Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0292 -- [UNIX/Linux]
Multiple vulnerabilities in Asterisk
19 March 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Asterisk
Publisher: Digium
Operating System: UNIX variants (UNIX, Linux, OSX)
Impact: Execute Arbitrary Code/Commands
Denial of Service
Inappropriate Access
Access: Remote/Unauthenticated
CVE Names: CVE-2008-1289 CVE-2008-1332 CVE-2008-1333
CVE-2008-1390
Original Bulletin:
http://lists.digium.com/pipermail/asterisk-security/2008-March/000239.html
http://lists.digium.com/pipermail/asterisk-security/2008-March/000240.html
http://lists.digium.com/pipermail/asterisk-security/2008-March/000241.html
http://lists.digium.com/pipermail/asterisk-security/2008-March/000242.html
Comment: This bulletin contains four (4) Asterisk security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Asterisk Project Security Advisory - AST-2008-002
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Two buffer overflows in RTP Codec Payload |
| | Handling |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Exploitable Buffer Overflow |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Critical |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 11, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Mu Security Research Team |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Joshua Colp <jcolp at digium.com> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-1289 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Two buffer overflows exist in the RTP payload handling |
| | code of Asterisk. Both overflows can be caused by an |
| | INVITE or any other SIP packet with SDP. The request may |
| | need to be authenticated depending on configuration of |
| | the Asterisk installation. |
| | |
| | The first overflow is caused by sending a payload number |
| | that surpasses the programmed maximum payload number of |
| | 256. This causes an invalid memory write outside of the |
| | buffer. While this does not allow the attacker to write |
| | arbitrary data it does allow the attacker to write a 0 |
| | to other memory locations. |
| | |
| | The second overflow is caused by sending more than 32 |
| | RTP payloads. This causes a buffer on the stack to |
| | overflow allowing the attacker to write values between 0 |
| | and 256 (the maximum payload number) to memory locations |
| | after the buffer. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | Two fixes have been added to check the provided data to |
| | ensure it does not exceed static buffer sizes. |
| | |
| | When removing internal information regarding an RTP |
| | payload the given payload number will now be checked to |
| | make sure it does not exceed the maximum acceptable |
| | payload number. |
| | |
| | When reading RTP payloads from SDP a maximum limit of 32 |
| | in total will be enforced. Any further RTP payloads will |
| | be discarded. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.2.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.4.x | All versions prior to 1.4.18.1 |
| | | and 1.4.19-rc3 |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.6.x | All versions prior to |
| | | 1.6.0-beta6 |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | A.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | B.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | C.x.x | All versions prior to C.1.6.1 |
|----------------------------+---------+---------------------------------|
| AsteriskNOW | 1.0.x | All versions prior to 1.0.2 |
|----------------------------+---------+---------------------------------|
| Asterisk Appliance | SVN | All versions prior to Asterisk |
| Developer Kit | | 1.4 revision 109386 |
|----------------------------+---------+---------------------------------|
| s800i (Asterisk Appliance) | 1.1.x | All versions prior to 1.1.0.2 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|---------------+--------------------------------------------------------|
| Asterisk Open | 1.4.18.1/1.4.19-rc3/1.6.0-beta6, available from |
| Source | http://downloads.digium.com/pub/telephony/asterisk |
|---------------+--------------------------------------------------------|
| Asterisk | C.1.6.1 |
| Business | |
| Edition | |
|---------------+--------------------------------------------------------|
| AsteriskNOW | 1.0.2, available from http://www.asterisknow.org/ |
| | |
| | Current users can update using the system update |
| | feature in the appliance control panel. |
|---------------+--------------------------------------------------------|
| Asterisk | Asterisk 1.4 revision 109386. Available by performing |
| Appliance | an svn update of the AADK tree. |
| Developer Kit | |
|---------------+--------------------------------------------------------|
| s800i | 1.1.0.2 |
| (Asterisk | |
| Appliance) | |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Links | |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-002.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-002.html |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------------+--------------------+--------------------------------|
