996787 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.2_sparc.deb Size/MD5: 985278 cef0af3b99bf2da441e416e0b14e8352 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.2_sparc.deb Size/MD5:43316 928da79d94b2fe648ae0eb8b88e0b91d http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.2_sparc.udeb Size/MD5:1349944 9cb36ac4a77838ba835e4054ebc8006a -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.20.1-0ubuntu2.1.diff.gz Size/MD5:37116 868528ad6cb52e2d44545af18fc1ce68 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.20.1-0ubuntu2.1.dsc Size/MD5: 1787 da3e90ca36741d5707fecf76e8721f5a http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.20.1.orig.tar.gz Size/MD5:7130990 855be1b668ceaec3320c702212c95638 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-data_2.20.1-0ubuntu2.1_all.deb Size/MD5:988 a45364a2d8509221d95b1ad8c1b06dd8 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.20.1-0ubuntu2.1_all.deb Size/MD5:1173566 392137fd234e3b18599cd83cc23de82e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.20.1-0ubuntu2.1_amd64.deb Size/MD5:1267456 ac0577ab5b91c87f538fe4c51e37dc4b http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.20.1-0ubuntu2.1_amd64.deb Size/MD5: 848734 d593e59a3c013ee23dc4abf59a24b4f3 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.20.1-0ubuntu2.1_amd64.deb Size/MD5:1045830 b1453c6d591e7c9bcf321cb01c9b2c1c http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-udeb_2.20.1-0ubuntu2.1_amd64.udeb Size/MD5:1474384 b2239443a6a9a7ff36a7fdfe2e73c668 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.20.1-0ubuntu2.1_amd64.deb Size/MD5:34548 47a0ab55b3eb9f7b52c9527f81e963a9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.20.1-0ubuntu2.1_i386.deb Size/MD5:1191820 a0b07904592f136ad4ee93a8948da580 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.20.1-0ubuntu2.1_i386.deb Size/MD5: 777212 4b21124cbefa06dfab88a4d7891db90b http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.20.1-0ubuntu2.1_i386.deb Size/MD5: 927792 3f55a23af4269bf4f194b48a784b0b25 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-udeb_2.20.1-0ubuntu2.1_i386.udeb Size/MD5:1403190 e685faa392ba17bf58f764336a28f5f7 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.20.1-0ubuntu2.1_i386.deb Size/MD5:33190 e3db9d13b73405a007d425a2c1c2df1e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.20.1-0ubuntu2.1_lpia.deb Size/MD5:1210906 9036b0463ab9702f87b5d4a6ff2ea0bb http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.20.1-0ubuntu2.1_lpia.deb Size/MD5: 765332 e24d23f1ed35765d084cb3324b2993a7 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.20.1-0ubuntu2.1_lpia.deb Size/MD5: 917694 3d04fe7b5635311d9f5ad51d09995777 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-udeb_2.20.1-0ubuntu2.1_lpia.udeb Size/MD5:1391182 f2f71f14300d89635fb2b739a44f6132 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.20.1-0ubuntu2.1_lpia.deb Size/MD5:33072 fd27bbd1ef6586b26259164104d1c132 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.20.1-0ubuntu2.1_powerpc.deb Size/MD5:1255082 55cc71be24c6a43187d3997ca8b2fcba http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.20.1-0ubuntu2.1_powerpc.deb Size/MD5: 853460 35e80083e1c62411d92855e6d75f864e http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.20.1-0ubuntu2.1_powerpc.deb Size/MD5:1101358 6cd274b60f52dd837e8ce2f2281e8060 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-udeb_2.20.1-0ubuntu2.1_powerpc.udeb Size/MD5:1478758 a1430354b79feadb28d8113681337d63 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.20.1-0ubuntu2.1_powerpc.deb Size/MD5:34664 084bfefc579f5bd8edef02cdbd1d667b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.20.1-0ubuntu2.1_sparc.deb Size/MD5:1090202 9fcf2e1a5176ad1b9b694d59d826e588 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.20.1-0ubuntu2.1_sparc.deb Size/MD5: 797802 367f79748bd2021b0da5935a7f522750 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.20.1-0ubuntu2.1_sparc.deb Size/MD5:1003874 80701dd1515c302b4c73f71265cdfe39 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-udeb_2.20.1-0ubuntu2.1_sparc.udeb Size/MD5:1423862 8f042b442ac55ddfb3b2935363bcd58a http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.20.1-0ubuntu2.1_sparc.deb Size/MD5:33802 1ccc2b53c8127c0fa4b4f91859f9ae7d ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-841-1 OTHER REFERENCES: SA36958: http://secunia.com/advisories/36958/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 16:00:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 23:00:50 -0000 Subject: [SEC] [SA36921] Linksys WRT54GC Cross-Site Request Forgery Vulnerability Message-ID: <20091006230050.16483.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Linksys WRT54GC Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA36921 VERIFY ADVISORY: http://secunia.com/advisories/36921/ DESCRIPTION: VenturoLab Team has reported a vulnerability in Linksys WRT54GC, which can be exploited by malicious people to conduct cross-site request forgery attacks. The diagnostics.cgi script allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. inject arbitrary script code or cause a DoS via the "ping_address" and "raceroute_address" parameters. The vulnerability is reported in firmware version 1.01.5 and 1.00.7. Other versions may also be affected. SOLUTION: Do not visit other websites while being logged-in to the Linksys administration interface. PROVIDED AND/OR DISCOVERED BY: VenturoLab Team ORIGINAL ADVISORY: http://venturolab.pl/index.php/2009/09/30/opis-bledu-w-routerze-linksys-wrt54gc/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 16:23:23 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 23:23:23 -0000 Subject: [SEC] [SA36966] McAfee Email and Web Security Appliance TCP Implementation Denial of Service Message-ID: <20091006232323.10021.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: McAfee Email and Web Security Appliance TCP Implementation Denial of Service SECUNIA ADVISORY ID: SA36966 VERIFY ADVISORY: http://secunia.com/advisories/36966/ DESCRIPTION: McAfee has acknowledged some vulnerabilities in McAfee Email and Web Security Appliance, which can be exploited by malicious people to cause a DoS (Denial of Service). Multiple errors exist in the TCP implementation when handling resources, which can be exploited to render a system unresponsive. SOLUTION: Apply Email and Web Security Appliance Software 5.1 Patch 4. ORIGINAL ADVISORY: https://kc.mcafee.com/corporate/index?page=content&id=KB66963 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 6 16:41:17 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 6 Oct 2009 23:41:17 -0000 Subject: [SEC] [SA36965] Stonesoft Products TCP Implementation Denial of Service Vulnerability Message-ID: <20091006234117.25202.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Stonesoft Products TCP Implementation Denial of Service Vulnerability SECUNIA ADVISORY ID: SA36965 VERIFY ADVISORY: http://secunia.com/advisories/36965/ DESCRIPTION: A vulnerability has been reported in multiple Stonesoft Products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing TCP packets and can be exploited to e.g. render the blacklist service or the SSL VPN Web Console unresponsive. The vulnerability is reported in the following products: * StoneGate Firewall and VPN versions up to 4.2.10, and versions between 4.3.0 and 5.0.2 * StoneGate IPS Sensor and Analyzer versions up to 4.2.3, 4.3.6 and 5.0.1 * StoneGate SSL VPN up to version 1.3.1 SOLUTION: The vendor recommends restricting access to the affected interfaces to trusted IP addresses only. StoneGate Firewall and VPN: Update to engine version 4.2.11 or 5.0.3 as soon as available (expected in early October 2009). StoneGate IPS Sensor and Analyzer: Update to engine version 4.2.4, 4.3.7, or 5.0.2 as soon as available (expected in early October 2009). StoneGate SSL VPN: Update to engine version 1.4.0 as soon as available (expected during Q4/2009). PROVIDED AND/OR DISCOVERED BY: The vendor credits Outpost24. ORIGINAL ADVISORY: http://www.stonesoft.com/en/support/security_advisories/2009_17_09.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 11:38:01 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 18:38:01 -0000 Subject: [SEC] [SA36703] Exponent CMS Contact Module "email" Cross-Site Scripting Vulnerability Message-ID: <20091007183801.23520.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Exponent CMS Contact Module "email" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA36703 VERIFY ADVISORY: http://secunia.com/advisories/36703/ DESCRIPTION: Ivan Markovic has discovered a vulnerability in Exponent CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "email" parameter when submitting a message via the Contact module is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.97-GA20090213. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Ivan Markovic, security-net.biz ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 12:38:09 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 19:38:09 -0000 Subject: [SEC] [SA36967] Puppet Supplementary Groups Weakness Message-ID: <20091007193809.6831.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Puppet Supplementary Groups Weakness SECUNIA ADVISORY ID: SA36967 VERIFY ADVISORY: http://secunia.com/advisories/36967/ DESCRIPTION: A weakness has been reported in Puppet, which potentially can be exploited by malicious, local users to gain escalated privileges. The weakness is caused due to "puppetmasterd" not properly dropping supplementary groups, which potentially can be exploited to perform certain actions with escalated privileges. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Till Maas ORIGINAL ADVISORY: http://projects.reductivelabs.com/issues/show/1806 https://bugzilla.redhat.com/show_bug.cgi?id=475201 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 13:39:49 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 20:39:49 -0000 Subject: [SEC] [SA36939] Omni-NFS Enterprise Buffer Overflow Vulnerabilities Message-ID: <20091007203949.22595.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Omni-NFS Enterprise Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA36939 VERIFY ADVISORY: http://secunia.com/advisories/36939/ DESCRIPTION: Some vulnerabilities have been discovered in Omni-NFS Enterprise, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error exists in ntpd.exe when processing FTP requests. This can be exploited to cause a stack-based buffer overflow by sending specially crafted requests to port 21/TCP. Successful exploitation allows execution of arbitrary code. 2) A boundary error exists in wftp.exe in the processing of FTP responses. This can be exploited to cause a stack-based buffer overflow when a user connects to a specially crafted FTP server. Successful exploitation allows execution of arbitrary code. The vulnerabilities are confirmed in Omni-NFS Enterprise 5.2. Other versions may also be affected. SOLUTION: Restrict network access to the affected service. PROVIDED AND/OR DISCOVERED BY: Reported in metasploit modules. ORIGINAL ADVISORY: http://trac.metasploit.com/browser/framework3/trunk/modules/exploits/windows/ftp/xlink_server.rb http://trac.metasploit.com/browser/framework3/trunk/modules/exploits/windows/ftp/xlink_client.rb ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 14:38:29 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 21:38:29 -0000 Subject: [SEC] [SA36977] Palm Pre WebOS Unspecified Vulnerabilities Message-ID: <20091007213829.10773.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Palm Pre WebOS Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA36977 VERIFY ADVISORY: http://secunia.com/advisories/36977/ DESCRIPTION: Some vulnerabilities have been reported in Palm Pre WebOS, which have unknown impacts. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 1.2.1. SOLUTION: Update to version 1.2.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 15:01:48 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 22:01:48 -0000 Subject: [SEC] [SA36936] Palm Pre WebOS Multiple Vulnerabilities Message-ID: <20091007220148.23114.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Palm Pre WebOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA36936 VERIFY ADVISORY: http://secunia.com/advisories/36936/ DESCRIPTION: Some vulnerabilities have been reported in Palm Pre WebOS, where one vulnerability can be exploited to conduct script insertion attacks while others have unknown impacts. 1) Certain input via emails is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code, which can be used to e.g. disclose local files. 2) Some vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 1.2.0. SOLUTION: Update to version 1.2.0. PROVIDED AND/OR DISCOVERED BY: 1) Townsend Ladd Harris 2) Reported by the vendor and Townsend Ladd Harris. ORIGINAL ADVISORY: Palm: http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#12 Townsend Ladd Harris: http://tlhsecurity.blogspot.com/2009/10/palm-pre-webos-11-remote-file-access.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 15:22:55 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 22:22:55 -0000 Subject: [SEC] [SA36940] Alleycode HTML Editor Optimizer Multiple Buffer Overflows Message-ID: <20091007222255.6506.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Alleycode HTML Editor Optimizer Multiple Buffer Overflows SECUNIA ADVISORY ID: SA36940 VERIFY ADVISORY: http://secunia.com/advisories/36940/ DESCRIPTION: Some vulnerabilities have been discovered in Alleycode HTML Editor, which can be exploited by malicious people to compromise a user's system. 1) A boundary error exists in the Meta Content Optimizer when displaying the content of "TITLE" HTML tags. This can be exploited to cause a stack-based buffer overflow via an HTML file defining an overly long "TITLE". 2) Two boundary errors exist in the Meta Content Optimizer when displaying the content of "META" HTML tags. These can be exploited to cause stack-based buffer overflows via HTML files defining overly long "description" or "keywords" "META" elements. Successful exploitation of the vulnerabilities allows execution of arbitrary code, but requires that a user is tricked into running the Meta Content Optimizer on a malicious HTML file. The vulnerabilities are confirmed in version 2.21. Other versions may also be affected. SOLUTION: Do not process untrusted HTML files. PROVIDED AND/OR DISCOVERED BY: 1) Rafael Sousa 2) an anonymous person ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 15:38:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 22:38:22 -0000 Subject: [SEC] [SA36972] Symantec SecurityExpressions Cross-Site Scripting and Script Insertion Message-ID: <20091007223822.22790.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Symantec SecurityExpressions Cross-Site Scripting and Script Insertion SECUNIA ADVISORY ID: SA36972 VERIFY ADVISORY: http://secunia.com/advisories/36972/ DESCRIPTION: Some vulnerabilities have been reported in Symantec SecurityExpressions, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Unspecified input passed to the SecurityExpressions Audit and Compliance Server console is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of the console when the malicious data is being viewed. Successful exploitation of this vulnerability requires authentication. 2) Input passed via unspecified parameters to the SecurityExpressions Audit and Compliance Server is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 4.1 and 4.1.1. SOLUTION: Update to version 4.1.1 and apply the Hotfix 1 (KB49452). PROVIDED AND/OR DISCOVERED BY: The vendor credits Nate Roberts, Wipfli, LLP. ORIGINAL ADVISORY: Symantec: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091006_00 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 15:54:02 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 22:54:02 -0000 Subject: [SEC] [SA36973] Ubuntu update for backuppc Message-ID: <20091007225402.3396.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for backuppc SECUNIA ADVISORY ID: SA36973 VERIFY ADVISORY: http://secunia.com/advisories/36973/ DESCRIPTION: Ubuntu has issued an update for backuppc. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. For more information: SA36393 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.0.0-4ubuntu1.1.diff.gz Size/MD5: 21923 9900a0a3545140aa8dfa99c82325c2a6 http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.0.0-4ubuntu1.1.dsc Size/MD5: 725 b95b75a4b08f5d51b0cc498e3b11abd5 http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.0.0.orig.tar.gz Size/MD5: 432200 dc37728c1dc9225354523f279045f3f3 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.0.0-4ubuntu1.1_all.deb Size/MD5: 491322 b09233c28365bca07e7589cde9e70f29 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0-3ubuntu2.1.diff.gz Size/MD5: 24091 e9caaf9693e4222226e523d383844cfd http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0-3ubuntu2.1.dsc Size/MD5: 1123 655eb9b56a61072ee29f5c12096c1cbb http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0.orig.tar.gz Size/MD5: 474981 84b4471852ef910768eae9963ef932d2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0-3ubuntu2.1_all.deb Size/MD5: 537934 8ba6638c0e0c971db6c0b5a8635cd54e -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0-4ubuntu1.1.diff.gz Size/MD5: 27074 395e09fdee61feb651812c68d447e1c7 http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0-4ubuntu1.1.dsc Size/MD5: 1123 b71592b894e37a3e08a42f13b0884f2c http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0.orig.tar.gz Size/MD5: 474981 84b4471852ef910768eae9963ef932d2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/backuppc/backuppc_3.1.0-4ubuntu1.1_all.deb Size/MD5: 540222 b52db5cf3ec5b95fa34eeff76046e318 ORIGINAL ADVISORY: USN-843-1: http://www.ubuntu.com/usn/USN-843-1 OTHER REFERENCES: SA36393: http://secunia.com/advisories/36393/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 16:21:52 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 23:21:52 -0000 Subject: [SEC] [SA36974] Ubuntu update for wget Message-ID: <20091007232152.25481.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for wget SECUNIA ADVISORY ID: SA36974 VERIFY ADVISORY: http://secunia.com/advisories/36974/ DESCRIPTION: Ubuntu has issued an update for wget. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA36540 SOLUTION: Apply updated packages. -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu1.1.diff.gz Size/MD5: 13576 1e0bd3f6766ccec47e56543add24f6ee http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu1.1.dsc Size/MD5: 635 2fc7a7bb0b375f0197066634251b678f http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2.orig.tar.gz Size/MD5: 1213056 795fefbb7099f93e2d346b026785c4b8 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu1.1_amd64.deb Size/MD5: 242902 bc6388c0a62bfeb733bd9650831a16d7 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu1.1_i386.deb Size/MD5: 231806 a2db447d60ee6a2c110d0821710f64e5 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu1.1_powerpc.deb Size/MD5: 237456 0cb5f38c14d929ff5bf4cf49f596173f sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu1.1_sparc.deb Size/MD5: 234566 5715c3e3c7a1fdc5088062620c1ef7a0 -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-3ubuntu1.1.diff.gz Size/MD5: 159701 285fb3ed2f3b72cfb2a660aa69e88992 http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-3ubuntu1.1.dsc Size/MD5: 724 64e8f5ca18e46e6b623f28f32636b3b0 http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2.orig.tar.gz Size/MD5: 1213056 795fefbb7099f93e2d346b026785c4b8 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-3ubuntu1.1_amd64.deb Size/MD5: 245188 3ce5dcf59f0b6846d0e1603e7792b767 http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.10.2-3ubuntu1.1_amd64.udeb Size/MD5: 113810 32e6d086f555f54d7e792308e9a751fe i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-3ubuntu1.1_i386.deb Size/MD5: 237758 333fc10b43cabaea85ba3bf2e8f8912d http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.10.2-3ubuntu1.1_i386.udeb Size/MD5: 106420 d9b515296d12378b9836107b566c5f98 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/w/wget/wget_1.10.2-3ubuntu1.1_lpia.deb Size/MD5: 237412 a8a6b4b9be478453498db1c973ce0bae http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.10.2-3ubuntu1.1_lpia.udeb Size/MD5: 106408 e4963b7ffe58e88dca118a9a2eebd6ea powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/w/wget/wget_1.10.2-3ubuntu1.1_powerpc.deb Size/MD5: 253120 8808b0485d41f832ec07583d8aabd5f5 http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.10.2-3ubuntu1.1_powerpc.udeb Size/MD5: 121562 bb4a522a48a60ae1802bbfb098011002 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/w/wget/wget_1.10.2-3ubuntu1.1_sparc.deb Size/MD5: 239116 a96b7a74035cec7ee7b652e0f8723c35 http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.10.2-3ubuntu1.1_sparc.udeb Size/MD5: 107290 e23bd05c06e106745de3c29e46e5d330 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-1ubuntu1.1.diff.gz Size/MD5: 18317 8600c594c0263c32b546ee4aeab34621 http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-1ubuntu1.1.dsc Size/MD5: 1162 f8bdcd44667c37f106b514d94264f4bd http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4.orig.tar.gz Size/MD5: 1475149 69e8a7296c0e12c53bd9ffd786462e87 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_amd64.deb Size/MD5: 249658 16312043daa9f77500a19a3f2bf0bbfc http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1.1_amd64.udeb Size/MD5: 119232 96264dd4213fa4c4d02b0887e2abb284 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_i386.deb Size/MD5: 241698 d5dd659c24a84d909feba21ed0ccefe1 http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1.1_i386.udeb Size/MD5: 112268 62d4708363a842c8d4bf282a87fac026 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_lpia.deb Size/MD5: 240992 1d5e2af0227b29405763279a04193155 http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1.1_lpia.udeb Size/MD5: 111328 be42f9c9014555386d1fe99b43376c19 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_powerpc.deb Size/MD5: 256726 e4ff5944bca367c804accbf927d416ae http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1.1_powerpc.udeb Size/MD5: 126314 6fc5f8629af2d78723aeb588f7cb27ae sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_sparc.deb Size/MD5: 243624 46787ca84b77e2330c38db7aa8bd6ecb http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1.1_sparc.udeb Size/MD5: 113856 a789be19ca6aa42960e3330e3a1a1252 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-2ubuntu1.1.diff.gz Size/MD5: 18470 f9f8a21925957ff4524d7b522648b096 http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-2ubuntu1.1.dsc Size/MD5: 1162 1aff87b060d61a095a761370685556d2 http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4.orig.tar.gz Size/MD5: 1475149 69e8a7296c0e12c53bd9ffd786462e87 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_amd64.deb Size/MD5: 249808 e3d7b4fa7ac99ce2430bd06ce7ebe879 http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1.1_amd64.udeb Size/MD5: 119320 2b3db8b5d2e77e6793ed81c0ecace5e0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_i386.deb Size/MD5: 241732 572ab5efa430d6da464c60301de01b7b http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1.1_i386.udeb Size/MD5: 112198 79f3209d6fb79ecdd2aa569f2969ed4e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_lpia.deb Size/MD5: 241120 5a5497104d603fa8bf118cb11853e05b http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1.1_lpia.udeb Size/MD5: 111318 e575f2ea6eedc2588075d99ce62e7c45 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_powerpc.deb Size/MD5: 256764 4349fe2613b98215705475f428719bf7 http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1.1_powerpc.udeb Size/MD5: 126234 649d9bcea3eaebe3fb7c120d4b0110ca sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_sparc.deb Size/MD5: 243696 30650bcb3533c5c087e96ff9ec4e9638 http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1.1_sparc.udeb Size/MD5: 113800 47c8a2fcffff44d84d077fa3afec1b7a ORIGINAL ADVISORY: USN-842-1: http://www.ubuntu.com/usn/USN-842-1 OTHER REFERENCES: SA36540: http://secunia.com/advisories/36540/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 7 16:47:42 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 7 Oct 2009 23:47:42 -0000 Subject: [SEC] [SA36929] Sun VirtualBox "VBoxNetAdpCtl" Privilege Escalation Message-ID: <20091007234742.15040.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun VirtualBox "VBoxNetAdpCtl" Privilege Escalation SECUNIA ADVISORY ID: SA36929 VERIFY ADVISORY: http://secunia.com/advisories/36929/ DESCRIPTION: A vulnerability has been reported in Sun VirtualBox, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error in the VBoxNetAdpCtl configuration tool, which can be exploited to execute arbitrary commands with root privileges. Successful exploitation requires permissions to run VirtualBox. The vulnerability is reported in Sun VirtualBox 3.0.0, 3.0.2, 3.0.4 and 3.0.6, for the Solaris x86, Linux, and Mac OS X platforms. SOLUTION: Update to version 3.0.8. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thomas Biege of SUSE Linux. ORIGINAL ADVISORY: Sun: http://sunsolve.sun.com/search/document.do?assetkey=1-66-268188-1 VirtualBox: http://www.virtualbox.org/wiki/Changelog ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 11:38:05 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 18:38:05 -0000 Subject: [SEC] [SA36976] CA Anti-Virus Engine RAR Processing Two Vulnerabilities Message-ID: <20091009183805.3356.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities SECUNIA ADVISORY ID: SA36976 VERIFY ADVISORY: http://secunia.com/advisories/36976/ DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. 1) An error in the arclib component of the CA Anti-Virus engine can be exploited to corrupt heap memory via a specially crafted RAR archive. Successful exploitation may allow execution of arbitrary code. 2) An error in the arclib component of the CA Anti-Virus engine can be exploited to corrupt stack memory via a specially crafted RAR archive and cause a crash. The vulnerabilities are reported in the following products and versions: * CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1, r8, and r8.1 * CA Anti-Virus 2007 (v8), 2008, and 2009 * CA Anti-Virus Plus 2009 * eTrust EZ Antivirus r7.1 * CA Internet Security Suite 2007 (v3) and 2008 * CA Internet Security Suite Plus 2008 and 2009 * CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 and 8.1 * CA Threat Manager Total Defense * CA Gateway Security r8.1 * CA Protection Suites r2, r3, and r3.1 * CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 and 8.0 * CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0, r3.1, r11, and r11.1 * CA ARCserve Backup r11.5 on Windows, r12 on Windows, r12.0 SP1 on Windows, r12.0 SP 2 on Windows, r12.5 on Windows, r11.1 Linux, and r11.5 Linux * CA ARCserve for Windows Client Agent * CA ARCserve for Windows Server component * CA eTrust Intrusion Detection 2.0 SP1, 3.0, and 3.0 SP1 * CA Common Services (CCS) r3.1, r11, and r11.1 * CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) * CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1 SOLUTION: The vulnerability is fixed in arclib.dll version 8.1.4.0, released via automatic updates. Please see the vendor's advisory for detailed instructions on applying patches. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller. ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 12:36:56 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 19:36:56 -0000 Subject: [SEC] [SA36993] Reflection for Secure IT Active Template Library Vulnerabilities Message-ID: <20091009193656.18477.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Reflection for Secure IT Active Template Library Vulnerabilities SECUNIA ADVISORY ID: SA36993 VERIFY ADVISORY: http://secunia.com/advisories/36993/ DESCRIPTION: Some vulnerabilities have been reported in Reflection for Secure IT, which can be exploited by malicious people to potentially bypass security features, gain knowledge of sensitive information, or compromise a user's system. The vulnerabilities are caused due to certain parts of the application being built using a vulnerable ATL (Active Template Library) version. For more information: SA35967 The vulnerabilities are reported in Reflection for Secure IT Windows Client and Server versions prior to 7.1 SP2. SOLUTION: Update to version 7.1 SP2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://support.attachmate.com/techdocs/2446.html http://support.attachmate.com/techdocs/2471.html OTHER REFERENCES: SA35967: http://secunia.com/advisories/35967/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 13:36:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 20:36:51 -0000 Subject: [SEC] [SA36992] ezRecipe-Zee "cfg[prePath]" Remote File Inclusion Vulnerability Message-ID: <20091009203651.1487.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: ezRecipe-Zee "cfg[prePath]" Remote File Inclusion Vulnerability SECUNIA ADVISORY ID: SA36992 VERIFY ADVISORY: http://secunia.com/advisories/36992/ DESCRIPTION: kaMtiEz has discovered a vulnerability in ezRecipe-Zee, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "cfg[prePath]" parameter in config/config.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or remote resources. Successful exploitation requires that "register_globals" is enabled. The vulnerability is confirmed in version 0.91. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: kaMtiEz ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 14:40:11 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 21:40:11 -0000 Subject: [SEC] [SA36985] aria2 DHT Routing Table Buffer Overflow Vulnerability Message-ID: <20091009214011.22331.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: aria2 DHT Routing Table Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA36985 VERIFY ADVISORY: http://secunia.com/advisories/36985/ DESCRIPTION: A vulnerability has been reported in aria2, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "deserialize()" function in src/DHTRoutingTableDeserializer.cc and can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 1.2.0. SOLUTION: Update to version 1.2.0 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://aria2.svn.sourceforge.net/viewvc/aria2/trunk/src/DHTRoutingTableDeserializer.cc?r1=670&r2=1041 http://sourceforge.net/project/shownotes.php?release_id=661228 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 15:01:20 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 22:01:20 -0000 Subject: [SEC] [SA36981] Ubuntu update for pan Message-ID: <20091009220120.3072.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for pan SECUNIA ADVISORY ID: SA36981 VERIFY ADVISORY: http://secunia.com/advisories/36981/ DESCRIPTION: Ubuntu has issued an update for pan. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the PartsBatch class when processing certain NZB files. This may be exploited to cause a buffer overflow and execute arbitrary code by e.g. tricking a user into opening a specially crafted NZB file. SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/pan/pan_0.132-2ubuntu2.1.diff.gz Size/MD5: 20545 6d36e3b972652c124c93eff41dc5695b http://security.ubuntu.com/ubuntu/pool/main/p/pan/pan_0.132-2ubuntu2.1.dsc Size/MD5: 877 593b70e1321f89cc1d3d79aaa0fcd431 http://security.ubuntu.com/ubuntu/pool/main/p/pan/pan_0.132.orig.tar.gz Size/MD5: 2069718 0999ea52f8d4187ac7c8fd416067b0e7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/pan/pan_0.132-2ubuntu2.1_amd64.deb Size/MD5: 821136 10e791382ac078f206571407b9aca5b8 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/pan/pan_0.132-2ubuntu2.1_i386.deb Size/MD5: 792564 5f4a69d8ce3dc342e20893020d1b2b2f lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/pan/pan_0.132-2ubuntu2.1_lpia.deb Size/MD5: 815322 dff1b50f04af376b9476f5f9150b0b97 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/pan/pan_0.132-2ubuntu2.1_powerpc.deb Size/MD5: 864758 9c63e15bd64326b9483ba916c089a00d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/pan/pan_0.132-2ubuntu2.1_sparc.deb Size/MD5: 885412 f0311151ff6ab621f97bbd6909253173 ORIGINAL ADVISORY: USN-845-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-October/000982.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 15:25:34 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 22:25:34 -0000 Subject: [SEC] [SA36962] Fedora update for aria2 Message-ID: <20091009222534.21011.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for aria2 SECUNIA ADVISORY ID: SA36962 VERIFY ADVISORY: http://secunia.com/advisories/36962/ DESCRIPTION: Fedora has issued an update for aria2. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA36985 SOLUTION: Apply updated packages via the yum utility ("yum update aria2"). ORIGINAL ADVISORY: FEDORA-2009-10344: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00282.html OTHER REFERENCES: SA36985: http://secunia.com/advisories/36985/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 15:44:07 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 22:44:07 -0000 Subject: [SEC] [SA36947] PBBoard Cross-Site Scripting Vulnerability Message-ID: <20091009224407.2273.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: PBBoard Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA36947 VERIFY ADVISORY: http://secunia.com/advisories/36947/ DESCRIPTION: A vulnerability has been discovered in PBBoard, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "text" parameter to index.php (when "page" is set to "new_topic") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: rUnViRuS ORIGINAL ADVISORY: http://packetstormsecurity.org/0910-exploits/pbboard-xss.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 16:03:30 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 23:03:30 -0000 Subject: [SEC] [SA36986] Red Hat update for squirrelmail Message-ID: <20091009230330.17599.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for squirrelmail SECUNIA ADVISORY ID: SA36986 VERIFY ADVISORY: http://secunia.com/advisories/36986/ DESCRIPTION: Red Hat has issued an update for squirrelmail. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks. For more information: SA34627 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009:1490-1: https://rhn.redhat.com/errata/RHSA-2009-1490.html OTHER REFERENCES: SA34627: http://secunia.com/advisories/34627/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 16:26:10 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 23:26:10 -0000 Subject: [SEC] [SA36963] Fedora update for deltarpm Message-ID: <20091009232610.5920.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for deltarpm SECUNIA ADVISORY ID: SA36963 VERIFY ADVISORY: http://secunia.com/advisories/36963/ DESCRIPTION: Fedora has issued an update for deltarpm. This fixed a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the inclusion of a vulnerable zlib version. For more information: SA16137 SOLUTION: Apply updated packages via the yum utility ("yum update deltarpm"). ORIGINAL ADVISORY: FEDORA-2009-10233: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00298.html FEDORA-2009-10237: https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00277.html OTHER REFERENCES: SA16137: http://secunia.com/advisories/16137/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 16:41:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 9 Oct 2009 23:41:22 -0000 Subject: [SEC] [SA36980] Ubuntu update for mimetex Message-ID: <20091009234122.19980.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for mimetex SECUNIA ADVISORY ID: SA36980 VERIFY ADVISORY: http://secunia.com/advisories/36980/ DESCRIPTION: Ubuntu has issued an update for mimetex. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system. For more information: SA35752 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1.diff.gz Size/MD5: 5469 8ad9a9938ea88e8ee405cb4ad667d4ac http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1.dsc Size/MD5: 683 4eed9863876f2366eabd726cd410d101 http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50.orig.tar.gz Size/MD5: 401817 cdda954fc3a436daa8345ecbfdb084c3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1_amd64.deb Size/MD5: 153268 e62de978629895ea46b3a505c98cb99d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1_i386.deb Size/MD5: 146142 2cb087e9a9b2cf2f544849935f7a1515 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1_lpia.deb Size/MD5: 143960 7695d7a093fa724e889cc836c7ad10a4 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1_powerpc.deb Size/MD5: 146076 c45addd30e86bd71f3ba40ca0a22d446 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.04.1_sparc.deb Size/MD5: 151876 960eec8e54a45b14e6095231752da948 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1.diff.gz Size/MD5: 5474 7a491ab73b9fca19aa47465e69a8c95a http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1.dsc Size/MD5: 1083 cd5e9dacab96573c0a636b787de405e7 http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50.orig.tar.gz Size/MD5: 401817 cdda954fc3a436daa8345ecbfdb084c3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1_amd64.deb Size/MD5: 153886 123a3943c860774fbef8ab1bbd7a6b2d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1_i386.deb Size/MD5: 146906 b06c90066e821a422152a0eee6d99c8b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1_lpia.deb Size/MD5: 144780 28155fae4c79e9567c9f218e5a2b5dc0 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1_powerpc.deb Size/MD5: 145814 2c8cc371d38dca569ffc46bcdde1f16b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.8.10.1_sparc.deb Size/MD5: 151790 ab0a37e033383d4299d8e2f1aa1e15ba -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1.diff.gz Size/MD5: 5472 b12e605f5aeaac50a3680c95ebe5a94e http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1.dsc Size/MD5: 1083 c35754529c28839ef43b4419b2c850fb http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50.orig.tar.gz Size/MD5: 401817 cdda954fc3a436daa8345ecbfdb084c3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1_amd64.deb Size/MD5: 153886 12e2799a662c380aa9974fc20e5766fc i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1_i386.deb Size/MD5: 146904 7094c07fec0a2324e143b671a9ae4fbb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1_lpia.deb Size/MD5: 144772 26369d7ec13ac18350aa1628304be27f powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1_powerpc.deb Size/MD5: 145810 d7bc985011692be4d4a00cb9114520a0 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/m/mimetex/mimetex_1.50-1ubuntu0.9.04.1_sparc.deb Size/MD5: 151730 8d105909cf098d9170e7ef00ed69c4e7 ORIGINAL ADVISORY: USN-844-1: http://www.ubuntu.com/usn/USN-844-1 OTHER REFERENCES: SA35752: http://secunia.com/advisories/35752/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 17:02:58 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 00:02:58 -0000 Subject: [SEC] [SA36970] vBulletin User Profile Script Insertion Vulnerability Message-ID: <20091010000258.5469.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: vBulletin User Profile Script Insertion Vulnerability SECUNIA ADVISORY ID: SA36970 VERIFY ADVISORY: http://secunia.com/advisories/36970/ DESCRIPTION: A vulnerability has been reported in vBulletin, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "Home Page" field in the user profile section is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. The vulnerability is reported in version 3.8.4, 3.7.6, and 3.6.12. Other versions may also be affected. SOLUTION: Update to version 3.8.4 PL1, 3.7.6 PL1, or 3.6.12 PL2. PROVIDED AND/OR DISCOVERED BY: MaXe ORIGINAL ADVISORY: vBulletin: http://www.vbulletin.com/forum/showthread.php?t=319572 MaXe: http://forum.intern0t.net/exploits-vulnerabilities-pocs/1502-vbulletin-3-8-4-cross-site-script-redirection.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 17:25:36 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 00:25:36 -0000 Subject: [SEC] [SA36983] Adobe Reader/Acrobat Arbitrary Code Execution Vulnerability Message-ID: <20091010002536.29642.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Adobe Reader/Acrobat Arbitrary Code Execution Vulnerability SECUNIA ADVISORY ID: SA36983 VERIFY ADVISORY: http://secunia.com/advisories/36983/ DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code. NOTE: The vulnerability is currently being actively exploited. The vulnerability is reported in Adobe Reader and Adobe Acrobat versions 9.1.3 and prior. SOLUTION: Do not process untrusted files. Do not browse untrusted websites or follow untrusted links. Patched versions are expected to be available on October 13, 2009. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day by Chia-Ching Fang and the Information and Communication Security Technology Center. ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb09-15.html http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 17:40:53 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 00:40:53 -0000 Subject: [SEC] [SA36987] Ubuntu update for devscripts Message-ID: <20091010004053.15880.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for devscripts SECUNIA ADVISORY ID: SA36987 VERIFY ADVISORY: http://secunia.com/advisories/36987/ DESCRIPTION: Ubuntu has issued an update for devscripts. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. For more information: SA36514 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4.dsc Size/MD5: 1255 e77cd75293868dce15bda87381699c60 http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4.tar.gz Size/MD5: 494661 b9836cd30eaab24a4ae677caa501a3c3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4_amd64.deb Size/MD5: 415752 5e481014f7449d48747173827c6112f8 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4_i386.deb Size/MD5: 415498 c91b58be71303331b753843b3f65e238 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4_lpia.deb Size/MD5: 415424 a3ffe0b548091da9a06b6540e2e81931 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4_powerpc.deb Size/MD5: 418916 9b0821303a4e38f70de0bdc46e6defec sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.11ubuntu5.8.04.4_sparc.deb Size/MD5: 415792 f1a09efc55c39effc8e6cd01f4d49758 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2.dsc Size/MD5: 1530 a2f1aebd332918e92060980ac76011fa http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2.tar.gz Size/MD5: 561023 0c73fe1803a03333866299cf4909985c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2_amd64.deb Size/MD5: 471866 f89e7cd144b853bc99baf4c966e0c3e3 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2_i386.deb Size/MD5: 471522 042a41e7c54ef83ed3b44d5191c15a07 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2_lpia.deb Size/MD5: 471450 2ece0a60ad5ab0b2c3404d450a36eb16 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2_powerpc.deb Size/MD5: 474890 c6efa6fb38fb77446566abd5cdb05d28 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.26ubuntu15.2_sparc.deb Size/MD5: 472200 90da98a2ea045bf27c456f652b9f9b6b -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1.dsc Size/MD5: 1537 3f5d345bb069e0796433b96dae26d9d0 http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1.tar.gz Size/MD5: 624181 ecc8f7705c920f415f0db16ac5e1d5cb amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1_amd64.deb Size/MD5: 529182 2a19ee9baffa132f6c56268c893d9a1e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1_i386.deb Size/MD5: 528806 2adb86a60d3e11a3ca2a076a0736148e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1_lpia.deb Size/MD5: 528698 e519f930ed469db24073db51e3586bcb powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1_powerpc.deb Size/MD5: 532576 623f2380e8276dbc6facbff757f43554 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/d/devscripts/devscripts_2.10.39ubuntu7.1_sparc.deb Size/MD5: 529380 5e32ebcc85a7bcadf98d27853d940b16 ORIGINAL ADVISORY: USN-847-1: http://www.ubuntu.com/usn/USN-847-1 OTHER REFERENCES: SA36514: http://secunia.com/advisories/36514/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 17:58:20 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 00:58:20 -0000 Subject: [SEC] [SA36998] Debian update for wget Message-ID: <20091010005820.3378.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for wget SECUNIA ADVISORY ID: SA36998 VERIFY ADVISORY: http://secunia.com/advisories/36998/ DESCRIPTION: Debian has issued an update for wget. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA36540 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1.diff.gz Size/MD5 checksum: 17947 116250977db43cb1981600c9722b7faa http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2.orig.tar.gz Size/MD5 checksum: 1213056 795fefbb7099f93e2d346b026785c4b8 http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1.dsc Size/MD5 checksum: 630 8e9e518014d108e22e446d575e9e1168 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_alpha.deb Size/MD5 checksum: 632362 f19446ca13a7e62f905275c4308d7e3d amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_amd64.deb Size/MD5 checksum: 617446 f4d7c11ef4d36351cd4a2f9f2c165cab arm architecture (ARM) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_arm.deb Size/MD5 checksum: 618108 ddcb9b8a1d776be025f5de75ecb8a0fe hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_hppa.deb Size/MD5 checksum: 622558 185317958f3aff3e0e90bc424f08742e i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_i386.deb Size/MD5 checksum: 612200 3dc181c1b15d6ed6bdbd7444eb6881fe ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_ia64.deb Size/MD5 checksum: 681302 f804ce6ede1c42e5c9e5b8344815e117 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_mipsel.deb Size/MD5 checksum: 625230 9c3f15e0101a2a4db24542b99e43c04e powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_powerpc.deb Size/MD5 checksum: 616572 5559c76d550b476fd0c7b39313b39c7e s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_s390.deb Size/MD5 checksum: 633186 c87a49b6cd732a4ed939dbc6e0987487 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch1_sparc.deb Size/MD5 checksum: 613854 482079e2a4f02cbe65ac956fa10e7a9b -- Debian GNU/Linux 5.0 alias lenny -- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1.dsc Size/MD5 checksum: 1060 ae958363f4aca0f82943525780a37f92 http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4.orig.tar.gz Size/MD5 checksum: 1475149 69e8a7296c0e12c53bd9ffd786462e87 http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1.diff.gz Size/MD5 checksum: 17216 0052572de990c970b9514069710d9110 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_alpha.deb Size/MD5 checksum: 632288 777d76cf4e0a7f2bc49224d6ec6a4cda amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_amd64.deb Size/MD5 checksum: 613794 a121ac028974b67cf286dfe7560c4ed2 arm architecture (ARM) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_arm.deb Size/MD5 checksum: 606644 81b325d3c2efb094d96a09b206e34c6d armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_armel.deb Size/MD5 checksum: 610024 e1d21da770447aa898b5187cf2dcacaa hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_hppa.deb Size/MD5 checksum: 622886 07d0613a2671662f48a459b47f73b09c i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_i386.deb Size/MD5 checksum: 608204 496dee8ea297c44aebddb3d06edb523f ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_ia64.deb Size/MD5 checksum: 677072 f37fad1af67e867b4e81a9dd6d91a4a3 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_mips.deb Size/MD5 checksum: 621116 b3fda98dfaf8336cd3177f30bf7fef31 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_mipsel.deb Size/MD5 checksum: 620714 ef700d4ba26217679fe5cc47aa47424f powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_powerpc.deb Size/MD5 checksum: 623630 210a22400278197bf803addabdcea224 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_s390.deb Size/MD5 checksum: 622148 6a9f410d08a44ae59fa7d259273158c1 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenny1_sparc.deb Size/MD5 checksum: 608454 a9ea995706e45f9b106fd7ed7ddbf252 ORIGINAL ADVISORY: DSA-1904-1: http://lists.debian.org/debian-security-announce/2009/msg00225.html OTHER REFERENCES: SA36540: http://secunia.com/advisories/36540/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 18:21:31 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 01:21:31 -0000 Subject: [SEC] [SA36984] Ubuntu update for icu Message-ID: <20091010012131.408.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for icu SECUNIA ADVISORY ID: SA36984 VERIFY ADVISORY: http://secunia.com/advisories/36984/ DESCRIPTION: Ubuntu has issued an update for icu. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA35436 SOLUTION: Apply updates packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8-6ubuntu0.2.diff.gz Size/MD5: 39891 a9003bd5c90941d57b87b15da535c7ad http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8-6ubuntu0.2.dsc Size/MD5: 999 39c79a838f98141852055e5a87a825de http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.orig.tar.gz Size/MD5: 10515206 25a997240bb83a98d4515b6a88370314 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu-doc_3.8-6ubuntu0.2_all.deb Size/MD5: 3658652 a0fb7bd752ac152d52d80f8bd2478e91 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/icu/lib32icu-dev_3.8-6ubuntu0.2_amd64.deb Size/MD5: 5998738 56ad82b318d679eade7cc8f711a1d884 http://security.ubuntu.com/ubuntu/pool/main/i/icu/lib32icu38_3.8-6ubuntu0.2_amd64.deb Size/MD5: 5878874 ef2ef3d16baf3ca869cdbc0912a01548 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu-dev_3.8-6ubuntu0.2_amd64.deb Size/MD5: 7041876 e497c872182c8ebdfda82fa059dc835e http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38-dbg_3.8-6ubuntu0.2_amd64.deb Size/MD5: 2355482 8b03119266dbd457d4dfe79d0fc89f56 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8-6ubuntu0.2_amd64.deb Size/MD5: 5874242 33c74e01cb617ff55d2fe95b39b86561 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu-dev_3.8-6ubuntu0.2_i386.deb Size/MD5: 6908186 631b3f268a7037b3971c2d173db599de http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38-dbg_3.8-6ubuntu0.2_i386.deb Size/MD5: 2251190 efb0783d113baa1cff2a049e7b80e43b http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8-6ubuntu0.2_i386.deb Size/MD5: 5877908 b09ecf646ae698d7a9a8520827945568 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8-6ubuntu0.2_lpia.deb Size/MD5: 6930696 0f6d24c80f44889e97897c9978bcee11 http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8-6ubuntu0.2_lpia.deb Size/MD5: 2287226 e9824136cf28017ff39b2cfb6a981884 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8-6ubuntu0.2_lpia.deb Size/MD5: 5877624 9279deb9a8aca6b8b60a00429cf8136f powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8-6ubuntu0.2_powerpc.deb Size/MD5: 7375762 1b59c57da88ce9993d0d153641e13494 http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8-6ubuntu0.2_powerpc.deb Size/MD5: 2347482 92e939e93e9e411f0e6b426465e18479 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8-6ubuntu0.2_powerpc.deb Size/MD5: 6238046 994b10686f5ed140c18617f4f78f0177 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8-6ubuntu0.2_sparc.deb Size/MD5: 7247458 6089dcd7579f524163608101c7027be7 http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8-6ubuntu0.2_sparc.deb Size/MD5: 2127014 4e8138da6801a39a88d10b63b1a768c6 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8-6ubuntu0.2_sparc.deb Size/MD5: 6108574 76a749c0a9bd1ed8779da473d860c91f -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.1-2ubuntu0.2.diff.gz Size/MD5: 43579 1e1ee08a9a83f3068f5f23431898bef1 http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.1-2ubuntu0.2.dsc Size/MD5: 1389 9baccafe2b13277610c386b592cf0ed7 http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.1.orig.tar.gz Size/MD5: 10591204 ca52a1eb5050478f5f7d24e16ce01f57 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu-doc_3.8.1-2ubuntu0.2_all.deb Size/MD5: 3659052 11dcd169aafa532554920b1466a12e52 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/icu/lib32icu-dev_3.8.1-2ubuntu0.2_amd64.deb Size/MD5: 6064634 caae8ed67cd66a42528ff5f0c9aaecb1 http://security.ubuntu.com/ubuntu/pool/main/i/icu/lib32icu38_3.8.1-2ubuntu0.2_amd64.deb Size/MD5: 5929202 fcb92eab71ecf6406e16327165af7791 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu-dev_3.8.1-2ubuntu0.2_amd64.deb Size/MD5: 7126190 107bb9a78c39d899012cbe375ee37a8c http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38-dbg_3.8.1-2ubuntu0.2_amd64.deb Size/MD5: 2423734 a0a4ed6ae35fb6a60692fed43c7ee443 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8.1-2ubuntu0.2_amd64.deb Size/MD5: 5937460 6a182ef6c96fab5f2631dd3a9e395609 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu-dev_3.8.1-2ubuntu0.2_i386.deb Size/MD5: 6981288 750c0842c0147488135148a987bca196 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38-dbg_3.8.1-2ubuntu0.2_i386.deb Size/MD5: 2296366 f79f87af19276d6af395fa8d0eb9f09a http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8.1-2ubuntu0.2_i386.deb Size/MD5: 5928488 a8558984b776f0171b14f4ec108fca28 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8.1-2ubuntu0.2_lpia.deb Size/MD5: 6992836 902a1c03427a58c720402a06d9da2fbc http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8.1-2ubuntu0.2_lpia.deb Size/MD5: 2327890 9531ab6ac64ee71af0ae3584884fe892 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8.1-2ubuntu0.2_lpia.deb Size/MD5: 5920830 f87977fad30a35898ca12f611ed3ee37 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8.1-2ubuntu0.2_powerpc.deb Size/MD5: 7455188 c5c2db6fcc9bd5d1a528bd319feeb4c1 http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8.1-2ubuntu0.2_powerpc.deb Size/MD5: 2406824 688b85689752e7978f596b87648978e2 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8.1-2ubuntu0.2_powerpc.deb Size/MD5: 6298424 3ebc1c901a357ecea521150fb30250bc sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8.1-2ubuntu0.2_sparc.deb Size/MD5: 7311880 36eebf24a69e614c5bc0f7b43ad72150 http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8.1-2ubuntu0.2_sparc.deb Size/MD5: 2157374 679d30b126527c91ddcb681809614bd0 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8.1-2ubuntu0.2_sparc.deb Size/MD5: 6150954 2fe31d4eb7b23de32c44f9e3475f0030 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.1-3ubuntu1.1.diff.gz Size/MD5: 43714 5e24c0f825a070416b978f6de6c7d796 http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.1-3ubuntu1.1.dsc Size/MD5: 1389 4503103f041db170525fd0fbb682b278 http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu_3.8.1.orig.tar.gz Size/MD5: 10591204 ca52a1eb5050478f5f7d24e16ce01f57 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/i/icu/icu-doc_3.8.1-3ubuntu1.1_all.deb Size/MD5: 3668642 083d032886854500ded9abc473282c4d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/icu/lib32icu-dev_3.8.1-3ubuntu1.1_amd64.deb Size/MD5: 6064504 8e0b693019abb069b38acaee91565f83 http://security.ubuntu.com/ubuntu/pool/main/i/icu/lib32icu38_3.8.1-3ubuntu1.1_amd64.deb Size/MD5: 5928680 dbb2368817c78e9c733acf866fedf943 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu-dev_3.8.1-3ubuntu1.1_amd64.deb Size/MD5: 7126066 14644c84ac505cc6b2447c740af43884 http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38-dbg_3.8.1-3ubuntu1.1_amd64.deb Size/MD5: 2428650 fa5a5c2531a39e4b06ed724aee66059a http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8.1-3ubuntu1.1_amd64.deb Size/MD5: 5937502 ff048b56c05fb4e3ba7c5fc06a074e92 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu-dev_3.8.1-3ubuntu1.1_i386.deb Size/MD5: 6981110 571c6c5f2606a5fbf004f11cc86431bf http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38-dbg_3.8.1-3ubuntu1.1_i386.deb Size/MD5: 2302390 acad6ee28a76d3ffac30e91e07dd5dfa http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu38_3.8.1-3ubuntu1.1_i386.deb Size/MD5: 5927786 259fdc0762375dc7b51fc50cbe3aa7b5 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8.1-3ubuntu1.1_lpia.deb Size/MD5: 6992504 6740813793e38eb7fdbaec0efd442efb http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8.1-3ubuntu1.1_lpia.deb Size/MD5: 2334178 cbe4fcd316651002077b35bf9dc06645 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8.1-3ubuntu1.1_lpia.deb Size/MD5: 5920926 8ec24b877e58bbc67f647d55a7812a16 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8.1-3ubuntu1.1_powerpc.deb Size/MD5: 7455026 876d12de93bff14dbe019f24716c1128 http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8.1-3ubuntu1.1_powerpc.deb Size/MD5: 2414094 8c0f3f24ef70a713e11700354782d1df http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8.1-3ubuntu1.1_powerpc.deb Size/MD5: 6298526 94481c1ea5d4e206bd524edf240822c0 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/icu/libicu-dev_3.8.1-3ubuntu1.1_sparc.deb Size/MD5: 7311548 1b599818a69e112f261b14b5e25958db http://ports.ubuntu.com/pool/main/i/icu/libicu38-dbg_3.8.1-3ubuntu1.1_sparc.deb Size/MD5: 2161718 db4c497cb59c8463f24db8cbb409a812 http://ports.ubuntu.com/pool/main/i/icu/libicu38_3.8.1-3ubuntu1.1_sparc.deb Size/MD5: 6150712 d902eed5ac198d3ed0749cbc25dd4ce6 ORIGINAL ADVISORY: USN-846-1 : http://www.ubuntu.com/usn/USN-846-1 OTHER REFERENCES: SA35436: http://secunia.com/advisories/35436/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 18:37:14 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 01:37:14 -0000 Subject: [SEC] [SA36964] AfterLogic WebMail Pro "history-storage.aspx" Cross-Site Scripting Vulnerabilities Message-ID: <20091010013714.20811.