Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-200811-0423 CVE-2008-5184 CUPS of Web Cross-site request forgery attack vulnerability in the interface CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions. CUPS is prone to a security bypass vulnerability. Apple cups is an open source printing system driver developed by Apple for its MAC OS X and other UNIX operating systems. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:028 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : January 24, 2009 Affected: 2008.0, 2008.1 _______________________________________________________________________ Problem Description: Security vulnerabilities have been discovered and corrected in CUPS. CUPS before 1.3.8 allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference (CVE-2008-5183). The updated packages have been patched to prevent this. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0032 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 9ff1555139c59b89ea0623dfdfff4de5 2008.0/i586/cups-1.3.6-1.4mdv2008.0.i586.rpm 3cda60090d2108259f55cdbc6cf372e5 2008.0/i586/cups-common-1.3.6-1.4mdv2008.0.i586.rpm 1fbbbf89a0341cf430905757bdc6c355 2008.0/i586/cups-serial-1.3.6-1.4mdv2008.0.i586.rpm f6eb5a73b984f77e851cb39826ba26a1 2008.0/i586/libcups2-1.3.6-1.4mdv2008.0.i586.rpm e8279e8427ef9c3ec9536abe94038423 2008.0/i586/libcups2-devel-1.3.6-1.4mdv2008.0.i586.rpm 9974e6ad715a853706ec26acf9ca73c3 2008.0/i586/php-cups-1.3.6-1.4mdv2008.0.i586.rpm 6f6a298d7935094b6fcd18d39c3de1b7 2008.0/SRPMS/cups-1.3.6-1.4mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 355ce3cfb79a4aebbdabedb206a32e05 2008.0/x86_64/cups-1.3.6-1.4mdv2008.0.x86_64.rpm e3a2b95ac7138318d6cefab0fdf3face 2008.0/x86_64/cups-common-1.3.6-1.4mdv2008.0.x86_64.rpm fb0abf9e3d492edd06876b7d4cebe784 2008.0/x86_64/cups-serial-1.3.6-1.4mdv2008.0.x86_64.rpm 5b5196b27e24fb6ad910563ed884ce2e 2008.0/x86_64/lib64cups2-1.3.6-1.4mdv2008.0.x86_64.rpm e8b1cdbba7283ff2e9b76eb498f508d0 2008.0/x86_64/lib64cups2-devel-1.3.6-1.4mdv2008.0.x86_64.rpm 178ca59986af801a2c29611fa16ce2dd 2008.0/x86_64/php-cups-1.3.6-1.4mdv2008.0.x86_64.rpm 6f6a298d7935094b6fcd18d39c3de1b7 2008.0/SRPMS/cups-1.3.6-1.4mdv2008.0.src.rpm Mandriva Linux 2008.1: 93a94c922f72f8844e232ed779a8c66c 2008.1/i586/cups-1.3.6-5.3mdv2008.1.i586.rpm eccb6a07dd53dbbeb490675c2cf311f0 2008.1/i586/cups-common-1.3.6-5.3mdv2008.1.i586.rpm 2ad9c7135f6d8a2217d34055ca8f57b3 2008.1/i586/cups-serial-1.3.6-5.3mdv2008.1.i586.rpm 62d4efcf07165da647db08d6636ac596 2008.1/i586/libcups2-1.3.6-5.3mdv2008.1.i586.rpm f0779950606ab9fa83b9de410a7beb70 2008.1/i586/libcups2-devel-1.3.6-5.3mdv2008.1.i586.rpm d0bd96dc1aec2dab736d538a7bd49a2b 2008.1/i586/php-cups-1.3.6-5.3mdv2008.1.i586.rpm abd1474014a74c467881ca52b4090ace 2008.1/SRPMS/cups-1.3.6-5.3mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 64aca60db93cd3886f58823155e2f982 2008.1/x86_64/cups-1.3.6-5.3mdv2008.1.x86_64.rpm 2cb2d9467430c4619ed23d37099ad2cc 2008.1/x86_64/cups-common-1.3.6-5.3mdv2008.1.x86_64.rpm 69b5f842144013c41c946783c898c1db 2008.1/x86_64/cups-serial-1.3.6-5.3mdv2008.1.x86_64.rpm 243a0d7da4c4e24ac8c7571a202e1627 2008.1/x86_64/lib64cups2-1.3.6-5.3mdv2008.1.x86_64.rpm 2d4bbbd60d026d3bc272001d447dc5ae 2008.1/x86_64/lib64cups2-devel-1.3.6-5.3mdv2008.1.x86_64.rpm e1a2d953fdc0dbb7eda2097f0e4c38e9 2008.1/x86_64/php-cups-1.3.6-5.3mdv2008.1.x86_64.rpm abd1474014a74c467881ca52b4090ace 2008.1/SRPMS/cups-1.3.6-5.3mdv2008.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJe0RhmqjQ0CJFipgRAsXFAKDBJeogydK5chEfSmEpHuVXDsC6xQCgq+vl JbRgydRjIpXNqGzlnNrqXZI= =2ydF -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-707-1 January 12, 2009 cups, cupsys vulnerabilities CVE-2008-5183, CVE-2008-5184, CVE-2008-5286, CVE-2008-5377 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.12 Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.9 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.3 Ubuntu 8.10: cups 1.3.9-2ubuntu6.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that CUPS didn't properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. (CVE-2008-5183) It was discovered that CUPS did not authenticate users when adding and cancelling RSS subscriptions. An unprivileged local user could bypass intended restrictions and add a large number of RSS subscriptions. This issue only applied to Ubuntu 7.10 and 8.04 LTS. (CVE-2008-5184) It was discovered that the PNG filter in CUPS did not properly handle certain malformed images. If a user or automated system were tricked into opening a crafted PNG image file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-5286) It was discovered that the example pstopdf CUPS filter created log files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. (CVE-2008-5377) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.12.diff.gz Size/MD5: 100650 effacab03a0a75663148e730badca56e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.12.dsc Size/MD5: 1060 e320589ea4731d43a927b6ea986e2ca9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.12_all.deb Size/MD5: 996 01d1b0dbc0bf6fed042b103b81d91293 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 36230 ac91b545a2f40de7c165f160928334be http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 81912 f3ec3b95abadf43c3642d422bb1d8d64 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 2286872 779f854a26f5670c1183aac0a9adf15b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 6092 e4f7e6b58bbcf3656487d779ada528d1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 77434 f7789b8cca7ea8f57ca2ca14f4cc1a9b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 25748 e2a92ba2421bafc00df0a6c1f99bcda8 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.12_amd64.deb Size/MD5: 130184 6a0808bf1ea2650d8a97fc50ceee0aa6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 34766 ec9c0af53c98f9d904a8241331179a6d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 77990 c582e927e8d8bbdd29c5c111bc0dd162 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 2254158 f9e7ba99ce5ff49546a8922df47d0005 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 6092 969b76527edef12a2f3c77a77c97480e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 76550 2e653b4dac7063a7d290918bdafd43cf http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 25748 cfff840b4e9984245fcd15d845183810 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.12_i386.deb Size/MD5: 122384 ec7ddfb032ee70d393c65d9d90060ea0 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 40466 119cafd93458295da6a6c8c12b35a262 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 89530 bc52672d7f4903f7ec745cbe778e4da2 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 2301402 e3bf63715dbebb29410ce13098b645f1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 6088 68fd62d76fc0a4e2e515f5a644852e60 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 79208 b83506e935ffd0ac4c1311f003424f2b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 25744 cb2ca08057f83b9b40b60960712d8766 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.12_powerpc.deb Size/MD5: 128150 597300fc1511305508b9c0e62c061660 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 35388 afe7217a6f8ebe6fba8f7668f8a6d5bf http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 78722 0f5be23fb63000b5fb2945f4a40ad70a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 2287758 3b8180329fa4c55ece2b828e07d3366c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 6090 aee18e619e301cdd7472d6f6a326655c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 76468 398ecfef9fff03f088e4964ad0e76c71 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 25748 22655777c70067f973fef557c9196bdf http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.12_sparc.deb Size/MD5: 123876 99879b6877338c254ae31dcd0f4bae29 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9.diff.gz Size/MD5: 129791 3e27f46f569ec5719b5fe13fb78a9f14 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9.dsc Size/MD5: 1226 3a8eb42c55eb55163497543c39f23124 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.9_all.deb Size/MD5: 1080428 2a130e02392de2ce721ac25a9a71ef0f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 37202 8a68cf9bfa98bda7cf30f6bfba41dd2e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 89510 e721173ffa8c31fc92703b908140e84c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 2034862 f512c15b34be6e169e9f947ca916ca93 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 60018 4f4e8635956b4b882074cc2760ebcb5e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 46878 197a3efe70b9864efe397bb27e455933 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 152008 c05765a56717613f12ca4e47dd751864 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.9_amd64.deb Size/MD5: 186748 03cda4eef301db2a8f2cb6f5344c9f02 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 36480 6742a1d19a47e85b583bfc6cc8e5bef1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 86482 33d1e6cc218245db992e2b8337d63fad http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 2018562 6217c3d4a08b575b0fd01a2f0b6d9965 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 