Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0920 -- [RedHat]
Critical: samba security update
16 November 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Samba
Publisher: Red Hat
Operating System: Red Hat Linux 5
Red Hat Linux 4
Red Hat Linux 3
Red Hat Linux 2
Impact: Execute Arbitrary Code/Commands
Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2007-5398 CVE-2007-4572 CVE-2007-4138
Ref: AL-2007.0120
Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-1013.html
https://rhn.redhat.com/errata/RHSA-2007-1016.html
https://rhn.redhat.com/errata/RHSA-2007-1017.html
Comment: This advisory contains three (3) Red Hat Security Advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Critical: samba security update
Advisory ID: RHSA-2007:1013-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1013.html
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-4572 CVE-2007-5398
- - ---------------------------------------------------------------------
1. Summary:
Updated samba packages that fix several security issues are now available
for Red Hat Enterprise Linux 2.1 and 3.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
Samba is a suite of programs used by machines to share files, printers, and
other information.
A buffer overflow flaw was found in the way Samba creates NetBIOS replies.
If a Samba server is configured to run as a WINS server, a remote
unauthenticated user could cause the Samba server to crash or execute
arbitrary code. (CVE-2007-5398)
A heap-based buffer overflow flaw was found in the way Samba authenticates
users. A remote unauthenticated user could trigger this flaw to cause the
Samba server to crash. Careful analysis of this flaw has determined that
arbitrary code execution is not possible, and under most circumstances will
not result in a crash of the Samba server. (CVE-2007-4572)
Red Hat would like to thank Alin Rad Pop of Secunia Research, and the Samba
developers for responsibly disclosing these issues.
Users of Samba are advised to ugprade to these updated packages, which
contain backported patches to resolve these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
294631 - CVE-2007-4572 samba buffer overflow
358831 - CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
i386:
3668a9e0f562d8f90cc663a0d4947511 samba-2.2.12-1.21as.8.1.i386.rpm
7ad1f876f07f3350ed11e08cd2dfd048 samba-client-2.2.12-1.21as.8.1.i386.rpm
b9b6703ad46f5e07a2c353c4f3213bbd samba-common-2.2.12-1.21as.8.1.i386.rpm
1b096bad8e57d2f8312d8b5481693594 samba-swat-2.2.12-1.21as.8.1.i386.rpm
ia64:
a63a1829e8d3585e0f9598cbb585ff95 samba-2.2.12-1.21as.8.1.ia64.rpm
139643a501d501a38a9841537bbff295 samba-client-2.2.12-1.21as.8.1.ia64.rpm
ed8b98dbb27211c6f40e0d91726082fa samba-common-2.2.12-1.21as.8.1.ia64.rpm
4f070a66e6afd76da95e0c7c7a9b1251 samba-swat-2.2.12-1.21as.8.1.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
ia64:
a63a1829e8d3585e0f9598cbb585ff95 samba-2.2.12-1.21as.8.1.ia64.rpm
139643a501d501a38a9841537bbff295 samba-client-2.2.12-1.21as.8.1.ia64.rpm
ed8b98dbb27211c6f40e0d91726082fa samba-common-2.2.12-1.21as.8.1.ia64.rpm
4f070a66e6afd76da95e0c7c7a9b1251 samba-swat-2.2.12-1.21as.8.1.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
i386:
