Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0206 -- RHSA-2005:277-01 Critical: mozilla security update 7 March 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: mozilla Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 4 Red Hat Desktop version 4 Linux variants UNIX variants Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CAN-2005-0255 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-277.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: mozilla security update Advisory ID: RHSA-2005:277-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-277.html Issue date: 2005-03-04 Updated on: 2005-03-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0255 - - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix a buffer overflow issue are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. A bug was found in the Mozilla string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0255 to this issue. Please note that other security issues have been found that affect Mozilla. These other issues have a lower severity, and are therefore planned to be released as additional security updates in the future. Users of Mozilla should upgrade to these updated packages, which contain a backported patch and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150124 - CAN-2005-0255 Memory overwrite in string library 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm ia64: ca68d27df9d703f28caf702f03a2c815 mozilla-1.7.3-19.EL4.ia64.rpm c9613d7843931c8f307e7d030bcfeebb mozilla-chat-1.7.3-19.EL4.ia64.rpm 50112396b34bd6724f61db2bdda37f3c mozilla-devel-1.7.3-19.EL4.ia64.rpm 08f955d73348162bc74d205b1afcb2f4 mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm bcbad4d5cf1df6b85c25d5718c3297e7 mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm 246c4095425ed95cf3d4e7524eabafc6 mozilla-mail-1.7.3-19.EL4.ia64.rpm a0c490f4e9cd7f9d89b72a84fc8382b0 mozilla-nspr-1.7.3-19.EL4.ia64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 2bb0039d09b0b9e90ec2ba2a45b349d3 mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm b6566d37c099e89a790247f5ee01511b mozilla-nss-1.7.3-19.EL4.ia64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 162f10e927ac46eb5c997fb8fb8aef31 mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm ppc: 4f14f23c3f82b7cd991c8c307346c3b4 mozilla-1.7.3-19.EL4.ppc.rpm 8929adbac27a0119b282fe1afc98f0ef mozilla-chat-1.7.3-19.EL4.ppc.rpm b899f513c30ace575ab4e9b83162bb5e mozilla-devel-1.7.3-19.EL4.ppc.rpm 105b7865dc67efa9f589f805a64ec9af mozilla-dom-inspector-1.7.3-19.EL4.ppc.rpm bf2755837521d659b2d497949dfc86c0 mozilla-js-debugger-1.7.3-19.EL4.ppc.rpm 7b8a29af2710b33b664548c933484f8f mozilla-mail-1.7.3-19.EL4.ppc.rpm c615451892c2a69503c57a9f4e75e007 mozilla-nspr-1.7.3-19.EL4.ppc.rpm c2de101cf5751833f149ae4102e21cff mozilla-nspr-devel-1.7.3-19.EL4.ppc.rpm 96b763974d10ac72401f364ff196b290 mozilla-nss-1.7.3-19.EL4.ppc.rpm f7f3f84a81eae1936be81d1a3d887e58 mozilla-nss-devel-1.7.3-19.EL4.ppc.rpm s390: f2e1f2a5d33abf7e1b9350c169a2cc84 mozilla-1.7.3-19.EL4.s390.rpm 0a51da8cec34280604a009e7c09144bc mozilla-chat-1.7.3-19.EL4.s390.rpm b5280f95e1d4fbcfd2fbe3ebe5c7128b mozilla-devel-1.7.3-19.EL4.s390.rpm 84a2fafb4d8581067fdd255d9ee161a8 mozilla-dom-inspector-1.7.3-19.EL4.s390.rpm 8da4e2d1d8c81cb195b911e8c40ed9f8 mozilla-js-debugger-1.7.3-19.EL4.s390.rpm a983613094c5b1f2e9f1369c94aa651e mozilla-mail-1.7.3-19.EL4.s390.rpm 2d6ab4a4a5c13efaa9a84ce14393284a