Published:
13 April 2017
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.0960
Multiple vulnerabilities have been identified in JunOS
13 April 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Juniper Junos
Publisher: Juniper Networks
Impact/Access: Root Compromise -- Existing Account
Denial of Service -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2017-2340 CVE-2017-2313 CVE-2017-2312
CVE-2016-10142 CVE-2016-9311 CVE-2016-9310
CVE-2016-7431 CVE-2016-7429 CVE-2016-7427
CVE-2016-1886 CVE-2015-8158 CVE-2015-8138
CVE-2015-7979 CVE-2015-7973
Reference: ESB-2016.1246
ESB-2016.1041
Original Bulletin:
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10786
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10784
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10777
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10780
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10776
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10778
Comment: This bulletin contains six (6) Juniper Networks security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
2017-04 Security Bulletin: Junos: PFE crash while handling IPv6 ND
advertisements (CVE-2017-2340)
Article ID: JSA10786
Last Updated: 12 Apr 2017
Version: 3.0
PRODUCT AFFECTED:
This issue can affect any M/MX platform running Junos OS where DHCPv6
subscribers are configured.
PROBLEM:
A vulnerability in processing IPv6 ND packets originating from subscribers and
destined to M/MX series routers configured with Enhanced Subscriber Management
for DHCPv6 subscribers can result in a PFE (Packet Forwarding Engine) hang or
crash.
The Enhanced Subscriber Management feature was introduced in Junos OS 15.1R3
for M/MX-Series devices.
Devices are vulnerable only when the system configuration contains:
subscriber-management enable force
This issue does not affect devices with only IPv4 configured.
Juniper SIRT is not aware of any malicious exploitation of this vulnerability.
No other Juniper Networks products or platforms are affected by this issue.
This issue has been assigned CVE-2017-2340.
SOLUTION:
The following software releases have been updated to resolve this specific
issue: Junos OS 15.1R5, 16.1R3, 16.2R1 and all subsequent releases.
This issue is being tracked as PR 1212431 and is visible on the Customer
Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End of
Life support policies.
WORKAROUND:
It is good security practice to limit the exploitable attack surface of
critical infrastructure networking equipment. Use access lists or firewall
filters to limit access to the router only from trusted, administrative
networks or hosts.
IMPLEMENTATION:
Security vulnerabilities in Junos are fixed in the next available Maintenance
Release of each supported Junos version. In some cases, a Maintenance Release
is not planned to be available in an appropriate time-frame. For these cases,
Service Releases are made available in order to be more timely. Security
Advisory and Security Notices will indicate which Maintenance and Service
Releases contain fixes for the issues described. Upon request to JTAC,
customers will be provided download instructions for a Service Release.
Although Juniper does not provide formal Release Note documentation for a
Service Release, a list of "PRs fixed" can be provided on request.
MODIFICATION HISTORY:
2017-04-12: Initial release.
RELATED LINKS:
KB16613: Overview of the Juniper Networks SIRT Monthly Security Bulletin
Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security Incident
Response Team
CVSS SCORE:
4.3 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
RISK LEVEL:
Medium
RISK ASSESSMENT:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
- --
2017-04 Security Bulletin: Junos: Integer signedness buffer overflow
vulnerability in keyboard driver (CVE-2016-1886)
Article ID: JSA10784
Last Updated: 12 Apr 2017
Version: 3.0
PRODUCT AFFECTED:
This issue can affect any product or platform running Junos OS.
PROBLEM:
Incorrect signedness comparison in the ioctl(2) handler allows a malicious
local user to overwrite a portion of the kernel memory.
A local user may crash the kernel, read a portion of kernel memory and execute
arbitrary code in kernel context.
The result of executing an arbitrary kernel code is privilege escalation.
Juniper SIRT is not aware of any malicious exploitation of this vulnerability.
No other Juniper Networks products or platforms are affected by this issue.
This issue has been assigned CVE-2016-1886.
SOLUTION:
The following software releases have been updated to resolve this specific
issue: Junos OS 12.3X48-D55, 14.1R9, 14.1X53-D50, 14.2R7, 15.1F5-S5, 15.1F7,
15.1R5, 15.1X49-D60, 15.1X53-D230, 16.1R2, 16.2R1, 17.1R1, and all subsequent
releases.
This issue is being tracked as PR 1184592 and is visible on the Customer
Support website.
WORKAROUND:
Use access lists or firewall filters to limit access to the device only from
trusted administrative users, networks, and hosts.