3668a9e0f562d8f90cc663a0d4947511 samba-2.2.12-1.21as.8.1.i386.rpm
7ad1f876f07f3350ed11e08cd2dfd048 samba-client-2.2.12-1.21as.8.1.i386.rpm
b9b6703ad46f5e07a2c353c4f3213bbd samba-common-2.2.12-1.21as.8.1.i386.rpm
1b096bad8e57d2f8312d8b5481693594 samba-swat-2.2.12-1.21as.8.1.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.8.1.src.rpm
c256e2c91c123f1832f52acd841c723e samba-2.2.12-1.21as.8.1.src.rpm
i386:
3668a9e0f562d8f90cc663a0d4947511 samba-2.2.12-1.21as.8.1.i386.rpm
7ad1f876f07f3350ed11e08cd2dfd048 samba-client-2.2.12-1.21as.8.1.i386.rpm
b9b6703ad46f5e07a2c353c4f3213bbd samba-common-2.2.12-1.21as.8.1.i386.rpm
1b096bad8e57d2f8312d8b5481693594 samba-swat-2.2.12-1.21as.8.1.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
ia64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
e199d3394b047493501054854becba95 samba-3.0.9-1.3E.14.1.ia64.rpm
7683498f19d4dc2457c94c2b2c383c5c samba-client-3.0.9-1.3E.14.1.ia64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
072b014b104dd5c3e47cb7ff95f49c19 samba-common-3.0.9-1.3E.14.1.ia64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
dcefead38a15b5045623c062b62f93cb samba-debuginfo-3.0.9-1.3E.14.1.ia64.rpm
90d018a6319715a6ebaa8ec589d6a5ed samba-swat-3.0.9-1.3E.14.1.ia64.rpm
ppc:
2d19e0c0dd38a67a58f7554ed1813960 samba-3.0.9-1.3E.14.1.ppc.rpm
7220d706da598f65fb2034c59436ca39 samba-3.0.9-1.3E.14.1.ppc64.rpm
e0b4f4c3d2b1a0110e4cd854ee4b5d63 samba-client-3.0.9-1.3E.14.1.ppc.rpm
bb761b0be35251a3271fe517485b73fc samba-common-3.0.9-1.3E.14.1.ppc.rpm
fa3ebbb6aff8c03433d314fdf7907eda samba-common-3.0.9-1.3E.14.1.ppc64.rpm
040a878f51d0628cc81fc509f8241b61 samba-debuginfo-3.0.9-1.3E.14.1.ppc.rpm
94e7a01b31e73b9779df25a97b8b8588 samba-debuginfo-3.0.9-1.3E.14.1.ppc64.rpm
ea9388a3ef700197148af7217cab23e7 samba-swat-3.0.9-1.3E.14.1.ppc.rpm
s390:
442c0489b0b6e47c30d29920d86ad1c6 samba-3.0.9-1.3E.14.1.s390.rpm
8fd814d9aaf60d506c00458f046e135f samba-client-3.0.9-1.3E.14.1.s390.rpm
ad59ab1c42546e3713d8e2fa06ca5dcf samba-common-3.0.9-1.3E.14.1.s390.rpm
ddd8aac31875f86285765f449464b9b6 samba-debuginfo-3.0.9-1.3E.14.1.s390.rpm
ff6c34142632863ceeba2b51ee6ab63d samba-swat-3.0.9-1.3E.14.1.s390.rpm
s390x:
442c0489b0b6e47c30d29920d86ad1c6 samba-3.0.9-1.3E.14.1.s390.rpm
4631bddcfdea1831b9e710788663b2f3 samba-3.0.9-1.3E.14.1.s390x.rpm
4ed24e0dc5a06239b696b7ca3f0299af samba-client-3.0.9-1.3E.14.1.s390x.rpm
ad59ab1c42546e3713d8e2fa06ca5dcf samba-common-3.0.9-1.3E.14.1.s390.rpm
4e802689c31db058065f7899f2fcc0c9 samba-common-3.0.9-1.3E.14.1.s390x.rpm
ddd8aac31875f86285765f449464b9b6 samba-debuginfo-3.0.9-1.3E.14.1.s390.rpm
efbf689c8e0baae4a2c4bc6f9be95e69 samba-debuginfo-3.0.9-1.3E.14.1.s390x.rpm
1314e87a446697fe5b76a621b5cfff58 samba-swat-3.0.9-1.3E.14.1.s390x.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
ia64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
e199d3394b047493501054854becba95 samba-3.0.9-1.3E.14.1.ia64.rpm
7683498f19d4dc2457c94c2b2c383c5c samba-client-3.0.9-1.3E.14.1.ia64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
072b014b104dd5c3e47cb7ff95f49c19 samba-common-3.0.9-1.3E.14.1.ia64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
dcefead38a15b5045623c062b62f93cb samba-debuginfo-3.0.9-1.3E.14.1.ia64.rpm