mozilla-nspr-1.7.3-19.EL4.s390.rpm 4086ab3ca9b912854a0eea21fd6f9a40 mozilla-nspr-devel-1.7.3-19.EL4.s390.rpm 91042804e7acdc601033c5953021defb mozilla-nss-1.7.3-19.EL4.s390.rpm 68a8b46fa0f9944d822e1f3cfd2582a1 mozilla-nss-devel-1.7.3-19.EL4.s390.rpm s390x: 1802303fc112de0d5418f1bbb65ffe13 mozilla-1.7.3-19.EL4.s390x.rpm e080b19af615c3f3fc6c9995c179bfa9 mozilla-chat-1.7.3-19.EL4.s390x.rpm e66986eda1e3df2916cd01883acb4479 mozilla-devel-1.7.3-19.EL4.s390x.rpm 5269aba3adb89b23321948cfcad311bc mozilla-dom-inspector-1.7.3-19.EL4.s390x.rpm d06443ccad52994058ee252d16801f87 mozilla-js-debugger-1.7.3-19.EL4.s390x.rpm a768d5077632f588070be23882b937c2 mozilla-mail-1.7.3-19.EL4.s390x.rpm baf7c42fdaa423b0c3494ee682a39dd1 mozilla-nspr-1.7.3-19.EL4.s390x.rpm 2d6ab4a4a5c13efaa9a84ce14393284a mozilla-nspr-1.7.3-19.EL4.s390.rpm 05d4351be5e8e1d5c382d9cf0b353713 mozilla-nspr-devel-1.7.3-19.EL4.s390x.rpm 37901c38badcb3d39cb7a64397ec4f93 mozilla-nss-1.7.3-19.EL4.s390x.rpm 91042804e7acdc601033c5953021defb mozilla-nss-1.7.3-19.EL4.s390.rpm 8d67688575c64ad370a5283342be5109 mozilla-nss-devel-1.7.3-19.EL4.s390x.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm ia64: ca68d27df9d703f28caf702f03a2c815 mozilla-1.7.3-19.EL4.ia64.rpm c9613d7843931c8f307e7d030bcfeebb mozilla-chat-1.7.3-19.EL4.ia64.rpm 50112396b34bd6724f61db2bdda37f3c mozilla-devel-1.7.3-19.EL4.ia64.rpm 08f955d73348162bc74d205b1afcb2f4 mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm bcbad4d5cf1df6b85c25d5718c3297e7 mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm 246c4095425ed95cf3d4e7524eabafc6 mozilla-mail-1.7.3-19.EL4.ia64.rpm a0c490f4e9cd7f9d89b72a84fc8382b0 mozilla-nspr-1.7.3-19.EL4.ia64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 2bb0039d09b0b9e90ec2ba2a45b349d3 mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm b6566d37c099e89a790247f5ee01511b mozilla-nss-1.7.3-19.EL4.ia64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 162f10e927ac46eb5c997fb8fb8aef31 mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm ia64: ca68d27df9d703f28caf702f03a2c815 mozilla-1.7.3-19.EL4.ia64.rpm c9613d7843931c8f307e7d030bcfeebb mozilla-chat-1.7.3-19.EL4.ia64.rpm 50112396b34bd6724f61db2bdda37f3c mozilla-devel-1.7.3-19.EL4.ia64.rpm 08f955d73348162bc74d205b1afcb2f4 mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm bcbad4d5cf1df6b85c25d5718c3297e7 mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm 246c4095425ed95cf3d4e7524eabafc6 mozilla-mail-1.7.3-19.EL4.ia64.rpm a0c490f4e9cd7f9d89b72a84fc8382b0 mozilla-nspr-1.7.3-19.EL4.ia64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 2bb0039d09b0b9e90ec2ba2a45b349d3 mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm b6566d37c099e89a790247f5ee01511b mozilla-nss-1.7.3-19.EL4.ia64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 162f10e927ac46eb5c997fb8fb8aef31 mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.mozilla.org/security/announce/mfsa2005-18.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0255 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCKCkxXlSAg2UNWIIRAmFoAKCd0JljpfDp1Li6oTreAZLQGv2XvQCcCP10 3+HfeqALjPlRANhJfghnYD0= =Mh9/ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQivkqCh9+71yA2DNAQIF5wQAnna6DoajOgj3UM9gUDc4RMJQ03cB7BHg e8zg3Yv8OgNt6FTljD/Hx0jLPsaNBPT0DzsyY0HuAqiFDY3wQXOcc1DvyRJxi7gL ZBtVVAoCOpMp7o9lcVukPtW4itSo4N7uBma2MOOFEa8B2OgL1qIb0NxLX2s0b2m5 g9vKuzaNGgQ= =gB7F -----END PGP SIGNATURE-----