Re: [Full-disclosure] sugget a small pentest distro
Hi: On Wed, Nov 09, 2005 at 12:41:41PM +0530, crazy frog crazy frog wrote: Hi, i know ab tlal thjose distros auditor,phlak,whax etc but what i want I would still reccomend that you stick with whax (or whatever the name du jour is). It's very modular, and you can easily remove the modules that you consider less important for your work. You might have to cut a lot out, but AFAIK there's nothing else that has as much functionality, is updated, and still works well. Even just having all the wireless driver patches in one kernel is nice. is a distro whose size is much smaller among this distros. *shrugs*. It fits and boots fine on my USB keychain. Are you trying to fit it on a business card or something? good luck, ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Schwarzenegger Has Trouble With Voting Computers: Already Voted? How many others?
How can a system this badly broken still be in use and maintain control? http://www.cbsnews.com/stories/2005/11/08/politics/main1027281.shtml Nobody bothers to even ask how many other votes there were already in the system or what happened to them? Who was in charge of inputting the votes, how many people's votes did he input, who did he have them vote for and why didn't he purge them after the test? http://nightweed.com/usavotefacts.html The US elections are clearly invalid, even by the lowest banana-state standards. Why is no accountability taking place? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] sugget a small pentest distro
You could ofcourse take any one of the distros and install it on a 1G thumb drive.. then you'd have a rightable area on a bootable device to store your results. And it's much smaller then even a mini-cd. crazy frog crazy frog wrote: Hi, i know ab tlal thjose distros auditor,phlak,whax etc but what i want is a distro whose size is much smaller among this distros. thanks On 11/9/05, John Smith [EMAIL PROTECTED] wrote: I like knoppix STD, it fits on a CD, but hasn't been updated in sometime. First hit on google for live linux cds http://www.frozentech.com/content/livecd.php?pick=Allshowonly=security I even narrowed it down to the security section for your lazy ass. crazy frog crazy frog wrote: Hi, can anyone suggest a small pentest liux distro.smallest means(under 250 mb.),i seen one on whax site.has any one used it? no google please -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) oh yeah oh yeah... another wannabe, in hackerland!!! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) oh yeah oh yeah... another wannabe, in hackerland!!! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- Robert P. McKenzie, CSTA, MBCS | GammaRay Technical Services Ltd [EMAIL PROTECTED] | [EMAIL PROTECTED] http://www.uk-experience.com | http://www.gammaray-tech.com Fancy some fun? http://www.thewetwilly.com Ecademy Profile: http://www.ecademy.com/user/robertmckenzie ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 890-1] New libungif4 packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 890-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 9th, 2005 http://www.debian.org/security/faq - -- Package: libungif4 Vulnerability : several Problem type : remote Debian-specific: no CVE IDs: CVE-2005-2974 CVE-2005-3350 Debian Bug : 337972 Chris Evans discovered several security related problems in libungif4, a shared library for GIF images. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2005-2974 Null pointer dereference, that could cause a denial of service. CVE-2005-3350 Out of bounds memory access that could cause a denial of service or the execution of arbitrary code. For the old stable distribution (woody) these problems have been fixed in version 4.1.0b1-2woody1. For the stable distribution (sarge) these problems have been fixed in version 4.1.3-2sarge1. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your libungif4 packages. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - Source archives: http://security.debian.org/pool/updates/main/libu/libungif4/libungif4_4.1.0b1-2woody1.dsc Size/MD5 checksum: 675 193e9d1e48023d8d8a68b6b47117bd3d http://security.debian.org/pool/updates/main/libu/libungif4/libungif4_4.1.0b1-2woody1.diff.gz Size/MD5 checksum:27508 91b78e7830e28f8a249a47ec8b56 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4_4.1.0b1.orig.tar.gz Size/MD5 checksum: 351757 20d96eb90cf818a1da093614c44ad3e5 Alpha architecture: http://security.debian.org/pool/updates/main/libu/libungif4/libungif-bin_4.1.0b1-2woody1_alpha.deb Size/MD5 checksum: 285014 9e17b79f15df1cfb9aedd60feba2afe9 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4-dev_4.1.0b1-2woody1_alpha.deb Size/MD5 checksum:40756 8097a2e1e0fa17b39e4fdfd9bc28879d http://security.debian.org/pool/updates/main/libu/libungif4/libungif4g_4.1.0b1-2woody1_alpha.deb Size/MD5 checksum:54530 4ac2a7261df16ee8d10bc21c36a295b5 ARM architecture: http://security.debian.org/pool/updates/main/libu/libungif4/libungif-bin_4.1.0b1-2woody1_arm.deb Size/MD5 checksum: 202104 46a240858733d79c0baf5ebe6c243ff1 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4-dev_4.1.0b1-2woody1_arm.deb Size/MD5 checksum:36502 9ed4b465c89df64bba1514ce82aec53b http://security.debian.org/pool/updates/main/libu/libungif4/libungif4g_4.1.0b1-2woody1_arm.deb Size/MD5 checksum:51430 06180a7e6f55d6f6e2d4db7201f4180f Intel IA-32 architecture: http://security.debian.org/pool/updates/main/libu/libungif4/libungif-bin_4.1.0b1-2woody1_i386.deb Size/MD5 checksum: 201766 9c5ce5176dd0699241aeb96fb5546461 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4-dev_4.1.0b1-2woody1_i386.deb Size/MD5 checksum:33840 d368a92eeff505e55277410786af1b45 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4g_4.1.0b1-2woody1_i386.deb Size/MD5 checksum:50088 3b0fbc30998dff62708290f4c86f2d00 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/libu/libungif4/libungif-bin_4.1.0b1-2woody1_ia64.deb Size/MD5 checksum: 256632 eac1e46e0c49533af5d434a9a6d8f8fa http://security.debian.org/pool/updates/main/libu/libungif4/libungif4-dev_4.1.0b1-2woody1_ia64.deb Size/MD5 checksum:45352 a6f1dc47e819dfe577c8ea404e8b5276 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4g_4.1.0b1-2woody1_ia64.deb Size/MD5 checksum:60604 3bc0eab856905cca5f9a0523a6ddaff8 HP Precision architecture: http://security.debian.org/pool/updates/main/libu/libungif4/libungif-bin_4.1.0b1-2woody1_hppa.deb Size/MD5 checksum: 217600 9037e57c508a9f57a4dd594688e218b5 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4-dev_4.1.0b1-2woody1_hppa.deb Size/MD5 checksum:38582 52a9dd58156cf29265be55342cfe9976 http://security.debian.org/pool/updates/main/libu/libungif4/libungif4g_4.1.0b1-2woody1_hppa.deb Size/MD5 checksum:
AW: [Full-disclosure] sugget a small pentest distro
Hi, I use Damn Small Linux (http://www.damnsmalllinux.org) on a USB stick. It's about 50MB and really helpful! Regards, David Hi, can anyone suggest a small pentest liux distro.smallest means(under 250 mb.),i seen one on whax site.has any one used it? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Security Updates Without Rebooting
On Mon, Nov 07, 2005 at 10:42:11PM +, Carlos Silva aka|Danger_Man| wrote: Hello all, Can someone explain how to apply security patches on the system without rebooting the machine? I guess that I cant patch the kernel without compiling and rebooting the machine, so the only way is with iptables and keeping the daemons fresh? Regards, Carlos Silva, If we are talking some *nix, just stop the vulnerable daemon, update, and start it again. Not very difficult... Patching the kernel while running is be possible, but hardly practical - unless you are very, very good. I've never seen it done, but it does happen in rootkits and is said to be possible in many cases. (What seems, to me, to be more practical is just to build a modular Linux kernel and update only the vulnerable module with the most minimal patch you can find - however, this only works with very modular kernels, OpenBSD wouldn't be helped much by this. Then again, patching the OpenBSD kernel isn't required too often...) Joachim ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] sugget a small pentest distro