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: AfterLogic WebMail Pro "history-storage.aspx" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA36964 VERIFY ADVISORY: http://secunia.com/advisories/36964/ DESCRIPTION: Two vulnerabilities have been reported in AfterLogic WebMail Pro, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "HistoryStorageObjectName" and "HistoryKey" parameters to history-storage.aspx is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 4.7.10. Prior versions may also be affected. SOLUTION: Reportedly fixed in 4.7.11. PROVIDED AND/OR DISCOVERED BY: S?bastien Duquette and Gardien Virtuel ORIGINAL ADVISORY: http://www.gardienvirtuel.com/fichiers/documents/publications/GVI_2009-01_EN.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 18:55:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 01:55:50 -0000 Subject: [SEC] [SA36975] Free WMA MP3 Converter WAV Processing Buffer Overflow Message-ID: <20091010015550.9094.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Free WMA MP3 Converter WAV Processing Buffer Overflow SECUNIA ADVISORY ID: SA36975 VERIFY ADVISORY: http://secunia.com/advisories/36975/ DESCRIPTION: A vulnerability has been discovered in Free WMA MP3 Converter, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of WAV files, which can be exploited to cause a stack-based buffer overflow when a user is tricked into converting a specially crafted WAV file to WMA or MP3. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Do not process files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: KriPpLer ORIGINAL ADVISORY: http://packetstormsecurity.org/0910-exploits/wmacon-overflow.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 19:36:38 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 02:36:38 -0000 Subject: [SEC] [SA36969] HP LaserJet Printers / Digital Senders Cross-Site Scripting Vulnerabilities Message-ID: <20091010023638.16318.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: HP LaserJet Printers / Digital Senders Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA36969 VERIFY ADVISORY: http://secunia.com/advisories/36969/ DESCRIPTION: Some vulnerabilities have been reported in multiple HP LaserJet printers, HP Color LaserJet printers, and HP Digital Senders, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "Product_URL" and "Tech_URL" parameters to support_param.html/config is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious data is returned. Please see the vendor's advisory for a full list of affected products and versions. SOLUTION: Filter malicious characters and character sequences in a web proxy. See the vendor's advisory for recommended workarounds. PROVIDED AND/OR DISCOVERED BY: s.svistunovich and a.polyakov, Digital Security Research Group ORIGINAL ADVISORY: HPSBPI02463 SSRT090061: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01841397 Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=148 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 20:03:02 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 03:03:02 -0000 Subject: [SEC] [SA36991] httpdx "h_handlepeer()" Buffer Overflow Vulnerability Message-ID: <20091010030302.10478.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: httpdx "h_handlepeer()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA36991 VERIFY ADVISORY: http://secunia.com/advisories/36991/ DESCRIPTION: Pankaj Kohli has discovered a vulnerability in httpdx, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "h_handlepeer()" function in http.cpp. This can be exploited to cause a stack-based buffer overflow via an overly long HTTP request. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.4.3. Prior versions may also be affected. SOLUTION: Update to version 1.4.4. PROVIDED AND/OR DISCOVERED BY: Pankaj Kohli ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 20:39:29 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 03:39:29 -0000 Subject: [SEC] [SA36988] VMware Authorization Service Denial of Service Vulnerability Message-ID: <20091010033929.9113.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: VMware Authorization Service Denial of Service Vulnerability SECUNIA ADVISORY ID: SA36988 VERIFY ADVISORY: http://secunia.com/advisories/36988/ DESCRIPTION: shinnai has discovered a vulnerability in multiple VMware products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the VMware Authorization Service when processing login requests. This can be exploited to terminate the "vmware-authd" process via "USER" or "PASS" strings containing e.g. '\xFF' characters, sent to TCP port 912. The vulnerability is confirmed in vmware-authd.exe version 6.5.3.8888 included in VMware Workstation 6.5.3 build 185404, and reported in VMware Player 2.5.3 build 185404 and VMware ACE 2.5.3. Other versions may also be affected. SOLUTION: Restrict access to TCP port 912 to trusted users only. PROVIDED AND/OR DISCOVERED BY: shinnai CHANGELOG: 2009-10-09: Added "VMware ACE 2.x" to the list of affected products. ORIGINAL ADVISORY: http://www.shinnai.net/index.php?mod=02_Forum&group=02_Bugs_and_Exploits&argument=01_Remote&topic=1254924405.ff.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 21:03:31 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 04:03:31 -0000 Subject: [SEC] [SA36989] Xlpd LPD Requests Buffer Overflow Vulnerabilities Message-ID: <20091010040331.31680.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Xlpd LPD Requests Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA36989 VERIFY ADVISORY: http://secunia.com/advisories/36989/ DESCRIPTION: Some vulnerabilities have been discovered in Xlpd, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the processing of LPD requests can be exploited to cause a stack-based buffer overflow via an overly large packet sent to the LPD port (TCP port 515 by default). 2) An integer underflow error in the processing of LPD requests can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to the LPD port (TCP port 515 by default). Successful exploitation of the vulnerabilities allows execution of arbitrary code. The vulnerabilities are confirmed in version 3.0 build 0076. Other versions may also be affected. SOLUTION: Restrict network access to the LPD port. PROVIDED AND/OR DISCOVERED BY: 1) Francis Provencher, Protek Research Lab's CHANGELOG: 2009-10-08: Updated advisory with additional information provided by Secunia Research. ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 21:39:21 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 04:39:21 -0000 Subject: [SEC] [SA36982] Red Hat update for postgresql Message-ID: <20091010043921.27497.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for postgresql SECUNIA ADVISORY ID: SA36982 VERIFY ADVISORY: http://secunia.com/advisories/36982/ DESCRIPTION: Red Hat has issued an update for postgresql. This fixes a security issue and a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) or to gain escalated privileges. For more information: SA34206 SA36660 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2009-1484.html OTHER REFERENCES: SA34206: http://secunia.com/advisories/34206/ SA36660: http://secunia.com/advisories/36660/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 22:37:19 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 05:37:19 -0000 Subject: [SEC] [SA36978] IBM AIX rpc.cmsd Buffer Overflow Vulnerability Message-ID: <20091010053719.21791.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: IBM AIX rpc.cmsd Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA36978 VERIFY ADVISORY: http://secunia.com/advisories/36978/ DESCRIPTION: A vulnerability has been reported in IBM AIX, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the calendar daemon library "libcsa.a". This can be exploited to cause a stack-based buffer overflow by sending a specially crafted request with an overly long argument for remote procedure 21 to the Calendar Manager Service Daemon (rpc.cmsd). Successful exploitation allows execution of arbitrary code with root privileges. The vulnerability is reported in AIX 5.3 and 6.1, and VIOS 1.4, 1.5, and 2.1. Prior versions may also be affected. SOLUTION: Apply the security fix or APARs as soon as they become available. http://aix.software.ibm.com/aix/efixes/security/cmsd_fix.tar AIX 5.3.0: IZ62672 (apply the interim fix) AIX 5.3.7: IZ61628 (approximately available 11/11/09 (sp10)) AIX 5.3.8: IZ62237 (approximately available 11/11/09 (sp8)) AIX 5.3.9: IZ61717 (approximately available 11/11/09 (sp5)) AIX 5.3.10: IZ62123 (approximately available 11/11/09 (sp2)) IAX 6.1.0: IZ62569 (approximately available 12/16/09 (sp11)) AIX 6.1.1: IZ62570 (approximately available 12/16/09 (sp7)) AIX 6.1.2: IZ62571 (approximately available 12/16/09 (sp6)) AIX 6.1.3: IZ62572 (approximately available 12/16/09 (sp3)) VIOS 1.4, 1.5.0, 1.5.1, 1.5.2, 2.1.0, 2.1.1: Apply the interim fix (please see the vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: Rodrigo Rubira Branco, reported via iDefense. ORIGINAL ADVISORY: IBM: http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 9 23:36:39 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 06:36:39 -0000 Subject: [SEC] [SA36946] Debian update for graphicsmagick Message-ID: <20091010063639.13166.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for graphicsmagick SECUNIA ADVISORY ID: SA36946 VERIFY ADVISORY: http://secunia.com/advisories/36946/ DESCRIPTION: Debian has issued an update for graphicsmagick. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to disclose sensitive information or cause a DoS (Denial of Service), and by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. For more information: SA24721 SA24741 SA26926 SA29786 SA30549 SA30879 SA35216 NOTE: CVE-2007-1667, CVE-2007-1797, CVE-2007-4985, CVE-2007-4986, CVE-2007-4988, CVE-2008-1096 only affect Debian GNU/Linux 4.0. SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1.diff.gz Size/MD5 checksum: 60962 43b19aeb820ec1f54351004a31f4b5ea http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7.orig.tar.gz Size/MD5 checksum: 5926667 9dec2209500b44c617a789b4072ed724 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1.dsc Size/MD5 checksum: 1113 62a7a1a734a73d5b8e469c893bd613ce Architecture independent packages: http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-libmagick-dev-compat_1.1.7-13+etch1_all.deb Size/MD5 checksum: 14598 57fab68d7fa464bd4cc0549ef133b383 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-imagemagick-compat_1.1.7-13+etch1_all.deb Size/MD5 checksum: 11076 3040d645f62708c6466a39499374d3d2 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 2182840 3ffc12641521e440f57367172f92209a http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 1288686 d2c9e6be4644a734269de1c88331f9ea http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 926466 d972bbaed070a442d07114e6997a7cc1 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 158644 0e126f10444d296e9b1380a64fa84241 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 1385310 ce45e530d64facbc957e251ae9431441 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 255890 b8fca51c4e9091055f8d9bb456df24e6 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_alpha.deb Size/MD5 checksum: 593454 8f7cd8e970671563b8d5668e59ce6138 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 536024 f1f9facf37ba316ade9a7d956dfd6be9 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 926254 7feab4f41622ac35ebcf96a1d50f8042 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 219650 da5ae63d6c9878fb21c0c0ca47fc112f http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 1186004 63bbc34fa5785aa860297bb3dd7bd8cb http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 1384074 bcb5dbb66d566ee83ee5ddc6cf49e949 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 238412 7464579f4fa23ef86957b197917551d5 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_amd64.deb Size/MD5 checksum: 1571362 b2af543a9be34e4c909121507abb0260 arm architecture (ARM) http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 930420 21272f2bd54085e10583b24a92114d55 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 533062 faf42b3930ba6834bad0219c2b1a43d7 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 1181730 2c04ffadd1b33bf45c03350dbbe4b0ac http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 153932 8f7247be475feeca9173ff46faaf9a75 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 224486 025ef6457f64f92f10db9a41e8695557 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 1309308 e8c527a20b44ca57f80b4ebaed9beb16 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_arm.deb Size/MD5 checksum: 1513490 bb12e86db793940c01e7597f8eb45f7d hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 1368670 26b22802380d5994374b4320acf8b27d http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 572540 0bb9b6868bc38e2d4268cbe64efa461c http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 163528 b1290c88c4aa77faeaff7e0d058c93d0 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 265172 6a105c2d3f3f4daae578418769c12829 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 1320854 bb7a4e0a34ccf4f32b2213e3b564493b http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 933560 882e78f3501ca00422d03ac4f464626c http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_hppa.deb Size/MD5 checksum: 1811320 ce62629431b90205518ee3467e9172e2 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 1176848 9a1474b5d225db7e3043ba4b67745b18 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 518478 1d7df110f7431939dab889105dcd980c http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 928978 df0642e1a75bf97d3bb6b13cb96e4471 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 245722 b2771087317ef6127f04f930b1f41f72 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 1539990 b23864a65ace24a8164c0b8488491b66 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 155218 97963ba6a5f638c79985517062e96d6a http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_i386.deb Size/MD5 checksum: 1320960 686f9e94c7163affe3268752c6471fab ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 1650298 b545397e819c157a5a79e058c618060b http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 184830 3a823d3177da2c873acb131012f13365 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 2205550 9ba040707f78ded1495e97ec15a248d3 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 927344 43b96bdb0cee1eb7ae4f37e9984463a8 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 1404404 9d9e78598e12bddf101496f4acdca41e http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 608162 3067077ece88b89c1da8060e9f05a8f7 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_ia64.deb Size/MD5 checksum: 265590 efaa6e946881b0301032144f7c25c7a9 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 932272 897abbb2d01b616ad8cf75fedfd80d02 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 147638 4356750568514aee9dddbd3eb137701e http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 1147350 90108ddec535812b9177d33f7c2a4c60 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 1432494 de971f806f14a16cc6ce04938fe95394 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 562142 8950d70ce44ee1cccce74a9dc2bb54b7 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 1818700 0d99e93cb5073d48842f471a56e8162e http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_mips.deb Size/MD5 checksum: 241072 b4aa5f21489a822246f728cd68ede7f6 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 1794276 d9ba13e2d4f380cc5725f9ee7554a236 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 147850 5f2099e443ea7e0514585ce6d87fb4a3 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 555092 04108d75ca39e8e717da742acc2673c5 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 926254 6538d8c04fbfa1b80e5c448ad81621f0 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 1138152 1147f1c76f1ff43cce2c5950283dcef5 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 1398502 64334767beffa573d0b39aadb99813d2 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_mipsel.deb Size/MD5 checksum: 235740 e88daeeb20542d3e89d9e248860ae130 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 