58836 228f15292895fb6714cf83ac08376530 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 46256 a2a663a767af4beccac469b36af692b4 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 145696 099603137d153ed2f50e0154fde6811f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.9_i386.deb Size/MD5: 183548 69d7d5292ed78f5a5dca16d9be7d9ebe lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 36670 2f95875950737fb3b29d8170e0e842be http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 88296 51a1b00b3aa778300d6be240ca814448 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 2021580 ec2e3b013c825e7b1c269778d722c41f http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 59622 38519a455e3dca46fdc55980903ef527 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 47694 2a305b565e33a52d5cfe71bb09d3fbc0 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 142418 b0423e069760ca141c0e73f07b7049fb http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.9_lpia.deb Size/MD5: 181750 8e286ae296e7b3fd216d7137a4c21c19 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 46502 a1296168b5d3706b8870d2aca19cfc4a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 107760 d98d3f88cf3706b28ca9706e4f21897e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 2099848 088263da7a0baba49e4b28f000070cdf http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 59484 85a44c9e70aadd41bdcb9401af938361 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 51846 4442245f4cf71913bbd642f5185f93a0 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 146944 ca2f12efe3d8b1ef0711019a6f4be4a3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.9_powerpc.deb Size/MD5: 192530 47b0cc559fb4548701addb4e389beda1 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 37568 441cbf24d055107a408220ea945357e6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 89612 42f545e2092863afc31a6beb921ba803 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 2061116 df2be5541017e5a11f265dc0420d1de4 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 58094 4602a5ee17eae8d0769901ffff089eac http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 45560 fce319567830955760626e98a52bd9e0 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 148474 0fa2f0010fbd4b08d91b1c62765ed46e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.9_sparc.deb Size/MD5: 182570 ef1eec9c88b499b3cea8742fc31d8edf Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3.diff.gz Size/MD5: 134438 a4a1876673e461e35cfec8952ca054f5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3.dsc Size/MD5: 1441 2ced31d2fde396439410f30e758d7db2 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz Size/MD5: 4700333 383e556d9841475847da6076c88da467 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.3_all.deb Size/MD5: 1144166 4893a05510da7c9b5434d00fc29e455f amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 37532 480443df9d0723c844c0c0f6408169a2 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 89978 0d287573cdcc4701998ce53af56dd3f9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 1880612 2314ea0930f6d00794e0176916b6da35 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 60906 9042974135c36a37171a424b7d4a202d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 50368 3cd1eb8125943eaa9ee6dde601f4422e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 344934 c5aec8c571564cbd0c895145a875d02a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.3_amd64.deb Size/MD5: 177930 36d56cb0664534f425871d13d77e4b1a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 36968 6f01ef27169dfc9aa944c5049acbbe63 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 88402 dd874fead670a6d57e90176ad1facc94 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 1863008 ff961e2dbb46de7be8722d88178a38e6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 60100 0881e753bb681af3463d6ed8d11c09cf http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 49846 07a541a01b7e231c9988e779a3f602d0 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 339346 d5efe383bc97ce56837e36806bfba341 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.3_i386.deb Size/MD5: 174778 a578d4f7a0fe9195167e7a0cafc37974 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 36678 3176e400d418ca744825919b30d1a248 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 88752 998f5ae89f57c5a3874a2bec71f435af http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 1865256 715aafc333b7d070b516950843cdf664 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 60548 39aa25aae6614a78a0b3c29e30d464f9 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 50860 1ba114f3487de2725c3704efbaf6a5c5 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 337010 98f33df59e831f8213370b533c9a6f7b http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.3_lpia.deb Size/MD5: 173708 dca1c947f9af44e5d4c6bc2c604aa371 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 46930 5baf8d502a2bdca9954d98a542e92f1b http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 110824 b0aab96be927c4d4924df4c45049f8a0 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 1949124 d53346f89338971030ed9a202726849c http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 59928 0c7f0193cfee10e401ca8304bc6a20bb http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 54930 694817b2babba26327d4b021a36f938a http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 341674 78be76c752899ff02d96f7d9f4c8cbc1 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.3_powerpc.deb Size/MD5: 183682 2dfb517ad5388b6471fc3f33148110c7 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 38030 018dbd428bea31bff3efe42c650ab930 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 91034 0cdf41119c49465205ec9d85e0fcedcb http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 1897932 265d337f28fada008fdf22034c76d43b http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 57852 5ebf07d4d87d5c0ba46bb52b0cabe6bd http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 48224 ed14b7888ad80c70678b20881c6b9606 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 341382 ed914dcee1d36a7437ebdb46d44fba62 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.3_sparc.deb Size/MD5: 173608 98ee538398dcf7c112099d3e398b686e Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu6.1.diff.gz Size/MD5: 328034 b25d444f40ebc1f17984cb538172480c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu6.1.dsc Size/MD5: 2043 3b36a5cadfe85ed62bf8b28de6ec7591 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu6.1_all.deb Size/MD5: 1162340 88ad6900549400af9f75f927227d45cb http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu6.1_all.deb Size/MD5: 57652 7a33348b800c156e43a83e9083436bd5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu6.1_all.deb Size/MD5: 57660 6c89ff2b1f7fe264b5caaaf986b36d9c http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu6.1_all.deb Size/MD5: 57652 ee1e3c3d68c190281678d7c1e7adadc9 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu6.1_all.deb Size/MD5: 57656 2e8d25c423fbc2e265b0d56633ebc67d http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu6.1_all.deb Size/MD5: 57670 b0c0e0f336be70d0c458b45936f98d0d http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu6.1_all.deb Size/MD5: 4530 23fb36af369fe018cd11fb3291dcc3cc http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu6.1_all.deb Size/MD5: 57656 46de04530c997f729b7dce967559c8b3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 37318 7c4c4cadb4f9b7f6e2c6080b790e6ee1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 119788 72cab9079aeefee51e09a3b31ae592fa http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 1682518 3180c4e3fa3d5cfe0b2b894898485fdd http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 2172420 d7928f5c71b128511a0864db35ba6fe9 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 352208 ba6478c9d8f3712b0c1e648e48bbb0c3 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 172690 b2f7befc45ccf3bcd176186f9c48ceb1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 61404 a16ecd777aca26b88c24d16b69e5f193 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu6.1_amd64.deb Size/MD5: 52392 7a9f6aabf047ad3225f8ec44d2fb5540 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 36216 b4999abd3bf22b2963db0969b40da8e1 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 115352 9ec804831b4557a4ada56602384ecc39 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 1542016 c120e8f977f4b19be21e3b3067ca0df5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 2139174 18db7072b040bc4f3319b3b51361a239 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 345996 53a7bdb95ee0b5d3b0f96c463710dadd http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 169534 efa2f12acaf19bfab23d60478b5586cd http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 60536 ceb4ded5423c0a25ddcc924d29e390f5 http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu6.1_i386.deb Size/MD5: 51750 cf8f8190d6281a5881b8cc1922035758 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 36030 95ca36c48f733f3d709e94c2202e97db http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 