metasploit? Virtually, mike On Wed, 9 Nov 2005, crazy frog crazy frog wrote: Hi, can anyone suggest a small pentest liux distro.smallest means(under 250 mb.),i seen one on whax site.has any one used it? no google please -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) oh yeah oh yeah... another wannabe, in hackerland!!! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 891-1] New gpsdrive packages fix arbitrary code execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 891-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 9th, 2005http://www.debian.org/security/faq - -- Package: gpsdrive Vulnerability : format string Problem type : remote Debian-specific: no CVE ID : CVE-2005-3523 Kevin Finisterre discovered a format string vulnerability in gpsdrive, a car navigation system, that can lead to the execution of arbitrary code. The old stable distribution (woody) does not contain gpsdrive packages. For the stable distribution (sarge) this problem has been fixed in version 2.09-2sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.09-2sarge1. We recommend that you upgrade your gpsdrive package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1.dsc Size/MD5 checksum: 650 7e940e752e94bdce9faa0edaa7b599a7 http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1.diff.gz Size/MD5 checksum: 5709 c68c7972e819dbf915309b3dff6d8d00 http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09.orig.tar.gz Size/MD5 checksum: 1745509 eaa52cb220f3d10312a1046dd47126bb Alpha architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_alpha.deb Size/MD5 checksum: 1341932 edb897742d7478528b35f8d977e3b617 AMD64 architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_amd64.deb Size/MD5 checksum: 1309112 fe28e7fc09fabb7df65b01a6fbad7306 ARM architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_arm.deb Size/MD5 checksum: 1340502 b1575cef87779bb5bd674a8570e55b81 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_i386.deb Size/MD5 checksum: 1305800 6f735e27bacc7248585eca1b9f8d3f11 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_ia64.deb Size/MD5 checksum: 1394362 1dcd199eb12a793a0d6849ef0a13ced6 HP Precision architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_hppa.deb Size/MD5 checksum: 1344952 2e3fea6bf831df8a7bd2d040004c335f Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_m68k.deb Size/MD5 checksum: 1286134 560e1f077a2699c86aa250de29e1cf49 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_mips.deb Size/MD5 checksum: 1305774 9cb3ec7b0e1745a4e13d8d58dcfaa18f Little endian MIPS architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_mipsel.deb Size/MD5 checksum: 1300386 2e434f792c53410379c1c5115fe1780b PowerPC architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_powerpc.deb Size/MD5 checksum: 1316684 c188aada3e18d94c707d9a27a8e909b1 IBM S/390 architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_s390.deb Size/MD5 checksum: 1297600 18c6e478df84b060459da8ecbe8f5c11 Sun Sparc architecture: http://security.debian.org/pool/updates/main/g/gpsdrive/gpsdrive_2.09-2sarge1_sparc.deb Size/MD5 checksum: 1302592 ba2648e0afeb356323a6c65a87ba7b77 These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDcdXoW5ql+IAeqTIRAtNEAJ9sPURbD823DuEpdd/3ArI5jIh7sQCaA4Ns P5fV/I49dkcecDaPbR/6kr4= =xM3B -END PGP SIGNATURE- ___ Full-Disclosure -
Re: [Full-disclosure] sugget a small pentest distro
You can customize WHAX (http://www.iwhax.net) so you can have it on the size you want. On Wednesday 09 November 2005 03:51, crazy frog crazy frog wrote: Hi, can anyone suggest a small pentest liux distro.smallest means(under 250 mb.),i seen one on whax site.has any one used it? no google please ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS
(The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdf ) CYBSEC S.A. www.cybsec.com Advisory Name: HTTP Response Splitting in SAP WAS (Web Application Server) Vulnerability Class: HTTP Response Splitting Release Date: 11/09/2005 Affected Applications: * SAP WAS 6.10 * SAP WAS 6.20 * SAP WAS 6.40 * SAP WAS 7.00 Affected Platforms: * Platform-Independent Local / Remote: Remote Severity: High Author: Leandro Meiners. Vendor Status: * Confirmed, patch released. Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerability_policy.pdf Product Overview: = SAP Web Application Server is an open standard-based platform for developing, and implementing Web applications. SAP Web Application Server is a crucial component of mySAP® Technology platform as it serves as the underlying infrastructure for many SAP solutions (for example, SAP Portal). SAP WAS provides a development infrastructure on which to develop, distribute, and execute platform-independent Web services and business applications. SAP Web Application Server supports ABAP, Java, and Web services. The vulnerability discovered only applies to the BSP runtime of SAP WAS. Vulnerability Description: == SAP Web Application Server was found to be vulnerable to HTTP Response Splitting, in the parameter sap-exiturl. For further reference regarding HTTP Response Splitting see the whitepaper HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics (available at: http://www.packetstormsecurity.org/papers/general/whitepaper_httpresponse.pdf) Exploit (PoC): == If the string %0a%0dHeader:+Value is passed (omitting the double quotes) as the value for the parameter sap-exiturl the string Header: value (without the double quotes) is considered as another HTTP header, indicating the presence of the vulnerability. Solutions: == The solution, provided by SAP, is to disable support for the parameter in older 6.10 releases as well as SP's in 6.20 prior to SP54. For new 6.20 and 7.00 releases the sap-exiturl parameter will be submitted to a customer configured white-list. For further information see SAP Note 887322. Vendor Response: * 09/23/2005: Initial Vendor Contact. * 09/27/2005: Technical details for the vulnerabilities sent to vendor. * 10/14/2005: Solutions provided by vendor for all vulnerabilities. * 11/09/2005: Coordinate release of advisory. Contact Information: For more information regarding the vulnerability feel free to contact the author at lmeinersatcybsec.com. For more information regarding CYBSEC: www.cybsec.com Leandro Meiners CYBSEC S.A. Security Systems E-mail: [EMAIL PROTECTED] Tel/Fax: [54-11] 4382-1600 Web: http://www.cybsec.com PGP-Key: http://pgp.mit.edu:11371/pks/lookup?search=lmeinersop=index ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] CYBSEC - Security Advisory: Phishing Vector in SAP WAS
(The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Phishing_Vector_in_SAP_WAS.pdf ) CYBSEC S.A. www.cybsec.com Advisory Name: Phishing Vector in SAP WAS (Web Application Server) Vulnerability Class: Phishing Vector / Improper Input Validation Release Date: 11/09/2005 Affected Applications: * SAP WAS 6.10 * SAP WAS 6.20 * SAP WAS 6.40 * SAP WAS 7.00 Affected Platforms: * Platform-Independent Local / Remote: Remote Severity: Medium Author: Leandro Meiners. Vendor Status: * Confirmed, patch released. Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerability_policy.pdf Product Overview: = SAP Web Application Server is an open standard-based platform for developing, and implementing Web applications. SAP Web Application Server is a crucial component of mySAP® Technology platform as it serves as the underlying infrastructure for many SAP solutions (for example, SAP Portal). SAP WAS provides a development infrastructure on which to develop, distribute, and execute platform-independent Web services and business applications. SAP Web Application Server supports ABAP, Java, and Web services. The vulnerability discovered only applies to the BSP runtime of SAP WAS. Vulnerability Description: SAP Web Application Server was found to provide a vector to allow Phishing scams against SAP WAS applications. Exploit (Poc): == The parameter sap-exiturl allows absolute URLs, such as http://www.google.com by specifying http://; as http%3a%2f%2f. This together with the parameter sap-sessioncmd, can be used to mount a Phishing scam by sending a link like http://sap-was/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=closesapexiturl=http%3a%2f%2fwww.attacker.com that will logout the user from the application (sap-sessioncmd=close), even if not logged in, and redirect to the attacker site. Solutions: == The solution, provided by SAP, is to disable support for the parameter in older 6.10 releases as well as SP's in 6.20 prior to SP54. For new 6.20 and 7.00 releases the sap-exiturl parameter will be submitted to a customer configured white-list. For further information see SAP Note 887322. Vendor Response: * 09/23/2005: Initial Vendor Contact. * 09/27/2005: Technical details for the vulnerabilities sent to vendor. * 10/14/2005: Solutions provided by vendor for all vulnerabilities. * 11/09/2005: Coordinate release of advisory. Contact Information: For more information regarding the vulnerability feel free to contact the author at lmeinersatcybsec.com. For more information regarding CYBSEC: www.cybsec.com Leandro Meiners CYBSEC S.A. Security Systems E-mail: [EMAIL PROTECTED] Tel/Fax: [54-11] 4382-1600 Web: http://www.cybsec.com PGP-Key: http://pgp.mit.edu:11371/pks/lookup?search=lmeinersop=index ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] CYBSEC - Security Advisory: Multiple XSS in SAP WAS