1172422 f8595dfa8cc09997d2a440f167c1a3cc http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 539410 1c23a4d7ad9cd02b3233e05d150d2053 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 928158 85a9d3b715b1e81e3857203a0a784d66 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 156482 488aed97ea79498f5e0faca8a49c6324 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 1639482 bab569480acecb60d76740921718859d http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 1360008 a4ca3b6fbf9baf62de1d581f3f34c9fa http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_powerpc.deb Size/MD5 checksum: 240778 1d3a668cfbc45b2b9252d1f5f1b14bf6 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 155102 f4e1d40317c3537ed6b2c9f4d200d3e6 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 1213490 a3ba287c19962dcdfbc1ed6687443d80 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 926374 24141a4f663234560004920efd3e7629 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 541402 0d5fa0879a74731d9fa17172887c1533 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 1388758 67e7c27ca60173569b70d4be4a0dd835 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 1581736 11209282b0715c633eb126578529cb3b http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_s390.deb Size/MD5 checksum: 246090 1b60cd99ad55353318e69c3a25fbe1cc sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 1281462 3f361f6c4937c43536bcb3ddef0c641d http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 1659818 882f46e5c53e2414504bcc933e72159c http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 244558 bce23f3e274dcaf0081f1fcdc67c9eeb http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 155798 f66d486c2ff76d8a24ea306e999b3eb9 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 931830 54807bc4f4ed4da9917b818219942fbb http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 517870 9114c6bf0b72341fecc36ee25a67a540 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.7-13+etch1_sparc.deb Size/MD5 checksum: 1207890 047c434cf04fcaf8c60267b0da8ee15b -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1.dsc Size/MD5 checksum: 1536 261662b6fb3b77604edab132d10977f6 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1.diff.gz Size/MD5 checksum: 149167 cdd750ffe34e093cdfac225fa6b33a73 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11.orig.tar.gz Size/MD5 checksum: 6046139 16a032350a153d822ac07cae01961a91 Architecture independent packages: http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-imagemagick-compat_1.1.11-3.2+lenny1_all.deb Size/MD5 checksum: 12644 7f81eeb86f1c06e48621f4af601c03af http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-libmagick-dev-compat_1.1.11-3.2+lenny1_all.deb Size/MD5 checksum: 16174 618b4b262760b75319c81d651ee50644 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 251806 29e9e837be9cd8c9c87a309145f2c22a http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 2216918 0d5e5032c154d0ab97c6a4b77dd9be28 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 168342 2187fed80ec9cf16dea83f52424ad3d5 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 949600 9d92e776db75aa661c182ff152c4e2c7 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 1324724 c655909ae89de20960e7225c276b61e6 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 556386 c6df7b7224329fccece081214a6ed79c http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_alpha.deb Size/MD5 checksum: 2009766 7907b14755aa75158eebd4998fc110ad amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 239660 0be014a0260c90ae142c9749910f6456 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 1610384 abfe17a246506f033d7227e55a63ec28 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 167466 d72dfa520eeda623e58b5a807a5406fa http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 506742 a2dc0acfa050e18f406d01b01e2e0c8b http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 1236754 e5ccc560c88ba1ad2924bf3535bebb05 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 945486 e6ea0625e241d50517a7ca1182de1049 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_amd64.deb Size/MD5 checksum: 2005048 40fe099ac414b0404646209fc42670b6 arm architecture (ARM) http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 946626 5f255f377c27b879be0a2903733455f2 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 1249668 bea4ceabc7fe916a4026e02092805eaf http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 1574460 fd8cfc2243cc19fbd82fe92218ea914a http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 163864 ce222e8399e0345e0d881496707aa129 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 507532 b694e7aeb81ea08f22cd76a1aa93d464 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 215798 2cb250710d1e84407987ec863706548a http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_arm.deb Size/MD5 checksum: 1931104 cbca2a3875a1851ffc9edd8c7a016bd2 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 207264 b56450fa017cb7e3dc10d65da47e0bc2 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 1636040 2fe6d4efc39d3945fcb16b30870c90ed http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 167494 ec677cc0f8ef06268b9d4720ee74f9e3 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 1298728 3247f6ceac07b95858d8d9413f83fa21 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 498980 6a0783b5257f3bddd9601540e054749c http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 949262 11d9a1a9efe215d6f4fef5c34538f050 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_armel.deb Size/MD5 checksum: 1956524 96d2182fc3a47dcaeade26c98c2d2767 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 252100 41a80ecd3e2ac149bacff6a13f966283 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 1961592 50ba5004f54c01856327347a6e9cf203 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 950914 699725caa3e0148687788ac6705c60a8 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 1354340 ff850be4165bf377cd93d84316e14716 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 173022 3e8c132fd21ffa94954b5f6f4aa605eb http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 1842306 cfc168761af19d8b0aad35a8427cdf1b http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_hppa.deb Size/MD5 checksum: 543212 4d7220d235f2f10d3aff32d92ff98e9a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 494178 4ff97dc9e9ea733d22a3829a05e895a8 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 1544146 1914a5d9a26fc909e98e8e926ddb78d1 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 947238 741fbb514c8cb4835b395b45184f76e3 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 163900 3dac4dabd442279dfa97118e99a4ac6a http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 1200420 6ccb85e8b7eaeeee2e4fe00d832803b2 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 1891742 8d98c6b5ddfcaab523ab24a7ddd63b4a http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_i386.deb Size/MD5 checksum: 244172 a376387d274be4e565cdcdefc7e02ac8 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 195638 7b70cbcbf9eeba4330fa0aeb7fd2d7b9 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 2264444 b9b6b0b2b847cd713c941c6eb822c5f7 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 252220 b2c424a95db21886f85ade67cf8dbca5 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 1916200 602e072ef850fcfaecc6588dd6e19439 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 1715576 75d36a1b5ccab823fd2f69b535971f36 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 946412 136b987cdc989350dbce3fb1d806d3ad http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_ia64.deb Size/MD5 checksum: 540490 a879b1dbb228488b4e2303c206f600b4 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 1180394 254b74e53118704db38d1ba9403469e8 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 1848226 35ca658bd1bc3b2e2c3f06b0559bf301 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 945546 4d68b75099f6e4a6212414fc70b173a8 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 157450 6ef6d0d004b2867ced9abbf63987f174 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 525386 508c0b5477c7fc207f0682e69e7d57f2 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 226120 7b075eeefbac2a6c10a7fcdf7b802c2c http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_mips.deb Size/MD5 checksum: 2055422 6a59a172fab96dce98d703dff6ffc36b mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 1173422 b6f5b4fc1a66f4d39f81f8252e430219 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 521944 461f9b4680448356819d6f8718c33c7e http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 220740 79b4f89356667b50a465ef85cc629056 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 1822334 6923505f5a27c3731bb64aceaaffa03a http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 2006132 09f4b1d90fee1f6120542063ae273960 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 156878 ec91e40dece84bc24ef439007f40a8d4 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_mipsel.deb Size/MD5 checksum: 945608 72dd8ad6868ccd876659fb21eeede65b powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 1978330 f47acae685043877945fa45ed4bca219 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 514834 d632aa29c6c0b2f9bfcb24d5a9134137 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 252230 f3977d79ca01ed3e72b419af48b0ad9d http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 1686838 ad076587458f06143ce9fd624d61d469 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 948196 a98b9d31bc941316f6189f494fa5037e http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 1261388 3b1bd6e3340f230a213d460f98b63ee8 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_powerpc.deb Size/MD5 checksum: 168756 6a8442ceec6ff7bb60eaedc971059ec2 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 1619252 ca38638e3a0cdc46d74a6559247c1104 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 164322 dc2f9c9f70528498c042f28d84671a15 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 945820 4384d0ece685cce403e7773ed386ed8a http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 1258438 0cb12522f80b35c033f426c56b76c6f4 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 505820 ff001a1176dcbf1a97c56ecf5dec9dac http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 241000 256f30a486ed7534335bef219c956fee http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_s390.deb Size/MD5 checksum: 2062094 454a2670d82338fbb94cec98fb35bd08 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 240578 b86739138fc4965c4da087f241152bf8 http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick-dbg_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 1839278 96243c2c34cdd3831409ff9d722f1c99 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick++1-dev_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 494706 256ac758644a290485119cb82f41458c http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphics-magick-perl_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 164854 cdce21d2ef7366b199fdb910e803ae35 http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1-dev_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 1670772 90013d3338f17f1d728ff1410f3c9fcf http://security.debian.org/pool/updates/main/g/graphicsmagick/graphicsmagick_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 946684 96dc74d0e35a56bc5e060ea7cdef5b8b http://security.debian.org/pool/updates/main/g/graphicsmagick/libgraphicsmagick1_1.1.11-3.2+lenny1_sparc.deb Size/MD5 checksum: 1240344 4d6ac112d418c4124197573190b9d577 ORIGINAL ADVISORY: DSA-1903-1: http://www.us.debian.org/security/2009/dsa-1903 OTHER REFERENCES: SA24721: http://secunia.com/advisories/24721/ SA24741: http://secunia.com/advisories/24741/ SA26926: http://secunia.com/advisories/26926/ SA29786: http://secunia.com/advisories/29786/ SA30549: http://secunia.com/advisories/30549/ SA30879: http://secunia.com/advisories/30879/ SA35216: http://secunia.com/advisories/35216/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 10 00:38:35 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 10 Oct 2009 07:38:35 -0000 Subject: [SEC] [SA36995] Red Hat update for postgresql Message-ID: <20091010073835.3229.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Red Hat update for postgresql SECUNIA ADVISORY ID: SA36995 VERIFY ADVISORY: http://secunia.com/advisories/36995/ DESCRIPTION: Red Hat has issued an update for postgresql. This fixes a vulnerability, which can be exploited by malicious users to gain escalated privileges. For more information: SA36695 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2009-1485: http://rhn.redhat.com/errata/RHSA-2009-1485.html OTHER REFERENCES: SA36695: http://secunia.com/advisories/36695/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 12 11:40:06 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 12 Oct 2009 18:40:06 -0000 Subject: [SEC] [SA36968] Debian update for python-django Message-ID: <20091012184006.11481.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for python-django SECUNIA ADVISORY ID: SA36968 VERIFY ADVISORY: http://secunia.com/advisories/36968/ DESCRIPTION: Debian has issued an update for python-django. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA36948 SOLUTION: Apply updated packages. -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/p/python-django/python-django_1.0.2-1+lenny2.dsc Size/MD5 checksum: 1606 7d335038ed1c10264a8ae9089574397c http://security.debian.org/pool/updates/main/p/python-django/python-django_1.0.2.orig.tar.gz Size/MD5 checksum: 4649433 89353e3749668778f1370d2e444f3adc http://security.debian.org/pool/updates/main/p/python-django/python-django_1.0.2-1+lenny2.diff.gz Size/MD5 checksum: 15789 586cdeaa9d99dc74240a16d1c40803fb Architecture independent packages: http://security.debian.org/pool/updates/main/p/python-django/python-django_1.0.2-1+lenny2_all.deb Size/MD5 checksum: 4706950 f01133963dbac73a87e9a209f85cb38d ORIGINAL ADVISORY: DSA-1905-1: http://lists.debian.org/debian-security-announce/2009/msg00227.html OTHER REFERENCES: SA36948: http://secunia.com/advisories/36948/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 12 12:37:17 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 12 Oct 2009 19:37:17 -0000 Subject: [SEC] [SA36994] Quick.Cart Cross-Site Request Forgery Vulnerability Message-ID: <20091012193717.26360.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Quick.Cart Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA36994 VERIFY ADVISORY: http://secunia.com/advisories/36994/ DESCRIPTION: A vulnerability has been discovered in Quick.Cart, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change administrative settings when a logged-in administrator visits a malicious web page. The vulnerability is confirmed in version 3.4. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: kl3ryk ORIGINAL ADVISORY: http://packetstormsecurity.org/0910-exploits/quickcart-xsslfixsrf.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 12 13:40:10 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 12 Oct 2009 20:40:10 -0000 Subject: [SEC] [SA36948] Django forms Library Regular Expressions Denial of Service Vulnerability Message-ID: <20091012204010.10213.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Django forms Library Regular Expressions Denial of Service Vulnerability SECUNIA ADVISORY ID: SA36948 VERIFY ADVISORY: http://secunia.com/advisories/36948/ DESCRIPTION: A vulnerability has been reported in Django, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the regular expressions used for validation of the "EmailField" or "URLField" form fields in Django's forms library. This can be exploited to cause a DoS due to high CPU consumption via specially crafted email addresses or URLs. The vulnerability is reported in version 1.0 and 1.1. SOLUTION: Update to version 1.0.4 or 1.1.1. Django 1.0.4: http://www.djangoproject.com/download/1.0.4/tarball/ Django 1.1.1: http://www.djangoproject.com/download/1.1.1/tarball/ PROVIDED AND/OR DISCOVERED BY: davisd ORIGINAL ADVISORY: http://www.djangoproject.com/weblog/2009/oct/09/security/ http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51/ http://code.djangoproject.com/ticket/11198 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 12 14:38:47 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 12 Oct 2009 21:38:47 -0000 Subject: [SEC] [SA36996] Unbound NSEC3 Signature Validation Bypass Security Issue Message-ID: <20091012213847.29613.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Unbound NSEC3 Signature Validation Bypass Security Issue SECUNIA ADVISORY ID: SA36996 VERIFY ADVISORY: http://secunia.com/advisories/36996/ DESCRIPTION: A security issue has been reported in Unbound, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an error while validating NSEC3 records. This can be exploited to bypass NSEC3 signature checks via specially crafted delegation responses in spoofed DNS packets. The security issue is reported in versions prior to 1.3.4. SOLUTION: Update to version 1.3.4: http://unbound.net/downloads/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://unbound.net/pipermail/unbound-users/2009-October/000852.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 11:40:04 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 18:40:04 -0000 Subject: [SEC] [SA36944] Microsoft Windows Media Player ASF Processing Vulnerability Message-ID: <20091013184004.11629.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Media Player ASF Processing Vulnerability SECUNIA ADVISORY ID: SA36944 VERIFY ADVISORY: http://secunia.com/advisories/36944/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in the processing of ASF files. This can be exploited to cause a heap-based buffer overflow via a specially crafted ASF file. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Microsoft Windows 2000 SP4 with Windows Media Player 6.4: http://www.microsoft.com/downloads/details.aspx?familyid=13035ef7-7e47-487c-8b7c-7795d33ce7de Windows XP SP2/SP3 with Windows Media Player 6.4: http://www.microsoft.com/downloads/details.aspx?familyid=b2efe1ac-d8d7-41bb-b87d-fc5e22afef0f Windows XP Professional x64 Edition SP2 with Windows Media Player 6.4: http://www.microsoft.com/downloads/details.aspx?familyid=a9e7dfd8-7ba1-4f14-8e60-92ef00d91467 Windows Server 2003 SP2 with Windows Media Player 6.4: http://www.microsoft.com/downloads/details.aspx?familyid=5f82d01c-573e-425e-b9f2-86a54f377b19 Windows Server 2003 x64 Edition SP2 with Windows Media Player 6.4: http://www.microsoft.com/downloads/details.aspx?familyid=65e9036e-2e1b-40ff-a84b-c507107bcce8 PROVIDED AND/OR DISCOVERED BY: The vendor credits Yamata Li of Palo Alto Networks. ORIGINAL ADVISORY: Microsoft (KB974112): http://www.microsoft.com/technet/security/Bulletin/MS09-052.