Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0266 -- [Win][UNIX/Linux][Debian]
New clamav packages fix several vulnerabilities
26 April 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: ClamAV
Publisher: Debian
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Debian GNU/Linux 4.0
Debian GNU/Linux 3.1
Impact: Execute Arbitrary Code/Commands
Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2007-2029 CVE-2007-1997 CVE-2007-1745
Ref: ESB-2007.0248
Original Bulletin: http://www.debian.org/security/2007/dsa-1281
Comment: Besides the two vulnerabilities previously reported in ESB-2007.0248,
this advisory describes a new denial of service vulnerability
when handling PDF files.
This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running ClamAV check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1281-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
April 25th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : clamav
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2007-1745 CVE-2007-1997 CVE-2007-2029
Several remote vulnerabilities have been discovered in the Clam anti-virus
toolkit. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-1745
It was discovered that a file descriptor leak in the CHM handler may
lead to denial of service.
CVE-2007-1997
It was discovered that a buffer overflow in the CAB handler may lead
to the execution of arbitrary code.
CVE-2007-2029
It was discovered that a file descriptor leak in the PDF handler may
lead to denial of service.
For the oldstable distribution (sarge) these problems have been fixed in
version 0.84-2.sarge.16.
For the stable distribution (etch) these problems have been fixed
in version 0.90.1-3etch1.
For the unstable distribution (sid) these problems have been fixed in
version 0.90.2-1.
We recommend that you upgrade your clamav packages. Packages for
the arm, sparc, m68k and mipsen architectures are not yet available.
They will be provided later.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16.dsc
Size/MD5 checksum: 874 750b482eeb436112babe47c8d4e462f4
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16.diff.gz
Size/MD5 checksum: 187501 4fa4f6002ac647a88cc991491026f495
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.16_all.deb
Size/MD5 checksum: 155282 27dda07f76c431190815699c933c96f1
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.16_all.deb
Size/MD5 checksum: 690904 0599cd77c6f729719f7d2218238286dc
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.16_all.deb
Size/MD5 checksum: 124268 dc29df62c5e663ac861871fb261c8f5f
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 74760 6f5e17b5709704bb3cbb5df87886c535
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 48704 42d401657e3ce03e9b3f8bc8c2eb6c2a
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 2175750 6362f96b3ea12a7756a65be181ade900
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 41738 fc892161427bb646375cd488ccdf8cf4
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 256048 08a862b95ba887ef60d7e782b3860c4b
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 286514 911985fc43f62e1648fc49c699873102
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 69018 d3cdbb0197531ab9c9b2da5fdd3f28d2
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 44290 8dfb6f556b0e94177ced1b8437fd05c6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 2173300 4bddbe30c350a2cdf7085401d9ba2bd4
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 40044 fe9c8fbf07d5bb4f2ea8c186fa4554d0
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 176820 671a48baa1cff978ba6ac698bd92ce35
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 260434 fcbd3ed5d6d195d941ae8c2c4be78583
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 65316 388cb174e2802231f2e00be75e557525
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 40360 eb1b678e9f9e6902baf07337031a15c9
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 2171592 538f510efe1172159b580d2de8a685e3
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 38060 fc3bbba2437c2822000e045c6709c8b0
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 159914 61cff431ff68479054321cae6ce49434
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 255106 06c6210c2302fa4b12539f5d9d6ed90c
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 81948 b2532d41280dd297e11fe259cda69f43
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 55324 4ece492972b78bd0a85a0a349219ba0c
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 2180240 d59d5be58695e7eda4bb850329b61eaf
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 49242 25aebadfb837f4b693c0ca7f00d7d7e5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 252464 9a98dab31c6cbd4010a070af84586379
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 318554 ebfcc4e83fcce638cf4d6fd204f406ba
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 69390 825a3ff9344b0ff0040c9009043d0345
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 44728 719d0f39e79ca450060ccf2b31841893
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 2173682 4da2c1673aec276f67dd78f418e20418
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 38890 13405ffbf96d22acac493dd5ca2561f9
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 187910 3f20cb90f59c59296469564288bc851f
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 265536 7f953c829582ff78a9c059e9a21c7ecc
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 67964 2e69d92100ff9b5af69d2c6482c332e6
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 43642 4bc4573c069697913e88f90ce180bc78
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 2172968 095a7323846207c070de4be0cfca904b
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 38966 20219f58e85b9bd3742941042bf536b0
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 182852 1c38c0a2187b948fa7062a50a93d26ce