(The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf ) CYBSEC S.A. www.cybsec.com Advisory Name: Multiple XSS in SAP WAS (Web Application Server) Vulnerability Class: Cross-Site Scripting Release Date: 11/09/2005 Affected Applications: * SAP WAS 6.10 * SAP WAS 6.20 * SAP WAS 6.40 * SAP WAS 7.00 Affected Platforms: * Platform-Independent Local / Remote: Remote Severity: Medium Author: Leandro Meiners. Vendor Status: * Confirmed, patch released. Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerability_policy.pdf Product Overview: = SAP Web Application Server is an open standard-based platform for developing, and implementing Web applications. SAP Web Application Server is a crucial component of mySAP® Technology platform as it serves as the underlying infrastructure for many SAP solutions (for example, SAP Portal). SAP WAS provides a development infrastructure on which to develop, distribute, and execute platform-independent Web services and business applications. SAP Web Application Server supports ABAP, Java, and Web services. The vulnerability discovered only applies to the BSP runtime of SAP WAS. Vulnerability Description: SAP Web Application Server was found to be vulnerable to JavaScript injection, allowing for Cross-Site Scripting attacks. Three different vectors for script injection where discovered: * Error Pages (in error messages displayed) (SAP WAS 6.20 and above not Vulnerable) * The syscmd parameter * SYSTEM PUBLIC (Test Application) Exploit (Poc): == Following is a Proof of Concept for each script injection vector: * Error Pages: http://sap-was/sap/bc/BSp/sap/index.html%3Cscript%3Ealert('xss')% 3C/script%3E * The syscmd parameter: http://sap-was/sap/bc/BSp/sap/menu/fameset.htm?sap-sessioncmd=opensap-syscmd=%3Cscript%3Ealert('xss')%3C/script%3E * Test Application (SYSTEM PUBLIC): In BspApplication field it is possible to inject JavaScript code such as: scriptalert('xss')/script. Solutions: == For solutions regarding Error Pages and the syscmd parameter as attack vectors please see SAP Note 887323, which indicates Service Packs to apply. For solutions regarding SYSTEM PUBLIC Test Application please see SAP Note 887164 which lists all test applications that shouldn't be activated on production systems. Regarding XSS issues the BSP compiler has been extended to have a new forceEncode=HTML page directive, for more information see SAP Note 887168. This new feature will be applied to test applications in the next SP cycle. All test applications should always be removed from production systems, customers can use transaction SMICM to disable the test applications. Vendor Response: * 09/23/2005: Initial Vendor Contact. * 09/27/2005: Technical details for the vulnerabilities sent to vendor. * 10/14/2005: Solutions provided by vendor for all vulnerabilities. * 11/09/2005: Coordinate release of advisory. Thanks: === Special thanks go to Mariano Nuñez Di Croce. Contact Information: For more information regarding the vulnerability feel free to contact the author at lmeinersatcybsec.com. For more information regarding CYBSEC: www.cybsec.com Leandro Meiners CYBSEC S.A. Security Systems E-mail: [EMAIL PROTECTED] Tel/Fax: [54-11] 4382-1600 Web: http://www.cybsec.com PGP-Key: http://pgp.mit.edu:11371/pks/lookup?search=lmeinersop=index ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: sugget a small pentest distro
Maybe you can try SLAX LIVE CD (http://slax.linux-live.org). Great useful desktop distro (185mb). Kind regards, JLG crazy frog crazy frog wrote: Hi, can anyone suggest a small pentest liux distro.smallest means(under 250 mb.),i seen one on whax site.has any one used it? no google please -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) oh yeah oh yeah... another wannabe, in hackerland!!! -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 --- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Paint the walls different colors or have different color chairs in each room and call the rooms based on thier color. I.E. - The BLue room, The Red Room, The Green Room sounds governmental ~pingywon - Original Message - From: Native.Code To: full-disclosure@lists.grok.org.uk Sent: Wednesday, November 09, 2005 5:08 AM Subject: [Full-disclosure] Meeting Room Names Something not related to vulnerabilities you guysare requested to suggest names for our meeting rooms. We don't want to call them with sad names like Room A, Board Room etc. but something interesting. We work in IT security area like you. A room with which name will you like to have your meeting in? ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] RE: Full-Disclosure Digest, Vol 9, Issue 3
On Sat, 2005-11-05 at 14:49 -0800, Brian Dessent wrote: snip Don't security professionals know how to use email for god's sake? Hi! You must be new to the list - little tip, but keep it to yourself; Full Disclosure isn't entirely populated by security professionals ;) /flippancy - James. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Hi, Native.Code wrote: Something not related to vulnerabilities you guys are requested to suggest names for our meeting rooms. We don't want to call them with sad names like Room A, Board Room etc. but something interesting. The Kevin Mitnick Room. Simon (ducksruns) signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
On Wed, Nov 09, 2005 at 06:08:50PM +0800, Native.Code wrote: Something not related to vulnerabilities you guys are requested to suggest names for our meeting rooms. We don't want to call them with sad names like Room A, Board Room etc. but something interesting. you could name them after famous cryptographers, or infamous hackers. My company names meeting rooms after scenes from the movie Office Space. eric ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
We work in IT security area like you. A room with which name will you like to have your meeting in? Use C function names typically associated with problems .. eg: strcpy() strcmp() sprintf() Good luck getting any vendor to find them to deliver the sales-glossy to the management (might not be a bad thing ...) Michael Holstein CISSP GCIA Cleveland State University ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Meeting Room Names
Eric wrote: you could name them after famous cryptographers, or infamous hackers. My company names meeting rooms after scenes from the movie Office Space. Good stuff, example? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Native.Code wrote: Something not related to vulnerabilities you guys are requested to suggest names for our meeting rooms. We don't want to call them with sad names like Room A, Board Room etc. but something interesting. We work in IT security area like you. A room with which name will you like to have your meeting in? Maybe HTTP status codes? Room 404, Room 409, 410 ... and 403 is your server room off course. ;-) Luc 100 Continue 101 Switching Protocols 200 OK 201 Created 202 Accepted 203 Non-Authoritative Information 204 No Content 205 Reset Content 206 Partial Content 300 Multiple Choices 301 Moved Permanently 302 Moved Temporarily 303 See Other 304 Not Modified 305 Use Proxy 400 Bad Request 401 Unauthorized 402 Payment Required 403 Forbidden 404 Not Found 405 Method Not Allowed 406 Not Acceptable 407 Proxy Authentication Required 408 Request Time-Out 409 Conflict 410 Gone 411 Length Required 412 Precondition Failed 413 Request Entity Too Large 414 Request-URL Too Large 415 Unsupported Media Type 500 Server Error 501 Not Implemented 502 Bad Gateway 503 Out of Resources 504 Gateway Time-Out 505 HTTP Version not supported ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Good stuff, example? Crypto : Zimmerman } PGP Ramir } Shamir } RSA folks Adleman} Schneier } Blowfish Daemen } Ranjadel (AES) Rijmen } Ranjadel (AES) Hackers : Mitnick (Novell, Phone companies, etc.) Johansen (deCSS, et.al) And a bunch of script kiddies that wrote (somewhat) legendary worms .. but they don't deserve anything more than an imprint of my boot. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Native.Code wrote: Something not related to vulnerabilities you guys are requested to suggest names for our meeting rooms. We don't want to call them with sad names like Room A, Board Room etc. but something interesting. We work in IT security area like you. A room with which name will you like to have your meeting in? Well, if we're talking ideal... I'd like to see someone implement the names of the Hells references in Big Trouble in Little China... We'll meet in the Hell of Hanging Bodies today. OK, or check into a psycho ward, whichever comes first. -bkfsec ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Happy Helpful web apps that just need port xx open....
Sorry, no way on earth am I gonna run your wretched java virus/trojan just in order to get the opportunity to have marketing bullshit rammed down my throat. It's utter GARBAGE to claim that installing some completely unknown java application is somehow a safe environment compared to reading plain text emails. cheers, DaveK Very succintly put. Anybody who thinks that blindly downloaded software running in a virtual machine is safe deserves what they get. Anybody who opens a hole in their firewall to accommodate it probably also wants to help Nigerian Billionaires transfer their money to a US bank account. Sigh. Sadly the Dilbert bosses hear this marketing pablum, believe it, then criticize their security/network people as overly negative and resistant to change when they oppose this crap. Do you suppose there is any way we could buy off, er I mean pursuade, the trial lawyers to get civil liability to attach to negligently misrepresented software? Dan Sichel CCNP, MCSE Network Engineer Ponderosa Telephone [EMAIL PROTECTED] (559) 868-6367 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Hi, i like todd's suggestion ;) jmp room,nop room,xor room,polymorphic room,viral room,shell code room,x86 room,sparc room,31337 room.and goes on. -- bam bam ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) oh yeah oh yeah... another wannabe, in hackerland!!! On 11/9/05, Todd Towles [EMAIL PROTECTED] wrote: Eric wrote: you could name them after famous cryptographers, or infamous hackers. My company names meeting rooms after scenes from the movie Office Space. Good stuff, example? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Meeting Room Names
Crazy Frog wrote: Hi, i like todd's suggestion ;) jmp room,nop room,xor room,polymorphic room,viral room,shell code room,x86 room,sparc room,31337 room.and goes on. The HTTP Code suggestion by Luc is very cool as well. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Schwarzenegger Has Trouble With Voting Computers: Already Voted? How many others?