IMPLEMENTATION:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available Maintenance
Release of each supported Junos version. In some cases, a Maintenance Release
is not planned to be available in an appropriate time-frame. For these cases,
Service Releases are made available in order to be more timely. Security
Advisory and Security Notices will indicate which Maintenance and Service
Releases contain fixes for the issues described. Upon request to JTAC,
customers will be provided download instructions for a Service Release.
Although Juniper does not provide formal Release Note documentation for a
Service Release, a list of "PRs fixed" can be provided on request.
MODIFICATION HISTORY:
2017-04-12: Initial publication
RELATED LINKS:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin
Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security Incident
Response Team
CVE-2016-1886: Integer signedness error in the genkbd_commonioctl function in
sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17,
and 10.3 before p3 allows local users to obtain sensitive information from
kernel memory, cause a denial of service (memory overwrite and kernel crash),
or gain privileges via a negative value in the flen structure member in the
arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack
overflow."
CVSS SCORE:
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
RISK LEVEL:
High
RISK ASSESSMENT:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
- --
2017-04 Security Bulletin: Junos: Crafted LDP packets cause a memory leak that
could lead to rpd crash (CVE-2017-2312)
Article ID: JSA10777
Last Updated: 12 Apr 2017
Version: 2.0
PRODUCT AFFECTED:
This issue can affect any product or platform running Junos OS with LDP
enabled.
PROBLEM:
A specific LDP packet destined to the RE (Routing Engine) will consume a small
amount of the memory allocated for the rpd (routing protocol daemon) process.
Over time, repeatedly receiving this type of LDP packet(s) will cause the
memory to exhaust and the rpd process to crash and restart. It is not possible
to free up the memory that has been consumed without restarting the rpd
process. This issue affects Junos OS based devices with either IPv4 or IPv6
LDP enabled via the [protocols ldp] configuration (the native IPv6 support for
LDP is available in Junos OS 16.1 and higher). The interface on which the
packet arrives needs to have LDP enabled.
Juniper SIRT is not aware of any malicious exploitation of this vulnerability,
however, the issue has been seen in a production network due to LDP packets
originating from a different vendor's device.
No other Juniper Networks products or platforms are affected by this issue.
This issue has been assigned CVE-2017-2312.
SOLUTION:
The following software releases have been updated to resolve this specific
issue: Junos OS 13.3R10, 14.1R8, 14.2R7-S6, 14.2R8, 15.1F2-S14, 15.1F6-S4,
15.1F7, 15.1R4-S7, 15.1R5, 15.1X49-D70, 15.1X53-D230, 15.1X53-D63,
15.1X53-D70, 16.1R2, 16.2R1, and all subsequent releases.
This issue is being tracked as PR 1197631 and is visible on the Customer
Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End of
Life support policies.
WORKAROUND:
Use access lists or firewall filters to limit access to the device via LDP
only from trusted networks or hosts, or enable MD5 authentication on all
authorized LDP sessions.
IMPLEMENTATION:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available Maintenance
Release of each supported Junos version. In some cases, a Maintenance Release
is not planned to be available in an appropriate time-frame. For these cases,
Service Releases are made available in order to be more timely. Security
Advisory and Security Notices will indicate which Maintenance and Service
Releases contain fixes for the issues described. Upon request to JTAC,
customers will be provided download instructions for a Service Release.
Although Juniper does not provide formal Release Note documentation for a
Service Release, a list of "PRs fixed" can be provided on request.
MODIFICATION HISTORY:
2017-04-12: Initial publication
RELATED LINKS:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin
Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security Incident
Response Team
CVE-2017-2312: Crafted LDP packets cause memory leak that could lead to rpd
crash
CVSS SCORE:
5.7 (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
RISK LEVEL:
Medium
RISK ASSESSMENT:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
- --
2017-04 Security Bulletin: Junos: ICMPv6 PTB atomic fragment denial of service
attack (CVE-2016-10142)
Article ID: JSA10780
Last Updated: 12 Apr 2017
Version: 2.0
PRODUCT AFFECTED:
This issue can affect any product or platform running Junos OS with IPv6
enabled.
PROBLEM:
An issue was discovered in the IPv6 protocol specification, related to ICMP
Packet Too Big (PTB) messages. The security implications of IP fragmentation
have been discussed at length in various RFCs. An attacker can leverage the
generation of IPv6 atomic fragments to trigger the use of fragmentation in an
arbitrary IPv6 flow and can subsequently perform any type of
fragmentation-based attack against legacy IPv6 nodes that do not implement RFC
6946. However, even nodes that already implement RFC 6946 can be subject to
DoS attacks as a result of the generation of IPv6 atomic fragments.