90d018a6319715a6ebaa8ec589d6a5ed samba-swat-3.0.9-1.3E.14.1.ia64.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.14.1.src.rpm
109ff11f7bae2ea32001733dfcb494a4 samba-3.0.9-1.3E.14.1.src.rpm
i386:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
bfb5a0569b61135deb3f9364fa36da1b samba-client-3.0.9-1.3E.14.1.i386.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
ae11744aa2d5e3acb6005049376645d1 samba-swat-3.0.9-1.3E.14.1.i386.rpm
ia64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
e199d3394b047493501054854becba95 samba-3.0.9-1.3E.14.1.ia64.rpm
7683498f19d4dc2457c94c2b2c383c5c samba-client-3.0.9-1.3E.14.1.ia64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
072b014b104dd5c3e47cb7ff95f49c19 samba-common-3.0.9-1.3E.14.1.ia64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
dcefead38a15b5045623c062b62f93cb samba-debuginfo-3.0.9-1.3E.14.1.ia64.rpm
90d018a6319715a6ebaa8ec589d6a5ed samba-swat-3.0.9-1.3E.14.1.ia64.rpm
x86_64:
4de0c6d2dae246e46a56db2cec7b64de samba-3.0.9-1.3E.14.1.i386.rpm
27c811b470b7350b3139448d74f2de27 samba-3.0.9-1.3E.14.1.x86_64.rpm
63cc1e310310586bbeff693cd5353a49 samba-client-3.0.9-1.3E.14.1.x86_64.rpm
e7b6b04bdf7d0051d2c49272c155fd08 samba-common-3.0.9-1.3E.14.1.i386.rpm
689ce45d04eba3215f144691815ab8bb samba-common-3.0.9-1.3E.14.1.x86_64.rpm
f37ccac147eed9566c04e0b4a21b7531 samba-debuginfo-3.0.9-1.3E.14.1.i386.rpm
f18185d69a5ba27b86fa99f2d20d0048 samba-debuginfo-3.0.9-1.3E.14.1.x86_64.rpm
984deb53f02277f5cb4e7aac5c44ea0a samba-swat-3.0.9-1.3E.14.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
http://www.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFHPG+4XlSAg2UNWIIRAvxRAKCrLhjl9hQXPHYUx6xLAV4efn989wCeIijT
UEIPfmbRDbmuorXM4r2USao=
=3dsq
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Critical: samba security update
Advisory ID: RHSA-2007:1016-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1016.html
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-4572 CVE-2007-4138 CVE-2007-5398
- - ---------------------------------------------------------------------
1. Summary:
Updated samba packages that fix several security issues are now available
for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
Samba is a suite of programs used by machines to share files, printers, and
other information.
A buffer overflow flaw was found in the way Samba creates NetBIOS replies.
If a Samba server is configured to run as a WINS server, a remote
unauthenticated user could cause the Samba server to crash or execute
arbitrary code. (CVE-2007-5398)
A heap-based buffer overflow flaw was found in the way Samba authenticates
users. A remote unauthenticated user could trigger this flaw to cause the
Samba server to crash. Careful analysis of this flaw has determined that
arbitrary code execution is not possible, and under most circumstances will
not result in a crash of the Samba server. (CVE-2007-4572)
A flaw was found in the way Samba assigned group IDs under certain
conditions. If the "winbind nss info" parameter in smb.conf is set to
either "sfu" or "rfc2307", Samba users are incorrectly assigned the group
ID of 0. (CVE-2007-4138)
Red Hat would like to thank Alin Rad Pop of Secunia Research, Rick King,
and the Samba developers for responsibly disclosing these issues.