On Wed, 09 Nov 2005 10:48:51 +0200, Jei said: The US elections are clearly invalid, even by the lowest banana-state standards. Why is no accountability taking place? Accountability is the one thing the current ruling cabal least wants. pgpLagSQQk09W.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Multiple security issues in TikiWiki 1.9.x
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SA0003 + +Multiple security issues in TikiWiki 1.9.x + + PUBLISHED ON Nov 09, 2005 PUBLISHED AT http://moritz-naumann.com/adv/0003/tikiw/0003.txt http://moritz-naumann.com/adv/0003/tikiw/0003.txt.sig PUBLISHED BY Moritz Naumann IT Consulting Services Hamburg, Germany http://moritz-naumann.com/ info AT moritz HYPHON naumann D0T com GPG key: http://moritz-naumann.com/keys/0x277F060C.asc AFFECTED APPLICATION OR SERVICE TikiWiki http://tikiwiki.org/ AFFECTED VERSION 1.9.x up to and including 1.9.2 Possibly versions 1.9 (untested) BACKGROUND Tikiwiki is a full featured Free Software (GNU/LGPL) Wiki/CMS/Groupware written in PHP and maintained by an active and international community of benevolent contributors. ISSUE 1 (XSS) A XSS vulnerability has been detected in the fora code of TikiWiki. The problem is caused by insufficient input sanitation. The following partial URL demonstrates the issue: [baseURL]/tiki-view_forum_thread.php?forumId=1comments_parentId=0topics_offset=10%22%20onmouseover='javascript:alert(document.title)%3B'%3E[PLEASE%20MOVE%20YOUR%20MOUSE%20POINTER%20HERE!]%20%3Cx%20y=%22 Please move your mouse pointer over the input field which says so. ISSUE 2 (Information Disclosure, possible SQL injection) The application discloses the installation path. This *may* also be useable to craft an SQL injection. The following partial URL demonstrates the issue: [baseURL]/tiki-view_forum_thread.php?forumId=1comments_parentId=0topics_sort_mode=FOOBAH WORKAROUND Issue 1: Disable Javascript (client) or deny access to TikiWiki (server). Issue 2: Set PHP to log errors to file only (issue 2). SOLUTIONS We are not aware of a maintainer provided fix. TIMELINE Oct 6, 2005: Maintainer informed Oct 6, 2005: First maintainer reply Oct 14, 2005: Request for additional information sent to maintainer [in between]: issues fixed on maintainer website Nov 09, 2005: Public disclosure REFERENCES Issue 1: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3528 Issue 2: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3529 ADDITIONAL CREDIT N/A LICENSE Creative Commons Attribution-ShareAlike License Germany http://creativecommons.org/licenses/by-sa/2.0/de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDcigMn6GkvSd/BgwRAnfxAJ93CwGPU6+bGrYrYSX4AoXcWmOerACfecUN b/XTfSxhrOl9eRV4GVBBINI= =DMEp -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Antville 1.1 Cross Site Scripting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SA0004 + + Antville 1.1 Cross Site Scripting + + PUBLISHED ON Nov 09, 2005 PUBLISHED AT http://moritz-naumann.com/adv/0004/antvxss/0004.txt http://moritz-naumann.com/adv/0004/antvxss/0004.txt.sig PUBLISHED BY Moritz Naumann IT Consulting Services Hamburg, Germany http://moritz-naumann.com/ info AT moritz HYPHON naumann D0T com GPG key: http://moritz-naumann.com/keys/0x277F060C.asc AFFECTED APPLICATION OR SERVICE Antville http://www.antville.org/ AFFECTED VERSION Version 1.1 Possibly versions 1.0 and lower (untested) BACKGROUND Everybody knows XSS. http://en.wikipedia.org/wiki/XSS http://www.cgisecurity.net/articles/xss-faq.shtml ISSUE A XSS vulnerability has been detected in Antville. The problem is caused by insufficient input sanitation. By making a victim visit a specially crafted URL, it is possible to inject client side scripting (such as Javascript) and HTML which will be executed/rendered in her browser. The following URL demonstrates this issue: [antville_basepath]/project/scriptalert('XSS');/script This may not be easily exploitable for cookie/session stealing attacks due to the IP address lock on the session. WORKAROUND Client: Disable Javascript. Server: Prevent access to the Antville installation. SOLUTIONS There does not seem to be a patch available. Our attempts to contact the developers were unsuccessful. TIMELINE Sep 19, 2005 Discovery Sep 19, 2005 Code maintainer notification Sep 29, 2005 Another code maintainer notification Nov 09, 2005 Public disclosure REFERENCES http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3530 ADDITIONAL CREDIT N/A LICENSE Creative Commons Attribution-ShareAlike License Germany http://creativecommons.org/licenses/by-sa/2.0/de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDcikon6GkvSd/BgwRAvgIAJ9T6KB39w9Hk3OcJ56I+F6lLRoKWACfTR2c dz7aukUAwcxTA5/q12mWrsA= =QLOX -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Todd Towles wrote: Crazy Frog wrote: Hi, i like todd's suggestion ;) jmp room,nop room,xor room,polymorphic room,viral room,shell code room,x86 room,sparc room,31337 room.and goes on. The HTTP Code suggestion by Luc is very cool as well Except the 302 room would be constantly moving around, 409 would always be booked, 404 would be hidden away somewhere you couldn't find it, and 410 just wouldn't exist! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Hi, Dave Ockwell-Jenner wrote: Except the 302 room would be constantly moving around, 409 would always be booked, 404 would be hidden away somewhere you couldn't find it, and 410 just wouldn't exist! Well, all important decisions are made in the elevator anyway[1], so why not assign it the 302? Simon [1] or in the sauna, if you're in Finland. signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Meeting Room Names
Hi I was asked to forward this anonymous reply to the list... Cheers - John - Forwarded message - To: 'John Cartwright' [EMAIL PROTECTED] Subject: RE: [Full-disclosure] Meeting Room Names Date: Thu, 10 Nov 2005 00:23:54 +0700 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luc Stroobant [...] Maybe HTTP status codes? [...] Luc 100 Continue Receptionist's Desk. 101 Switching Protocols I always knew there was something funny about that guy... 200 OK 201 Created 202 Accepted 203 Non-Authoritative Information Marketing. 204 No Content Still Marketing. 205 Reset Content 206 Partial Content CEO's Office 300 Multiple Choices Media Department. 301 Moved Permanently Masseuse. 302 Moved Temporarily Pinball Machine. 303 See Other 304 Not Modified Lazy Guy's Office. 305 Use Proxy 400 Bad Request Catholic Secretary. 401 Unauthorized Ladies Room in Programmers' Cube Jungle. 402 Payment Required Beer Room. 403 Forbidden Server Room. 404 Not Found Pool Room. 405 Method Not Allowed Hot Chick in Marketing who doesn't do that. 406 Not Acceptable 407 Proxy Authentication Required 408 Request Time-Out 409 Conflict Man, who has a wrestling ring? 410 Gone That guy's office who just got fired. 411 Length Required Hot Secretary's office 412 Precondition Failed 413 Request Entity Too Large Young Secretary's Office 414 Request-URL Too Large 415 Unsupported Media Type Aie! Karumba! 500 Server Error IT Department. 501 Not Implemented Network Security Department. 502 Bad Gateway 503 Out of Resources Finance. 504 Gateway Time-Out 505 HTTP Version not supported - End forwarded message - ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Meeting Room Names
One of my favorite movies, ever. And you owe me a keyboard, because I just shot Coke out of my nose. :) C -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of bkfsec Sent: Wednesday, November 09, 2005 8:33 AM To: Native.Code Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Meeting Room Names Native.Code wrote: Something not related to vulnerabilities you guys are requested to suggest names for our meeting rooms. We don't want to call them with sad names like Room A, Board Room etc. but something interesting. We work in IT security area like you. A room with which name will you like to have your meeting in? Well, if we're talking ideal... I'd like to see someone implement the names of the Hells references in Big Trouble in Little China... We'll meet in the Hell of Hanging Bodies today. OK, or check into a psycho ward, whichever comes first. -bkfsec ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [USN-151-4] rpm vulnerability
