Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.1455 Multiple vulnerabilities have been identified in Cisco Ultra Services Framework 12 June 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Ultra Services Framework Publisher: Cisco Systems Operating System: Ubuntu Red Hat Impact/Access: Root Compromise -- Existing Account Create Arbitrary Files -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2017-6692 CVE-2017-6687 CVE-2017-6686 CVE-2017-6685 CVE-2017-6681 CVE-2017-6680 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf1 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf3 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf6 Comment: This bulletin contains six (6) Cisco Systems security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Security Advisory Cisco Ultra Services Framework AutoVNF Arbitrary Direction Creation Vulnerability Medium Advisory ID: cisco-sa-20170607-usf1 First Published: 2017 June 7 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvc76652 CVE-2017-6680 CWE-20 CVSS Score: Base 4.3, Temporal 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X CVE-2017-6680 CWE-20 Summary A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. The vulnerability is due to insufficient checks when creating directories on the system. An attacker could exploit this vulnerability by creating arbitrary directories as root on the system and potentially impacting the behavior of other daemons and deleting important log data. An exploit could allow the attacker to create arbitrary directories on the affected system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf1 Affected Products Vulnerable Products This vulnerability affects Cisco Ultra Services Framework. For information about affected software releases, consult the Cisco bug ID(s) at the top of this advisory. Products Confirmed Not Vulnerable No other Cisco products are currently known to be affected by this vulnerability. Workarounds There are no workarounds that address this vulnerability. Fixed Software For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe URL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf1 Revision History Version Description Section Status Date 1.0 Initial public release. Final 2017-June-07 Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe - -------------------------------------------------------------------------------- Cisco Security Advisory Cisco Ultra Services Framework AutoVNF VNFStagingView Information Disclosure Vulnerability Medium Advisory ID: cisco-sa-20170607-usf2 First Published: 2017 June 7 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvc76662 CVE-2017-6681 CWE-200 CVSS Score: Base 4.3, Temporal 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X CVE-2017-6681 CWE-200 Summary A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system. The vulnerability is due to insufficient sanity checks against crafted URL requests. An attacker could exploit this vulnerability by crafting a URL request against an affected device. An exploit could allow the attacker to execute a relative path traversal attack, enabling the attacker to read sensitive files on the system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2 Affected Products Vulnerable Products This vulnerability affects Cisco Ultra Services Framework. For information about affected software releases, consult the Cisco bug ID(s) at the top of this advisory. Products Confirmed Not Vulnerable No other Cisco products are currently known to be affected by this vulnerability. Workarounds There are no workarounds that address this vulnerability. Fixed Software For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe URL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2 Revision History Version Description Section Status Date 1.0 Initial public release. Final 2017-June-07 Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe - -------------------------------------------------------------------------------- Cisco Security Advisory Cisco Ultra Services Framework Staging Server Insecure Default Credentials Vulnerability Medium Advisory ID: cisco-sa-20170607-usf3 First Published: 2017 June 7 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvc76681 CVE-2017-6685 CWE-255 CVSS Score: Base 6.3, Temporal 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X CVE-2017-6685 CWE-255 Summary A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device. The vulnerability is due to weak, hard-coded credentials of the admin user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin user of the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf3 Affected Products Vulnerable Products This vulnerability affects Cisco Ultra Services Framework Staging Server. For information about affected software releases, consult the Cisco bug ID (s) at the top of this advisory. Products Confirmed Not Vulnerable No other Cisco products are currently known to be affected by this vulnerability. Workarounds There are no workarounds that address this vulnerability. Fixed Software For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe URL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf3 Revision History Version Description Section Status Date 1.0 Initial public release. Final 2017-June-07 Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe - -------------------------------------------------------------------------------- Cisco Security Advisory Cisco Ultra Services Framework Element Manager Insecure Default Credentials Vulnerability Medium Advisory ID: cisco-sa-20170607-usf4 First Published: 2017 June 7 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvc76699 CVE-2017-6686 CWE-255 CVSS Score: Base 6.3, Temporal 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X CVE-2017-6686 CWE-255 Summary A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device. The vulnerability is due to weak, hard-coded credentials of the admin and oper user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin or oper user of the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4 Affected Products Vulnerable Products This vulnerability affects Cisco Ultra Services Framework Element Manager. For information about affected software releases, consult the Cisco bug ID (s) at the top of this advisory. Products Confirmed Not Vulnerable No other Cisco products are currently known to be affected by this vulnerability. Workarounds There are no workarounds that address this vulnerability. Fixed Software For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe URL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4 Revision History Version Description Section Status Date 1.0 Initial public release. Final 2017-June-07 Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe - -------------------------------------------------------------------------------- Cisco Security Advisory Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability Medium Advisory ID: cisco-sa-20170607-usf5 First Published: 2017 June 7 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvc76695 CVE-2017-6687 CWE-255 CVSS Score: Base 6.3, Temporal 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X CVE-2017-6687 CWE-255 Summary A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system. The vulnerability is due to weak, hard-coded credentials present on the affected device. An exploit could allow an attacker with access to the management network to log in to the affected device using default credentials present on the system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5 Affected Products Vulnerable Products This vulnerability affects Cisco Ultra Services Framework Element Manager. For information about affected software releases, consult the Cisco bug ID (s) at the top of this advisory. Products Confirmed Not Vulnerable No other Cisco products are currently known to be affected by this vulnerability. Workarounds There are no workarounds that address this vulnerability. Fixed Software For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe URL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5 Revision History Version Description Section Status Date 1.0 Initial public release. Final 2017-June-07 Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe - -------------------------------------------------------------------------------- Cisco Security Advisory Cisco Ultra Services Framework Element Manager Insecure Default Account Information Vulnerability Medium Advisory ID: cisco-sa-20170607-usf6 First Published: 2017 June 7 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvd85710 CVE-2017-6692 CWE-255 CVSS Score: Base 6.3, Temporal 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X CVE-2017-6692 CWE-255 Summary A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user. The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain control of the underlying operating system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf6 Affected Products Vulnerable Products This vulnerability affects Cisco Ultra Services Framework Element Manager. For information about affected software releases, consult the Cisco bug ID (s) at the top of this advisory. Products Confirmed Not Vulnerable No other Cisco products are currently known to be affected by this vulnerability. Workarounds There are no workarounds that address this vulnerability. Fixed Software For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe URL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf6 Revision History Version Description Section Status Date 1.0 Initial public release. Final 2017-June-07 Show Less Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products. Cisco Security Vulnerability Policy To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Subscribe to Cisco Security Notifications Subscribe - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWT30Kox+lLeg9Ub1AQj6vw//QlKdkfzVppSydLYKt/sz3u3594rxuCon AMqs8Cv9nsYYq34Ao6iXSkNtj/2QXcSVkOIHA94eV7csN9TeInTsMZoyRDgssjN2 sA/rRZ4QnMna384GPG6NUjDp6Bwsd9zFBlFLB22u/n2LPfkD7Eg/aGg+t0NVDcqG mO8LfzPz62+mnFqAj0FsK6g+reaFBrNfUr/nSk15h6s9OyIs0EvCqkamfCjIOXq9 OBDMwt8HOA52UK1Obq4u+TBvR2EGb7xHSrQxTAuuf8vC5HGxVq3G+hilmSn43X56 hDD8p7+9yiMoflhq7SFRsizuesjPxZbOHHRqG6yIVBXdtjIZrkrhwFnVJKJjNfvk uRha6NvlmNx2V6gSdNuUEqyyx0DFWow4tScrHcQd8UzN51EXOv2LaY78ikDjJKHI qr+ASWVL+ROapJdeDJY9MIWYE8Vv6wjwFtc90EzFvUy+HFv4fjOILclJ70rIBXks 1YMlCzXUFVW4UldNl7jXxjuOO81So1DxpT77d1Mq5bNQmAWOyMwEo1TUhfg3q/KT ksWoGVKcOyWOYOfc8DlHzPhma/IVIScqSaBTNkNr2lGx6HHEqxyZJ3zckmYnOKUE OHM2Jj8rWcvHeQ4jME3h3Reop2KhHEmznSihVQ4LYphWxl7axyEW5O6k4BSDsEl8 AspZrsNynTY= =nPcY -----END PGP SIGNATURE-----