ESB-2018.0543 - [Win][UNIX/Linux][Appliance][Virtual] McAfee products: Access privileged data - Existing account 2018-02-23

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.0543
            McAfee lists products affected by Spectre/Meltdown
                             23 February 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           McAfee products
Publisher:         McAfee
Operating System:  Network Appliance
                   Virtualisation
                   UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Access Privileged Data -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Reference:         ESB-2018.0042.2

Original Bulletin: 
   https://kc.mcafee.com/corporate/index?page=content&id=SB10226

- --------------------------BEGIN INCLUDED TEXT--------------------

- -------------------------------------------------------------------------------
McAfee Security Bulletin - Updates for microprocessors side channel analysis
vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 (Meltdown/
Spectre)
Security Bulletins ID:   SB10226
Last Modified:  2/21/2018
- -------------------------------------------------------------------------------

Summary

First Published: February 16, 2018
 
                              Data Leakage via Privilege Escalation
 Impact of Vulnerability:    (CWE-269)
                              Privilege Escalation (CWE-274)  
CVE Information
 CVE Numbers:                 Severity Rating      CVSS v3 Base Score
 CVE-2017-5715                Medium               5.6
 CVE-2017-5753                Medium               5.6
 CVE-2017-5754                Medium               5.6
 Highest CVSS v3 Base Score:  5.6
 Recommendations:             Deploy product updates as they are made
                             available. 
 Security Bulletin            None   
Replacement:
 Affected Software:           See the Product Vulnerability Status lists
                             below
 Location of Updated          http://www.mcafee.com/us/downloads/
Software:                    downloads.aspx

{GENSUB.EN_US}
Article contents:

  * Vulnerability Description
  * Product Vulnerability Status
  * Remediation
  * Product Specific Notes
  * Mitigations
  * Acknowledgements
  * Frequently Asked Questions (FAQs)
  * Resources
  * Disclaimer

Description

A set of three vulnerabilities disclosed by Intel on January 3, 2018, named
Meltdown and Spectre, impact McAfee appliance products. Spectre includes
CVE-2017-5715 and CVE-2017-5753, and Meltdown includes CVE-2017-5754.

McAfee Blog Posts:

  * Decyphering the Noise Around 'Meltdown' and 'Spectre'
  * Meltdown and Spectre 101: What to Know About the New Exploits

Knowledge Base Articles:

  * KB90167 - Meltdown and Spectre ? McAfee Product Compatibility Update
    (Corporate Products)
  * TS102769 - Microsoft Security Update January 2018 (Meltdown and Spectre)
    and McAfee consumer products

CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect
branch prediction may allow unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715

CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch
prediction may allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753

CVE-2017-5754
Systems with microprocessors utilizing speculative execution and indirect
branch prediction may allow unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis of the data cache.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754
 
Product Vulnerability Status
McAfee produces several security appliances that ship with an operating system
such as Linux or Windows and use Intel, AMD, or other modern processors.
Meltdown impacts only Intel processors. Spectre impacts Intel, AMD, ARM, and
other processors. For information regarding McAfee product patch compatibility,
see KB90167.

Patches addressing CVE-2017-5753 and CVE-2017-5754 are available for certain
McAfee products as shown in the Remediation table below. Patches for
CVE-2017-5715 depend on updates to Intel microcode that are not yet available.
McAfee will update the status for these patches once the microcode is
available.

The investigation into all McAfee products is ongoing. This security bulletin
will be updated as additional information is available. Not every version of
the vulnerable and updated products is vulnerable. See the Product Specific
Notes section below for details. Products not listed or on the "No
Vulnerabilities Reported" list are being investigated.
 
No Vulnerabilities Reported

 1. Data Loss Prevention Endpoint (DLP Endpoint) / Host Data Loss Prevention
    (HDLP)
 2. Endpoint Security (ENS)
 3. ePO Cloud / ToPS Server (TPS)
 4. ePolicy Orchestrator (ePO)
 5. Host Intrusion Prevention Services (Host IPS)
 6. McAfee Agent (MA)
 7. VirusScan Enterprise (VSE)
 8. VirusScan Enterprise for Storage (VSES)
 9. Other McAfee products that do not ship with an operating system

For a description of each product, see: http://www.mcafee.com/us/apps/
products-az.aspx.