| 2008-03-18 | Joshua Colp | Initial Release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-002
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
Asterisk Project Security Advisory - AST-2008-003
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Unauthenticated calls allowed from SIP channel |
| | driver |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Authentication Bypass |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Major |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 12, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Jason Parker <jparker at digium.com> |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Jason Parker <jparker at digium.com> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-1332 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Unauthenticated calls can be made via the SIP channel |
| | driver using an invalid From header. This acts similarly |
| | to the SIP configuration option 'allowguest=yes', in |
| | that calls with a specially crafted From header would be |
| | sent to the PBX in the context specified in the general |
| | section of sip.conf. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | A fix has been added which checks for the option |
| | 'allowguest' to be enabled before determining that |
| | authentication is not required. |
| | |
| | As a workaround, modify the context in the general |
| | section of sip.conf to point to a non-trusted location |
| | (example: a non-existent context, or a context that does |
| | nothing but hang up the call). |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|------------------------------+---------+-------------------------------|
| Asterisk Open Source | 1.0.x | All versions |
|------------------------------+---------+-------------------------------|
| Asterisk Open Source | 1.2.x | All versions prior to 1.2.27 |
|------------------------------+---------+-------------------------------|
| Asterisk Open Source | 1.4.x | All versions prior to |
| | | 1.4.18.1 and 1.4.19-rc3 |
|------------------------------+---------+-------------------------------|
| Asterisk Business Edition | A.x.x | All versions |
|------------------------------+---------+-------------------------------|
| Asterisk Business Edition | B.x.x | All versions prior to B.2.5.1 |
|------------------------------+---------+-------------------------------|
| Asterisk Business Edition | C.x.x | All versions prior to C.1.6.2 |
|------------------------------+---------+-------------------------------|
| AsteriskNOW | 1.0.x | All versions prior to 1.0.2 |
|------------------------------+---------+-------------------------------|
| Asterisk Appliance Developer | SVN | All versions prior to |
| Kit | | Asterisk 1.4 revision 109393 |
|------------------------------+---------+-------------------------------|
| s800i (Asterisk Appliance) | 1.0.x | All versions prior to 1.1.0.2 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|---------------+--------------------------------------------------------|
| Asterisk Open | 1.2.27, 1.4.18.1/1.4.19-rc3, available from |
| Source | http://downloads.digium.com/pub/telephony/asterisk |
|---------------+--------------------------------------------------------|
| Asterisk | B.2.5.1, C.1.6.2 |
| Business | |
| Edition | |
|---------------+--------------------------------------------------------|
| AsteriskNOW | 1.0.2, available from http://www.asterisknow.org/ |
| | |
| | Current users can update using the system update |
| | feature in the appliance control panel. |
|---------------+--------------------------------------------------------|
| Asterisk | Asterisk 1.4 revision 109393. Available by performing |
| Appliance | an svn update of the AADK tree. |
| Developer Kit | |
|---------------+--------------------------------------------------------|
| s800i | 1.1.0.2 |
| (Asterisk | |
| Appliance) | |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Links | |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-003.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-003.html |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------------+---------------------+-------------------------------|
| 2008-03-18 | Jason Parker | Initial Release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-003
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
Asterisk Project Security Advisory - AST-2008-004
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Format String Vulnerability in Logger and Manager |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Denial of Service |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Moderate |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 13, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Steve Davies (bugs.digium.com user stevedavies) |
| | |