=== Ubuntu Security Notice USN-151-4 November 09, 2005 rpm vulnerability CVE-2005-1849, CVE-2005-2096 === A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: lsb-rpm The problem can be corrected by upgrading the affected package to version 4.0.4-28ubuntu2.1 (for Ubuntu 4.10), 4.0.4-29ubuntu1.1 (for Ubuntu 5.04), or 4.0.4-31ubuntu1.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since lsb-rpm is statically linked against the zlib library, it is also affected by these issues. The updated packagages have been rebuilt against the fixed zlib. Please note that lsb-rpm is not officially supported (it is in the universe component of the archive). Updated packages for Ubuntu 4.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1.diff.gz Size/MD5: 104152 3512e5a5982e80eec9c47097c1abcab0 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1.dsc Size/MD5: 743 75a216bf04376b2965fdc6f421da9117 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4.orig.tar.gz Size/MD5: 5865692 b0c3093d2f0d850760e59ac1db9bf152 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-28ubuntu2.1_amd64.deb Size/MD5: 484306 8d65173dc64656d07670eb76ef50c48c http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-28ubuntu2.1_amd64.deb Size/MD5: 382618 ab876104c24d65d40a42f4464b2cc2a4 http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-28ubuntu2.1_amd64.deb Size/MD5: 879240 1e904758215537cb71185114d2d2fdce http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1_amd64.deb Size/MD5: 519706 be983d50f61cfd0260617aa1a5364686 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-28ubuntu2.1_i386.deb Size/MD5: 437176 6b366219315af863fbdaea691badc6e1 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-28ubuntu2.1_i386.deb Size/MD5: 359618 b395c5dc497897b59e64d389b0f06060 http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-28ubuntu2.1_i386.deb Size/MD5: 815882 f4c442e7de8efd84c6f649debcd34200 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1_i386.deb Size/MD5: 516424 a16cc0c0303275537df571a683b48c61 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-28ubuntu2.1_powerpc.deb Size/MD5: 509710 89a59a25b06bd82d9b279ce44bff12b5 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-28ubuntu2.1_powerpc.deb Size/MD5: 386056 3f02d5ed65df1a5924d0b58f61966e03 http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-28ubuntu2.1_powerpc.deb Size/MD5: 906620 b81695bb99a459690415851b704016b8 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1_powerpc.deb Size/MD5: 525366 8a6775242836a0ff0f031508a9b7f1f6 Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1.diff.gz Size/MD5: 104605 ded8ebf7a2e2f17f3c73eb761b2e688d http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1.dsc Size/MD5: 743 6cc9d90aa7fc16b8f4b4bc0943e0999c http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4.orig.tar.gz Size/MD5: 5865692 b0c3093d2f0d850760e59ac1db9bf152 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-29ubuntu1.1_amd64.deb Size/MD5: 484510 031b93a22f11539c77bdde4c7a7fd942 http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-29ubuntu1.1_amd64.deb Size/MD5: 382960 f3d2183092c18d4d955dc9f47b8bfd85 http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-29ubuntu1.1_amd64.deb Size/MD5: 917666 fbed813e6386fb855bad364297231dcd http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1_amd64.deb Size/MD5: 246620 0d4597422332fe23e596e6843399d5a2 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-29ubuntu1.1_i386.deb Size/MD5: 437506 c9d45c2c612849165cb24c4a696b2d99
Re: [Full-disclosure] Meeting Room Names
Native.Code wrote: We work in IT security area like you. A room with which name will you like to have your meeting in? Not as good as some of the other suggestions, but... I would call the largest meetibng room maddog Hall. Best regards, Martin Stricker -- Homepage: http://www.martin-stricker.de/ Webmaster-Forum: http://www.masterportal24.com/forum/ Red Hat Linux FedoraCore3 for low memory: http://www.rule-project.org/ Registered Linux user #210635: http://counter.li.org/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
- Original Message - From: Martin Stricker [EMAIL PROTECTED] To: full-disclosure@lists.grok.org.uk Sent: Thursday, November 10, 2005 7:01 AM Subject: Re: [Full-disclosure] Meeting Room Names Native.Code wrote: We work in IT security area like you. A room with which name will you like to have your meeting in? Not as good as some of the other suggestions, but... I would call the largest meetibng room maddog Hall. May I also suggest a room that you have to which all hawkers, canvassers, street salesman can go and answer the phones from phone sales people? Call the room Spam. Greg. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Meeting Room Names
Pff all geez names , name it 'class101' , it 0wnz ! :D -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Dave Ockwell-Jenner Envoyé : mercredi 9 novembre 2005 18:25 À : Todd Towles Cc : full-disclosure@lists.grok.org.uk Objet : Re: [Full-disclosure] Meeting Room Names Todd Towles wrote: Crazy Frog wrote: Hi, i like todd's suggestion ;) jmp room,nop room,xor room,polymorphic room,viral room,shell code room,x86 room,sparc room,31337 room.and goes on. The HTTP Code suggestion by Luc is very cool as well Except the 302 room would be constantly moving around, 409 would always be booked, 404 would be hidden away somewhere you couldn't find it, and 410 just wouldn't exist! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [FLSA-2005:166941] Updated httpd and mod_ssl packages fix two security issues
- Fedora Legacy Update Advisory Synopsis: Updated httpd and mod_ssl packages fix two security issues Advisory ID: FLSA:166941 Issue date:2005-11-09 Product: Red Hat Linux, Fedora Core Keywords: Bugfix CVE Names: CVE-2005-2700 CVE-2005-2728 - - 1. Topic: Updated mod_ssl and Apache httpd packages that correct two security issues are now available. The Apache HTTP Server is a popular and freely-available Web server. The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. 2. Relevant releases/architectures: Red Hat Linux 7.3 - i386 Red Hat Linux 9 - i386 Fedora Core 1 - i386 Fedora Core 2 - i386 3. Problem description: A flaw was discovered in mod_ssl's handling of the SSLVerifyClient directive. This flaw occurs if a virtual host is configured using SSLVerifyClient optional and a directive SSLVerifyClient required is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2700 to this issue. A flaw was discovered in Apache httpd where the byterange filter would buffer certain responses into memory. If a server has a dynamic resource such as a CGI script or PHP script that generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service. (CVE-2005-2728) Users of mod_ssl and Apache httpd should update to these errata packages that contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue: yum update or to use apt: apt-get update; apt-get upgrade This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs for directions on how to configure yum and apt-get. 5. Bug IDs fixed: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166941 6. RPMs required: Red Hat Linux 7.3: SRPM: http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/mod_ssl-2.8.12-8.legacy.src.rpm i386: http://download.fedoralegacy.org/redhat/7.3/updates/i386/mod_ssl-2.8.12-8.legacy.i386.rpm Red Hat Linux 9: SRPM: http://download.fedoralegacy.org/redhat/9/updates/SRPMS/httpd-2.0.40-21.20.legacy.src.rpm i386: http://download.fedoralegacy.org/redhat/9/updates/i386/httpd-2.0.40-21.20.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/httpd-devel-2.0.40-21.20.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/httpd-manual-2.0.40-21.20.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/mod_ssl-2.0.40-21.20.legacy.i386.rpm Fedora Core 1: SRPM: http://download.fedoralegacy.org/fedora/1/updates/SRPMS/httpd-2.0.51-1.9.legacy.src.rpm i386: http://download.fedoralegacy.org/fedora/1/updates/i386/httpd-2.0.51-1.9.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/httpd-devel-2.0.51-1.9.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/httpd-manual-2.0.51-1.9.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/mod_ssl-2.0.51-1.9.legacy.i386.rpm Fedora Core 2: SRPM: http://download.fedoralegacy.org/fedora/2/updates/SRPMS/httpd-2.0.51-2.9.4.legacy.src.rpm i386: http://download.fedoralegacy.org/fedora/2/updates/i386/httpd-2.0.51-2.9.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/httpd-devel-2.0.51-2.9.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/httpd-manual-2.0.51-2.9.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/mod_ssl-2.0.51-2.9.4.legacy.i386.rpm 7. Verification: SHA1 sum Package Name -
