ESB-2017.2137 - [Appliance] WPLSoft, ISPSoft and PMSoft: Execute arbitrary code/commands - Remote with user interaction 2017-08-25

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2137
          (0Day) Delta Industrial Automation WPLSoft, ISPSoft and
                     PMSoft: Multiple vulnerabilities
                              25 August 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           WPLSoft
                   ISPSoft
                   PMSoft
Publisher:         Zero Day Initiative
Operating System:  Network Appliance
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution:        Mitigation

Original Bulletin: 
   http://www.zerodayinitiative.com/advisories/ZDI-17-698
   http://www.zerodayinitiative.com/advisories/ZDI-17-699
   http://www.zerodayinitiative.com/advisories/ZDI-17-700
   http://www.zerodayinitiative.com/advisories/ZDI-17-701
   http://www.zerodayinitiative.com/advisories/ZDI-17-702
   http://www.zerodayinitiative.com/advisories/ZDI-17-703
   http://www.zerodayinitiative.com/advisories/ZDI-17-704
   http://www.zerodayinitiative.com/advisories/ZDI-17-705
   http://www.zerodayinitiative.com/advisories/ZDI-17-706
   http://www.zerodayinitiative.com/advisories/ZDI-17-707

Comment: This bulletin contains ten (10) Zero Day Initiative security 
         advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

(0Day) Delta Industrial Automation WPLSoft File Parsing Stack-based Buffer 
Overflow Remote Code Execution Vulnerability

ZDI-17-698: August 24th, 2017

CVSS Score

7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft and Delta 
Industrial Automation ISPSoft. User interaction is required to exploit this 
vulnerability in that the target must visit a malicious page or open a 
malicious file.

The specific flaw exists within the processing of dvp files. The process does
not properly validate the length of user-supplied data prior to copying it to
a fixed-length stack-based buffer. An attacker can leverage this vulnerability
to execute arbitrary code under the context of current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2016-08-25 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

============================================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Buffer Overflow 
Remote Code Execution Vulnerability

ZDI-17-699: August 24th, 2017

CVSS Score

6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 25371. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of dvp files. The issue results 
from the lack of proper validation of the length of user-supplied data prior 
to copying it to a fixed-length buffer. An attacker can leverage this 
vulnerability to execute arbitrary code under the context of the current 
process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

===================================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Out-Of-Bounds 
Write Remote Code Execution Vulnerability

ZDI-17-700: August 24th, 2017

CVSS Score

7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 40717. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of .dvp files. Crafted data in a 
.dvp file can trigger an overflow of a heap-based buffer. An attacker can 
leverage this vulnerability to execute arbitrary code under the context of the
current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

================================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Out-Of-Bounds 
Write Remote Code Execution Vulnerability

ZDI-17-701: August 24th, 2017

CVSS Score

7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of .dvp files. The issue results 
from the lack of proper validation of user-supplied data, which can result in
a write outside the bounds of an allocated data structure. An attacker can 
leverage this vulnerability to execute arbitrary code under the context of the
current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

===========================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer
Overflow Remote Code Execution Vulnerability

ZDI-17-702: August 24th, 2017

CVSS Score

7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 24323. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of dvp files. The issue results 
from the lack of proper validation of the length of user-supplied data prior 
to copying it to a fixed-length heap-based buffer. An attacker can leverage 
this vulnerability to execute arbitrary code under the context of the current
process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

=============================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer
Overflow Remote Code Execution Vulnerability

ZDI-17-703: August 24th, 2017

CVSS Score

7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 25372. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of dvp files. Crafted data in a 
.dvp file can trigger an overflow of a fixed-length heap-based buffer. An 
attacker can leverage this vulnerability to execute arbitrary code under the 
context of the current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

==============================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer
Overflow Remote Code Execution Vulnerability

ZDI-17-704: August 24th, 2017

CVSS Score

5.1, (AV:N/AC:H/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 25369. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of dvp files. The issue results 
from the lack of proper validation of the length of user-supplied data prior 
to copying it to a fixed-length heap-based buffer. An attacker can leverage 
this vulnerability to execute arbitrary code under the context of the current
process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

=======================================

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer
Overflow Remote Code Execution Vulnerability

ZDI-17-705: August 24th, 2017

CVSS Score

6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

WPLSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 25370. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation WPLSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of dvp files. Crafted data in a 
.dvp file can trigger an overflow of a heap-based buffer. An attacker can 
leverage this vulnerability to execute arbitrary code under the context of the
current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/01/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