| | Brandon Kruse (bugs.digium.com user bkruse) |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Joshua Colp <jcolp at digium.com> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-1333 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Logging messages displayed using the ast_verbose logging |
| | API call are not displayed as a character string, they |
| | are displayed as a format string. |
| | |
| | Output as a result of the Manager command "command" is |
| | not appended to the resulting response message as a |
| | character string, it is appended as a format string. |
| | |
| | It is possible in both instances for an attacker to |
| | provide a formatted string as a value for input which |
| | can cause a crash. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | Input given to both the ast_verbose logging API call and |
| | astman_append function is now interpreted as a character |
| | string and not as a format string. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.2.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.4.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.6.x | All versions prior to |
| | | 1.6.0-beta6 |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | A.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | B.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | C.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| AsteriskNOW | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Appliance | 0.x.x | Unaffected |
| Developer Kit | | |
|----------------------------+---------+---------------------------------|
| s800i (Asterisk Appliance) | 1.0.x | Unaffected |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|---------------+--------------------------------------------------------|
| Asterisk Open | 1.6.0-beta6, available from |
| Source | http://downloads.digium.com/pub/telephony/asterisk |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Links | http://bugs.digium.com/view.php?id=12205 |
| | |
| | http://bugs.digium.com/view.php?id=12206 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-004.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-004.html |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------------+--------------------+--------------------------------|
| 2008-03-18 | Joshua Colp | Initial Release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-004
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
Asterisk Project Security Advisory - AST-2008-005
+------------------------------------------------------------------------+
| Product | Asterisk |
|----------------------+-------------------------------------------------|
| Summary | HTTP Manager ID is predictable |
|----------------------+-------------------------------------------------|
| Nature of Advisory | An attacker could hijack a manager session |
|----------------------+-------------------------------------------------|
| Susceptibility | All users using the HTTP manager port |
|----------------------+-------------------------------------------------|
| Severity | Minor |
|----------------------+-------------------------------------------------|
| Exploits Known | No |
|----------------------+-------------------------------------------------|
| Reported On | February 25, 2008 |
|----------------------+-------------------------------------------------|
| Reported By | Dino A. Dai Zovi < ddz AT theta44 DOT org > |
|----------------------+-------------------------------------------------|
| Posted On | March 18, 2008 |
|----------------------+-------------------------------------------------|
| Last Updated On | March 18, 2008 |
|----------------------+-------------------------------------------------|
| Advisory Contact | Tilghman Lesher < tlesher AT digium DOT com > |
|----------------------+-------------------------------------------------|
| CVE Name | CVE-2008-1390 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Due to the way that manager IDs are calculated, this |
| | 32-bit integer is likely to have a much larger than |
| | average number of 1s, which greatly reduces the number |
| | of guesses an attacker would have to make to |
| | successfully predict the manager ID, which is used |
| | across multiple HTTP queries to hold manager state. |
| | |
| | "The issue is the generation of session ids in the |
| | AsteriskGUI HTTP server. |
| | |
| | When using Glibc, the implementation and state of rand() |
| | and random() is |
| | |
| | shared. Asterisk uses random() to issue MD5 digest |
| | authentication |
| | |
| | challenges and rand() bitwise-ORed with a malloc'd |
| | pointer to generate |
| | |
| | AsteriskGUI session identifiers. An attacker can |
| | synchronize with |
| | |
| | random() by retrieving 32 successive challenges and |
| | predict all subsequent |
| | |
| | output of calls to random() and rand(). Because a |
| | pointer returned by |
| | |
| | malloc has at best 21 bits of entropy, the attacker will |
| | on average only |
| | |
| | need to guess 1448 session identifiers in order to steal |
| | an established |
| | |
| | session. |
| | |
| | "The crux of the problem is that under Glibc, the |
