Operating System:

[RedHat]

Published:

31 March 2005

Protect yourself against future threats.

//Service

Phishing Take-Down

Drawing on our strong international CERT relationships we have a high success rate in delivering phishing take-downs.

Read more
Resources > Security Bulletins > ESB-2005.0258 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                     ESB-2005.0258 -- RHSA-2005:330-01
                      Important: krb5 security update
                               31 March 2005

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           krb5
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux AS/ES/WS 4
                   Red Hat Desktop version 4
                   Red Hat Enterprise Linux AS/ES/WS 3
                   Red Hat Desktop version 3
                   Red Hat Enterprise Linux AS/ES/WS 2.1
                   Red Hat Linux Advanced Workstation 2.1
Impact:            Execute Arbitrary Code/Commands
Access:            Remote/Unauthenticated
CVE Names:         CAN-2005-0469 CAN-2005-0468

Ref:               ESB-2005.0244

Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-330.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: krb5 security update
Advisory ID:       RHSA-2005:330-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-330.html
Issue date:        2005-03-30
Updated on:        2005-03-30
Product:           Red Hat Enterprise Linux
Keywords:          telnet
CVE Names:         CAN-2005-0468 CAN-2005-0469
- - ---------------------------------------------------------------------

1. Summary:

Updated krb5 packages which fix two buffer overflow vulnerabilities in the
included Kerberos-aware telnet client are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Kerberos is a networked authentication system which uses a trusted third
party (a KDC) to authenticate clients and servers to each other.

The krb5-workstation package includes a Kerberos-aware telnet client. 
Two buffer overflow flaws were discovered in the way the telnet client
handles messages from a server.  An attacker may be able to execute
arbitrary code on a victim's machine if the victim can be tricked into
connecting to a malicious telnet server. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and
CAN-2005-0469 to these issues.

Users of krb5 should update to these erratum packages which contain a
backported patch to correct this issue.

Red Hat would like to thank iDEFENSE for their responsible disclosure of
this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

151267 - 

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/krb5-1.2.2-34.src.rpm
d76d469166a335ebdbd60c201280114e  krb5-1.2.2-34.src.rpm

i386:
5a864d57b0e04534006b809215e5b2a1  krb5-devel-1.2.2-34.i386.rpm
2353b8f37263fbe2b3a36659517760fc  krb5-libs-1.2.2-34.i386.rpm
605b4b5ffd2a3ee6c05350aaf9d16004  krb5-server-1.2.2-34.i386.rpm
d5a304cd4a4f0769630255072ee9c763  krb5-workstation-1.2.2-34.i386.rpm

ia64:
8befb0ccf160d23932a924acfb6b3072  krb5-devel-1.2.2-34.ia64.rpm
95b7c9b2048548fbfe1750c4d72a23b7  krb5-libs-1.2.2-34.ia64.rpm
26f1bdaccc93e24e833a2d5f20bbfa09  krb5-server-1.2.2-34.ia64.rpm
d98001ff0bb393830e5269e203f3ca48  krb5-workstation-1.2.2-34.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/krb5-1.2.2-34.src.rpm
d76d469166a335ebdbd60c201280114e  krb5-1.2.2-34.src.rpm

ia64:
8befb0ccf160d23932a924acfb6b3072  krb5-devel-1.2.2-34.ia64.rpm
95b7c9b2048548fbfe1750c4d72a23b7  krb5-libs-1.2.2-34.ia64.rpm
26f1bdaccc93e24e833a2d5f20bbfa09  krb5-server-1.2.2-34.ia64.rpm
d98001ff0bb393830e5269e203f3ca48  krb5-workstation-1.2.2-34.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/krb5-1.2.2-34.src.rpm
d76d469166a335ebdbd60c201280114e  krb5-1.2.2-34.src.rpm

i386:
5a864d57b0e04534006b809215e5b2a1  krb5-devel-1.2.2-34.i386.rpm
2353b8f37263fbe2b3a36659517760fc  krb5-libs-1.2.2-34.i386.rpm
605b4b5ffd2a3ee6c05350aaf9d16004  krb5-server-1.2.2-34.i386.rpm
d5a304cd4a4f0769630255072ee9c763  krb5-workstation-1.2.2-34.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/krb5-1.2.2-34.src.rpm
d76d469166a335ebdbd60c201280114e  krb5-1.2.2-34.src.rpm