Remediation

Go to the Product Downloads site and download the applicable product patch/
hotfix files:
 
+-----------------------------------------------------------------------------+
|            |                | Patch Available                               |
|------------+----------------+-----------------------------------------------|
| Category   | Product and    | CVE-2017-5715 | CVE-2017-5753 | CVE-2017-5754 |
|            | Versions       | (Spectre)     | (Spectre)     | (Meltdown)    |
|------------+----------------+---------------+---------------+---------------|
|            | Data Exchange  |               |               |               |
|            | Layer (DXL)    | No            | Yes           | Yes           |
|            | 2.2, 3.x, 4.0  |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | GTI Proxy      | OS patch*     | OS patch*     | OS patch*     |
|            | Appliance      |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | McAfee Active  |               |               |               |
|            | Response (MAR) | No            | No            | Yes           |
|            | 2.2.0          |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | McAfee         |               |               |               |
|            | Vulnerability  | OS patch*     | OS patch*     | OS patch*     |
|            | Manager (MVM)  |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Network Data   |               |               |               |
|            | Loss           |               |               |               |
|            | Prevention     | No            | Yes           | Yes           |
|            | (Network DLP)  |               |               |               |
|            | 10.x, 11.x     |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Network        |               |               |               |
|            | Security       | OS patch*     | OS patch*     | OS patch*     |
|            | Manager (NSM)  |               |               |               |
| Vulnerable | Appliances     |               |               |               |
|and         |----------------+---------------+---------------+---------------|
| Updated    | NSM Server     | OS patch*     | OS patch*     | OS patch*     |
|            | Software       |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | NSM Clients    | Browser       | Browser       | Browser       |
|            |                | patch*        | patch*        | patch*        |
|            |----------------+---------------+---------------+---------------|
|            | McAfee Web     |               |               |               |
|            | Gateway (MWG)  |               |               |               |
|            | 7.8.1.x,       | No            | No            | Yes           |
|            | 7.7.2.9,       |               |               |               |
|            | 7.6.2.19       |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Threat         |               |               |               |
|            | Intelligence   | No            | No            | Yes           |
|            | Exchange (TIE) |               |               |               |
|            | Server         |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Web Gateway    |               |               |               |
|            | Cloud Service  |               |               |               |
|            | (WGCS) / SaaS  | Patched       | Patched       | Patched       |
|            | Web Protection |               |               |               |
|            | (SWE)          |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Web Protection | No            | Yes           | Yes           |
|            | Service (WPS)  |               |               |               |
|------------+----------------+---------------+---------------+---------------|
|            | Advanced       |               |               |               |
| Vulnerable | Threat Defense |               |               |               |
| and Not    | (ATD) 4.x      |               |               |               |
|Yet         |----------------+---------------+---------------+---------------|
| Updated    | McAfee Email   |               |               |               |
|            | Gateway (MEG)  |               |               |               |
|------------+----------------+---------------+---------------+---------------|
|            | Network DLP    |               |               |               |
|            | 9.3.4          |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Network        |               |               |               |
|            | Security       |               |               |               |
|            | Platform (NSP) |               |               |               |
|            | Sensor         |               |               |               |
|            | Hardware       |               |               |               |
|            | Appliances     |               |               |               |
|Vulnerable  |----------------+---------------+---------------+---------------|
| but Low    | NSP Sensor     |               |               |               |
| Risk       | Virtual        |               |               |               |
|            | Appliances     |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | Network Threat |               |               |               |
|            | Behavior       |               |               |               |
|            | Analysis       |               |               |               |
|            | (NTBA) Sensor  |               |               |               |
|            | Hardware       |               |               |               |
|            | Appliances     |               |               |               |
|            |----------------+---------------+---------------+---------------|
|            | SIEM           |               |               |               |
|------------+----------------+---------------+---------------+---------------|
|            | Products that  |               |               |               |
| Not        | do not ship    |               |               |               |
| Vulnerable | with an        |               |               |               |
|            | operating      |               |               |               |
|            | system         |               |               |               |
+-----------------------------------------------------------------------------+

* Check with the OS or browser vendor for patch availability.