[Full-disclosure] MDKSA-2005:207 - Updated libungif packages fix various vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:207 http://www.mandriva.com/security/ ___ Package : libungif Date: November 9, 2005 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0 ___ Problem Description: Several bugs have been discovered in the way libungif decodes GIF images. These allow an attacker to create a carefully crafted GIF image file in such a way that it could cause applications linked with libungif to crash or execute arbitrary code when the file is opened by the user. The updated packages have been patched to address this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2974 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3350 ___ Updated Packages: Mandriva Linux 10.1: 7572b3ed1c8846b63e4cfe1b8894a32f 10.1/RPMS/libungif4-4.1.2-2.1.101mdk.i586.rpm 82bd5a5c751e078763c81220da64c423 10.1/RPMS/libungif4-devel-4.1.2-2.1.101mdk.i586.rpm d6d48523f5e06df65ec15baa1bf2bddb 10.1/RPMS/libungif4-static-devel-4.1.2-2.1.101mdk.i586.rpm c76166c5d8c0e9810a00eb0f43933fe2 10.1/RPMS/libungif-progs-4.1.2-2.1.101mdk.i586.rpm 37ddb151c6110d637ed6a98e198a1e53 10.1/SRPMS/libungif-4.1.2-2.1.101mdk.src.rpm Mandriva Linux 10.1/X86_64: a47d1d8f03418e916294fa5713143150 x86_64/10.1/RPMS/lib64ungif4-4.1.2-2.1.101mdk.x86_64.rpm eb9d79c3243fe189c0093bff6ea2fd35 x86_64/10.1/RPMS/lib64ungif4-devel-4.1.2-2.1.101mdk.x86_64.rpm 0f9a3c70ea330841b2449cc21a604d8c x86_64/10.1/RPMS/lib64ungif4-static-devel-4.1.2-2.1.101mdk.x86_64.rpm 303c855118c6cd38dcd7419896e4c913 x86_64/10.1/RPMS/libungif-progs-4.1.2-2.1.101mdk.x86_64.rpm 37ddb151c6110d637ed6a98e198a1e53 x86_64/10.1/SRPMS/libungif-4.1.2-2.1.101mdk.src.rpm Mandriva Linux 10.2: ebf8f6eb09d3114f9a761cc7f52cd8bb 10.2/RPMS/libungif4-4.1.3-1.1.102mdk.i586.rpm 88ae8d5c2248985eba52680873759f11 10.2/RPMS/libungif4-devel-4.1.3-1.1.102mdk.i586.rpm 3eca46cddca2d15bee06f5109cf5e287 10.2/RPMS/libungif4-static-devel-4.1.3-1.1.102mdk.i586.rpm 8586b759a2a6fafba49f29e23e4dae13 10.2/RPMS/libungif-progs-4.1.3-1.1.102mdk.i586.rpm ae1821c6f0cb57991206c287bef87211 10.2/SRPMS/libungif-4.1.3-1.1.102mdk.src.rpm Mandriva Linux 10.2/X86_64: 4f64cf649de6ccf2e0343b3aae2157c5 x86_64/10.2/RPMS/lib64ungif4-4.1.3-1.1.102mdk.x86_64.rpm 69a3ea4a02abbdbba26977a1ed1f3392 x86_64/10.2/RPMS/lib64ungif4-devel-4.1.3-1.1.102mdk.x86_64.rpm bd7441f6648425731a453c58b4b9cc63 x86_64/10.2/RPMS/lib64ungif4-static-devel-4.1.3-1.1.102mdk.x86_64.rpm 5a91547614f3716d7f8dd9bfdbc3fb6c x86_64/10.2/RPMS/libungif-progs-4.1.3-1.1.102mdk.x86_64.rpm ae1821c6f0cb57991206c287bef87211 x86_64/10.2/SRPMS/libungif-4.1.3-1.1.102mdk.src.rpm Mandriva Linux 2006.0: 24070dfd47ec6b55a64debfd348d9711 2006.0/RPMS/libungif4-4.1.3-1.1.20060mdk.i586.rpm ce86d6f15aebb0f7c9a772f60414fa0f 2006.0/RPMS/libungif4-devel-4.1.3-1.1.20060mdk.i586.rpm 48fcbd7ac7f0463db1c031dca381c79b 2006.0/RPMS/libungif4-static-devel-4.1.3-1.1.20060mdk.i586.rpm 62edb8465eece3bf2d52a44d7cdaf870 2006.0/RPMS/libungif-progs-4.1.3-1.1.20060mdk.i586.rpm 377b356f789805ffd30b75620681df31 2006.0/SRPMS/libungif-4.1.3-1.1.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: 8a1c2fdc518a898d1638f162dbcf0129 x86_64/2006.0/RPMS/lib64ungif4-4.1.3-1.1.20060mdk.x86_64.rpm 76150147149dbce7c1b6ea990f7bc737 x86_64/2006.0/RPMS/lib64ungif4-devel-4.1.3-1.1.20060mdk.x86_64.rpm 3fb2d95c03cb31ffd41d86786d3471a8 x86_64/2006.0/RPMS/lib64ungif4-static-devel-4.1.3-1.1.20060mdk.x86_64.rpm 775f7f489b5c289ffcdfe5bf005c4131 x86_64/2006.0/RPMS/libungif-progs-4.1.3-1.1.20060mdk.x86_64.rpm 377b356f789805ffd30b75620681df31 x86_64/2006.0/SRPMS/libungif-4.1.3-1.1.20060mdk.src.rpm Corporate Server 2.1: 936ee3114e416984e4aba756608a2802 corporate/2.1/RPMS/libungif4-4.1.0-19.1.C21mdk.i586.rpm f76d4814f118ca630bfdf44998d9d49d corporate/2.1/RPMS/libungif4-devel-4.1.0-19.1.C21mdk.i586.rpm fc5532eea180d6c31c0a9e41f2f2b5c9 corporate/2.1/RPMS/libungif4-static-devel-4.1.0-19.1.C21mdk.i586.rpm b00eb0db117e0873d9e3727d8623019d corporate/2.1/SRPMS/libungif-4.1.0-19.1.C21mdk.src.rpm Corporate Server 2.1/X86_64: b949a414676df894beff1f0bbd1cf8dd x86_64/corporate/2.1/RPMS/libungif4-4.1.0-19.1.C21mdk.x86_64.rpm d688a956b50e58a390da4638c8d8552b x86_64/corporate/2.1/RPMS/libungif4-devel-4.1.0-19.1.C21mdk.x86_64.rpm d4b4ae8c4fbab006e11f732da4e94072 x86_64/corporate/2.1/RPMS/libungif4-static-devel-4.1.0-19.1.C21mdk.x86_64.rpm b00eb0db117e0873d9e3727d8623019d x86_64/corporate/2.1/SRPMS/libungif-4.1.0-19.1.C21mdk.src.rpm Corporate 3.0:
[Full-disclosure] MDKSA-2005:208 - Updated emacs packages fix Lisp vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:208 http://www.mandriva.com/security/ ___ Package : emacs Date: November 9, 2005 Affected: Corporate 2.1 ___ Problem Description: Emacs 21.2 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user- complicit attackers to execute arbitrary commands, as demonstrated using the mode-name variable. The packages have been updated to version 21.3 to correct the problem. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232 ___ Updated Packages: Corporate Server 2.1: 48dc24e034b8091dcf425692e3063313 corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.i586.rpm 2719f8131f4d22cb331e1d9139a5469a corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.i586.rpm 72083c11973082f333e77ab8517ef39d corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.i586.rpm c08f09ad0fc94583508edd3ba2706743 corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.i586.rpm 6e6c749452b93361b17270ec94a55f4a corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.i586.rpm 6a8ed9e75840c8af8c5e498daaa04167 corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm Corporate Server 2.1/X86_64: 63f47c94136bff5fd82f4486dbef173d x86_64/corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.x86_64.rpm ea4d960602af4c4f1e7a3899aacbfc38 x86_64/corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.x86_64.rpm 9406e42241f55358662ca7c11afbfbe5 x86_64/corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.x86_64.rpm 37436bb462c3680e88faf06a8fb71dd7 x86_64/corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.x86_64.rpm 963f81f300e17c4b72999e146be5f772 x86_64/corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.x86_64.rpm 6a8ed9e75840c8af8c5e498daaa04167 x86_64/corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFDcnJvmqjQ0CJFipgRAluEAJ9L1DMaYAPBpjahC49cWqS1eapENQCePSJo 15EH7mwQZZDnCwfXGIyb/T8= =KrT/ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] MDKSA-2005:209 - Updated fetchmail packages fixes fetchmailconf vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:209 http://www.mandriva.com/security/ ___ Package : fetchmail Date: November 9, 2005 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0 ___ Problem Description: Thomas Wolff and Miloslav Trmac discovered a race condition in the fetchmailconf program. fetchmailconf would create the initial output configuration file with insecure permissions and only after writing would it change permissions to be more restrictive. During that time, passwords and other data could be exposed to other users on the system unless the user used a more restrictive umask setting. As well, the Mandriva Linux 2006 packages did not contain the patch that corrected the issues fixed in MDKSA-2005:126, namely a buffer overflow in fetchmail's POP3 client (CAN-2005-2355). The updated packages have been patched to address this issue, and the Mandriva 2006 packages have also been patched to correct CAN-2005-2355. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2355 ___ Updated Packages: Mandriva Linux 10.1: de0b7fb59640e490441fe4a48d11954d 10.1/RPMS/fetchmail-6.2.5-5.2.101mdk.i586.rpm 84c6cb9619cb5b4ef74ade674845f51e 10.1/RPMS/fetchmailconf-6.2.5-5.2.101mdk.i586.rpm 1f0b8136bcd4caeae75542ff54d78371 10.1/RPMS/fetchmail-daemon-6.2.5-5.2.101mdk.i586.rpm e9309094431f4983fad035cbc1eb566b 10.1/SRPMS/fetchmail-6.2.5-5.2.101mdk.src.rpm Mandriva Linux 10.1/X86_64: 32720e7378b6b85ae3a1287d5ff558e3 x86_64/10.1/RPMS/fetchmail-6.2.5-5.2.101mdk.x86_64.rpm c46469b4d83446e861b8db3b54c60f6d x86_64/10.1/RPMS/fetchmailconf-6.2.5-5.2.101mdk.x86_64.rpm 5ea98645d8fd15f30c7060576d220518 x86_64/10.1/RPMS/fetchmail-daemon-6.2.5-5.2.101mdk.x86_64.rpm e9309094431f4983fad035cbc1eb566b x86_64/10.1/SRPMS/fetchmail-6.2.5-5.2.101mdk.src.rpm Mandriva Linux 10.2: 59614bb2b9bd76c93300d3459bd908e8 10.2/RPMS/fetchmail-6.2.5-10.3.102mdk.i586.rpm 096f60340d1d71ea15290534a5b1cfc9 10.2/RPMS/fetchmailconf-6.2.5-10.3.102mdk.i586.rpm c40c436ab5751c4599caefc8cd28940f 10.2/RPMS/fetchmail-daemon-6.2.5-10.3.102mdk.i586.rpm 1a7299f4d74a9d0aa89ce25871644616 10.2/SRPMS/fetchmail-6.2.5-10.3.102mdk.src.rpm Mandriva Linux 10.2/X86_64: f9290067e4f4e039753d3b6e7eead02d x86_64/10.2/RPMS/fetchmail-6.2.5-10.3.102mdk.x86_64.rpm 813f46e3d0d3413b4b4c5122b5ff8bfc x86_64/10.2/RPMS/fetchmailconf-6.2.5-10.3.102mdk.x86_64.rpm 820953daf6e6c69f58a1e3380cb60369 x86_64/10.2/RPMS/fetchmail-daemon-6.2.5-10.3.102mdk.x86_64.rpm 1a7299f4d74a9d0aa89ce25871644616 x86_64/10.2/SRPMS/fetchmail-6.2.5-10.3.102mdk.src.rpm Mandriva Linux 2006.0: b11365c74030b1075435ce6c9e0bda88 2006.0/RPMS/fetchmail-6.2.5-11.1.20060mdk.i586.rpm f24c20a001b8df396355bae70166c051 2006.0/RPMS/fetchmailconf-6.2.5-11.1.20060mdk.i586.rpm 0d86053a3e69cd9bbf772664eec6236c 2006.0/RPMS/fetchmail-daemon-6.2.5-11.1.20060mdk.i586.rpm 5781cf14f33e52da296bb4b89f811812 2006.0/SRPMS/fetchmail-6.2.5-11.1.