i386:
5a864d57b0e04534006b809215e5b2a1  krb5-devel-1.2.2-34.i386.rpm
2353b8f37263fbe2b3a36659517760fc  krb5-libs-1.2.2-34.i386.rpm
605b4b5ffd2a3ee6c05350aaf9d16004  krb5-server-1.2.2-34.i386.rpm
d5a304cd4a4f0769630255072ee9c763  krb5-workstation-1.2.2-34.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-42.src.rpm
15e292d791e6cd5a788764374c32769e  krb5-1.2.7-42.src.rpm

i386:
8d2d653de75e0e90d9718043bb9ec2ea  krb5-devel-1.2.7-42.i386.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
76a8c1d4048606e96b763b1cfd9e2862  krb5-server-1.2.7-42.i386.rpm
02d15698839a4dca13a692567fdc3701  krb5-workstation-1.2.7-42.i386.rpm

ia64:
d9486bd1ba6bf58fff0c33b8b54e10d1  krb5-devel-1.2.7-42.ia64.rpm
b8f7a412868eb4331b2ac371f2935bed  krb5-libs-1.2.7-42.ia64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
e4f4267d02ac27da8963c4770c2d6ab7  krb5-server-1.2.7-42.ia64.rpm
a0eb9ccceccb1d777331ab1098ce24b8  krb5-workstation-1.2.7-42.ia64.rpm

ppc:
2bfc18ea2b64f042e96f6a7aa3ec769b  krb5-devel-1.2.7-42.ppc.rpm
62e0c55d9ee03b661c90689f4c663fa9  krb5-libs-1.2.7-42.ppc.rpm
0001f467b217ae55c103a9f8d8bbe0c4  krb5-libs-1.2.7-42.ppc64.rpm
4ae29ca81df4a7323f4a04dfe7bf422e  krb5-server-1.2.7-42.ppc.rpm
c28434eb04aa8ba62ae98f384ae96d66  krb5-workstation-1.2.7-42.ppc.rpm

s390:
018b6ff9a07097653d1fb0083a8654eb  krb5-devel-1.2.7-42.s390.rpm
9c2251b0c061abcec03805bf668654fa  krb5-libs-1.2.7-42.s390.rpm
e35388af17b751685a02b35be76c83eb  krb5-server-1.2.7-42.s390.rpm
f8336a07b5429d1c48592dbe9e8b638a  krb5-workstation-1.2.7-42.s390.rpm

s390x:
fc291f78e9ae09ab0500eb772e364b57  krb5-devel-1.2.7-42.s390x.rpm
ace1cd33911c12d87ee4616eea5f97d6  krb5-libs-1.2.7-42.s390x.rpm
9c2251b0c061abcec03805bf668654fa  krb5-libs-1.2.7-42.s390.rpm
b344cc43c163bb08a5b691dcbee69d10  krb5-server-1.2.7-42.s390x.rpm
947cfc0608f6bed2c325d5113188391e  krb5-workstation-1.2.7-42.s390x.rpm

x86_64:
c8f33f385c8b59f8088ba3938820f466  krb5-devel-1.2.7-42.x86_64.rpm
2d13ed5aad4c7910373cfd7399780e18  krb5-libs-1.2.7-42.x86_64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
55efe49040a64af9f4368e1e6c02c758  krb5-server-1.2.7-42.x86_64.rpm
a00c82982864a159076c9f7548675ad9  krb5-workstation-1.2.7-42.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-42.src.rpm
15e292d791e6cd5a788764374c32769e  krb5-1.2.7-42.src.rpm

i386:
8d2d653de75e0e90d9718043bb9ec2ea  krb5-devel-1.2.7-42.i386.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
02d15698839a4dca13a692567fdc3701  krb5-workstation-1.2.7-42.i386.rpm

x86_64:
c8f33f385c8b59f8088ba3938820f466  krb5-devel-1.2.7-42.x86_64.rpm
2d13ed5aad4c7910373cfd7399780e18  krb5-libs-1.2.7-42.x86_64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
a00c82982864a159076c9f7548675ad9  krb5-workstation-1.2.7-42.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-42.src.rpm
15e292d791e6cd5a788764374c32769e  krb5-1.2.7-42.src.rpm

i386:
8d2d653de75e0e90d9718043bb9ec2ea  krb5-devel-1.2.7-42.i386.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
76a8c1d4048606e96b763b1cfd9e2862  krb5-server-1.2.7-42.i386.rpm
02d15698839a4dca13a692567fdc3701  krb5-workstation-1.2.7-42.i386.rpm

ia64:
d9486bd1ba6bf58fff0c33b8b54e10d1  krb5-devel-1.2.7-42.ia64.rpm
b8f7a412868eb4331b2ac371f2935bed  krb5-libs-1.2.7-42.ia64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
e4f4267d02ac27da8963c4770c2d6ab7  krb5-server-1.2.7-42.ia64.rpm
a0eb9ccceccb1d777331ab1098ce24b8  krb5-workstation-1.2.7-42.ia64.rpm