Download and Installation Instructions
See KB56057 for instructions on how to download McAfee products, documentation,
security updates, patches, and hotfixes. Review the Release Notes and the
Installation Guide, which you can download from the Documentation tab, for
instructions on how to install these updates.

Product Specific Notes

Below is a list of McAfee appliances and their status.

ATD
Physical Appliance - All versions of ATD (3.6, 3.8, 3.10, 4.0, 4.2) are
impacted. ATD will release the fix for this vulnerability.
Virtual Appliance - All versions of ATD (3.6, 3.8, 3.10, 4.0, 4.2) are
impacted. ATD will release the fix for this vulnerability.
Also, the host system that has ATD VM running needs to be patched if the
vulnerability impacts the system.

McAfee recommends that customers currently running ATD 3.6 and 3.8 first
upgrade to latest ATD 4.0 software and apply the patch releases containing the
vulnerability fix. Customers currently running ATD 4.0 or 4.2 need to update to
the patch releases.


Data Loss Prevention Appliances:

Network DLP 9.3.4
Network DLP 9.3.4 is vulnerable but not exploitable. The Network DLP 9.3
appliance is a closed system - only the administrator has the option of
uploading and executing untrusted code. Any untrusted code will be executed
with full system privileges so that attempts to exploit Meltdown or Spectre
cannot enable access to additional information not already available to the
administrator. As a best practice McAfee recommends that you use a strong
password for authentication with Network DLP appliances. Also, place them in a
DMZ with an external firewall that limits access to appliance IP addresses and
ports.

Network DLP 10.x, 11.x
Vulnerable: The Meltdown/Spectre exploit is a local privilege escalation
vulnerability. Network DLP Prevent and Monitor are vulnerable but not directly
exploitable because Network DLP Prevent and Monitor do not run untrusted code.
The risk is low given that another vulnerability would be needed to take
advantage of Meltdown/Spectre.
A kernel update is available that mitigates the Spectre issue and fixes the
Meltdown issue. Microcode updates from Intel (currently in beta) will be made
available in a future release to complete the fix for the Spectre issue. The
fix for these vulnerabilities introduces up to a 5% drop in performance on
virtual appliances. Increase resource allocation to the virtual appliances by
5% to meet existing sizing requirements.


Email Appliances:

MEG
Vulnerable: The Meltdown/Spectre exploit is a local privilege escalation
vulnerability. MEG is vulnerable but not directly exploitable because MEG does
not run untrusted code. The risk is low given that another vulnerability would
be needed to take advantage of Meltdown/Spectre.
A kernel patch is in test for MEG 7.6.40x.


MVM
MVM appliances use Microsoft Windows Server 2008 R2 and Intel processors and
are therefore vulnerable to these CVEs: CVE-2017-5753, CVE-2017-5715, and
CVE-2017-5754. Install the Windows security update KB4056897 and any other
relevant security updates on the appliances for mitigation.


Network/IPS Appliances:

NSP
NSP is vulnerable to Meltdown and Spectre. To exploit any of these
vulnerabilities, an attacker must be able to run crafted code on the affected
device.

NSP Sensor Hardware Appliances
All NSP Sensors are closed systems. They do not allow any remotely delivered
code to execute on the device, nor users to execute code locally. Although the
underlying CPU and kernel combination in these appliances might be classified
as unpatched, the inability for local execution of malicious code makes them
non-exploitable and effectively not vulnerable. There is no known vector to
exploit them.