114514 c44f5a21e630c130008be55aa258cb42 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 1571226 37ce539f88c38ba11a89515ddc188d2c http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 2135890 46cb00e52f60f8adc58496bc550a5ad9 http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 342976 e14329c1e782470735f35422c592b473 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 167800 9cbad1fe09d9904ae6e026987d85731a http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 60672 8a5ca81cd3803ad98afe963360242177 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu6.1_lpia.deb Size/MD5: 52440 07bf6935608f398215f2880d5be9fd25 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 43578 6876bb9233cf8352dfbf66bc95ddf7e9 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 138186 b3868a2e0d935a95e9083773859f1cbe http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 1663458 2bf2dae0699cf7dc45889dc678f20fcc http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 2264178 b5b51d8116a46689275f98ea94e946af http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 347972 af66fd54a390946c7b676cf54cb6e22e http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 176964 0605e8b21a449afea97a3f5060af63e1 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 61336 79c4d467e37c334effe0b5ee31238901 http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu6.1_powerpc.deb Size/MD5: 57492 a6d2f97d74132b1f2a40599398ecd9b1 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 37220 31f862d50b31324596054730ea09f7d3 http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 117632 b594a8cb5b194fef18a0393968fe0736 http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 1490260 01fcb6d2d1c062dcdfd6cde440ef2a98 http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 2200956 ebfffd46f41befdda3e30e3cb1ab521e http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 344800 6192418a2f2625f81551e9839d1187b4 http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 165706 5804589b4f9bcc3bf016e3394f7acb7f http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 57906 34fef3b4e0a01df4a76c92768a8c292e http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu6.1_sparc.deb Size/MD5: 49792 24e09a0af0155fd8a13ca3f1db035c6d
VAR-200811-0320 CVE-2008-4233 Apple iPhone OS of Safari Vulnerabilities that allow calls to any phone CVSS V2: 2.6
CVSS V3: -
Severity: LOW
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. If the app is launched through Safari while the call permission dialog is displayed, the call is allowed, which may allow a malicious site to initiate a call without user interaction; also in some circumstances, a malicious site may not allow the user to cancel for a short period of time call. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. This is related to vulnerability #10 in: SA32222 6) A weakness exists in the handling of emergency calls, which can be exploited to bypass the Passcode lock and call arbitrary numbers when physical access to the device is provided. 8) A security issue can result in the content of an SMS message being displayed when the message arrives while the emergency call screen is shown. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 10) An error in Safari when handling embedded iframe elements can be exploited to spoof the user interface via content being displayed outside its boundaries. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0319 CVE-2008-4232 Apple iPhone OS of Safari Vulnerabilities in user interface spoofing CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. This is related to vulnerability #10 in: SA32222 6) A weakness exists in the handling of emergency calls, which can be exploited to bypass the Passcode lock and call arbitrary numbers when physical access to the device is provided. 8) A security issue can result in the content of an SMS message being displayed when the message arrives while the emergency call screen is shown. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0316 CVE-2008-4229 Apple iPhone OS of Passcode Lock Race condition vulnerability CVSS V2: 3.7
CVSS V3: -
Severity: LOW
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. The password lock function is used to prevent unauthorized startup of applications. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. 8) A security issue can result in the content of an SMS message being displayed when the message arrives while the emergency call screen is shown. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 10) An error in Safari when handling embedded iframe elements can be exploited to spoof the user interface via content being displayed outside its boundaries. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0317 CVE-2008-4230 Apple iPhone OS of Passcode Lock In SMS Message displayed vulnerability CVSS V2: 1.9
CVSS V3: -
Severity: LOW
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. This is related to vulnerability #10 in: SA32222 6) A weakness exists in the handling of emergency calls, which can be exploited to bypass the Passcode lock and call arbitrary numbers when physical access to the device is provided. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 10) An error in Safari when handling embedded iframe elements can be exploited to spoof the user interface via content being displayed outside its boundaries. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0315 CVE-2008-4228 Apple iPhone OS of Passcode Lock Vulnerabilities that allow emergency calls to any number CVSS V2: 3.6
CVSS V3: -
Severity: LOW
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. The iPhone allows emergency calls while locked. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. 8) A security issue can result in the content of an SMS message being displayed when the message arrives while the emergency call screen is shown. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 10) An error in Safari when handling embedded iframe elements can be exploited to spoof the user interface via content being displayed outside its boundaries. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0314 CVE-2008-4227 Apple iPhone OS In PPTP VPN Connection hijack vulnerability related to connection encryption CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. This is related to vulnerability #10 in: SA32222 6) A weakness exists in the handling of emergency calls, which can be exploited to bypass the Passcode lock and call arbitrary numbers when physical access to the device is provided. 8) A security issue can result in the content of an SMS message being displayed when the message arrives while the emergency call screen is shown. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 10) An error in Safari when handling embedded iframe elements can be exploited to spoof the user interface via content being displayed outside its boundaries. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0011 CVE-2008-1586 Apple iPhone OS of ImageIO In Service operation interruption (DoS) Vulnerabilities CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. Apple iPhone and iPod touch are prone to multiple vulnerabilities: 1. A denial-of-service vulnerability in the ImageIO module. 2. A weakness in Networking. 3. Two security-bypass vulnerabilities in the Passcode Lock functionality. 4. An information-disclosure vulnerability in the Passcode Lock functionality. 5. A memory-corruption vulnerability in Safari. 6. A spoofing vulnerability in Safari. 7. A security-bypass vulnerability in Safari. Successfully exploiting these issues may allow attackers to execute arbitrary code, bypass security restrictions, obtain sensitive information, perform spoofing attacks, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.1 iPhone OS for iPod touch 1.1 through 2.1. A memory exhaustion vulnerability exists in the way TIFF graphics are handled, and viewing specially crafted TIFF graphics may cause the device to restart unexpectedly. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Apple iPhone / iPod touch Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32756 VERIFY ADVISORY: http://secunia.com/advisories/32756/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Apple iPod touch http://secunia.com/advisories/product/16074/ Apple iPhone http://secunia.com/advisories/product/15128/ DESCRIPTION: Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system. 1) A vulnerability in CoreGraphics can potentially be exploited to compromise a vulnerable system. For more information see vulnerability #3 in: SA31326 2) Several vulnerabilities in the processing of TIFF images can potentially be exploited to execute arbitrary code. For more information: SA31610 3) An error in the processing of TIFF images can cause a device reset. 4) An unspecified error can result in the encryption level for PPTP VPN connections to be lower than expected. 5) A signedness error in the Office Viewer component can potentially be exploited to execute arbitrary code via a specially crafted Microsoft Excel file. This is related to vulnerability #10 in: SA32222 6) A weakness exists in the handling of emergency calls, which can be exploited to bypass the Passcode lock and call arbitrary numbers when physical access to the device is provided. 