x86_64:
c8f33f385c8b59f8088ba3938820f466  krb5-devel-1.2.7-42.x86_64.rpm
2d13ed5aad4c7910373cfd7399780e18  krb5-libs-1.2.7-42.x86_64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
55efe49040a64af9f4368e1e6c02c758  krb5-server-1.2.7-42.x86_64.rpm
a00c82982864a159076c9f7548675ad9  krb5-workstation-1.2.7-42.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-42.src.rpm
15e292d791e6cd5a788764374c32769e  krb5-1.2.7-42.src.rpm

i386:
8d2d653de75e0e90d9718043bb9ec2ea  krb5-devel-1.2.7-42.i386.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
02d15698839a4dca13a692567fdc3701  krb5-workstation-1.2.7-42.i386.rpm

ia64:
d9486bd1ba6bf58fff0c33b8b54e10d1  krb5-devel-1.2.7-42.ia64.rpm
b8f7a412868eb4331b2ac371f2935bed  krb5-libs-1.2.7-42.ia64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
a0eb9ccceccb1d777331ab1098ce24b8  krb5-workstation-1.2.7-42.ia64.rpm

x86_64:
c8f33f385c8b59f8088ba3938820f466  krb5-devel-1.2.7-42.x86_64.rpm
2d13ed5aad4c7910373cfd7399780e18  krb5-libs-1.2.7-42.x86_64.rpm
3f7f0d23cc9447241d17bf92aac52376  krb5-libs-1.2.7-42.i386.rpm
a00c82982864a159076c9f7548675ad9  krb5-workstation-1.2.7-42.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/krb5-1.3.4-12.src.rpm
8d598c4fa4404470d6e45978aa47ba6b  krb5-1.3.4-12.src.rpm

i386:
68457cc2117214ab9b11405b964275db  krb5-devel-1.3.4-12.i386.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
dab0e8a818d3df2b028b3c39ba4daa52  krb5-server-1.3.4-12.i386.rpm
a12db77933dc920943d6316f7e470ccc  krb5-workstation-1.3.4-12.i386.rpm

ia64:
1e9eef4e781b54fe954442a427e4fdbe  krb5-devel-1.3.4-12.ia64.rpm
56686098f08e0b62bd1445977f7eba6d  krb5-libs-1.3.4-12.ia64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ebce3644ac1704157552d51b6a244565  krb5-server-1.3.4-12.ia64.rpm
67c5b06a01aa25b361926bca1c055c03  krb5-workstation-1.3.4-12.ia64.rpm

ppc:
261644c24300998a25c57d513fe08c6e  krb5-devel-1.3.4-12.ppc.rpm
b9663d67bb9b97657d41d870f63b276e  krb5-libs-1.3.4-12.ppc.rpm
7248e6793d04613a952422f828fe2cb7  krb5-libs-1.3.4-12.ppc64.rpm
2ea50dcbeb0124a71c1e3489fec583fa  krb5-server-1.3.4-12.ppc.rpm
40e4b837e731816630f653bc98e22530  krb5-workstation-1.3.4-12.ppc.rpm

s390:
9f759fb193a998a4f88a21ca77f0b1ab  krb5-devel-1.3.4-12.s390.rpm
cd50ea2c90966a8527e06d77b6c47913  krb5-libs-1.3.4-12.s390.rpm
99668163d062fb8f5bfad4654f444313  krb5-server-1.3.4-12.s390.rpm
d94e6fabfc7fd33c9208ce7d374c89e8  krb5-workstation-1.3.4-12.s390.rpm

s390x:
5aa3854179039c6cb73145084123a197  krb5-devel-1.3.4-12.s390x.rpm
968f3babf2058bc88b44c5907f029017  krb5-libs-1.3.4-12.s390x.rpm
cd50ea2c90966a8527e06d77b6c47913  krb5-libs-1.3.4-12.s390.rpm
7d191831a79c60f99b03c441ca771428  krb5-server-1.3.4-12.s390x.rpm
130b64761b996f24a57ffeb85e637002  krb5-workstation-1.3.4-12.s390x.rpm

x86_64:
bcf94a851223872e8fcd272a297dc3c2  krb5-devel-1.3.4-12.x86_64.rpm
ef7f66e2a911b6c9787ab2e0b87534fc  krb5-libs-1.3.4-12.x86_64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ee69869e21701b21cb73092d43e49009  krb5-server-1.3.4-12.x86_64.rpm
2edb7a1bfd9e102ace52fe8e90f84e6c  krb5-workstation-1.3.4-12.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/krb5-1.3.4-12.src.rpm
8d598c4fa4404470d6e45978aa47ba6b  krb5-1.3.4-12.src.rpm