NSP Sensor Virtual Appliances
NSP Sensor Virtual Appliances follow the same rationale as the physical
appliances. But, it is critical that the underlying system hosting the NSP VM
is patched, if its CPU exhibits either of the above vulnerabilities.

NSM Appliances
The NSM Windows Appliance is a general-purpose computer and can be classified
as exploitable. The NSM Linux Appliance is a somewhat closed general-purpose
computer and is classified as exploitable to a lesser extent. These appliances
will receive an operating system patch to remediate the vulnerabilities.

The following NSM hardware platforms are impacted.

Windows

  * NSM-GLBL-NG (GLBL, MFE Network Sec Glbl Manager Appl-NG)
  * NSM-STND-NG (STND, MFE Network Sec Manager Appl-NG)
  * NSM-STND-NG-FO (FAOV, MFE Network Sec Manager FO Appl-NG)
  * NSM-STND-NG-UP (AUPG, MFE Network Sec Manager UPG Appl-NG)

Linux

  * NSM-MAPL-NG (NSM, MFE Network Security Manager Appl NG)

NSM Server Software
Customer-provided Windows machines that run NSM software are also deemed
exploitable and should be patched quickly. See the guidance from Microsoft.
There is no patch required for the NSM software itself.

NSM Clients
Customers are advised to review and apply any browser patches that mitigate/
suppress the delivery of attacks associated with these vulnerabilities. See
the guidance from the browser vendors.

NTBA Sensor Hardware Appliances
All Sensor Appliances are closed systems. They do not allow any remotely
delivered code to execute on the device, nor users to execute it locally.
Although the underlying CPU and kernel combination in these appliances might be
classified as unpatched, the inability for local execution of malicious code
make them non-exploitable and effectively not vulnerable. There is no known
vector to exploit them.


SIEM Appliances:

SIEM
SIEM is a closed system. Unprivileged local users are not able to execute
arbitrary code. Nevertheless, SIEM expects to address this vulnerability in a
future version update.


Web Appliances:

WGCS / SWE
The underlying operating system of the Web Gateway Cloud Platform has been
successfully patched to prevent exploiting the vulnerability.

WPS
The underlying operating system of the Web Gateway Cloud Platform has been
successfully patched to prevent exploiting the vulnerability.

MWG
Vulnerable: The impact of Meltdown/Spectre for MWG appliances is a local
privilege escalation that might allow reading kernel memory or memory from
other processes. This scenario is not directly exploitable because MWG does not
run untrusted code, so another vulnerability would be needed to take advantage
of Meltdown/Spectre. Given that configuration, the risk for MWG is considered
low.
Low Risk: Despite a low risk score, a Linux kernel patch is in test for MWG 7.7
and 7.8, both appliances and virtual. McAfee is also monitoring availability of
microcode for CPUs of the appliance models and will make them available with
BIOS patches.
Appliances Impacted: Because of the breadth of the issue, the appliances
impacted are essentially all current and historic models. The MWG version that
includes the Linux kernel patch for the OS is the one that is important for
resolution.
Performance: McAfee has a detailed performance and latency test as part of its
build and release process. We spend specific effort on the Linux kernel update
to ensure that the Kernel patch does not impact the overall system performance.
Tests are not yet complete and we will advise officially when the update
releases. But, current test results are positive and indicate that the existing
sizing recommendations for MWG appliances will not change with the update.

Mitigations

NSM SigSet Detection
These vulnerabilities are host-specific. In theory, it might be possible to
exploit hosts via the network (using JavaScript). Signature coverage for these
vulnerabilities was made available via the signature set release on January 9,
2018.

Acknowledgements

None.

Frequently Asked Questions (FAQs)

How do I know whether my McAfee product is vulnerable or not?
For Endpoint products:
Endpoint products are not affected. McAfee recommends that customers apply
operating system patches if available.

For ePO:
ePO is not affected. McAfee recommends that customers apply operating system
patches to the ePO server and ePO database server if available.