8) A security issue can result in the content of an SMS message being displayed when the message arrives while the emergency call screen is shown. 9) An error in Safari when handling HTML table elements can be exploited to cause a memory corruption and potentially execute arbitrary code when a user visits a specially crafted web site. 10) An error in Safari when handling embedded iframe elements can be exploited to spoof the user interface via content being displayed outside its boundaries. 11) An error exists in Safari when launching an application while a call approval dialog is shown. This can be exploited to call an arbitrary number without user interaction. It is also possible to block the user's ability to cancel the call. 12) An error in Webkit can be exploited to disclose potentially sensitive data from form fields, although the "Autocomplete" feature is disabled. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Michal Zalewski, Google 3) Sergio 'shadown' Alvarez, n.runs AG 4) Stephen Butler, University of Illinois 7) Nolen Scaife 9) Haifei Li of Fortinet's FortiGuard Global Security Research Team 10) John Resig, Mozilla Corporation 11) Collin Mulliner, Fraunhofer SIT 12) an anonymous researcher ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3318 OTHER REFERENCES: SA31326: http://secunia.com/advisories/31326/ SA31610: http://secunia.com/advisories/31610/ SA32222: http://secunia.com/advisories/32222/ SA32706: http://secunia.com/advisories/32706/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0451 No CVE 3Com AP 8760 bypasses authentication, leaking passwords, and SNMP injection vulnerabilities CVSS V2: 8.5
CVSS V3: -
Severity: HIGH
3Com Wireless 8760 Dual-Radio 11a/b/g PoE is a wireless access router for all types of businesses. The HTTP authentication mechanism of the 3Com AP 8760 is as follows: 1. The router checks whether the credentials submitted by the user are valid. 2. If valid, the router's web interface redirects the user to a URL that is only available to authenticated administrative users. Each time an authenticated URL is accessed, no authentication data is sent in the HTTP request, including the password or session ID. The AP simply uses the administrator's source IP address as the authentication data. That is to say, the authentication status only depends on the assumption that the attacker does not know the URL after authentication and the administrator does not share the same source IP address. As long as the administrator URL is accessed from a browser with the same IP address (such as by sharing the same proxy or NAT IP address), the authentication check can be completely bypassed. If you submit a malicious request to the 3Com AP 8760 router, you may also return sensitive data, including the administrator password, on some pages. When changing the system name via SNMP, if a cross-site scripting load is injected on a page such as a login page, the administrator password can be redirected to its own site by overwriting the operational properties of the login form. Successfully exploiting these issues will allow an attacker to obtain administrative credentials, bypass security mechanisms, or run attacker-supplied HTML and script code in the context of the web administration interface. The attacker may then be able to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible
VAR-200901-0056 CVE-2008-5849 Check Point VPN-1 Intranet IP Address disclosure vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. Check Point VPN-1 is prone to an information-disclosure weakness. An attacker can exploit this issue to learn the IP of devices on the internal network. This may aid in further attacks. ---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: Checkpoint VPN-1 Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA32728 VERIFY ADVISORY: http://secunia.com/advisories/32728/ CRITICAL: Not critical IMPACT: Exposure of system information WHERE: >From remote SOFTWARE: Check Point VPN-1/FireWall-1 NGX http://secunia.com/advisories/product/6010/ Check Point VPN-1 UTM NGX http://secunia.com/advisories/product/13346/ Check Point VPN-1 Power NGX http://secunia.com/advisories/product/13348/ DESCRIPTION: Tim Brown and Mark Lowe have reported a vulnerability in Checkpoint VPN-1 products, which can be exploited by malicious people to disclose certain system information. The vulnerability is caused due to an error in the port address translation (PAT) feature when responding with ICMP time exceeded messages. This can be exploited to disclose e.g. SOLUTION: The vendor recommends to block ICMP errors. PROVIDED AND/OR DISCOVERED BY: Tim Brown and Mark Lowe, Portcullis Computer Security ORIGINAL ADVISORY: CheckPoint (Solution ID: sk36321): https://supportcenter.checkpoint.com/supportcenter/index.jsp Portcullis Computer Security: http://www.portcullis.co.uk/293.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200902-0395 CVE-2008-6122 Netgear WGR614 of Web Service disruption in the management interface (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?"). NETGEAR WGR614 is prone to a denial-of-service vulnerability that occurs in the administration web interface. NETGEAR WGR614 is a small wireless broadband router. WGR614 routers have loopholes when processing malformed requests. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Netgear WGR614 Web Interface Request Denial of Service SECUNIA ADVISORY ID: SA32716 VERIFY ADVISORY: http://secunia.com/advisories/32716/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network OPERATING SYSTEM: Netgear WGR614v9 http://secunia.com/advisories/product/20525/ DESCRIPTION: sr. has reported a vulnerability in Netgear WGR614v9, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Restrict access to the web interface. PROVIDED AND/OR DISCOVERED BY: sr. ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065619.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0218 CVE-2008-5041 Sweex RO002 Router Vulnerabilities that gain access CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Sweex RO002 Router with firmware Ts03-072 has "rdc123" as its default password for the "rdc123" account, which makes it easier for remote attackers to obtain access. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Successful exploitation will allow attackers to gain access to the router's web configuration interface. RO002 Router with firmware Ts03-072 is vulnerable; other versions may be affected as well. Sweex RO002 is a broadband router mainly used in Europe. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Sweex RO002 Router Undocumented Account Security Issue SECUNIA ADVISORY ID: SA32623 VERIFY ADVISORY: http://secunia.com/advisories/32623/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network OPERATING SYSTEM: Sweex RO002 Router http://secunia.com/advisories/product/20462/ DESCRIPTION: Rob Stout has reported a security issue in the Sweex RO002 Router, which can be exploited by malicious people to bypass certain security restrictions. modify the configuration. The security issue is reported in firmware version Ts03-072. Reportedly, the vendor is working on a fix. PROVIDED AND/OR DISCOVERED BY: Rob Stout ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200908-0021 CVE-2008-6916 NetPort Software Comes with Siemens SpeedStream 5200 Vulnerabilities that bypass authentication CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname. Siemens SpeedStream 5200 are prone to an authentication-bypass vulnerability that may allow attackers to gain unauthorized administrative access to a router's administration interface. SpeedStream 5200 is an ADSL router suitable for small and medium enterprises. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Siemens SpeedStream 5200 "Host" Header Authentication Bypass SECUNIA ADVISORY ID: SA32635 VERIFY ADVISORY: http://secunia.com/advisories/32635/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network OPERATING SYSTEM: Siemens SpeedStream 5200 http://secunia.com/advisories/product/20486/ DESCRIPTION: hkm has reported a vulnerability in Siemens SpeedStream 5200, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication process when processing HTTP "Host" headers. This can be exploited to bypass authentication and e.g. download the router configuration via an HTTP request containing a wrong "Host" header. SOLUTION: Restrict access to the affected device. PROVIDED AND/OR DISCOVERED BY: hkm ORIGINAL ADVISORY: http://milw0rm.com/exploits/7055 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0453 No CVE Siemens SpeedStream 5200 Host Header Bypass Authentication Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
SpeedStream 5200 is an ADSL router for SMEs.  The authentication process of the SpeedStream 5200 router does not properly verify the HTTP Host header. A remote attacker can bypass the authentication by sending a malicious HTTP request to download the router information.