| | implementation of rand() |
| | |
| | and random() is shared. rand() is just an alias to |
| | random(). This means |
| | |
| | that they all come from the same randomizer with the |
| | same state. |
| | |
| | "A remote attacker can synchronize with all subsequent |
| | output of a remote |
| | |
| | system's random() state by just observing or retrieving |
| | 32 successive |
| | |
| | outputs. They can easily do this by generating 32 MD5 |
| | digest |
| | |
| | authentication challenges. At this point, they will be |
| | able to predict |
| | |
| | all subsequent output of random() and rand(). |
| | |
| | "The memory address returned by calloc() is also not |
| | sufficiently random. |
| | |
| | In practice, it will be in low memory, immediately |
| | following the executable. |
| | |
| | In addition, the buffer returned will be 8-byte aligned. |
| | This means that |
| | |
| | the high order 8 bits and low order 3 bits will always |
| | be zero. Finally, |
| | |
| | this value is bitwise ORed with the output of random(), |
| | so any bits that |
| | |
| | are set will be preserved. |
| | |
| | "An attacker will only have to guess 2^N session ids, |
| | where N is the number |
| | |
| | of zeros in the number return by random() between bit |
| | positions 3 and 24. |
| | |
| | On average, this will be 1448 guesses. |
| | |
| | "However, an attacker can do better than this by |
| | consuming challenges until |
| | |
| | the following number output by random() has many 1's in |
| | those significant |
| | |
| | bit positions." |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | To mitigate this attack, the two values are now XORed |
| | together. This will increase the entropy to approximately |
| | 2^21, which is far more difficult to predict, especially |
| | given that the random number generator is used for other |
| | purposes in Asterisk, not just manager HTTP session ID |
| | generation. |
| | |
| | Upgrade to SVN revision 104704 or greater, or upgrade to |
| | one of the releases below. That the random number |
| | generator is used for other things makes this attack |
| | extremely difficult and unlikely, so we will not produce |
| | a separate release for this security advisory. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|----------------------------+-------------+-----------------------------|
| Asterisk Open Source | 1.0.x | Not affected |
|----------------------------+-------------+-----------------------------|
| Asterisk Open Source | 1.2.x | Not affected |
|----------------------------+-------------+-----------------------------|
| Asterisk Open Source | 1.4.x | All versions prior to |
| | | 1.4.19-rc3 |
|----------------------------+-------------+-----------------------------|
| Asterisk Open Source | 1.6.x | All versions prior to |
| | | 1.6.0-beta6 |
|----------------------------+-------------+-----------------------------|
| Asterisk Business Edition | A.x.x | Not affected |
|----------------------------+-------------+-----------------------------|
| Asterisk Business Edition | B.x.x | Not affected |
|----------------------------+-------------+-----------------------------|
| Asterisk Business Edition | C.x.x | All versions prior to C.1.6 |
|----------------------------+-------------+-----------------------------|
| AsteriskNOW | pre-release | All versions prior to 1.0.2 |
|----------------------------+-------------+-----------------------------|
| Asterisk Appliance | SVN | All revisions prior to |
| Developer Kit | | 104704 |
|----------------------------+-------------+-----------------------------|
| s800i (Asterisk Appliance) | 1.0.x | All versions prior to |
| | | 1.1.0.2 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|--------------------------------------+---------------------------------|
| Asterisk Open Source | 1.4.19-rc3, 1.6.0-beta6 |
|--------------------------------------+---------------------------------|
| Asterisk Business Edition | C.1.6 |
|--------------------------------------+---------------------------------|
| AsteriskNOW | 1.0.2 |
|--------------------------------------+---------------------------------|
| Asterisk Appliance Developer Kit | Asterisk 1.4 revision 104704 |
|--------------------------------------+---------------------------------|
| s800i (Asterisk Appliance) | 1.1.0.2 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Links | |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-005.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-005.html |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|-----------------+------------------------+-----------------------------|
| 2008-03-18 | Tilghman Lesher | Initial release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-005
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR+CsRih9+71yA2DNAQIQawP/W/PW8VtWeNSHOwaWhDibb2SeYidvgnsz
JBKI/xqD0i9JHNiMGMNwUuK6xL34dXihtETwR53v6YmRLRljdh8EhTrK8G43j+vT
LDGw9L0wBoikjEPOmcO+1ODUXHWFM7QrjLvPFuIBFd7NK2Jawtn4cnoVnEDevSga
fmpuVfuE7Q0=
=wlFQ
-----END PGP SIGNATURE-----