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: dd6f3321e9ff2f6b767c9c2940c0379a x86_64/2006.0/RPMS/fetchmail-6.2.5-11.1.20060mdk.x86_64.rpm 4400d9a3f5e6489bfd40c3185d98970a x86_64/2006.0/RPMS/fetchmailconf-6.2.5-11.1.20060mdk.x86_64.rpm 3b62ae9bcc9fbaa14198b898774b7cec x86_64/2006.0/RPMS/fetchmail-daemon-6.2.5-11.1.20060mdk.x86_64.rpm 5781cf14f33e52da296bb4b89f811812 x86_64/2006.0/SRPMS/fetchmail-6.2.5-11.1.20060mdk.src.rpm Corporate Server 2.1: ce7a54747ca8339473335f6b588bc5ce corporate/2.1/RPMS/fetchmail-6.1.0-1.4.C21mdk.i586.rpm 7b44a889fef845ae5db3290dc9b866c9 corporate/2.1/RPMS/fetchmailconf-6.1.0-1.4.C21mdk.i586.rpm 73d527b67a4854fcf9fe9e8b27232fbe corporate/2.1/RPMS/fetchmail-daemon-6.1.0-1.4.C21mdk.i586.rpm 2a20268d079b94fbadafd29c3253504f corporate/2.1/SRPMS/fetchmail-6.1.0-1.4.C21mdk.src.rpm Corporate Server 2.1/X86_64: 173c6aeda81987ac1820ea7865ca1942 x86_64/corporate/2.1/RPMS/fetchmail-6.1.0-1.4.C21mdk.x86_64.rpm 9624c2cf97df1588c14a3048899b571a x86_64/corporate/2.1/RPMS/fetchmailconf-6.1.0-1.4.C21mdk.x86_64.rpm e8922f5da70e12576c9feac6d5998913 x86_64/corporate/2.1/RPMS/fetchmail-daemon-6.1.0-1.4.C21mdk.x86_64.rpm 2a20268d079b94fbadafd29c3253504f x86_64/corporate/2.1/SRPMS/fetchmail-6.1.0-1.4.C21mdk.src.rpm Corporate 3.0: 03913f6670b6de3b9e1c45e35ae0a186 corporate/3.0/RPMS/fetchmail-6.2.5-3.2.C30mdk.i586.rpm fb46ec776a21f713f6fde14b575d5628 corporate/3.0/RPMS/fetchmailconf-6.2.5-3.2.C30mdk.i586.rpm ded6e5340284869543be18b5b971be76
[Full-disclosure] MDKSA-2005:210 - Updated w3c-libwww packages fixes DoS vulnerability.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:210 http://www.mandriva.com/security/ ___ Package : w3c-libwww Date: November 9, 2005 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0 ___ Problem Description: Sam Varshavchik discovered the HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. The updated packages have been patched to address this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3183 ___ Updated Packages: Mandriva Linux 10.1: 0028a9950c115d5d12bfbee15c9a1faf 10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.i586.rpm 4a3be6811dd6d050d0d71b19529a3981 10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.i586.rpm fce977cbc39a6bb745fe2be4735894d6 10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.i586.rpm 970c882bb1726148859331e261b7decc 10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm Mandriva Linux 10.1/X86_64: 230dab77e0420b4b5e71621f7aa4bb03 x86_64/10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.x86_64.rpm 79a88076028dc9f67143b18f469bcfe7 x86_64/10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.x86_64.rpm 9a593f8e9c24188e67d99d0f0cfefccd x86_64/10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.x86_64.rpm 970c882bb1726148859331e261b7decc x86_64/10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm Mandriva Linux 10.2: dedea2c8f6044a7e8e926dec7aacb7b6 10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.i586.rpm a23c0a0492d5e3283f2ba1f5011ac6e0 10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.i586.rpm 58a644897fa5b4bd4758f1fd796b333f 10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.i586.rpm 6325ed733dd1288eed4b7cadd761efb4 10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm Mandriva Linux 10.2/X86_64: a9eb35e0a8911a6d0f4ca62835ccf11b x86_64/10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.x86_64.rpm 2bf2c665aa0457e3fd4477bf3bc420ed x86_64/10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.x86_64.rpm a32352084a5e6b4e596149e9f70b2e0e x86_64/10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.x86_64.rpm 6325ed733dd1288eed4b7cadd761efb4 x86_64/10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm Mandriva Linux 2006.0: 90a6b76b0348b44b0e27bea010b4eb49 2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.i586.rpm c3110ef8841c42bca06d7bec5a735dfc 2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.i586.rpm 3ce9cb49c20992d28dbcef5279320a2e 2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.i586.rpm aa2513983ebff77a377f050a03f0f709 2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: 211a4e31b787234053b57a98649ba4dd x86_64/2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.x86_64.rpm 3202bdeae1f581a5bd96ac36c3fc9343 x86_64/2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.x86_64.rpm 3b38bfd1666b8a7f2ee06279b8bc9c02 x86_64/2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.x86_64.rpm aa2513983ebff77a377f050a03f0f709 x86_64/2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm Corporate Server 2.1: 7a89ba5572926683e96c33e77f3ac90c corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.i586.rpm d6bae42a8ce8464b5939768a8db0984b corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.i586.rpm 94fc975b58d69415229a07c72208d68b corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.i586.rpm 658ef36b9237c32c8b8b2242d784b649 corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm Corporate Server 2.1/X86_64: 79b5a6c4cb509f8006d3ec99632f2ad6 x86_64/corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.x86_64.rpm b094ee750ad39cbb3ca4a3cbd8691e4b x86_64/corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.x86_64.rpm 703d42ad6034c04f67965ce7c7d85c68 x86_64/corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.x86_64.rpm 658ef36b9237c32c8b8b2242d784b649 x86_64/corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm Corporate 3.0: 694c85995c941cdba2192fe97e5ec059 corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.i586.rpm 19f8b7186d1a89b35e09e361ef886b71 corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.i586.rpm 2bc46f631fbaa3c76c34d68379a98a1d corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.i586.rpm fbcc5c240ba9a1393630d104348b8f0d corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm Corporate 3.0/X86_64: 4338a82df1ad722c4db049093c2ce40e x86_64/corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.x86_64.rpm 1b0b167065556a599eb495a7bded51d1 x86_64/corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.x86_64.rpm 979feebbff0b283e480d223332369cbd
Re: [Full-disclosure] Meeting Room Names
Call it Room 1, Room 10, Room 11, Room 100 and so on :-) On Wednesday 09 November 2005 08:08, Native.Code wrote: We don't want to call them with sad names like Room A, Board Room etc. but something interesting. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Or even better letstalkaboutitofflist1 and takeittoyourprivateinbox2 -KF Marlon Jabbur wrote: Call it Room 1, Room 10, Room 11, Room 100 and so on :-) On Wednesday 09 November 2005 08:08, Native.Code wrote: We don't want to call them with sad names like Room A, Board Room etc. but something interesting. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Thanks all for cool ideas! I kind of like HTTP status codes and Microsoft product codenames. But still did not get any perfect choices. Please keep the choices coming! How about names which sound in same rank of Dungeon? Feel free to use your non-IT creativity as well! Thanks a lot again. On 11/10/05, KF (lists) [EMAIL PROTECTED] wrote: Or even betterletstalkaboutitofflist1 and takeittoyourprivateinbox2-KFMarlon Jabbur wrote: Call it Room 1, Room 10, Room 11, Room 100 and so on :-)On Wednesday 09 November 2005 08:08, Native.Code wrote:We don't want to call them with sad names likeRoom A, Board Room etc. but something interesting. ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/___Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
Native.Code wrote: Thanks all for cool ideas! I kind of like HTTP status codes and Microsoft product codenames. But still did not get any perfect choices. Please keep the choices coming! Yeah please keep em comming to HIM off list... How about names which sound in same rank of Dungeon? Feel free to use your non-IT creativity as well! Feel free to mail him directly at [EMAIL PROTECTED] Thanks a lot again. No problem... thanks for playing. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Meeting Room Names
Although some of the responses were quite humorous, and I love a good laugh, it is a little annoying to see half of my security mailing list folder being filled with chat about room names. I have to agree with KF (lists) on this one. Let's keep that talk private now. Kind regards, Paul Greyhats Security http://greyhatsecurity.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of KF (lists) Sent: Thursday, November 10, 2005 12:15 AM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Meeting Room Names Native.Code wrote: Thanks all for cool ideas! I kind of like HTTP status codes and Microsoft product codenames. But still did not get any perfect choices. Please keep the choices coming! Yeah please keep em comming to HIM off list... How about names which sound in same rank of Dungeon? Feel free to use your non-IT creativity as well! Feel free to mail him directly at [EMAIL PROTECTED] Thanks a lot again. No problem... thanks for playing. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 11/8/2005 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 11/8/2005 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Meeting Room Names