i386:
68457cc2117214ab9b11405b964275db  krb5-devel-1.3.4-12.i386.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
dab0e8a818d3df2b028b3c39ba4daa52  krb5-server-1.3.4-12.i386.rpm
a12db77933dc920943d6316f7e470ccc  krb5-workstation-1.3.4-12.i386.rpm

x86_64:
bcf94a851223872e8fcd272a297dc3c2  krb5-devel-1.3.4-12.x86_64.rpm
ef7f66e2a911b6c9787ab2e0b87534fc  krb5-libs-1.3.4-12.x86_64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ee69869e21701b21cb73092d43e49009  krb5-server-1.3.4-12.x86_64.rpm
2edb7a1bfd9e102ace52fe8e90f84e6c  krb5-workstation-1.3.4-12.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/krb5-1.3.4-12.src.rpm
8d598c4fa4404470d6e45978aa47ba6b  krb5-1.3.4-12.src.rpm

i386:
68457cc2117214ab9b11405b964275db  krb5-devel-1.3.4-12.i386.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
dab0e8a818d3df2b028b3c39ba4daa52  krb5-server-1.3.4-12.i386.rpm
a12db77933dc920943d6316f7e470ccc  krb5-workstation-1.3.4-12.i386.rpm

ia64:
1e9eef4e781b54fe954442a427e4fdbe  krb5-devel-1.3.4-12.ia64.rpm
56686098f08e0b62bd1445977f7eba6d  krb5-libs-1.3.4-12.ia64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ebce3644ac1704157552d51b6a244565  krb5-server-1.3.4-12.ia64.rpm
67c5b06a01aa25b361926bca1c055c03  krb5-workstation-1.3.4-12.ia64.rpm

x86_64:
bcf94a851223872e8fcd272a297dc3c2  krb5-devel-1.3.4-12.x86_64.rpm
ef7f66e2a911b6c9787ab2e0b87534fc  krb5-libs-1.3.4-12.x86_64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ee69869e21701b21cb73092d43e49009  krb5-server-1.3.4-12.x86_64.rpm
2edb7a1bfd9e102ace52fe8e90f84e6c  krb5-workstation-1.3.4-12.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/krb5-1.3.4-12.src.rpm
8d598c4fa4404470d6e45978aa47ba6b  krb5-1.3.4-12.src.rpm

i386:
68457cc2117214ab9b11405b964275db  krb5-devel-1.3.4-12.i386.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
dab0e8a818d3df2b028b3c39ba4daa52  krb5-server-1.3.4-12.i386.rpm
a12db77933dc920943d6316f7e470ccc  krb5-workstation-1.3.4-12.i386.rpm

ia64:
1e9eef4e781b54fe954442a427e4fdbe  krb5-devel-1.3.4-12.ia64.rpm
56686098f08e0b62bd1445977f7eba6d  krb5-libs-1.3.4-12.ia64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ebce3644ac1704157552d51b6a244565  krb5-server-1.3.4-12.ia64.rpm
67c5b06a01aa25b361926bca1c055c03  krb5-workstation-1.3.4-12.ia64.rpm

x86_64:
bcf94a851223872e8fcd272a297dc3c2  krb5-devel-1.3.4-12.x86_64.rpm
ef7f66e2a911b6c9787ab2e0b87534fc  krb5-libs-1.3.4-12.x86_64.rpm
5ee63ae61d91fab567dedb7880fa648e  krb5-libs-1.3.4-12.i386.rpm
ee69869e21701b21cb73092d43e49009  krb5-server-1.3.4-12.x86_64.rpm
2edb7a1bfd9e102ace52fe8e90f84e6c  krb5-workstation-1.3.4-12.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCSmPyXlSAg2UNWIIRArq5AJ9IYp7LCvBKvlKzc0cDuNeDLB69zACfX1rC
yalv0ezCGAKKLYJdMWBIOqA=
=WNbi
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQktO0Ch9+71yA2DNAQLfTAP/cglGknzCB/Ef14sHi9Rl1pyuXAJH3Tzg
VEb+2xVarKzqsg9DigKyC7A4ZTATZtsivXsplL7Cn9G8bytA8ak3TeyOgB8Bxm4E
McnG6BhtSh9HEznj8+J0fI9CdpL2Mr16SgrGprxAgZfmqhf/0dY2gY0zk3v9wPWD
/zi7px97Oy4=
=7doE
-----END PGP SIGNATURE-----