All Samba users are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
286271 - CVE-2007-4138 samba incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin
294631 - CVE-2007-4572 samba buffer overflow
358831 - CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.25b-1.el4_6.2.src.rpm
ff91ab4fccfce54bcdbdce280a86ffb8 samba-3.0.25b-1.el4_6.2.src.rpm
i386:
4216ae32c49cb1fc295793c7a5c2d988 samba-3.0.25b-1.el4_6.2.i386.rpm
a8c97c2b627a84bf5d128ea8210fd9ea samba-client-3.0.25b-1.el4_6.2.i386.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
7c64cf3d7adb64abdd767ef5b2661f59 samba-swat-3.0.25b-1.el4_6.2.i386.rpm
ia64:
7cdad59ef473db7055e028cee445e9d0 samba-3.0.25b-1.el4_6.2.ia64.rpm
18b89b1efbfe7c6baa1510a4d2e79e92 samba-client-3.0.25b-1.el4_6.2.ia64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
b1724aed7110c7d8b1210f4dcaa7bf27 samba-common-3.0.25b-1.el4_6.2.ia64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
a9a97c765005aa7b756fbc271f9195e0 samba-debuginfo-3.0.25b-1.el4_6.2.ia64.rpm
3bb4435264e5bbb86ce99fe82010b4b0 samba-swat-3.0.25b-1.el4_6.2.ia64.rpm
ppc:
ec4d93c74e2740c293545b04d5a3492c samba-3.0.25b-1.el4_6.2.ppc.rpm
5d00edd7648100a3646aad3f43a83f8d samba-client-3.0.25b-1.el4_6.2.ppc.rpm
95d55e7d9e12e3a12731c1cbaafe0461 samba-common-3.0.25b-1.el4_6.2.ppc.rpm
ebedc087ac45ca25f4de994cd5c72332 samba-common-3.0.25b-1.el4_6.2.ppc64.rpm
58c79eced8b8796b05391f0ed2eca937 samba-debuginfo-3.0.25b-1.el4_6.2.ppc.rpm
402476d354c9a3ba7f9085abfd76ebf4 samba-debuginfo-3.0.25b-1.el4_6.2.ppc64.rpm
c3f9af4c6c081d655802fbfc4620a388 samba-swat-3.0.25b-1.el4_6.2.ppc.rpm
s390:
492d04550073c30a0fdd00c9ef692ec7 samba-3.0.25b-1.el4_6.2.s390.rpm
1dad6fee42fea753838f56a84a4c9cde samba-client-3.0.25b-1.el4_6.2.s390.rpm
b0c8633218688eb3a0f8867a067d0b93 samba-common-3.0.25b-1.el4_6.2.s390.rpm
73f5ac67f0c97a47d150768af0a52a66 samba-debuginfo-3.0.25b-1.el4_6.2.s390.rpm
0e71566da615b9c2a16964e80bf5539f samba-swat-3.0.25b-1.el4_6.2.s390.rpm
s390x:
70a1b475ca0b9e55f026f6fa6474b0eb samba-3.0.25b-1.el4_6.2.s390x.rpm
3de9cc76f1a6ce318fbb6fd271de7445 samba-client-3.0.25b-1.el4_6.2.s390x.rpm
b0c8633218688eb3a0f8867a067d0b93 samba-common-3.0.25b-1.el4_6.2.s390.rpm
c6d811a8a5393dc66fc40dd0e6303995 samba-common-3.0.25b-1.el4_6.2.s390x.rpm
73f5ac67f0c97a47d150768af0a52a66 samba-debuginfo-3.0.25b-1.el4_6.2.s390.rpm
2d9034a0e0f1004afc1b1d4c78488dad samba-debuginfo-3.0.25b-1.el4_6.2.s390x.rpm
efc2ab206d72a473f560a15cfc22a0c2 samba-swat-3.0.25b-1.el4_6.2.s390x.rpm
x86_64:
23c8d08613b43016da4ed487be1d4634 samba-3.0.25b-1.el4_6.2.x86_64.rpm
434546ba4e5f0f821f01e3388f6676de samba-client-3.0.25b-1.el4_6.2.x86_64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
ce2caf512315daeb433147ba23878dfb samba-common-3.0.25b-1.el4_6.2.x86_64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
e8185573524a937476c5e40c86330155 samba-debuginfo-3.0.25b-1.el4_6.2.x86_64.rpm
463be2d8eec8004dee74d3dbbd5828d3 samba-swat-3.0.25b-1.el4_6.2.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.25b-1.el4_6.2.src.rpm
ff91ab4fccfce54bcdbdce280a86ffb8 samba-3.0.25b-1.el4_6.2.src.rpm
i386:
4216ae32c49cb1fc295793c7a5c2d988 samba-3.0.25b-1.el4_6.2.i386.rpm
a8c97c2b627a84bf5d128ea8210fd9ea samba-client-3.0.25b-1.el4_6.2.i386.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
7c64cf3d7adb64abdd767ef5b2661f59 samba-swat-3.0.25b-1.el4_6.2.i386.rpm
x86_64:
23c8d08613b43016da4ed487be1d4634 samba-3.0.25b-1.el4_6.2.x86_64.rpm
434546ba4e5f0f821f01e3388f6676de samba-client-3.0.25b-1.el4_6.2.x86_64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
ce2caf512315daeb433147ba23878dfb samba-common-3.0.25b-1.el4_6.2.x86_64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