VAR-200811-0201 CVE-2008-4387 SAP AG SAPgui 'mdrmsap.dll' ActiveX Control Remote Code Execution Vulnerability CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote attackers to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer. SAP AG SAPgui is prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: SAP GUI MDrmSap ActiveX Control Code Execution Vulnerability SECUNIA ADVISORY ID: SA32682 VERIFY ADVISORY: http://secunia.com/advisories/32682/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: SAP GUI 6.x http://secunia.com/advisories/product/3337/ SAP GUI 7.x http://secunia.com/advisories/product/16959/ DESCRIPTION: A vulnerability has been reported in SAPgui, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in the bundled MDrmSap ActiveX control (mdrmsap.dll). This can be exploited to compromise a user's system by e.g. tricking the user into visiting a malicious website. SOLUTION: The vendor has reportedly issued a patch via SAP Note 1142431. http://service.sap.com/sap/support/notes/1142431 PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: US-CERT VU#277313: http://www.kb.cert.org/vuls/id/277313 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0398 CVE-2008-5230 Of unspecified Cisco products and other vendor products TKIP Packet decryption in / Impersonation and ARP Vulnerability such as performing poisoning CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng. Wi-Fi Protected Access (WPA) Encryption Standard is prone to an encryption-bypass vulnerability that affects the Temporal Key Integrity Protocol (TKIP) key. Attackers can exploit this issue to overcome the WPA encryption algorithm and read encrypted data sent from a wireless router to a computer. This may allow attackers to obtain potentially sensitive information; other attacks are also possible. If a remote attacker sends a specially crafted playback message, it may be easier to crack the client's packets, and then perform ARP spoofing or other attacks. Please note that this attack is not a key recovery attack. The attacker can only recover the key used to authenticate the message but not the key used to encrypt and obfuscate data, and can only use the recovered key to forge captured packets. Wen, with a window of opportunity of up to 7 attempts. Each attack can only decrypt one message, and the time spent is about 12-15 minutes
VAR-200904-0147 CVE-2008-6720 DeltaScripts PHP Links of admin/adm_login.php In SQL Injection vulnerability

Related entries in the VARIoT exploits database: VAR-E-200801-0039, VAR-E-200811-0117		 CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin field). DeltaScripts PHP Links is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. PHP Links 1.3 is vulnerable; other versions may also be affected
VAR-200811-0138 CVE-2008-4963 Cisco IOS and CatOS In VTP Interfering with service operations related to packet processing (DoS) Vulnerabilities

Related entries in the VARIoT exploits database: VAR-E-200811-1138		 CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. Cisco IOS and CatOS are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause affected devices to restart, effectively denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCsv05934 and CSCsv11741. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Cisco IOS / CatOS VLAN Trunking Protocol Vulnerability SECUNIA ADVISORY ID: SA32573 VERIFY ADVISORY: http://secunia.com/advisories/32573/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network OPERATING SYSTEM: Cisco Catalyst 6500 Series 12.x http://secunia.com/advisories/product/15864/ Cisco CATOS 5.x http://secunia.com/advisories/product/526/ Cisco CATOS 6.x http://secunia.com/advisories/product/527/ Cisco CATOS 7.x http://secunia.com/advisories/product/185/ Cisco CATOS 8.x http://secunia.com/advisories/product/3564/ Cisco IOS 10.x http://secunia.com/advisories/product/184/ Cisco IOS 11.x http://secunia.com/advisories/product/183/ Cisco IOS 12.x http://secunia.com/advisories/product/182/ Cisco IOS R11.x http://secunia.com/advisories/product/53/ Cisco IOS R12.x http://secunia.com/advisories/product/50/ Cisco IOS XR 3.x http://secunia.com/advisories/product/4907/ DESCRIPTION: A vulnerability has been reported in Cisco IOS/CatOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the handling of VLAN Trunking Protocol (VTP) packets. Successful exploitation requires that "VTP Operating Mode" is set to "server" or "client". SOLUTION: Apply configuration best practices to limit exposure to exploitation (please see the vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits showrun.lee. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200811-0092 CVE-2008-4956 fwb_install in fwbuilder Vulnerable to overwriting arbitrary files CVSS V2: 6.9
CVSS V3: -
Severity: MEDIUM
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file. Fwbuilder is prone to a local security vulnerability. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Firewall Builder: Privilege escalation Date: January 23, 2012 Bugs: #235809, #285861 ID: 201201-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Insecure temporary file usage in Firewall Builder could allow attackers to overwrite arbitrary files. Background ========== Firewall Builder is a GUI for easy management of multiple firewall platforms. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-firewall/fwbuilder < 3.0.7 >= 3.0.7 Description =========== Two vulnerabilities in Firewall Builder allow the iptables and fwb_install scripts to use temporary files insecurely. Workaround ========== There is no known workaround at this time. Resolution ========== All Firewall Builder users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-firewall/fwbuilder-3.0.7" NOTE: This is a legacy GLSA. Updates for all affected architectures are available since March 09, 2010. It is likely that your system is already no longer affected by this issue. References ========== [ 1 ] CVE-2008-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4956 [ 2 ] CVE-2009-4664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4664 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201201-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
VAR-200810-0643 CVE-2008-4309 net-snmp of netsnmp_create_subtree_cache Integer overflow vulnerability in functions

Related entries in the VARIoT exploits database: VAR-E-200810-0809		 CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. net-snmp of netsnmp_create_subtree_cache Functions include SNMP GETBULK An integer overflow vulnerability exists due to a flaw in processing requests.Crafted by a third party SNMP GETBULK Service interruption due to request (DoS) There is a possibility of being put into a state. Net-SNMP is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue affects versions *prior to* the following: Net-SNMP 5.2.5.1 Net-SNMP 5.3.2.3 Net-SNMP 5.4.2.1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Net-SNMP: Denial of Service Date: January 21, 2009 Bugs: #245306 ID: 200901-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability in Net-SNMP could lead to a Denial of Service. Background ========== Net-SNMP is a collection of tools for generating and retrieving SNMP data. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/net-snmp < 5.4.2.1 >= 5.4.2.1 Description =========== Oscar Mira-Sanchez reported an integer overflow in the netsnmp_create_subtree_cache() function in agent/snmp_agent.c when processing GETBULK requests. NOTE: The attacker needs to know the community string to exploit this vulnerability. Workaround ========== Restrict access to trusted entities only. Resolution ========== All Net-SNMP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/net-snmp-5.4.2.1" References ========== [ 1 ] CVE-2008-4309 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200901-15.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Affected packages: Pardus 2008: net-snmp, all before 5.4.1-7-3 net-snmptrap, all before 5.4.1-7-3 Resolution ========== There are update(s) for net-snmp, net-snmptrap. You can update them via Package Manager or with a single command from console: pisi up net-snmp net-snmptrap References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=8577 * http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4309 ------------------------------------------------------------------------ -- Pardus Security Team http://security.pardus.org.tr _______________________________________________ Full-Disclosure - We believe in it. This net-snmp update fixes a divide-by- zero flaw in the snmpd daemon. This vulnerability was introduced by an incorrect fix for CVE-2008-4309. Note: After installing the previous patch for net-snmp (ESX350-200901409-SG), running the snmpbulkwalk command with the parameter -CnX results in no output, and the snmpd daemon stops. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-12-16-1 Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 is now available and addresses the following: CVE-ID: CVE-2008-4309 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may terminate the operation of the SNMP service Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By sending a maliciously crafted SNMPv3 packet, an attacker may cause the SNMP server to terminate, denying service to legitimate clients. By default, the 'WAN SNMP' configuration option is disabled, and the SNMP service is accessible only to other devices on the local network. This issue is addressed by applying the Net-SNMP patches. CVE-ID: CVE-2009-2189 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: Receiving a large number of IPv6 Router Advertisement (RA) and Neighbor Discovery (ND) packets from a system on the local network may cause the base station to restart Description: A resource consumption issue exists in the base station's handling of Router Advertisement (RA) and Neighbor Discovery (ND) packets. A system on the local network may send a large number of RA and ND packets that could exhaust the base station's resources, causing it to restart unexpectedly. This issue is addressed by rate limiting incoming ICMPv6 packets. Credit to Shoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed Co., Shirahata Shin and Rodney Van Meter of Keio University, and Tatuya Jinmei of Internet Systems Consortium, Inc. for reporting this issue. CVE-ID: CVE-2010-0039 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: An attacker may be able to query services behind an AirPort Base Station or Time Capsule's NAT from the source IP of the router, if any system behind the NAT has a portmapped FTP server Description: The AirPort Extreme Base Station and Time Capsule's Application-Level Gateway (ALG) rewrites incoming FTP traffic, including PORT commands, to appear as if it is the source. An attacker with write access to an FTP server inside the NAT may issue a malicious PORT command, causing the ALG to send attacker-supplied data to an IP and port behind the NAT. As the data is resent from the Base Station, it could potentially bypass any IP-based restrictions for the service. This issue is addressed by not rewriting inbound PORT commands via the ALG. Credit to Sabahattin Gucukoglu for reporting this issue. CVE-ID: CVE-2009-1574 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may be able to cause a denial of service Description: A null pointer dereference in racoon's handling of fragmented ISAKMP packets may allow a remote attacker to cause an unexpected termination of the racoon daemon. This issue is addressed through improved validation of fragmented ISAKMP packets. CVE-ID: CVE-2010-1804 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may cause the device to stop processing network traffic Description: An implementation issue exists in the network bridge. Sending a maliciously crafted DHCP reply to the device may cause it to stop responding to network traffic. This issue affects devices that have been configured to act as a bridge, or are configured in Network Address Translation (NAT) mode with a default host enabled. By default, the device operates in NAT mode, and no default host is configured. This update addresses the issue through improved handling of DHCP packets on the network bridge. Credit to Stefan R. Filipek for reporting this issue. Installation note for Firmware version 7.5.2 Firmware version 7.5.2 is installed into Time Capsule or AirPort Base Station with 802.11n via AirPort Utility, provided with the device. It is recommended that AirPort Utility 5.5.2 be installed before upgrading to Firmware version 7.5.2. AirPort Utility 5.5.2 may be obtained through Apple's Software Download site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJNCWXyAAoJEGnF2JsdZQeevTQH/0856gTUzzmL371/nSkhn3qq MCPQVaEMe8O/jy96nlskwzp3X0X0QmXePok1enp6QhDhHm0YL3a4q7YHd4zjm6mM JUoVR4JJRSKOb1bVdEXqo+qG/PH7/5ywfrGas+MjOshMa3gnhYVee39N7Xtz0pHD 3ZllZRwGwad1sQLL7DhJKZ92z6t2GfHoJyK4LZNemkQAL1HyUu7Hj9SlljcVB+Ub xNnpmBXJcCZzp4nRQM+fbLf6bdZ1ua5DTc1pXC8vETtxyHc53G/vLCu8SKBnTBlK JmkpGwG5fXNuYLL8ArFUuEu3zhE7kfdeftUrEez3YeL2DgU9iB8m8RkuuSrVJEY= =WPH8 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2009-0001 Synopsis: ESX patches address an issue loading corrupt virtual disks and update Service Console packages Issue date: 2009-01-30 Updated on: 2009-01-30 (initial release of advisory) CVE numbers: CVE-2008-4914 CVE-2008-4309 CVE-2008-4226 CVE-2008-4225 - ------------------------------------------------------------------------ 1. Summary Updated ESX patches address an issue loading corrupt virtual disks and update Service Console packages for net-snmp and libxml2. 2. Relevant releases VMware ESXi 3.5 without patch ESXe350-200901401-I-SG VMware ESX 3.5 without patches ESX350-200901401-SG, ESX350-200901409-SG, ESX350-200901410-SG VMware ESX 3.0.3 without patches ESX303-200901405-SG, ESX303-200901406-SG VMware ESX 3.0.2 without patches ESX-1007673, ESX-1007674 NOTE: Extended support for ESX 3.5 Update 1 ends on 7/25/2009, users should plan to upgrade to at least ESX 3.5 Update 2 by that time. Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08. Users should plan to upgrade to ESX 3.0.3 and preferably to the newest release available. 3. Problem Description a. Loading a corrupt delta disk may cause ESX to crash If the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be used to crash ESX hosts. A corrupt VMDK delta disk, or virtual machine would have to be loaded by an administrator. VMware would like to thank Craig Marshall for reporting this issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4914 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi 3.5 ESXi ESXe350-200901401-I-SG ESX 3.5 ESX ESX350-200901401-SG ESX 3.0.3 ESX not affected ESX 3.0.2 ESX not affected ESX 2.5.5 ESX not affected * hosted products are VMware Workstation, Player, ACE, Server, Fusion. b. Updated Service Console package net-snmp Net-SNMP is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially- crafted request could cause the snmpd server to crash. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4309 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi 3.5 ESXi not affected ESX 3.5 ESX ESX350-200901409-SG ESX 3.0.3 ESX ESX303-200901405-SG ESX 3.0.2 ESX ESX-1007673 ESX 2.5.5 ESX not affected * hosted products are VMware Workstation, Player, ACE, Server, Fusion. c. Updated Service Console package libxml2 An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4226 to this issue. A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4225 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi 3.5 ESXi not affected ESX 3.5 ESX ESX350-200901410-SG ESX 3.0.3 ESX ESX303-200901406-SG ESX 3.0.2 ESX ESX-1007674 ESX 2.5.5 ESX affected, patch pending * hosted products are VMware Workstation, Player, ACE, Server, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. ESXi ---- ESXi 3.5 patch ESXe350-200901401-I-SG http://download3.vmware.com/software/vi/ESXe350-200901401-O-SG.zip md5sum: 588dc7bfdee4e4c5ac626906c37fc784 http://kb.vmware.com/kb/1006661 NOTE: The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file. ESX --- ESX 3.5 patch ESX350-200901401-SG (VMDK) http://download3.vmware.com/software/vi/ESX350-200901401-SG.zip md5sum: 2769ac30078656b01ca1e2fdfa3230e9 http://kb.vmware.com/kb/1006651 ESX 3.5 patch ESX350-200901409-SG (net-snmp) http://download3.vmware.com/software/vi/ESX350-200901409-SG.zip md5sum: 2c75cd848d9f3c51619b9a7bd60d20a3 http://kb.vmware.com/kb/1006659 ESX 3.5 patch ESX350-200901410-SG (libxml2) http://download3.vmware.com/software/vi/ESX350-200901410-SG.zip md5sum: 061f96373244e7eab3f0d5fe2415ce91 http://kb.vmware.com/kb/1006660 ESX 3.0.3 patch ESX303-200901405-SG (net-snmp) http://download3.vmware.com/software/vi/ESX303-200901405-SG.zip md5sum: 9983b63a1e2dc7fb3d80f0021c1c347c http://kb.vmware.com/kb/1007681 ESX 3.0.3 patch ESX303-200901406-SG (libxml2) http://download3.vmware.com/software/vi/ESX303-200901406-SG.zip md5sum: 2d5a827ccaf406a54dd3a5affee39db0 http://kb.vmware.com/kb/1007682 ESX 3.0.2 patch ESX-1007673 (net-snmp) http://download3.vmware.com/software/vi/ESX-1007673.tgz md5sum: af4a36d2b4d731177210c789df844974 http://kb.vmware.com/kb/1007673 ESX 3.0.2 patch ESX-1007674 (libxml2) http://download3.vmware.com/software/vi/ESX-1007674.tgz md5sum: fb4b5e9a03dea5b9e24cc0766ddd2581 http://kb.vmware.com/kb/1007674 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4914 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 - ------------------------------------------------------------------------ 6. Change log 2009-01-30 VMSA-2009-0001 Initial security advisory after release of patches for ESXi, ESX 3.5, ESX 3.0.3, ESX 3.0.2 on 2009-01-30. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8 wj8DBQFJhAYnS2KysvBH1xkRAiqwAJ47A5mvajtIwB6kZCcNcvUGoraANACbBTsD cgkdo5JKkJLgol+Y2VXW1co= =PvKt -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01820968 Version: 1 HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS), and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-08-12 Last Updated: 2009-08-12 Potential Security Impact: Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS), and Other Vulnerabilities. Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Insight Control Suite For Linux (ICE-LX). The vulnerabilities could be remotely exploited to allow Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS) and other vulnerabilities. References: CVE-2009-2677, CVE-2009-0590, CVE-2009-1272, CVE-2008-5161, CVE-2008-4309, CVE-2008-1720 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Insight Control Suite For Linux (ICE-LX) v2.10 or earlier BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-2677 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.4 CVE-2009-0590 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2009-1272 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2008-5161 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2008-4309 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2008-1720 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following updated product kit available to resolve the vulnerabilities. The HP ICE-LX v2.11 kit is available as described below. The update file is HP_ICE_LX_V2.11_511708_004.iso which can be downloaded from here: https://h20392.www2.hp.com/portal/swdepot/try.do?productNumber=HPICELX The kit can also be obtained by going to http://www.hp.com/go/ice-lx Open Source packages updated in this version (v2.11) of ICE-LX net-snmp-5.4.2.1 php 5.2.9 rsync 3.0.5 openssh 5.2 p1 openssl-0.9.8k PRODUCT SPECIFIC INFORMATION None HISTORY Version:1 (rev.1) 12 August 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== Ubuntu Security Notice USN-685-1 December 03, 2008 net-snmp vulnerabilities CVE-2008-0960, CVE-2008-2292, CVE-2008-4309 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libsnmp-perl 5.2.1.2-4ubuntu2.3 libsnmp9 5.2.1.2-4ubuntu2.3 Ubuntu 7.10: libsnmp-perl 5.3.1-6ubuntu2.2 libsnmp10 5.3.1-6ubuntu2.2 Ubuntu 8.04 LTS: libsnmp-perl 5.4.1~dfsg-4ubuntu4.2 libsnmp15 5.4.1~dfsg-4ubuntu4.2 Ubuntu 8.10: libsnmp15 5.4.1~dfsg-7.1ubuntu6.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. (CVE-2008-0960) John Kortink discovered that the Net-SNMP Perl module did not correctly check the size of returned values. If a user or automated system were tricked into querying a malicious SNMP server, the application using the Perl module could be made to crash, leading to a denial of service. This did not affect Ubuntu 8.10. (CVE-2008-2292) It was discovered that the SNMP service did not correctly handle large GETBULK requests. (CVE-2008-4309) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz Size/MD5: 75402 9655d984a47cec8e27efa4db0b227870 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc Size/MD5: 838 17a17230a005c1acfd0569757e728fad http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz Size/MD5: 3869893 34159770a7fe418d99fdd416a75358b1 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb Size/MD5: 1152306 f7647cee4df8db87ab48c0d05635a973 http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb Size/MD5: 822946 b9b852c188937d1fffc06d4da01325d5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb Size/MD5: 896620 a78012b3f0f13667081f97dc1a4d62e8 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb Size/MD5: 1497194 7d55b8d1e4ae0c45753bedcf536a1a5a http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb Size/MD5: 1826252 0550c1401f9bbe5f345fd96484ed369c http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb Size/MD5: 889330 5ad0ddb2c610973166e4dd07769ba3d3 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb Size/MD5: 797086 18cf4210342b683d3ee24fe995329b55 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb Size/MD5: 896880 298d27ea1ece6e80bb8931b9a5e61961 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb Size/MD5: 1268472 acbca43ab7ea747fa3e4636d15ef997c http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb Size/MD5: 1710342 bd27290685bcf1d6a23eb8705d3367e7 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb Size/MD5: 881838 58121bd9e4c845da7df4e540645e0e13 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb Size/MD5: 794672 221d1c554bd89f50dc3ac9108a6cef6b powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb Size/MD5: 913064 45a033b01c4b31ef90a92988bb5fb229 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb Size/MD5: 1590124 b62aa5477d9307d311c811298b7ec3d9 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb Size/MD5: 1728094 5214ce9aebe3a8d7a28a1746a81ce8ea http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb Size/MD5: 898580 86e6c1b5dfb5bf91f63d7c6786b7abae http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb Size/MD5: 796092 1bab28407224f782b2c3ae04b4647333 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb Size/MD5: 896832 3d233db9682d5654fdad6bc6b5a649ba http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb Size/MD5: 1485268 064304ead0ca4653136376e8e9039e74 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb Size/MD5: 1706490 cb76027eb8167e0866a81b93a4da28ed http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb Size/MD5: 883182 d1ffc12427d92be51efdba3349e74f9a http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb Size/MD5: 796374 0f3f749ebe4af6111fe49316639004e4 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz Size/MD5: 94646 8b6f9380d9f8c5514a1d4db729c6df04 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc Size/MD5: 1287 f53866efd3ae4f3c939a77b1005e1f11 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz Size/MD5: 4210843 360a9783dbc853bab6bda90d961daee5 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb Size/MD5: 484306 f2d03276d1cdcef7e8b276ad8ca9595d http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb Size/MD5: 901284 6889b371d4de92eb61bf83b89d8a8c37 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb Size/MD5: 2541692 1e6de4bd3c3baa444a2e1980a593a40e http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb Size/MD5: 968940 7efe4bdcb99f311f1c4bb2c3b9d24a4e http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb Size/MD5: 1200930 821861c24499cfdfa2a82c329c610c16 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb Size/MD5: 996572 00cc1a4c8c7924124984e666563e73d0 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb Size/MD5: 908792 a40763280a3bdbe60eca5e07c5d6c30c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb Size/MD5: 2321524 59d44616802197e1227cf88abddefe36 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb Size/MD5: 967106 a6e5b308d889bdf6f5abe454e35ba474 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb Size/MD5: 1124462 ec99daa26d0fafba6e9f0b874a23bf3d http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb Size/MD5: 991956 cb20b6a4d68a858ffa0846431169d411 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb Size/MD5: 907546 1ab5119e23a16e99203c113d49fc2723 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb Size/MD5: 2305548 da57690a3327196e0c3684735be23f2e http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb Size/MD5: 968984 8da336a5fd871be10e6b8d66d3b9c9d3 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb Size/MD5: 1074500 e4d6690a6a6a543fc0244a29cd350c9b http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb Size/MD5: 989566 2d2f4b1662e6a2dffafe8e98f00a15e7 http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb Size/MD5: 907596 4274e006754ebc836132166e0f0429a0 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb Size/MD5: 2641202 