For Appliances:
Use the following instructions for Appliance-based products:

 1. Open the Administrator's User Interface (UI).
 2. Click the About link. The product version is displayed.

What is CVSS?
CVSS, or Common Vulnerability Scoring System, is the result of the National
Infrastructure Advisory Council's effort to standardize a system of assessing
the criticality of a vulnerability. This system offers an unbiased criticality
score between 0 and 10 that customers can use to judge how critical a
vulnerability is and plan accordingly. For more information, visit the CVSS
website at: http://www.first.org/cvss/.

When calculating CVSS scores, McAfee has adopted a philosophy that fosters
consistency and repeatability. Our guiding principle for CVSS scoring is to
score the exploit under consideration by itself. We consider only the immediate
and direct impact of the exploit under consideration. We do not factor into a
score any potential follow-on exploits that might be made possible by
successful exploitation of the issue being scored.
 
What are the CVSS scoring metrics that have been used?
 
CVE-2017-5715 - Spectre
 
+--------------------------------------------------+
|  Base Score               | 5.6                  |
|---------------------------+----------------------|
|  Attack Vector (AV)       | Local (L)            |
|---------------------------+----------------------|
|  Attack Complexity (AC)   | High (H)             |
|---------------------------+----------------------|
|  Privileges Required (PR) | Low (L)              |
|---------------------------+----------------------|
|  User Interaction (UI)    | None (N)             |
|---------------------------+----------------------|
|  Scope (S)                | Changed (C)          |
|---------------------------+----------------------|
|  Confidentiality (C)      | High (H)             |
|---------------------------+----------------------|
|  Integrity (I)            | None (N)             |
|---------------------------+----------------------|
|  Availability (A)         | None (N)             |
|---------------------------+----------------------|
|  Temporal Score (Overall) | 5.1                  |
|---------------------------+----------------------|
|  Exploitability (E)       | Proof-of-Concept (P) |
|---------------------------+----------------------|
|  Remediation Level (RL)   | Temporary Fix (T)    |
|---------------------------+----------------------|
|  Report Confidence (RC)   | Confirmed (C)        |
+--------------------------------------------------+

NOTE: The below CVSS version 3.0 vector was used to generate this score.
https://nvd.nist.gov/cvss/v3-calculator?vector=AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/
A:N/E:P/RL:T/RC:C

CVE-2017-5753 - Spectre
 
+--------------------------------------------------+
|  Base Score               | 5.6                  |
|---------------------------+----------------------|
|  Attack Vector (AV)       | Local (L)            |
|---------------------------+----------------------|
|  Attack Complexity (AC)   | High (H)             |
|---------------------------+----------------------|
|  Privileges Required (PR) | Low (L)              |
|---------------------------+----------------------|
|  User Interaction (UI)    | None (N)             |
|---------------------------+----------------------|
|  Scope (S)                | Changed (C)          |
|---------------------------+----------------------|
|  Confidentiality (C)      | High (H)             |
|---------------------------+----------------------|
|  Integrity (I)            | None (N)             |
|---------------------------+----------------------|
|  Availability (A)         | None (N)             |
|---------------------------+----------------------|
|  Temporal Score (Overall) | 5.1                  |
|---------------------------+----------------------|
|  Exploitability (E)       | Proof-of-Concept (P) |
|---------------------------+----------------------|
|  Remediation Level (RL)   | Temporary Fix (T)    |
|---------------------------+----------------------|
|  Report Confidence (RC)   | Confirmed (C)        |
+--------------------------------------------------+

NOTE: The below CVSS version 3.0 vector was used to generate this score.
https://nvd.nist.gov/cvss/v3-calculator?vector=AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/
A:N/E:P/RL:T/RC:C

CVE-2017-5754 - Meltdown (Intel Processors)
 