No problem... thanks for playing. -KF Get a client that supports threading? I just see one thread that I can read or not or KF/Filter out if it really annoys me. I don't see the problem. Treat unmoderated mailing lists like Usenet...they are on about the same level anyway. Cheers -- Gareth Davies - BS7799 LA, OPST Manager - Security Practice Network Security Solutions MSC Sdn. Bhd. Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara, Mont’ Kiara, 50480 Kuala Lumpur, Malaysia Phone: +603-6203 5303 or +603-6203 5920 www.mynetsec.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 892-1] New awstats packages fix arbitrary command execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 892-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 10th, 2005 http://www.debian.org/security/faq - -- Package: awstats Vulnerability : missing input sanitising Problem type : remote Debian-specific: no CVE ID : CVE-2005-1527 Debian Bugs: 322591 334833 336137 Peter Vreugdenhil discovered that awstats, a featureful web server log analyser, passes user-supplied data to an eval() function, allowing remote attackers to execute arbitrary Perl commands. The old stable distribution (woody) is not affected by this problem. For the stable distribution (sarge) this problem has been fixed in version 6.4-1sarge1. For the unstable distribution (sid) this problem has been fixed in version 6.4-1.1. We recommend that you upgrade your awstats package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/a/awstats/awstats_6.4.orig.tar.gz Size/MD5 checksum: 918435 056e6fb0c7351b17fe5bbbe0aa1297b1 http://security.debian.org/pool/updates/main/a/awstats/awstats_6.4-1sarge1.diff.gz Size/MD5 checksum:18257 c4efeefcab00fdda3c53e74e32cc0aab http://security.debian.org/pool/updates/main/a/awstats/awstats_6.4-1sarge1.dsc Size/MD5 checksum: 589 82449cbf170952a0e5d31648c7943656 Architecture independent components: http://security.debian.org/pool/updates/main/a/awstats/awstats_6.4-1sarge1_all.deb Size/MD5 checksum: 728430 ed12fcb3a2a00b4f440dc9091a2ca78d These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDcuRYW5ql+IAeqTIRAlfnAJ0WahQE1kRNSilokGWU5MXTcnOcaQCghghk 5+N1s9KwAkrGb8gPDqeBvcg= =EuMT -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [FS-05-01] Multiple vulnerabilities in phpAdsNew
_ Security Advisory _ http://www.fitsec.com/advisories _ Severity: Low/Medium Title: Multiple vulnerabilities in phpAdsNew Date: 10.11.2005 ID: FS-05-01 Author: Toni Koivunen (toni.koivunen (at) fitsec.com) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis: phpAdsNew has a path disclosure vulnerability which allows a potential attacker to learn the path where phpAdsNew is installed Background: phpAdsNew is a banner management and tracking system written in PHP. Affected versions: Atleast 2.0.6, most likely others versions also. Description: Vuln 1: Full Path Disclosure in create.php If user can access the misc/revisions/create.php, the script will echo the whole installation path to the user: Starting scan at /var/www/mysite/html/ads If the revision script completes successfully, the user can then try to access libraries/defaults/revisions.txt, which will then reveal all files and their revisions and hashes, thus furthermore revealing all files that have been manually modified by the site admin. The revisions.txt will also reveal any file that has been added under the installation tree, unless it's hidden (starts with '.') Vuln 2: Full Path Disclosures in the following files (Just by accessing with browser) admin/lib-updates.inc.php admin/lib-targetstats.inc.php admin/lib-size.inc.php admin/lib-misc-stats.inc.php admin/lib-hourly-hosts.inc.php admin/lib-hourly.inc.php admin/lib-history.inc.php admin/graph-daily.php Vuln 3: SQL-injection in logout.php / lib-sessions.inc.php phpAdsNew doesn't properly validate the sessionID it receives from cookie when it tries to log out the user. And it doesn't even check if the user if really logged in in the first place, thus allowing unauthorized users to feed data into the SQL-query that's supposed to clean the phpads_session -table. Take into note though that this requires magic_quotes_gpc to be off. Impact: A remote attacker could exploit this to learn installation paths on server, as well as to locate new files and possible manually modified files. If magic_quotes_gpc is off, a remote attacker can also compromise the integrity of the database. Solution: Update to the newest version Acknowledgements: To the community at dievo.org, keep it up :) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 804-2] New kdelibs packages fix backup file information leak
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 804-2 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 10th, 2005 http://www.debian.org/security/faq - -- Package: kdelibs Vulnerability : insecure permissions Problem-Type : local Debian-specific: no CVE ID : CAN-2005-1920 Lennert Buytenhek discoverd that that patch to cure this information leak was only included but not applied, hence, this update. For completeness we're copying the original advisory text: KDE developers have reported a vulnerability in the backup file handling of Kate and Kwrite. The backup files are created with default permissions, even if the original file had more strict permissions set. This could disclose information unintendedly. For the stable distribution (sarge) this problem has been fixed in version 3.3.2-6.3. For the unstable distribution (sid) these problems have been fixed in version 3.4.1-1. We recommend that you upgrade your kate package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_3.3.2-6.3.dsc Size/MD5 checksum: 1255 4cc793318c704d5f1cb868030981ff57 http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_3.3.2-6.3.diff.gz Size/MD5 checksum: 404229 e920360631a76024156c41be8b0d2d8f http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_3.3.2.orig.tar.gz Size/MD5 checksum: 18250342 04f10ddfa8bf9e359f391012806edc04 Architecture independent components: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-data_3.3.2-6.3_all.deb Size/MD5 checksum: 7094534 d789cc4683b501ad590346c23910be9e http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4-doc_3.3.2-6.3_all.deb Size/MD5 checksum: 11535490 2dd64157788a25339fb308b66458dfc4 http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_3.3.2-6.3_all.deb Size/MD5 checksum:27830 8d7466f5b7749c403f8391250ac758c2 Alpha architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-bin_3.3.2-6.3_alpha.deb Size/MD5 checksum: 995196 5f9857ea5b00a14e6cc354b9768fceb1 http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4_3.3.2-6.3_alpha.deb Size/MD5 checksum: 9283662 ed728107ba0e7de7540fa3dcc46b477a http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4-dev_3.3.2-6.3_alpha.deb Size/MD5 checksum: 1245858 65320a7b96a6be3dfbcca9c318e708e5 AMD64 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-bin_3.3.2-6.3_amd64.deb Size/MD5 checksum: 923188 5a528318ef92909773877e2ee983a4d5 http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4_3.3.2-6.3_amd64.deb Size/MD5 checksum: 8514424 40d7c81a90bbea20c226dab00cd3342c http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4-dev_3.3.2-6.3_amd64.deb Size/MD5 checksum: 1241540 2811001f5f19093f5fe551199b91fe41 ARM architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-bin_3.3.2-6.3_arm.deb Size/MD5 checksum: 810844 39cab7f30f96450c373f32ca334967a9 http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4_3.3.2-6.3_arm.deb Size/MD5 checksum: 7595134 60546b0285bf8e894834870adaf13ecf http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4-dev_3.3.2-6.3_arm.deb Size/MD5 checksum: 1239196 1bdb9ee72fb2f76fee68d72861f496ca Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-bin_3.3.2-6.3_i386.deb Size/MD5 checksum: 863314 15c9af4d49acd3c3a379e3182199242a http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4_3.3.2-6.3_i386.deb Size/MD5 checksum: 8203078 fd52873f261beda4c1555322bdd87d9e http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs4-dev_3.3.2-6.3_i386.deb Size/MD5 checksum: 1239110 bce6dd6e7e1d15a4c88f7d8eeff9506e Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-bin_3.3.2-6.3_ia64.deb Size/MD5 checksum: 1148358 1a0c4d409176aa931f06bfaa8b341232