e8185573524a937476c5e40c86330155 samba-debuginfo-3.0.25b-1.el4_6.2.x86_64.rpm
463be2d8eec8004dee74d3dbbd5828d3 samba-swat-3.0.25b-1.el4_6.2.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.25b-1.el4_6.2.src.rpm
ff91ab4fccfce54bcdbdce280a86ffb8 samba-3.0.25b-1.el4_6.2.src.rpm
i386:
4216ae32c49cb1fc295793c7a5c2d988 samba-3.0.25b-1.el4_6.2.i386.rpm
a8c97c2b627a84bf5d128ea8210fd9ea samba-client-3.0.25b-1.el4_6.2.i386.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
7c64cf3d7adb64abdd767ef5b2661f59 samba-swat-3.0.25b-1.el4_6.2.i386.rpm
ia64:
7cdad59ef473db7055e028cee445e9d0 samba-3.0.25b-1.el4_6.2.ia64.rpm
18b89b1efbfe7c6baa1510a4d2e79e92 samba-client-3.0.25b-1.el4_6.2.ia64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
b1724aed7110c7d8b1210f4dcaa7bf27 samba-common-3.0.25b-1.el4_6.2.ia64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
a9a97c765005aa7b756fbc271f9195e0 samba-debuginfo-3.0.25b-1.el4_6.2.ia64.rpm
3bb4435264e5bbb86ce99fe82010b4b0 samba-swat-3.0.25b-1.el4_6.2.ia64.rpm
x86_64:
23c8d08613b43016da4ed487be1d4634 samba-3.0.25b-1.el4_6.2.x86_64.rpm
434546ba4e5f0f821f01e3388f6676de samba-client-3.0.25b-1.el4_6.2.x86_64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
ce2caf512315daeb433147ba23878dfb samba-common-3.0.25b-1.el4_6.2.x86_64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
e8185573524a937476c5e40c86330155 samba-debuginfo-3.0.25b-1.el4_6.2.x86_64.rpm
463be2d8eec8004dee74d3dbbd5828d3 samba-swat-3.0.25b-1.el4_6.2.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.25b-1.el4_6.2.src.rpm
ff91ab4fccfce54bcdbdce280a86ffb8 samba-3.0.25b-1.el4_6.2.src.rpm
i386:
4216ae32c49cb1fc295793c7a5c2d988 samba-3.0.25b-1.el4_6.2.i386.rpm
a8c97c2b627a84bf5d128ea8210fd9ea samba-client-3.0.25b-1.el4_6.2.i386.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
7c64cf3d7adb64abdd767ef5b2661f59 samba-swat-3.0.25b-1.el4_6.2.i386.rpm
ia64:
7cdad59ef473db7055e028cee445e9d0 samba-3.0.25b-1.el4_6.2.ia64.rpm
18b89b1efbfe7c6baa1510a4d2e79e92 samba-client-3.0.25b-1.el4_6.2.ia64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
b1724aed7110c7d8b1210f4dcaa7bf27 samba-common-3.0.25b-1.el4_6.2.ia64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
a9a97c765005aa7b756fbc271f9195e0 samba-debuginfo-3.0.25b-1.el4_6.2.ia64.rpm
3bb4435264e5bbb86ce99fe82010b4b0 samba-swat-3.0.25b-1.el4_6.2.ia64.rpm
x86_64:
23c8d08613b43016da4ed487be1d4634 samba-3.0.25b-1.el4_6.2.x86_64.rpm
434546ba4e5f0f821f01e3388f6676de samba-client-3.0.25b-1.el4_6.2.x86_64.rpm
4afd587d8a1d2283834597627ae3a5bb samba-common-3.0.25b-1.el4_6.2.i386.rpm
ce2caf512315daeb433147ba23878dfb samba-common-3.0.25b-1.el4_6.2.x86_64.rpm
31bd306cec8360b27ffef6a40cf51e7f samba-debuginfo-3.0.25b-1.el4_6.2.i386.rpm
e8185573524a937476c5e40c86330155 samba-debuginfo-3.0.25b-1.el4_6.2.x86_64.rpm
463be2d8eec8004dee74d3dbbd5828d3 samba-swat-3.0.25b-1.el4_6.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
http://www.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFHPHMKXlSAg2UNWIIRAk2QAKCvtZJe8l/YZoPKe6cAH5yyK4DSpQCgvnDP
/gXuNccDuVZfEqeUV2zrmqo=
=yRgt
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Critical: samba security update
Advisory ID: RHSA-2007:1017-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-1017.html
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-4572 CVE-2007-4138 CVE-2007-5398
- - ---------------------------------------------------------------------
1. Summary:
Updated samba packages that fix security issues are now available for Red
Hat Enterprise Linux 5.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Problem description:
Samba is a suite of programs used by machines to share files, printers, and
other information.