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 270160 298f91ebdd0f8fec45c7115a71e9ff76
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1.dsc
Size/MD5 checksum: 886 03ca483d25aa8a5843c0334454fa854b
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1.diff.gz
Size/MD5 checksum: 198874 332face9b6c9dd61ea183b97920d58e6
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1.orig.tar.gz
Size/MD5 checksum: 11643310 cd11c05b5476262eaea4fa3bd7dc25bf
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1-3etch1_all.deb
Size/MD5 checksum: 201166 15ff75fe7f8d74c20a1ed138a3ef96a3
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1-3etch1_all.deb
Size/MD5 checksum: 1002982 c522f91db205e1317d7ffa4fcff219cc
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1-3etch1_all.deb
Size/MD5 checksum: 157358 8f0bccc0ffe35df7afd1c970e7a6424d
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 863012 56735cac5c48a2b1cff498aa74af5b74
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 184208 d61917178e7334eb9267834929ec3ac1
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 643690 8a9d04ad670ff22316a894a6ee693526
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 9303270 89869fa569a5b7a8175c5eae35d2dc4c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 179372 7a1dba33725c9de4ece9641d2b1c4b2f
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 509666 e47d02325d68fe25a875843c6d390b80
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 405480 38ccb1a5c657c5c70f410f94d66c93a1
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 856028 b605cea366cd60582a4f2926cd8dbbf0
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 177964 d26c6f071ae2f9ef5a6a446ffdc79dac
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 637432 dc8505b28e41acc8ae53502ddaeae429
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 9301322 90c4819bcecb55a12dc94fdbd868b5e8
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 176430 16d4a80aef673ec34e4c771013835463
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 385728 391eab43682d135cd5a7321067b358e1
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 366562 c71cc7f8c0cb058a725b7e8d6cc76df0
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 856792 69390669062759614b5068a91daf47fd
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 177694 4e12f71d9e471ab44270ef8629c566f9
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 617522 5157056214621eed9948cfcd417b56c3
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 9302752 c8176be01a85cce59bce5869643e425a
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 176522 f4379b7ca228397a28a2e040e890a3a5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 432108 07f29046db300ff6a57a86367c940e44
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 404280 d69e5a48f1ff41d90885029f7212963b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 853434 e33737d0e8eeae82880dee160b884e4c
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 174318 188d945b3c78e3d540a8288115eb4923
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 603398 56ab1e4be6b9a86ef5b9ccfbf9d6faa2
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 9299850 b15d3a6570be05bf476bd9cd5821f179
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 174450 d33e361d311972a8f832e9a5c9cacd02
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 367182 c46322a281159fad5ee98725b293f295
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 365140 33b24038fd1f0cd610e18c5e9a6a45a8
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 878008 af774d8ff869cf7f6c2f01ecc7c066bf
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 201168 74a33b6216e0e8210f6cd64d9b01e84a
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 656168 74cd735a0f44db53d22d0d97847375fa
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 9314758 b82acf9cc3c39df48574d645ff66dbcc
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 190824 94493ed780a6188f973d4bff2b54b1dd
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 520604 a139c1db4f8e08468e3138b3c17412c1
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 474144 354eec2bd1aa062fb9e1150068b88f77
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 856836 db956d3268e97ee29c056b92bfe175c6
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 181406 31d55adca529fcd1f843d35c4fe5733e
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 636432 c15e564ca0bba6f47553a15c52f70224
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 9301660 e57ce0bdd33f992cf842c47146160272
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 175544 806666c67449d7539310ce20e986892c
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 405180 b1a347e43bf7d8e0f5f89012d59b5bb6
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 377662 fa0be5ca2222ba19f85549416daf0333
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 854784 38773a96cc7e238cfbff8e301af67e7f
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 175982 314d4bb67d61d26c374a80d2fb7d177e
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 627524 9b9f81c79c2fca92d060163a6cba5d3d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 9300600 19ab58095839cac85be2f22f326859a3
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 176114 3375fd42709def635bf4929fe404a6f2
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 401188 28cde64e90a013bdf66a28f1b7d9058b
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 390658 40ead43ae79832d790c0e8fd290f0b8e
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGL5W/Xm3vHE4uyloRAp+jAJ4pflWP+VWUO1VU/DndDSXxDKrSDgCg5x0M
XJSCha33+9GfnFSLazQZZsE=
=cunR
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRjAxsCh9+71yA2DNAQK68AP/Z1Z6Y/NIFxd2zaX0/ZHAti/rmxCtLax9
H6FFQ+LTTASelsEMhDIrOHXn+luAUJVp3P+sKiydXv3vm2YMygq0S7sj6CYnGvzH
2ifQs5GKDW7VtCydkwybWonK9lvyOiGPHmSfQfLyx955TLG2JFwtOzpT3GH2mhr6
RIDn7gcn5ZQ=
=/4S4
-----END PGP SIGNATURE-----