Since most nodes are configured to reject all packets that contain fragment
headers, as recommended in RFC 6192, if a Junos OS router emits atomic
fragments (containing IPv6 Fragment Extension Headers) towards its legitimate
communication peer, traffic may be dropped by the peer causing a secondary
denial of service condition.
This issue is triggered by ICMPv6 traffic destined to the device. Transit IPv6
traffic will not cause this issue to occur, and IPv4 is unaffected by this
vulnerability.
This issue has been assigned CVE-2016-10142.
SOLUTION:
Junos OS now follows the recommendations from RFC 8021, section 4, to prevent
this issue. When such a PTB message is received, it will be ignored unless
Junos OS is explicitly instructed to allow atomic fragments via a sysctl
setting.
The following software releases have been updated to resolve this specific
issue: Junos OS 12.3X48-D50, 14.1R8-S3, 14.1R9, 14.2R7-S6, 14.2R8, 15.1F2-S16,
15.1F6-S5, 15.1R4-S7, 15.1R5-S2, 15.1R6, 15.1X49-D80, 16.1R3-S3, 16.1R4-S1,
16.1R5, 16.2R1-S3, 16.2R2, 17.1R1, 17.2R1, and all subsequent releases.
This issue is being tracked as PR 1250832 and is visible on the Customer
Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End of
Life support policies.
WORKAROUND:
Malicious exploitation of this vulnerability may be mitigated by employing
anti-spoofing IP address filters and unicast reverse-path-forwarding (uRPF)
checking to limit spoofed ICMPv6 traffic from entering your network. See BCP
38/RFC 2827 for additional details.
IMPLEMENTATION:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available Maintenance
Release of each supported Junos version. In some cases, a Maintenance Release
is not planned to be available in an appropriate time-frame. For these cases,
Service Releases are made available in order to be more timely. Security
Advisory and Security Notices will indicate which Maintenance and Service
Releases contain fixes for the issues described. Upon request to JTAC,
customers will be provided download instructions for a Service Release.
Although Juniper does not provide formal Release Note documentation for a
Service Release, a list of "PRs fixed" can be provided on request.
MODIFICATION HISTORY:
2017-04-12: Initial publication
RELATED LINKS:
Configuring Unicast Reverse-Path-Forwarding (uRPF) Check
KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin
Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security Incident
Response Team
CVE-2016-10142: ICMPv6 PTB atomic fragment denial of service attack
CVSS SCORE:
8.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
RISK LEVEL:
High
RISK ASSESSMENT:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
- --
2017-04 Security Bulletin: Junos: Multiple vulnerabilities in NTP [VU#633847]
Article ID: JSA10776
Last Updated: 12 Apr 2017
Version: 2.0
PRODUCT AFFECTED:
These issues can affect any product or platform running Junos OS with NTP
services enabled
PROBLEM:
NTP.org and FreeBSD have published security advisories for vulnerabilities
resolved in ntpd (NTP daemon). The following is a summary of the
vulnerabilities that may impact Junos OS:
CVE CVSS v2 base score Summary
CVE-2016-9311 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C) ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
CVE-2016-9310 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P) The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
CVE-2015-7973 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P) NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2015-7979 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
CVE-2016-7431 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N) NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
CVE-2015-8158 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P) The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
CVE-2016-7429 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P) NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.
CVE-2016-7427 3.3 (AV:A/AC:L/Au:N/C:N/I:N/A:P) The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.
Server-side vulnerabilities are only exploitable on systems where NTP server
is enabled within the [edit system ntp] hierarchy level.
SOLUTION:
The following software releases have been updated to resolve these specific
issues: Junos OS 12.3X48-D45, 14.1R8-S3, 14.1R9, 14.2R7-S6, 14.2R8,
15.1F2-S16, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6,
15.1X49-D80, 16.1R3-S3, 16.1R4-S1, 16.1R5, 16.2R1-S3, 16.2R2, 17.1R1, 17.2R1,
and all subsequent releases.
These issues are being tracked as PRs 1234119 and 1159544, and are visible on
the Customer Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End of
Life support policies.
WORKAROUND:
Standard security best current practices (control plane firewall filters, edge
filtering, access lists, etc.) will protect against any remote malicious
attacks against NTP. Customers who have already applied the workaround
described in JSA10613 are already protected against any remote exploitation of
these vulnerabilities. Refer to the Workaround section of JSA10613 for
specific applicable mitigation techniques.
IMPLEMENTATION:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available Maintenance
Release of each supported Junos version. In some cases, a Maintenance Release
is not planned to be available in an appropriate time-frame. For these cases,
Service Releases are made available in order to be more timely. Security
Advisory and Security Notices will indicate which Maintenance and Service
Releases contain fixes for the issues described. Upon request to JTAC,
customers will be provided download instructions for a Service Release.