A buffer overflow flaw was found in the way Samba creates NetBIOS replies.
If a Samba server is configured to run as a WINS server, a remote
unauthenticated user could cause the Samba server to crash or execute
arbitrary code. (CVE-2007-5398)
A heap based buffer overflow flaw was found in the way Samba authenticates
users. A remote unauthenticated user could trigger this flaw to cause the
Samba server to crash. Careful analysis of this flaw has determined that
arbitrary code execution is not possible, and under most circumstances will
not result in a crash of the Samba server. (CVE-2007-4572)
A flaw was found in the way Samba assigned group IDs under certain
conditions. If the "winbind nss info" parameter in smb.conf is set to
either "sfu" or "rfc2307", Samba users are incorrectly assigned the group
ID of 0. (CVE-2007-4138)
Red Hat would like to thank Alin Rad Pop of Secunia Research, Rick King,
and the Samba developers for responsibly disclosing these issues.
All Samba users are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues.
4. Solution:
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied. Use Red Hat Network to download
and update your packages. To do so, run the following command (as root):
pup
Alternatively, for a command-line interface, run the following command:
yum update
To register your system to RHN, use the following command:
rhn_register
For information on how to manually install or remove packages, refer to the
following link:
http://kbase.redhat.com/faq/FAQ_80_11223.shtm
5. Bug IDs fixed (http://bugzilla.redhat.com/):
286271 - CVE-2007-4138 samba incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin
294631 - CVE-2007-4572 samba buffer overflow
358831 - CVE-2007-5398 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.25b-1.el5_1.2.src.rpm
a614dd8ab1961b7c8a92a170f9bb0036 samba-3.0.25b-1.el5_1.2.src.rpm
i386:
f582807333fffc7cfda3f048ad61497a samba-3.0.25b-1.el5_1.2.i386.rpm
c0c45a2fb546b2c2dd4274a3a88fa234 samba-client-3.0.25b-1.el5_1.2.i386.rpm
56b33f69aebac9bd6654a0ab6ba1a03e samba-common-3.0.25b-1.el5_1.2.i386.rpm
51e6fd0037e1ae54d8842436002da8c4 samba-debuginfo-3.0.25b-1.el5_1.2.i386.rpm
5d32128d7fd5545a6684fd8e1e0055e0 samba-swat-3.0.25b-1.el5_1.2.i386.rpm
x86_64:
2940397a447ae38809c5661e3c6e9e9f samba-3.0.25b-1.el5_1.2.x86_64.rpm
4bd8bf5a6d39844c291e67af9debef55 samba-client-3.0.25b-1.el5_1.2.x86_64.rpm
56b33f69aebac9bd6654a0ab6ba1a03e samba-common-3.0.25b-1.el5_1.2.i386.rpm
bf460a8a6d2338be4bd83884ca5934a7 samba-common-3.0.25b-1.el5_1.2.x86_64.rpm
51e6fd0037e1ae54d8842436002da8c4 samba-debuginfo-3.0.25b-1.el5_1.2.i386.rpm
053a2c84cf6353a6a8a79ea5e4e1feb7 samba-debuginfo-3.0.25b-1.el5_1.2.x86_64.rpm
7ffd3a287260c93478549f0bff913297 samba-swat-3.0.25b-1.el5_1.2.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.25b-1.el5_1.2.src.rpm