9b2ec56463ee715752b780aa332d8cd0 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb Size/MD5: 985722 a2fca8426b7b51e98c39b91a468bf71f http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb Size/MD5: 1154496 6073239f7ffead2a5b9c3357ada1602c http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb Size/MD5: 1018596 af12cc55597a0d2d3a92b4b5d683bb14 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb Size/MD5: 911866 57e2246930e712bdc1b039840d43af48 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb Size/MD5: 2527568 19b1a0971259a9b99f9c0386f5935bfc http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb Size/MD5: 970264 d8ae7f0bb10375ad487b14ba031cd013 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb Size/MD5: 1078842 2401fc4c40352b8c8013e8c5de3b0ecd http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb Size/MD5: 995228 16b230d3c718d8eb4a023126bd09d7f5 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb Size/MD5: 908708 1e410a8ddac41ad9faec901c5a638f29 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz Size/MD5: 78642 b4acf50e47be498e579b934f32081d25 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc Size/MD5: 1447 0abcea5df87851df2aae7ebd1fc00e7a http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz Size/MD5: 4618308 0ef987c41d3414f2048c94d187a2baeb Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb Size/MD5: 526864 f3a131bf5a4f5c547573430cb66d410c http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb Size/MD5: 102072 2f276f50efdb7e34f7e61f132f7f7cd7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb Size/MD5: 1796950 283c5a95206ab74062e0e30eba4e0890 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb Size/MD5: 142522 9fff294368a7eac39e37fa478ac6609d http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb Size/MD5: 1296694 d0646a1543c51f14a93b40f972bc1569 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb Size/MD5: 163178 0378a25e3b2a0bc80ddb8ec720b5557d http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb Size/MD5: 75960 fcba461f2e2376cad515329791e04a17 http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb Size/MD5: 38512 21d9ecbc86a8e5965047d027e94fd324 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb Size/MD5: 1556806 39e4f63b841c4b36c022017d66c12f58 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb Size/MD5: 179478 5f08596ae997792920e238ff8cd2a7ba http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb Size/MD5: 1098794 38bc61a5b403fb4f626a641a5f13e681 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb Size/MD5: 157954 66e38c37639f3c68e7e4a933fa953ff3 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb Size/MD5: 74116 50b3a4d0cfd38585d2711d30cf725e9d http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb Size/MD5: 75038 98cdeec4b1014568b00107a82fc74418 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb Size/MD5: 1552018 d9dcab084f3b9bf3e8c36cb5db8f141e http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb Size/MD5: 141508 96061180809cccc975e0d7079e07ed3e http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb Size/MD5: 1171530 2d91048fe0a2ac9e3a4fddb84c67513e http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb Size/MD5: 155564 c67ba3aeb2535ee3e7fc4c89e90ba36a http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb Size/MD5: 74274 db05202893f516398bbe4e2153ef2d6e http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb Size/MD5: 35552 a75caf212ffb5a0eafe4ba2656c9aae1 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb Size/MD5: 1874428 0ed8b5f4e6bad74d506d73447de00bd2 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb Size/MD5: 158374 dfcd7c4455b4bbd3f746368058d09a59 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb Size/MD5: 1238226 b5b3a81e956cdb14674d571694d1b6d0 http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb Size/MD5: 185314 5e9d8bd56493f75ae8a8691c530aa420 http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb Size/MD5: 83106 75dea32ec7152b7868fabf09d9d5a198 http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb Size/MD5: 42928 214fe703fced2e387b48b51dcbb1d6b7 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb Size/MD5: 1760062 ade4c08289d947d092a5b2ab06517cc7 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb Size/MD5: 143860 62b7260d618531b0ed5e7871ab7b99a9 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb Size/MD5: 1159702 28ea81660bbdd9d7982be58d225e8814 http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb Size/MD5: 160236 196e493ce73905446a3764e73b99f332 http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb Size/MD5: 75518 f24e4b0e3e4a7d97c28da99cdc0a47a5 http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb Size/MD5: 38240 873f5e820e381ec2254ed520bcd09af0 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz Size/MD5: 82260 85fb58aa81933f142bd937bca2e18341 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc Size/MD5: 1956 1ee06f6b731eae435af6a2d438ef909b http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz Size/MD5: 4618308 0ef987c41d3414f2048c94d187a2baeb Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb Size/MD5: 527650 9c56f3d70018b714895a61c0daba9498 http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb Size/MD5: 103060 108eb50387ca46b4ee38ebb8722ced88 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb Size/MD5: 1815638 82385081fe2d4eeb1a6c94f9dae672ad http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb Size/MD5: 146154 1b6249e02e89213f2f4d2aa9c9123420 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb Size/MD5: 1315628 8443e091f2c63485a422236ad23e55cd http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb Size/MD5: 165522 154a05824b98e041ceac60ac83709ef4 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb Size/MD5: 77914 8d6e328f309e78bf1fcf21c2633d82ec http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb Size/MD5: 39930 6b7a1a67ca63b5c843ce66f3547b3c89 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb Size/MD5: 1569568 dd0599b150eccee9889325d17a7b0769 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb Size/MD5: 184264 52a54aebef81648164a5bc90f27b0cc5 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb Size/MD5: 1119072 10c81fe283b25e7ad31fcfd88a2325f0 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb Size/MD5: 156112 6296f0836bc9797ff48810c79965c3a5 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb Size/MD5: 74476 bd96a6915eb97fed083aac4daa5f07cf http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb Size/MD5: 77652 3e30e51c362dfa982a3b3197be081328 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb Size/MD5: 1557614 065f4575c7a2d257fa6b5b9d0cee454f http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb Size/MD5: 144292 b55f2c4aff8a86499d7f38fd6e773f44 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb Size/MD5: 1184272 84116fefdce279ce338ffc9614384c06 http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb Size/MD5: 154444 ffe9e765a01695355bdb58008a2910f5 http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb Size/MD5: 73746 762e75672fbd395d2d159513f5d572b0 http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb Size/MD5: 36530 0a98b51b94a5f75d4131d657aa766579 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb Size/MD5: 1884632 a3ad023841ee605efa1e055712b44d9a http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb Size/MD5: 161074 5586adea8200d2d5bf81f288b5bf7be2 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb Size/MD5: 1249636 48ec688499fea1dc0ccb3091c0158fb8 http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb Size/MD5: 181952 8ef5f6b9b6c6b8e4fcd5cb37147304a2 http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb Size/MD5: 81802 965218126fb5a49cfcd9e20afeb49782 http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb Size/MD5: 43048 09f2f9ed9f519ca5723411802e46d48b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb Size/MD5: 1759316 46455cc355c1b808243eada0f134d00b http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb Size/MD5: 145164 2cdb5b35db853c7c184a44022fc23cd8 http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb Size/MD5: 1159834 cfff424e5bff38bb3ef9419f03465388 http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb Size/MD5: 163042 354f7a5423a34c411c5f8620c66d3e58 http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb Size/MD5: 76994 ca11bcf9a411f618e35e1d6b6ab8c8f9 http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb Size/MD5: 38526 172493ec5df1866e2633e074c7f38775