07/20/17 - ZDI sent a mail to ICS-CERT asking the status

07/26/17 - ICS-CERT advised that the vendor has a new version they believe 
addressed the reports (though to ZDI knowledge, no advisory was released)

08/02/17 - ZDI advised ICS-CERT that our finder indicated that the 
vulnerabilities are still present

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-01 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

axt

=========================================

(0Day) Delta Industrial Automation PMSoft Project File Parsing Stack-based 
Buffer Overflow Remote Code Execution Vulnerability

ZDI-17-706: August 24th, 2017

CVSS Score

6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

PMSoft

TippingPoint IPS Customer Protection

TippingPoint IPS customers are protected against this vulnerability by Digital
Vaccine protection filter ID 27215. For further product information on the 
TippingPoint IPS:

http://www.tippingpoint.com

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation PMSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within parsing of information for a TTreeView object
in a ppm project file. The issue results from the lack of proper validation of
the length of user-supplied data prior to copying it to a fixed-length 
stack-based buffer. An attacker can leverage this vulnerability to execute 
arbitrary code under the context of the current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/02/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-02 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Ghirmay Desta

=========================================

(0Day) Delta Industrial Automation PMSoft Project File Parsing Stack-based 
Buffer Overflow Remote Code Execution Vulnerability

ZDI-17-707: August 24th, 2017

CVSS Score

6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affected Vendors

Delta Industrial Automation

Affected Products

PMSoft

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on 
vulnerable installations of Delta Industrial Automation PMSoft. User 
interaction is required to exploit this vulnerability in that the target must
visit a malicious page or open a malicious file.

The specific flaw exists within parsing of information for a TTreeView object
in a new-format ppm project file. The issue results from the lack of proper 
validation of the length of user-supplied data prior to copying it to a 
fixed-length stack-based buffer. An attacker can leverage this vulnerability 
to execute arbitrary code under the context of the current process.

Vendor Response

Delta Industrial Automation states:

This vulnerability is being disclosed publicly without a patch in accordance 
with the ZDI 120 day deadline.

02/02/17 - ZDI disclosed reports to ICS-CERT

02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-974568

03/16/17 - ICS-CERT asked ZDI questions about reproduction

03/27/17 - ICS-CERT asked ZDI again some questions about reproduction

06/07/17 - ICS-CERT offered ZDI a pre-release patch to test

06/07/17 - ZDI replied that we cannot do the testing for the vendor

08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports
to 0-day on 8/24

- -- Mitigation:

Given the nature of the vulnerability the only salient mitigation strategy is
to restrict interaction with the application to trusted files.

Disclosure Timeline

2017-02-02 - Vulnerability reported to vendor

2017-08-24 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Ghirmay Desta

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWZ9sNYx+lLeg9Ub1AQiKmA/7Bl+bQ+4kIrRbuTDvi5zznQxsti5didBN
jI3CjJNbFezhpQn5Qcpz2gTDZ1S4eLRuWmyPDMuAzShqdbcuh+v3hV+L7641aU81
XxqNWxrrrqmUjDcGWVK27vdeEjO5q2kjBZpT66358VTkxQEeTNZ7bB8A2QXm1Lu3
DSgz5uP4Q3qvBenJuyMr7KTT/nmy8RVNtNMIY6dgONnhZ2E0tdI6+cZoKN8rmwre
hqSGxa2PkRw/i2fbqmZ6Ue8aCcnO/+6O59l/PpuFH73FOP/zyoK3Fqqdvqt3mua8
UrHO0+aIZyvEiVT3u3dyaWO+O3nwcKhrEIYONLTLAAKx/KPUCirXRo8qRP4Plejz
yRcSeji+Ic1wiuLusGIwYj+KJibvPyxIBKc/wyjExwDmQbrP+/MT7GDJ44GKJQju
3Zz7IeMxaGtY2hV0eL0PzviBjH2h5V6SRfhxeyFeO/Ac8BE/BWock9ME5bWkVtUm
qqYtcn2QxQUu0SCgBzqBaXFKiI8ttCRiNSl/+MnHNxHZKNOhEcC9I8/bTv4UNrsp
DnzmQSf6RwIsupO133EOZQW/HHkghLFHlOL1R2t3U+7+kq0J0hAuM8tsAjfHrnDs
mUksZSPMKttq9ZNnl2FFaldIxFlT8zCpX1s/mr+Y7YdyGq83Ao/t0MXGtODXzfXE
UgRC1F0vNVY=
=BF15
-----END PGP SIGNATURE-----

« Back to bulletins