Although Juniper does not provide formal Release Note documentation for a
Service Release, a list of "PRs fixed" can be provided on request.
MODIFICATION HISTORY:
2017-04-12: Initial publication
RELATED LINKS:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin
Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security Incident
Response Team
November 2016 ntp-4.2.8p9 NTP Security Vulnerability Announcement
FreeBSD-SA-16:09.ntp: Multiple vulnerabilities of ntp
CVSS SCORE:
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
RISK LEVEL:
Medium
RISK ASSESSMENT:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
- --
2017-04 Security Bulletin: Junos: rpd crash due to crafted BGP UPDATE
(CVE-2017-2313)
Article ID: JSA10778
Last Updated: 12 Apr 2017
Version: 3.0
PRODUCT AFFECTED:
This issue can affect any product or platform running Junos OS 15.1 or later
with BGP enabled
PROBLEM:
Junos OS 15.1 and later releases may be impacted by the receipt of a crafted
BGP UPDATE which can lead to an rpd (routing process daemon) crash and
restart. Repeated crashes of the rpd daemon can result in an extended denial
of service condition.
This issue only affects Junos OS 15.1 and later releases. Releases prior to
Junos OS 15.1 are unaffected by this vulnerability.
Juniper SIRT is not aware of any malicious exploitation of this vulnerability.
No other Juniper Networks products or platforms are affected by this issue.
This issue has been assigned CVE-2017-2313.
SOLUTION:
The following software releases have been updated to resolve this specific
issue: Junos OS 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7,
15.1R5-S2, 15.1R6, 15.1X49-D78, 15.1X49-D80, 15.1X53-D230, 15.1X53-D63,
15.1X53-D70, 16.1R3-S3, 16.1R4, 16.2R1-S3, 16.2R2, 17.1R1, 17.2R1, and all
subsequent releases.
This issue is being tracked as PR 1229868 and is visible on the Customer
Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End of
Life support policies.
WORKAROUND:
No published workaround exists for this issue.
IMPLEMENTATION:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available Maintenance
Release of each supported Junos version. In some cases, a Maintenance Release
is not planned to be available in an appropriate time-frame. For these cases,
Service Releases are made available in order to be more timely. Security
Advisory and Security Notices will indicate which Maintenance and Service
Releases contain fixes for the issues described. Upon request to JTAC,
customers will be provided download instructions for a Service Release.
Although Juniper does not provide formal Release Note documentation for a
Service Release, a list of "PRs fixed" can be provided on request.
MODIFICATION HISTORY:
2017-04-12: Initial publication
RELATED LINKS:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin
Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security Incident
Response Team
CVE-2017-2313: RPD crash due to crafted BGP UPDATE
CVSS SCORE:
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
RISK LEVEL:
High
RISK ASSESSMENT:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWO7/2Ix+lLeg9Ub1AQjO8A//bhE24YnSy7nWY+4XciRkmH19pAkhXQuV
8b3wIG/+Bj+lDX2Ct0tfglT7vIyaz9Esp9RBXAFOWfgpmaoQuf9d6ptccjjncXtL
560Yj6j4PJWKjDbCH3IQ1fX49ijh0eT+0nGY9pyTiztDoSM3/UuMWqoQvsyjGpO4
cuKCauDjqAKpWLC7zy62fx8P1KXS4ba1yiJuszMNpIXmFqyn061v3Ehy9az8hMS6
/VVs6xE4VTExjKIBwoVFt5kWYr8MBw1LWBxegDpEpAh6KvzGskm66z/yNu0O5e0A
4pptUXdbMcsAhImDNNkVKZvuywGhZvCbFyrxDGvNwSZ6BGnjiS+j1rmUtBxq8qTq
blr25YGnedKTZj5U95SIUl73ANqMkq5hmEL7pKH5AHn8FONP7o4gOF7D+znxjiiX
mKw/djeQJln4hKxRIvVpaHUEkRKvbjkkAUFEDWghSqvavOetLW7TQx7VWM3p3v7N
ui4dQ7PjB/k6QrzcGtX8IpoAErZYlqlH/U1cpI9KKeRv3DJLMI0VxeVY6i6qN3f1
DT39GqwlsZSUtDNP1jOMVWAAoF0lC7omNIONkxA/w8RuvCJbzTtCRCfPKCL/xXr8
in2gDbDioPbGIpXatB7jUtJtZVQdAao1BwTzX3IjSLq65uSWassLgSnELbdyBx9f
FMGXikLG5gU=
=orvf
-----END PGP SIGNATURE-----