a614dd8ab1961b7c8a92a170f9bb0036 samba-3.0.25b-1.el5_1.2.src.rpm
i386:
f582807333fffc7cfda3f048ad61497a samba-3.0.25b-1.el5_1.2.i386.rpm
c0c45a2fb546b2c2dd4274a3a88fa234 samba-client-3.0.25b-1.el5_1.2.i386.rpm
56b33f69aebac9bd6654a0ab6ba1a03e samba-common-3.0.25b-1.el5_1.2.i386.rpm
51e6fd0037e1ae54d8842436002da8c4 samba-debuginfo-3.0.25b-1.el5_1.2.i386.rpm
5d32128d7fd5545a6684fd8e1e0055e0 samba-swat-3.0.25b-1.el5_1.2.i386.rpm
ia64:
b5c0f25eb34772868f06587ef82f55fc samba-3.0.25b-1.el5_1.2.ia64.rpm
33c027d28143b365aa2be7f1e4bc157f samba-client-3.0.25b-1.el5_1.2.ia64.rpm
9026a5f1367f3f0bddbecdd9c6e40799 samba-common-3.0.25b-1.el5_1.2.ia64.rpm
c70dd804f46dc812c719f1756e0ac14a samba-debuginfo-3.0.25b-1.el5_1.2.ia64.rpm
e79f8e34a2c8e9f3f3f6b18d2e06aa69 samba-swat-3.0.25b-1.el5_1.2.ia64.rpm
ppc:
bd4ce92708ef4da5a2b2f6d3d7152e97 samba-3.0.25b-1.el5_1.2.ppc.rpm
94b414b78ff56c6f1b03dd60eb2763af samba-client-3.0.25b-1.el5_1.2.ppc.rpm
b499aa2e2743c7599faa9966faa3ba01 samba-common-3.0.25b-1.el5_1.2.ppc.rpm
19b1d28cd1c92e24dc929c7fc077f7a2 samba-common-3.0.25b-1.el5_1.2.ppc64.rpm
0615bdb665e801307a286131ad817335 samba-debuginfo-3.0.25b-1.el5_1.2.ppc.rpm
6f394dbea521283a6694a741f3643f85 samba-debuginfo-3.0.25b-1.el5_1.2.ppc64.rpm
0b83aa72e83102bde6ee6ab6f1b64c5e samba-swat-3.0.25b-1.el5_1.2.ppc.rpm
s390x:
fc14df09d7e01a24901161d5579545ed samba-3.0.25b-1.el5_1.2.s390x.rpm
d667ac073503416baabae3c862e87eb3 samba-client-3.0.25b-1.el5_1.2.s390x.rpm
352f6a60a34508f56884f762d6ad3193 samba-common-3.0.25b-1.el5_1.2.s390.rpm
de3cb0008e9801aa7c7f8d7de7fbd6e2 samba-common-3.0.25b-1.el5_1.2.s390x.rpm
0c04d0efff05111233283ee13115bac5 samba-debuginfo-3.0.25b-1.el5_1.2.s390.rpm
e2390cd50eaa87d4509a9711c1c392de samba-debuginfo-3.0.25b-1.el5_1.2.s390x.rpm
cc836ca1eaf90d2afe6a979d80d0b446 samba-swat-3.0.25b-1.el5_1.2.s390x.rpm
x86_64:
2940397a447ae38809c5661e3c6e9e9f samba-3.0.25b-1.el5_1.2.x86_64.rpm
4bd8bf5a6d39844c291e67af9debef55 samba-client-3.0.25b-1.el5_1.2.x86_64.rpm
56b33f69aebac9bd6654a0ab6ba1a03e samba-common-3.0.25b-1.el5_1.2.i386.rpm
bf460a8a6d2338be4bd83884ca5934a7 samba-common-3.0.25b-1.el5_1.2.x86_64.rpm
51e6fd0037e1ae54d8842436002da8c4 samba-debuginfo-3.0.25b-1.el5_1.2.i386.rpm
053a2c84cf6353a6a8a79ea5e4e1feb7 samba-debuginfo-3.0.25b-1.el5_1.2.x86_64.rpm
7ffd3a287260c93478549f0bff913297 samba-swat-3.0.25b-1.el5_1.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
http://www.redhat.com/security/updates/classification/#critical
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFHPHQdXlSAg2UNWIIRAv6aAKCQgvBVsSnZNSFTbl3PZxL/hQeCswCgl84/
pwzn75Ab59FjzAxlbJiWbHM=
=WTjd
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRzzxvyh9+71yA2DNAQI5GQP/ZemgNOyIkvXZTrVKH3yhRE6vQyoikROA
t44F39ryEI/tRe+GjnX7MbKdX9iiASqlgCLQJHM4NSvHwc1cSsC2QwGoT0S/3/bW
Ue93Tpkn14gFhinkMhWIV1Msu6MgdvsnyyenAuHNFyDhVJPtPi0Y0wfeAqSSf5f4
8WtIcZzEwAI=
=2GsK
-----END PGP SIGNATURE-----