+--------------------------------------------------+
|  Base Score               | 5.6                  |
|---------------------------+----------------------|
|  Attack Vector (AV)       | Local (L)            |
|---------------------------+----------------------|
|  Attack Complexity (AC)   | High (H)             |
|---------------------------+----------------------|
|  Privileges Required (PR) | Low (L)              |
|---------------------------+----------------------|
|  User Interaction (UI)    | None (N)             |
|---------------------------+----------------------|
|  Scope (S)                | Changed (C)          |
|---------------------------+----------------------|
|  Confidentiality (C)      | High (H)             |
|---------------------------+----------------------|
|  Integrity (I)            | None (N)             |
|---------------------------+----------------------|
|  Availability (A)         | None (N)             |
|---------------------------+----------------------|
|  Temporal Score (Overall) | 5.1                  |
|---------------------------+----------------------|
|  Exploitability (E)       | Proof-of-Concept (P) |
|---------------------------+----------------------|
|  Remediation Level (RL)   | Temporary Fix (T)    |
|---------------------------+----------------------|
|  Report Confidence (RC)   | Confirmed (C)        |
+--------------------------------------------------+

NOTE: The below CVSS version 3.0 vector was used to generate this score.
https://nvd.nist.gov/cvss/v3-calculator?vector=AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/
A:N/E:P/RL:T/RC:C

Where can I find a list of all security bulletins or how do I report a product
vulnerability?
To find a list of all security bulletins, or if you have information about a
security issue or vulnerability with a McAfee product, visit our product
security website at: http://www.mcafee.com/us/threat-center/
product-security-bulletins.aspx.

Disclaimer

The information provided in this security bulletin is provided as is without
warranty of any kind. McAfee disclaims all warranties, either express or
implied, including the warranties of merchantability and fitness for a
particular purpose. In no event shall McAfee or its suppliers be liable for any
damages whatsoever including direct, indirect, incidental, consequential, loss
of business profits, or special damages, even if McAfee or its suppliers have
been advised of the possibility of such damages. Some states do not allow the
exclusion or limitation of liability for consequential or incidental damages so
the foregoing limitation may not apply.
 
Any future product release dates mentioned in this security bulletin are
intended to outline our general product direction and they should not be relied
on in making a purchasing decision. The product release dates are for
information purposes only, and may not be incorporated into any contract. The
product release dates are not a commitment, promise, or legal obligation to
deliver any material, code, or functionality. The development, release, and
timing of any features or functionality described for our products remains at
our sole discretion and may be changed or canceled at any time.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWo+euox+lLeg9Ub1AQj1yw//T0ltLaX+mlXcQMJspqIlLRvOs5zAVjYh
UBgU5a0pAaPM/DH/FoOKcMdyHSuZGCpClEs3scnTqBozNrlZDZgRfCC6SgIEpjoc
wPrYC+0ETqmnhArOpBZF1Wch7b36F363gQm0akM1ST+hzeuSP6tm1Ymb3fhRB5wN
hfZ3mNc/FC8y8Umc7sK3xS3YNIbi2q97GwrZ7dNeIhBFeAmiXDwpTpUT/nClARMK
JaT5ad9HNatnaFNDhUgGeEiulIcD+2HTwZFW++X96zPJcNIRQHuUkAxK31+jQ6me
BmQ15Hx/vw0PbutMrpwd+r482XUfLpgEUb3r48wqKBCW1dmUyQPRnV0HX6Gi/RYy
ZE/3avp4hafcHwroqpuLcW9CGkhf/G9uGoPwkKFeZKqZ+rcth7ycNWt7TRDoMtCL
9YPUKjRAFaLIl107cOvyTR7nirCL+YUYZPuLTDDPqEhCvLa+2AidWh6FmMTk6WXA
v13mfpoDVXUngQakB3qYgo+gYf1gaJdNiC18CBjIpD1SyHITMlIPDuxt6nt6PWLq
FOjBXli7wjwD2TZpaIwDE4NEvuHKpGpuc/KFSevzSN0FLv3vSGtUdcEPhqEU5j7L
oaC+eiGlnErNruyrIDquJN2aCc+aYjIXiuAuwJ1LC5QjqXhKapSiCgmSA0nmSc8T
MHx3NCdUNWA=
=F+Qj
-----END PGP SIGNATURE-----

« Back to bulletins