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 12:35:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 19:35:22 -0000 Subject: [SEC] [SA36938] Microsoft Windows Media Runtime Code Execution Vulnerability Message-ID: <20091013193522.26713.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Media Runtime Code Execution Vulnerability SECUNIA ADVISORY ID: SA36938 VERIFY ADVISORY: http://secunia.com/advisories/36938/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. 1) An unspecified error in Windows Media Runtime within the processing of Advanced Systems Format (ASF) files can be exploited to execute arbitrary code e.g. when a user opens a specially crafted audio file. 2) A vulnerability is caused due to Microsoft Windows Media Runtime not properly initialising certain functions when processing compressed audio files. This can be exploited to corrupt memory when a user opens a specially crafted media file or receives specially crafted streaming content from a web site. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Microsoft Windows 2000 SP4 with DirectShow WMA Voice Codec: http://www.microsoft.com/downloads/details.aspx?familyid=4fe0dff5-04d9-4409-8d1d-52419537126b Microsoft Windows 2000 SP4 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=8f850a82-61f9-447b-a0aa-a2c192cc5d2e Microsoft Windows 2000 SP4 with Audio Compression Manager: http://www.microsoft.com/downloads/details.aspx?familyid=6dfd5405-cabe-4bd7-9330-b6bde1d99194 Windows XP SP2 / SP3 with DirectShow WMA Voice Codec: http://www.microsoft.com/downloads/details.aspx?familyid=4fe0dff5-04d9-4409-8d1d-52419537126b Windows XP SP2 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=4516c219-e357-485e-a52b-23dcb8ee49d8 Windows XP SP2 / SP3 with Audio Compression Manager: http://www.microsoft.com/downloads/details.aspx?familyid=6ecc7129-8caa-4daf-a8e2-8f3536225fb3 Windows XP Service Pack 3 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=746d3440-5a6a-421e-9286-7b534a1dfe54 Windows XP Professional x64 Edition SP2 with DirectShow WMA Voice Codec: http://www.microsoft.com/downloads/details.aspx?familyid=c116ae9d-e416-4b7d-be75-4b4b2ebcc33a Windows XP Professional x64 Edition SP2 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=4729de51-8fd8-46c6-b4ad-9c9f25202684 Windows XP Professional x64 Edition SP2 with Windows Media Audio Voice Decoder in Windows Media Format SDK 9.5 x64 Edition: http://www.microsoft.com/downloads/details.aspx?familyid=fe0d51b2-345e-4eb7-a036-d8c3f6a683d2 Windows XP Professional x64 Edition SP2 with Windows Media Audio Voice Decoder in Windows Media Format SDK 11: http://www.microsoft.com/downloads/details.aspx?familyid=a866a490-6d3a-4ecd-acf4-770312ba2fd6 Windows XP Professional x64 Edition SP2 with Audio Compression Manager: http://www.microsoft.com/downloads/details.aspx?familyid=46daf7c7-1cd3-4f47-9c7a-d5eb6ea7327b Windows Server 2003 SP 2 with DirectShow WMA Voice Codec: http://www.microsoft.com/downloads/details.aspx?familyid=4fe0dff5-04d9-4409-8d1d-52419537126b Windows Server 2003 SP 2 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=00b3cb86-c9eb-4fbe-987e-2b0d94271d87 Windows Server 2003 SP 2 with Audio Compression Manager: http://www.microsoft.com/downloads/details.aspx?familyid=ab1803ff-2371-487f-a7b6-95747c46ba4e Windows Server 2003 x64 Edition SP2 with DirectShow WMA Voice Codec: http://www.microsoft.com/downloads/details.aspx?familyid=c116ae9d-e416-4b7d-be75-4b4b2ebcc33a Windows Server 2003 x64 Edition SP2 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=13ba4839-7fa9-4bbb-95f6-3fafb6c49f20 Windows Server 2003 x64 Edition SP2 with Windows Media Audio Voice Decoder in Windows Media Format SDK 9.5 x64 Edition: http://www.microsoft.com/downloads/details.aspx?familyid=fe0d51b2-345e-4eb7-a036-d8c3f6a683d2 Windows Server 2003 x64 Edition SP2 with Audio Compression Manager: http://www.microsoft.com/downloads/details.aspx?familyid=46daf7c7-1cd3-4f47-9c7a-d5eb6ea7327b Windows Vista, Windows Vista SP1 / SP2 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=f17ee0ea-f1e2-49f4-9f90-60296246ddfe Windows Vista x64 Edition, Windows Vista x64 Edition SP1 / SP2 with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=26905f12-92c7-4d45-99e7-227f03d2cb82 Windows Server 2008 for 32-bit Systems (optionally with SP2) with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=2eaa9857-a147-4f31-9bf4-b9e2cf4c15c3 Windows Server 2008 for x64-based Systems (optionally with SP2) with Windows Media Audio Voice Decoder: http://www.microsoft.com/downloads/details.aspx?familyid=70aabba3-53d6-4b52-be83-6d3f3869ecbd PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Ivan Fratric of the Zero Day Initiative and Jun Xie of McAfee Avert Labs. 2) The vendor credits Vinay Anantharaman of Adobe Systems, Inc. ORIGINAL ADVISORY: MS09-051 (KB975682, KB969878, KB954155, KB975025): http://www.microsoft.com/technet/security/bulletin/MS09-051.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 13:38:29 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 20:38:29 -0000 Subject: [SEC] [SA37008] Microsoft Silverlight Common Language Runtime Vulnerability Message-ID: <20091013203829.10732.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Silverlight Common Language Runtime Vulnerability SECUNIA ADVISORY ID: SA37008 VERIFY ADVISORY: http://secunia.com/advisories/37008/ DESCRIPTION: A vulnerability has been reported in Microsoft Silverlight, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the Common Language Runtime (CLR) and can be exploited to execute arbitrary code. For more information see vulnerability #3 in: SA37006 SOLUTION: Upgrade to Microsoft Silverlight 3. http://www.microsoft.com/silverlight/get-started/install/default.aspx ORIGINAL ADVISORY: MS09-061 (KB974378, KB970363): http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx OTHER REFERENCES: SA37006: http://secunia.com/advisories/37006/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 14:35:11 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 21:35:11 -0000 Subject: [SEC] [SA36997] Microsoft Windows ActiveX Controls ATL "OleLoadFromStream()" Vulnerability Message-ID: <20091013213511.31945.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows ActiveX Controls ATL "OleLoadFromStream()" Vulnerability SECUNIA ADVISORY ID: SA36997 VERIFY ADVISORY: http://secunia.com/advisories/36997/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. The vulnerability is caused due to multiple ActiveX controls using the "OleLoadFromStream()" ATL function in an unsafe manner. This is related to vulnerability #2 in: SA35967 Successful exploitation allows execution of arbitrary code. NOTE: This vulnerability is reportedly being actively exploited. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyID=edfea805-9544-4dc0-a52c-d7594205657b Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?FamilyID=171d43d3-669c-4923-b266-e47591833c05 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=171d43d3-669c-4923-b266-e47591833c05 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=f3249c99-82e4-45dc-a254-28e647e822c8 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=1ad3f7b3-58d5-4507-ae20-a265e47cee9c Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=575e75d9-e348-4fbb-9eaa-43240e4d715e Windows Vista (optionally with SP1 or SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=7313c03b-8844-4086-a0cc-43dfdb3ca48c Windows Vista x64 Edition (optionally with SP1 or SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=7216bcb1-ff16-402b-ad1b-1500d46d0157 Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=51eb56fa-8204-45f3-86d7-6d03a2c8d78d Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=131b047a-ae93-4a99-83e5-71d5a79e96ea Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=3d16c5bf-ee5c-4220-9755-5cb92eac2aae Windows 7 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=b64bcc14-38a7-45b9-8f85-acc573777506 Windows 7 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=809e29f3-ec68-4a2b-b04e-11759dd16001 Windows Server 2008 R2 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=bcd2b944-6852-48f2-820b-cce7d195e391 Windows Server 2008 R2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=85e76e55-3766-4ffe-9a18-8655de935b7c PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Microsoft (KB973525): http://www.microsoft.com/technet/security/bulletin/ms09-055.mspx OTHER REFERENCES: SA35967: http://secunia.com/advisories/35967/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 15:02:54 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 22:02:54 -0000 Subject: [SEC] [SA37000] Microsoft Indexing Service ActiveX Control Memory Corruption Message-ID: <20091013220254.14315.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Indexing Service ActiveX Control Memory Corruption SECUNIA ADVISORY ID: SA37000 VERIFY ADVISORY: http://secunia.com/advisories/37000/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in an ActiveX control included with the Indexing service. This can be exploited to corrupt memory when specially crafted URLs are processed by the affected ActiveX control. Successful exploitation may allow execution of arbitrary code, but requires that the Indexing Service is enabled. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=b34d94b5-b828-4e16-a636-04344c60d945 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=768fd74e-0a2f-4353-ac22-65d0d6321739 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=270ec100-5ba1-4f8c-aa36-105d30ad57bf Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=78072164-84d1-44da-8ede-2a9d212d47a9 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=8aa1f97d-ad53-4450-bb93-4a147dd10a87 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=fb5678b9-5ef1-42db-902e-c9ea02880e0a PROVIDED AND/OR DISCOVERED BY: The vendor credits Yamata Li of Palo Alto Networks. ORIGINAL ADVISORY: Microsoft (KB969059): http://www.microsoft.com/technet/security/bulletin/MS09-057.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 15:20:53 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 22:20:53 -0000 Subject: [SEC] [SA36999] Microsoft Windows CryptoAPI Two Spoofing Vulnerabilities Message-ID: <20091013222053.30643.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows CryptoAPI Two Spoofing Vulnerabilities SECUNIA ADVISORY ID: SA36999 VERIFY ADVISORY: http://secunia.com/advisories/36999/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to conduct spoofing attacks. 1) An error exists in the processing of ASN.1 information from X.509 certificates. This can be exploited to spoof trust information presented to the user with a certificate containing e.g. via a NULL byte in the Common Name field. 2) An integer overflow error exists in the parsing of ASN.1 object identifiers from X.509 certificates. This can be exploited to spoof trust information presented to the user with a certificate containing a specially crafted Object Identifiers (OID). SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=52b9198d-b65f-467a-a5ab-141e23d64a86 Windows XP SP2 / SP3: http://www.microsoft.com/downloads/details.aspx?familyid=9c5ab624-e37b-418a-a919-d8f652b15679 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=ad29696d-4611-4a12-9dfa-74fa6866b759 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=49e9cc53-cf17-4bc7-aaaa-92213167e1a9 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=d170cef9-f5d2-4fcd-997b-e778ad5a6797 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=2ede1eb9-7f5f-411d-bbc3-5db46d80e0bb Windows Vista (optionally with SP1 and SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8b5a9a95-9439-40c8-acef-000b919daa04 Windows Vista x64 Edition (optionally with SP1 and SP2): http://www.microsoft.com/downloads/details.aspx?familyid=4a60f789-1a4a-49a8-8d13-fda989ed40be Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=f9b487af-fe73-42a8-b240-d59c4321f95b Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=0d8a2a3e-d7d4-47fb-8364-16fce28e4d38 Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8962f0b6-f346-4e88-9d83-4d15b699dd9d Windows 7 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=ad6f06d5-27db-445d-a8b2-c42adc90afc0 Windows 7 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=70cd0270-77e9-492a-82d9-798364640c10 Windows Server 2008 R2 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=ce78c019-ec08-4ec6-abec-334f5ec5cb76 Windows Server 2008 R2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=6442a77a-3c0d-4beb-b2d2-2885376c2135 PROVIDED AND/OR DISCOVERED BY: The vendor credits Dan Kaminsky of IOActive. ORIGINAL ADVISORY: MS09-056 (KB974571): http://www.microsoft.com/technet/security/bulletin/MS09-056.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 15:38:12 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 22:38:12 -0000 Subject: [SEC] [SA37005] Microsoft Office ActiveX Controls Multiple Vulnerabilities Message-ID: <20091013223812.12929.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Office ActiveX Controls Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37005 VERIFY ADVISORY: http://secunia.com/advisories/37005/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to potentially bypass security features, gain knowledge of sensitive information, or compromise a user's system. The vulnerabilities are caused due to the use of a vulnerable Active Template Library (ATL) version. For more information: SA35967 SOLUTION: Apply patches. Microsoft Office XP SP3 with Microsoft Outlook 2002 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=04878c2c-eb97-426f-be08-89036a6799db Microsoft Office 2003 SP3 with Microsoft Office Outlook 2003 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=79e2b2e8-d5e8-4014-b489-720af2b5083d Microsoft Office 2007 SP1/SP2 with Microsoft Office Outlook 2007 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=d39234a3-c62c-44ba-a626-3179a183ca09 Microsoft Office Visio Viewer 2007, 2007 SP1, or 2007 SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=d20004c5-dd01-459e-8120-5f127e20c085 Microsoft Office Visio 2002/2003 Viewer: The vendor recommends an upgrade to Microsoft Office Visio Viewer 2007. The vulnerability is additionally mitigated by MS09-034. ORIGINAL ADVISORY: Microsoft (972363, 973702, 973705, 973965): http://www.microsoft.com/technet/security/bulletin/ms09-060.mspx OTHER REFERENCES: SA35967: http://secunia.com/advisories/35967/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 15:51:13 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 22:51:13 -0000 Subject: [SEC] [SA37001] Microsoft Windows Privilege Escalation and Denial of Service Message-ID: <20091013225113.25915.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Privilege Escalation and Denial of Service SECUNIA ADVISORY ID: SA37001 VERIFY ADVISORY: http://secunia.com/advisories/37001/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. 1) An error exists in the Windows kernel when truncating a 64-bit value to a 32-bit value. This can be exploited to trigger an integer underflow and potentially execute arbitrary code in kernel mode. 2) An error exists in the Windows kernel when processing certain data contained within executables. This can be exploited to trigger a NULL-pointer dereference and potentially execute arbitrary code in kernel mode. 3) An error in the Windows kernel when handling exceptions can be exploited to cause a system crash. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=bdfa6583-28a2-4d6b-91d2-157a8518b664 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=cece4c55-0756-4357-9d2d-6709e8426068 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=5459b7d4-1fab-4a04-ab9d-b8323505c1e2 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=1e3f3842-f8fd-4969-a2cf-706db38d7580 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=95286b8d-4b53-4e6c-af59-e9e18fad3559 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=faef714b-5f46-47f2-bea7-881df05a1bc0 Windows Vista and Windows Vista SP1: http://www.microsoft.com/downloads/details.aspx?familyid=acf6f3e6-282e-4f05-9060-8d0ebb874b97 Windows Vista SP2: http://www.microsoft.com/downloads/details.aspx?familyid=acf6f3e6-282e-4f05-9060-8d0ebb874b97 Windows Vista x64 Edition and Windows Vista x64 Edition SP1: http://www.microsoft.com/downloads/details.aspx?familyid=13a3fe0b-e300-4568-aa08-d586ab8d5434 Windows Vista x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=13a3fe0b-e300-4568-aa08-d586ab8d5434 Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=71aec6f6-a36b-465e-8885-b094dfd30423 Windows Server 2008 for 32-bit Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=71aec6f6-a36b-465e-8885-b094dfd30423 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=88f4189f-71fe-404a-869e-3f76692acf94 Windows Server 2008 for x64-based Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=88f4189f-71fe-404a-869e-3f76692acf94 Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=3e0f0b1c-ca5d-43fc-9770-73396a5f191c Windows Server 2008 for Itanium-based Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=3e0f0b1c-ca5d-43fc-9770-73396a5f191c PROVIDED AND/OR DISCOVERED BY: 1, 3) The vendor credits Tavis Ormandy and Neel Mehta of Google Inc. 2) The vendor credits the NSFocus Security Team. ORIGINAL ADVISORY: Microsoft (KB971486): http://www.microsoft.com/technet/security/Bulletin/MS09-058.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 16:21:06 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 23:21:06 -0000 Subject: [SEC] [SA37002] Microsoft Local Security Authority Subsystem Denial of Service Message-ID: <20091013232106.18260.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Local Security Authority Subsystem Denial of Service SECUNIA ADVISORY ID: SA37002 VERIFY ADVISORY: http://secunia.com/advisories/37002/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Local Security Authority Subsystem Service (LSASS). This can be exploited to crash the service and restart an affected system via a specially crafted NTLM authentication frame. SOLUTION: Apply patches. Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e-40df-bd50-0ca53437b375 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=17008892-7950-44c4-850d-002c8d73495f Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=9dff4662-7771-4bdc-87ec-7899d79b3a55 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=8df7a2d9-2f97-4f18-84e8-415a1632cf09 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=83c77015-7f96-4c0d-bd56-60aef90ea2f8 Windows Vista (optionally with SP1 or SP2): http://www.microsoft.com/downloads/details.aspx?familyid=04ae306b-0d0d-4767-ab54-cc11aec477ed Windows Vista x64 Edition (optionally with SP1 or SP2): http://www.microsoft.com/downloads/details.aspx?familyid=58c995ca-f308-4e07-8e60-2e542384d95d Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=f2f617c2-f149-4e9b-bfdd-08ed0f3f99db Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=deb84cb8-2ba3-47e3-9185-2bbc5b0a7e18 Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=abc94857-37d8-4bb8-ad9e-46e687fca40e Windows 7 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=35b85783-90df-4f67-a3cb-02351432133e Windows 7 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=97010f2c-6c10-4fda-84fd-6c8749968db5 Windows Server 2008 R2 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=597ac3a7-e02d-49a5-9b8e-d097e867acea Windows Server 2008 R2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=4aac0e3e-9b49-4a4a-ab17-707ff03b4d9b PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Microsoft (KB975467): http://www.microsoft.com/technet/security/bulletin/MS09-059.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 16:35:44 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 23:35:44 -0000 Subject: [SEC] [SA37007] Microsoft Products GDI+ Multiple Vulnerabilities Message-ID: <20091013233544.32322.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Products GDI+ Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37007 VERIFY ADVISORY: http://secunia.com/advisories/37007/ DESCRIPTION: Some vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system. 1) An integer overflow exists when processing the number of colours used in a bitmap image. This can be exploited to cause a heap-based buffer overflow via a specially crafted bitmap image. 2) An integer overflow error in the handling of WMF image files can be exploited to cause a heap-based buffer overflow. 3) A boundary error in the processing of PNG files can be exploited to cause a heap-based buffer overflow. 4) A boundary error in the processing of TIFF files can be exploited to cause a buffer overflow. 5) A unspecified error in the processing of TIFF files can be exploited to corrupt memory. 6) An integer overflow error in certain GDI+ APIs can be exploited to cause a buffer overflow via a specially crafted .NET Framework application. 7) An integer overflow vulnerability in the processing of PNG files can be exploited to cause a buffer overflow. 8) An error exists in the parsing of Office Art Property Tables, which can be exploited to corrupt memory when a user opens a specially crafted Office document. Successful exploitation of these vulnerabilities allows execution of arbitrary code. SOLUTION: Apply patches. Windows XP SP2 / SP3: http://www.microsoft.com/downloads/details.aspx?familyid=e2acde20-a6d3-4135-b6eb-1214f743d474 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=ad92503a-8c91-4d73-98b0-942d7961637d Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=414466a4-39a0-476d-9a43-ae7674cbd6a0 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=eb95e8d9-6ef5-4526-99d2-507e50de049b Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=a678ceb9-a37a-4c29-8bd1-f209922990e5 Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=19aa01f3-026d-4264-85f8-216d0597969b Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=8f5f0c1d-1dd6-47fa-aef2-d3c96c8fc06e Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=fd1694af-8873-43aa-9243-91f7cde452b7 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=41bc4cdb-273a-4a6e-80d9-c8ce20e32da9 Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=a4f42085-1cb9-4b8d-a931-85be71fdf06d Microsoft Windows 2000 SP4 (Microsoft Internet Explorer 6 SP1): http://www.microsoft.com/downloads/details.aspx?familyid=f3fef608-dafb-4b37-a65a-9cc4ae8e2c4c Microsoft Windows 2000 SP4 (Microsoft .NET Framework 1.1 SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=ecf78619-80fa-417d-852b-1b5b2cf574e2 Microsoft Windows 2000 SP4 (Microsoft .NET Framework 2.0 SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=3e534aa8-29c2-4379-9f57-931a6ff47418 Microsoft Windows 2000 SP4 (Microsoft .NET Framework 2.0 SP2): http://www.microsoft.com/downloads/details.aspx?familyid=e6f5e730-85cc-4c08-a50d-c456b1e9f5bc Microsoft Office XP SP3: http://www.microsoft.com/downloads/details.aspx?familyid=b4ac7fbe-dd19-4940-a576-89a6b7ed602d Microsoft Office 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=48752ab4-5928-476d-a8bc-e998d188b1f7 2007 Microsoft Office System SP1: http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec 2007 Microsoft Office System SP2: http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec Microsoft Office Project 2002 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=b4ac7fbe-dd19-4940-a576-89a6b7ed602d Microsoft Office Visio 2002 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=920ee70b-c5c1-47b5-8f33-938ffe14eea4 Microsoft Office Word Viewer, Microsoft Word Viewer 2003 (optionally with SP3), Microsoft Office Excel Viewer 2003 (optionally with SP3): http://www.microsoft.com/downloads/details.aspx?familyid=48752ab4-5928-476d-a8bc-e998d188b1f7 Microsoft Office Excel Viewer, PowerPoint Viewer 2007 (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec PowerPoint Viewer 2007 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1: http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2: http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec Microsoft Expression Web and Microsoft Expression Web 2: http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec Microsoft Office Groove 2007 (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=98d7c4ab-f8ca-4806-a609-453fb29b02ec Microsoft Works 8.5: http://www.microsoft.com/downloads/details.aspx?familyid=6f96de9a-62d8-428f-9567-51d55c129be6 SQL Server 2000 Reporting Services SP2 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=33554f96-5af7-4683-a537-9db293b67b8d SQL Server 2005 SP2 (GDR): http://www.microsoft.com/downloads/details.aspx?familyid=d971a262-1dfb-498c-a4f3-59fdc1b85d23 SQL Server 2005 SP2 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=76d3d653-e9a0-48bc-afae-d3553f7b9235 SQL Server 2005 x64 Edition SP2 (GDR): http://www.microsoft.com/downloads/details.aspx?familyid=d971a262-1dfb-498c-a4f3-59fdc1b85d23 SQL Server 2005 x64 Edition SP2 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=76d3d653-e9a0-48bc-afae-d3553f7b9235 SQL Server 2005 for Itanium-based Systems SP2 (GDR): http://www.microsoft.com/downloads/details.aspx?familyid=d971a262-1dfb-498c-a4f3-59fdc1b85d23 SQL Server 2005 for Itanium-based Systems SP2 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=76d3d653-e9a0-48bc-afae-d3553f7b9235 SQL Server 2005 SP3 (GDR): http://www.microsoft.com/downloads/details.aspx?familyid=0d878f4b-71e8-4170-9a14-1bce684811ce SQL Server 2005 SP3 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=e6f307c1-8b21-406e-9c6f-b1a3a1e9a98f SQL Server 2005 x64 Edition SP3 (GDR): http://www.microsoft.com/downloads/details.aspx?familyid=0d878f4b-71e8-4170-9a14-1bce684811ce SQL Server 2005 x64 Edition SP3 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=e6f307c1-8b21-406e-9c6f-b1a3a1e9a98f SQL Server 2005 for Itanium-based Systems SP3 (GDR): http://www.microsoft.com/downloads/details.aspx?familyid=0d878f4b-71e8-4170-9a14-1bce684811ce SQL Server 2005 for Itanium-based Systems SP3 (QFE): http://www.microsoft.com/downloads/details.aspx?familyid=e6f307c1-8b21-406e-9c6f-b1a3a1e9a98f Microsoft Visual Studio .NET 2003 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=9e3b52d3-b211-4d62-891c-ae8f2e4ffc6c Microsoft Visual Studio 2005 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=e186aeed-e9d7-4a02-84b3-bbed116ca060 Microsoft Visual Studio 2008: http://www.microsoft.com/downloads/details.aspx?familyid=4fa10c93-ce20-43df-a725-ef4c77353747 Microsoft Visual Studio 2008 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=b904dee8-8a26-43f8-8ca9-86ad12cfdb52 Microsoft Report Viewer 2005 SP1 Redistributable Package: http://www.microsoft.com/downloads/details.aspx?familyid=0dfaf300-2b53-4678-a779-0d805ddfe538 Microsoft Report Viewer 2008 Redistributable Package: http://www.microsoft.com/downloads/details.aspx?familyid=42ed040f-cf94-4754-b0b3-c8016fbcbe22 Microsoft Report Viewer 2008 Redistributable Package SP1: http://www.microsoft.com/downloads/details.aspx?familyid=6aaa74bd-a46e-4478-b4e1-2063d18d2d42 Microsoft Visual FoxPro 8.0 SP1 when installed on Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=e5d0d515-4b36-4025-bc6f-1c5cdf09e1af Microsoft Visual FoxPro 9.0 SP2 when installed on Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=2a930f56-59ac-49a6-830f-bfae7c540ec7 Microsoft Platform SDK Redistributable - GDI+: http://www.microsoft.com/downloads/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A Microsoft Forefront Client Security 1.0 when installed on Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=c0ce624c-8df3-4223-8a7a-5cba4ac334a8 PROVIDED AND/OR DISCOVERED BY: 1) Carsten Eiram, Secunia Research The vendor credits: 2) Yamata Li of Palo Alto Networks 3) Thomas Garnier of SkyRecon 4) Wushi of VeriSign iDefense Labs 5) Ivan Fratric of the Zero Day Initiative, Tavis Ormandy of Google Inc., and Carlo Di Dato (aka shinnai) 7) Tavis Ormandy of Google Inc. 8) Marsu Pilami of VeriSign iDefense Labs ORIGINAL ADVISORY: MS09-062 (KB957488, KB958869, KB971108, KB971110, KB971111, KB974811, KB972580, KB972581, KB975365, KB973636, KB970895, KB970892, KB970899, KB970896, KB970894, KB971022, KB971023, KB972221, KB972222, KB971117, KB971118, KB971119, KB971104, KB971105, KB975337, KB975962): http://www.microsoft.com/technet/security/bulletin/MS09-062.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 16:52:12 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 13 Oct 2009 23:52:12 -0000 Subject: [SEC] [SA37006] Microsoft .NET Framework Multiple Vulnerabilities Message-ID: <20091013235212.17360.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft .NET Framework Multiple Vulnerabilities SECUNIA ADVISORY ID: SA37006 VERIFY ADVISORY: http://secunia.com/advisories/37006/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a vulnerable system. 1) An unspecified error can be exploited to obtain a managed pointer to stack memory, which can be exploited to execute arbitrary code e.g. via a specially crafted ASP .NET application, or XBAP (XAML browser application). 2) An error in the verification of Microsoft .NET verifiable code can be exploited to bypass a type equality check and execute arbitrary code e.g. via a specially crafted ASP .NET application or XBAP. 3) An error exists in the Microsoft .NET Common Language Runtime (CLR) in the handling of interfaces. This can be exploited to corrupt memory and execute arbitrary code e.g. via a specially crafted ASP .NET application or XBAP. SOLUTION: Apply patches. -- Microsoft Windows 2000 SP4 -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f Microsoft .NET Framework 2.0 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470-46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=491874d4-5eea-4545-9b7d-3861857c862e -- Windows XP SP2 / SP3 -- Microsoft .NET Framework 1.0 Service Pack 3 (Media Center Edition 2005 and Tablet PC Edition 2005 only): http://www.microsoft.com/downloads/details.aspx?familyid=1bc56c26-1c7c-47e3-94f4-37af7e00392c Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470-46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=491874d4-5eea-4545-9b7d-3861857c862e -- Windows XP Professional x64 Edition SP2 -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470-46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=491874d4-5eea-4545-9b7d-3861857c862e -- Windows Server 2003 SP2 -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=d1b4a58b-f0b1-4400-a6e6-0255b0513bd1 Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470-46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=491874d4-5eea-4545-9b7d-3861857c862e -- Windows Server 2003 x64 Edition SP2 -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470-46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=491874d4-5eea-4545-9b7d-3861857c862e -- Windows Server 2003 with SP2 for Itanium-based Systems -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=d4a328b5-5470-46b0-86c7-cfe0e6a3ea01 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=491874d4-5eea-4545-9b7d-3861857c862e -- Windows Vista (optionally with SP1 and SP2) -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Vista -- Microsoft .NET Framework 2.0: http://www.microsoft.com/downloads/details.aspx?familyid=6f99521e-86b3-4083-9132-e5ac06d40b63 Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=3cf329c6-6d3d-41eb-bb72-8ba241df0882 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7438eb1e-6e86-4aa1-b1f4-f71a7699d233 -- Windows Vista SP1 -- Microsoft .NET Framework 2.0 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=30e5410d-0942-4964-9037-52330488efda Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=72fe9066-2397-439d-82fb-2b7f9d2bcce8 -- Windows Vista Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=614a92ee-0512-4ccc-b6b8-32ebcec8e6a4 -- Windows Vista x64 Edition (optionally with SP1 and SP2) -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Vista x64 Edition -- Microsoft .NET Framework 2.0: http://www.microsoft.com/downloads/details.aspx?familyid=6f99521e-86b3-4083-9132-e5ac06d40b63 Microsoft .NET Framework 2.0 Service Pack 1 and Microsoft .NET Framework 3.5: http://www.microsoft.com/downloads/details.aspx?familyid=3cf329c6-6d3d-41eb-bb72-8ba241df0882 Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=7438eb1e-6e86-4aa1-b1f4-f71a7699d233 -- Windows Vista x64 Edition SP1 -- Microsoft .NET Framework 2.0 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=30e5410d-0942-4964-9037-52330488efda Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=72fe9066-2397-439d-82fb-2b7f9d2bcce8 -- Windows Vista x64 Edition Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=614a92ee-0512-4ccc-b6b8-32ebcec8e6a4 -- Windows Server 2008 for 32-bit Systems (optionally with SP2) -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Server 2008 for 32-bit Systems -- Microsoft .NET Framework 2.0 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=30e5410d-0942-4964-9037-52330488efda Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=72fe9066-2397-439d-82fb-2b7f9d2bcce8 -- Windows Server 2008 for 32-bit Systems Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=614a92ee-0512-4ccc-b6b8-32ebcec8e6a4 -- Windows Server 2008 for x64-based Systems (optionally with SP2) -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Server 2008 for x64-based Systems -- Microsoft .NET Framework 2.0 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=30e5410d-0942-4964-9037-52330488efda Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=72fe9066-2397-439d-82fb-2b7f9d2bcce8 -- Windows Server 2008 for x64-based Systems SP2 -- Microsoft .NET Framework 2.0 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=614a92ee-0512-4ccc-b6b8-32ebcec8e6a4 -- Windows Server 2008 for Itanium-based Systems (optionally with SP2) -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Server 2008 for Itanium-based Systems -- Microsoft .NET Framework 2.0 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=30e5410d-0942-4964-9037-52330488efda Microsoft .NET Framework 2.0 Service Pack 2 and Microsoft .NET Framework 3.5 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=72fe9066-2397-439d-82fb-2b7f9d2bcce8 -- Windows Server 2008 for Itanium-based Systems SP2 -- Microsoft .NET Framework 2.0 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=614a92ee-0512-4ccc-b6b8-32ebcec8e6a4 -- Windows 7 for 32-bit Systems -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows 7 for x64-based Systems -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Server 2008 R2 for x64-based Systems -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f -- Windows Server 2008 R2 for Itanium-based Systems -- Microsoft .NET Framework 1.1 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=78ac8b97-8327-4ae1-8bb0-6cf227f3968f PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Pavel Minaev. 2) The vendor credits Jeroen Frijters of Sumatra. ORIGINAL ADVISORY: MS09-061 (KB974378, KB953297, KB953300, KB974417, KB953295, KB953298, KB974468, KB974292, KB974467, KB974291, KB974469, KB974470): http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 17:20:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 00:20:22 -0000 Subject: [SEC] [SA36979] Microsoft Internet Explorer Multiple Vulnerabilities Message-ID: <20091014002022.15376.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA36979 VERIFY ADVISORY: http://secunia.com/advisories/36979/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error in the processing of data stream headers can be exploited to trigger a memory corruption. 2) An error related to a certain HTML component is caused due to the improper validation of arguments. 3) An unspecified error can be exploited to access an incorrectly initialised or deleted object and trigger a memory corruption. 4) A second unspecified error can be exploited to access an incorrectly initialised or deleted object and trigger a memory corruption. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. SOLUTION: Apply patches. Microsoft Windows 2000 SP4 with Microsoft Internet Explorer 5.01 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyID=26515c7b-d7a6-4405-96b5-a518dcb39d38 Microsoft Windows 2000 SP4 with Microsoft Internet Explorer 6 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyID=8154ba37-0fbc-4d31-9d6e-0b21586ad65a Windows XP SP2 and Windows XP SP3 with Microsoft Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyID=9aacf890-afb4-46a7-a13f-dd9fe3c0ca4a Windows XP Professional x64 Edition SP2 with Microsoft Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyID=89a2cf2a-a7a2-4d4b-aa6f-24dde288d500 Windows Server 2003 SP2 with Microsoft Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyID=8101625d-ee93-46e5-aec2-3bdbf2d86472 Windows Server 2003 x64 Edition SP2 with Microsoft Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?familyid=2f966053-01eb-4a23-a9d5-71deac2498ea Windows Server 2003 with SP2 for Itanium-based Systems with Microsoft Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?familyid=79a1a94d-3b47-47e9-9476-2f591c3f6a59 Windows XP SP2 and Windows XP SP3 with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyID=dc166dc6-577f-4d8d-94df-dd963233dd85 Windows XP Professional x64 Edition SP2 with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=bd54e595-25f2-4839-a838-2a0f809bde2b Windows Server 2003 SP2 with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=4647bcf1-69fb-4ad6-9e03-7bc22d8a914b Windows Server 2003 x64 Edition SP2 with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=e7d77bd9-8317-42f3-9ad1-a0b8bfa65b53 Windows Server 2003 with SP2 for Itanium-based Systems with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyID=07e66c09-2cd7-47ba-bf87-d3da602184b4 Windows Vista (optionally with SP1 or SP2) with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=f6995616-2a84-4c26-9599-26f1314873ed Windows Vista x64 Edition (optionally with SP1 or SP2) with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=b3de5236-afdd-436e-8648-5382d564cc99 Windows Server 2008 for 32-bit Systems (optionally with SP2) with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=72dd580e-eb53-41da-a5c0-a392ad388bfc Windows Server 2008 for x64-based Systems (optionally with SP2) with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=0111d741-bda4-4a50-a12b-d3337ff4441d Windows Server 2008 for Itanium-based Systems (optionally with SP2) with Windows Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?familyid=e81f30b7-ef05-4488-b62a-d330e17129cf Windows XP SP2 and Windows XP SP3 with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=8799159d-df69-49f6-9db5-49147690ce0c Windows XP Professional x64 Edition SP2 with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=77b18fc2-e769-47c6-8e72-916716a49e58 Windows Server 2003 SP2 with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=9eae7eca-1a6f-4397-a6e2-7dda6b9d5276 Windows Server 2003 x64 Edition SP2 with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=708a549d-11fd-43bf-a6e1-309e3205d59d Windows Vista (optionally with SP1 or SP2) with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=e8f6014f-950b-4e11-a105-51d298069f1a Windows Vista x64 Edition (optionally with SP1 or SP2) with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=85978f28-5fc0-481b-9b03-2021c785889b Windows Server 2008 for 32-bit Systems (optionally with SP2) with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=1baf7e96-ba3e-47e7-8ea3-eb092e653a39 Windows Server 2008 for x64-based Systems (optionally with SP2) with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=7a4b755b-7fa0-43aa-8862-c1d0c7d94c2c Windows 7 for 32-bit Systems with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=89d1fb78-68cd-48dd-afc2-15a79ebe9fde Windows 7 for x64-based Systems with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=10d9f7ac-65f4-437c-91cc-171632c69b0e Windows Server 2008 R2 for x64-based Systems with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=f50307d6-7869-4996-9ff7-23f87d08994b Windows Server 2008 R2 for Itanium-based Systems with Windows Internet Explorer 8: http://www.microsoft.com/downloads/details.aspx?familyid=9b6a28ae-b3f2-42b0-8209-e3950ec37abb PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits SkyLined of Google Inc. 2) The vendor credits Mark Dowd, Ryan Smith, and David Dewey. 3) The vendor credits TippingPoint and the Zero Day Initiative. 4) The vendor credits Sam Thomas of eshu.co.uk, working with TippingPoint and the Zero Day Initiative. ORIGINAL ADVISORY: Microsoft (KB974455): http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx http://blogs.technet.com/srd/archive/2009/10/12/ms09-054.aspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 17:37:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 00:37:22 -0000 Subject: [SEC] [SA36990] Dream Poll Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <20091014003722.691.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Dream Poll Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA36990 VERIFY ADVISORY: http://secunia.com/advisories/36990/ DESCRIPTION: Some vulnerabilities have been reported in Dream Poll, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "recordsPerPage" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "sortField", "sortDesc", and "pageNumber" parameters to index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 3.1. Other versions may also be affected. SOLUTION: Reportedly, the vendor has issued a fix. ORIGINAL ADVISORY: http://packetstormsecurity.org/0910-exploits/dreampoll-sqlxss.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 17:53:35 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 00:53:35 -0000 Subject: [SEC] [SA37019] Docebo Multiple SQL Injection Vulnerabilities Message-ID: <20091014005335.21211.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Docebo Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA37019 VERIFY ADVISORY: http://secunia.com/advisories/37019/ DESCRIPTION: Andrea Fabrizi has discovered some vulnerabilities in Docebo, which can be exploited by malicious users to conduct SQL injection attacks. 1) Input passed via the "word" parameter to doceboLms/index.php (when "modname" is set to "faq", "op" is set to "play", and "mode" is set to "help") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "word" parameter to doceboLms/index.php (when "modname" is set to "link", "op" is set to "play", and "mode" is set to "keyw") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 3) Input passed via the "id_certificate" parameter to doceboCore/index.php (when "modname" is set to "meta_certificate" and "op" is set to "elemmetacertificate") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 4) Input passed via the "id_certificate" parameter to doceboCore/index.php (when "modname" is set to "certificate" and "op" is set to "elemcertificate") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of vulnerabilities #3 and #4 requires Super Admin rights. The vulnerability is confirmed in version 3.6.0.3. Other versions may also be affected. SOLUTION: Apply security patch: http://www.docebo.org/doceboCms/index.php?mn=docs&op=download&pi=5_4&id=90 PROVIDED AND/OR DISCOVERED BY: Andrea Fabrizi ORIGINAL ADVISORY: http://www.docebo.org/doceboCms/forum/9_1/message/idThread_4969/Docebo_3_6_0_3_Sql_injection.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 18:22:50 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 01:22:50 -0000 Subject: [SEC] [SA37013] httpdx Source Code Disclosure Vulnerability Message-ID: <20091014012250.22556.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: httpdx Source Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA37013 VERIFY ADVISORY: http://secunia.com/advisories/37013/ DESCRIPTION: Dr_IDE has discovered a vulnerability in httpdx, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error within the handling of HTTP requests and can be exploited to disclose the source code of certain scripts (e.g. Perl) by appending "." to a URI. The vulnerability is confirmed in version 1.4.4. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. Filter malicious requests with a proxy. PROVIDED AND/OR DISCOVERED BY: Dr_IDE ORIGINAL ADVISORY: http://pocoftheday.blogspot.com/2009/10/httpdx-144-remote-arbitrary-source.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 18:37:51 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 01:37:51 -0000 Subject: [SEC] [SA37018] Debian update for kvm Message-ID: <20091014013751.15199.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Debian update for kvm SECUNIA ADVISORY ID: SA37018 VERIFY ADVISORY: http://secunia.com/advisories/37018/ DESCRIPTION: Debian has issued an update for kvm. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA36763 SOLUTION: Apply updated packages. -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny3.dsc Size/MD5 checksum: 1349 da207d5f42ab45ed3956be5fcb6ad685 http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny3.diff.gz Size/MD5 checksum: 41138 f28b640e60392636399873e99b6cc5e3 http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg.orig.tar.gz Size/MD5 checksum: 3250251 899a66ae2ea94e994e06f637e1afef4a Architecture independent packages: http://security.debian.org/pool/updates/main/k/kvm/kvm-source_72+dfsg-5~lenny3_all.deb Size/MD5 checksum: 158242 8cee5a68dadbbceecdac6330b69fa59f amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny3_amd64.deb Size/MD5 checksum: 1099546 5009415dc4927800b33249ca31d8a651 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny3_i386.deb Size/MD5 checksum: 1030530 313f1a0d91889bf167c4e1aaf57a027d ORIGINAL ADVISORY: DSA-1907-1: http://lists.debian.org/debian-security-announce/2009/msg00229.html OTHER REFERENCES: SA36763: http://secunia.com/advisories/36763/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 18:55:26 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 01:55:26 -0000 Subject: [SEC] [SA37003] VooDoo cIRCle OpenSSL DTLS Denial of Service Vulnerabilities Message-ID: <20091014015526.31166.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: VooDoo cIRCle OpenSSL DTLS Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA37003 VERIFY ADVISORY: http://secunia.com/advisories/37003/ DESCRIPTION: Some vulnerabilities have been reported in VooDoo cIRCle, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to the inclusion of a vulnerable OpenSSL version. For more information: SA35128 The vulnerabilities are reported in versions prior to 1.1.37 for Windows. SOLUTION: Update to version 1.1.37. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://voodoo-circle.sourceforge.net/sa2/sa-20091012-01.html http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net OTHER REFERENCES: SA35128: http://secunia.com/advisories/35128/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 19:39:22 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 02:39:22 -0000 Subject: [SEC] [SA37009] Sun Solaris Thunderbird Network Security Services Vulnerabilities Message-ID: <20091014023922.14231.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Sun Solaris Thunderbird Network Security Services Vulnerabilities SECUNIA ADVISORY ID: SA37009 VERIFY ADVISORY: http://secunia.com/advisories/37009/ DESCRIPTION: Sun has acknowledged some vulnerabilities in Thunderbird included in Solaris, which can potentially be exploited by malicious people to bypass certain security restrictions or to compromise a vulnerable system. For more information: SA36125 The vulnerabilities are reported in the SUNWthunderbird package first shipped with Solaris 10 Update 4 (8/07). SOLUTION: A final resolution is pending completion. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-269468-1 OTHER REFERENCES: SA36125: http://secunia.com/advisories/36125/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 19:59:06 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 02:59:06 -0000 Subject: [SEC] [SA36971] RioRey RIOS Undocumented SSH Account Security Issue Message-ID: <20091014025906.31017.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: RioRey RIOS Undocumented SSH Account Security Issue SECUNIA ADVISORY ID: SA36971 VERIFY ADVISORY: http://secunia.com/advisories/36971/ DESCRIPTION: A security issue has been reported in RioRey RIOS which can be exploited by malicious people to compromise a vulnerable device. The device contains an undocumented SSH account ("dbadmin") with a default password ("sq!us3r"), which can be exploited to gain access to a vulnerable device by logging in via SSH on port 8022. The security issue is reported in RIOS version 4.6.6 and 4.7.0. Other versions may also be affected. SOLUTION: Reportedly, patched versions have been released on October 5th, 2009. Contact vendor for further information. PROVIDED AND/OR DISCOVERED BY: Marek Kroemeke ORIGINAL ADVISORY: http://packetstormsecurity.org/0910-exploits/riorey-passwd.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 20:39:28 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 03:39:28 -0000 Subject: [SEC] [SA37004] VooDoo cIRCle XTelnet GnuTLS Unspecified Vulnerabilities Message-ID: <20091014033928.8797.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: VooDoo cIRCle XTelnet GnuTLS Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA37004 VERIFY ADVISORY: http://secunia.com/advisories/37004/ DESCRIPTION: Some vulnerabilities with an unknown impact have been reported in VooDoo cIRCle XTelnet. The vulnerabilities are caused due to the use of vulnerable GnuTLS DLL files. No further information is currently available. The vulnerabilities are reported in Win32/64 binary releases prior to version 0.4.4. SOLUTION: Update to version 0.4.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://voodoo-circle.sourceforge.net/sa2/sa-20091012-02.html http://sourceforge.net/mailarchive/message.php?msg_name=4AD43812.9090001%40users.sourceforge.net ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 13 21:01:57 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: 14 Oct 2009 04:01:57 -0000 Subject: [SEC] [SA37012] Skype Extras Manager Unspecified Vulnerability Message-ID: <20091014040157.26995.qmail@mail.secunia.com> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Skype Extras Manager Unspecified Vulnerability SECUNIA ADVISORY ID: SA37012 VERIFY ADVISORY: http://secunia.com/advisories/37012/ DESCRIPTION: A vulnerability with an unspecified impact has been reported in Skype. The vulnerability is caused due to an unspecified error in the Extras Manager component. No further information is currently available. The vulnerability is reported in Skype Extras Manager versions prior to 2.0.0.67 included in Skype for Windows versions prior to 4.1.0.179. SOLUTION: Update Skype to version 4.1.0.179. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://developer.skype.com/WindowsSkype/ReleaseNotes ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 14 21:35:36 2009 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Oct 2009 06:35:36 +0200 Subject: [SEC] [SA37035] Achievo Script Insertion and SQL Injection Vulnerabilities Message-ID: <200910150435.n9F4Za2d025374@localhost.localdomain> ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales at secunia.com ---------------------------------------------------------------------- TITLE: Achievo Script Insertion and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA37035 VERIFY ADVISORY: http://secunia.com/advisories/37035/ DESCRIPTION: Some vulnerabilities have been reported in Achievo, which can be exploited by malicious users to conduct script insertion and SQL injection attacks. 1) Input passed via the "title" parameter to dispatch.php while creating a new schedule item is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Input passed via the "userid" parameter to dispatch.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in 1.3.4. Other versions may also be affected. SOLUTION: Update to version 1.4.0. PROVIDED AND/OR DISCOVERED BY: Ryan Dewhurst of Bonsai Information Security. ORIGINAL ADVISORY: http://www.bonsai-sec.com/en/research/vulnerabilities/achievo-multiple-xss-0101.txt http://www.bonsai-sec.com/en/research/vulnerabilities/achievo-sql-injection-0102.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From summary at secunia.com Thu Oct 8 10:31:57 2009 From: summary at secunia.com (Secunia) Date: 8 Oct 2009 17:31:57 -0000 Subject: [SEC] Secunia Weekly Summary - Issue: 2009-41 Message-ID: <20091008173157.13764.qmail@mail.secunia.com> ======================================================================== The Secunia Weekly Advisory Summary 2009-10-01 - 2009-10-08 This week: 42 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: The Secunia Vulnerability Intelligence Feed focuses on enabling centralised security teams and relevant security personnel, to receive the latest validated vulnerability and threat intelligence, provided from the Secunia research team. Enabling you to distribute the intelligence through your existing communication channels (Mailing-lists) already in-place within your organisation. Features include: * XML Capability - Dynamic or 24 hour XML feed * Vulnerability Database * E-mail/SMS alerting Click here to learn more: http://secunia.com/gfx/pdf/VIF.pdf Try it: http://secunia.com/advisories/try_vi Did you know that Secunia is GSA approved? For further information please see: GSA Pricing - GSA Contract # GS-35F-0858N ======================================================================== 2) This Week in Brief: pyrokinesis has discovered a vulnerability in Google Apps, which can be exploited by malicious people to compromise a user's system. For more information, refer to: http://secunia.com/advisories/36924/ -- bruiser has discovered a vulnerability in IBM Informix Client Software Development Kit (CSDK) and IBM Informix Connect, which can be exploited by malicious people to compromise a user's system. For more information, refer to: http://secunia.com/advisories/36949/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA36649] Mozilla Firefox Temporary File Download Manipulation Security Issue 2. [SA35948] Adobe Flash Player Multiple Vulnerabilities 3. [SA36671] Mozilla Firefox Multiple Vulnerabilities 4. [SA24314] Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability 5. [SA36627] Apple QuickTime Multiple Vulnerabilities 6. [SA34451] Sun Java JDK / JRE Multiple Vulnerabilities 7. [SA36597] Windows 2000 / XP TCP/IP Window Size Denial of Service Vulnerabilities 8. [SA35949] Adobe Reader/Acrobat SWF Content Arbitrary Code Execution 9. [SA20153] Microsoft Word Malformed Object Pointer Vulnerability 10. [SA36603] Microsoft Windows TCP/IP Implementation Multiple Vulnerabilities ======================================================================== 4) This Week in Numbers During the past week 42 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Plat