Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.1722.2 VMware product updates address MDS vulnerabilities 6 August 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: VMware vCenter Server VMware vSphere ESXi VMware Workstation Pro VMware Workstation Player VMware Fusion Pro VMware Fusion VMware vCloud Usage Meter VMware Identity Manager Publisher: VMWare Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Access Privileged Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-11091 CVE-2018-12130 CVE-2018-12127 CVE-2018-12126 Reference: ASB-2019.0138 Original Bulletin: https://www.vmware.com/security/advisories/VMSA-2019-0008.html Revision History: August 6 2019: Updated security advisory with Operating System-Specific Mitigations included with vCenter Server Appliance 6.7u2c and vCenter Server Appliance 6.5u3. May 15 2019: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- +-----------------------------------------------------------------------------+ |Advisory|VMSA-2019-0008.1 | |ID | | |--------+--------------------------------------------------------------------| |Advisory|Moderate | |Severity| | |--------+--------------------------------------------------------------------| |CVSSv3 |3.8 - 6.5 | |Range | | |--------+--------------------------------------------------------------------| | |VMware product updates enable Hypervisor-Specific | | |Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating | |Synopsis|System-Specific Mitigations for Microarchitectural Data Sampling | | |(MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, | | |CVE-2018-12130, and CVE-2019-11091) | |--------+--------------------------------------------------------------------| |Issue |2019-05-14 | |Date | | |--------+--------------------------------------------------------------------| |Updated |2019-08-05 | |On | | |--------+--------------------------------------------------------------------| |CVE(s) |CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 | +-----------------------------------------------------------------------------+ 1. Impacted Products * VMware vCenter Server (VC) * VMware vSphere ESXi (ESXi) * VMware Workstation Pro / Player (WS) * VMware Fusion Pro / Fusion (Fusion) * vCloud Usage Meter (UM) * Identity Manager (vIDM) * vCenter Server (vCSA) * vSphere Data Protection (VDP) * vSphere Integrated Containers (VIC) * vRealize Automation (vRA) 2. Introduction Intel has disclosed details on speculative-execution vulnerabilities known collectively as "Microarchitectural Data Sampling (MDS)" that can occur on Intel microarchitecture prior to 2nd Generation Intel Xeon Scalable Processors (formerly known as Cascade Lake). These issues may allow a malicious user who can locally execute code on a system to infer data otherwise protected by architectural mechanisms. There are four uniquely identifiable vulnerabilities associated with MDS: * CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling (MSBDS) - CVSSv3 = 6.5 * CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVSSv3 = 6.5 * CVE-2018-12127 - Microarchitectural Load Port Data Sampling (MLPDS) - CVSSv3 = 6.5 * CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory (MDSUM) - CVSSv3 = 3.8 To assist in understanding speculative-execution vulnerabilities, VMware previously defined the following mitigation categories: * Hypervisor-Specific Mitigations prevent information leakage from the hypervisor or guest VMs into a malicious guest VM. These mitigations require code changes for VMware products. * Hypervisor-Assisted Guest Mitigations virtualize new speculative-execution hardware control mechanisms for guest VMs so that Guest OSes can mitigate leakage between processes within the VM. These mitigations require code changes for VMware products. * Operating System-Specific Mitigations are applied to guest operating systems. These updates will be provided by a 3rd party vendor or in the case of VMware Virtual Appliances, by VMware. * Microcode Mitigations are applied to a system?s processor(s) by a microcode update from the hardware vendor. These mitigations do not require hypervisor or guest operating system updates to be effective. MDS vulnerabilities require Hypervisor-Specific Mitigations (described in section 3a.) Hypervisor-Assisted Guest Mitigations (described in section 3b.) and Operating System-Specific Mitigations (described in section 3c.) 3a. Hypervisor-Specific Mitigations for MDS vulnerabilities - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 Description: vCenter Server, ESXi, Workstation, and Fusion updates include Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. VMware has evaluated the severity of these issues to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5. Known Attack Vectors: A malicious user must have local access to a virtual machine and the ability to execute code to infer data otherwise protected by architectural mechanisms from another virtual machine or the hypervisor itself via MDS vulnerabilities. There are two known attack vector variants for MDS at the Hypervisor level: * Sequential-context attack vector (Inter-VM): a malicious VM can potentially infer recently accessed data of a previous context (hypervisor thread or other VM thread) on either logical processor of a processor core. * Concurrent-context attack vector (Inter-VM): a malicious VM can potentially infer recently accessed data of a concurrently executing context (hypervisor thread or other VM thread) on the other logical processor of the Hyper-Threading-enabled processor core. Resolution: * The Sequential-context attack vector (Inter-VM): is mitigated by a Hypervisor update to the product versions listed in the table below. These mitigations are dependent on Intel microcode updates (provided in separate ESXi patches for most Intel hardware platforms) listed in the table below. This mitigation is enabled by default and does not impose a significant performance impact. * The Concurrent-context attack vector (Inter-VM): is mitigated through enablement of the ESXi Side-Channel-Aware Scheduler Version 1 or Version 2. These options may impose a non-trivial performance impact and are not enabled by default. Workarounds: * There are no known Hypervisor-Specific workarounds for the MDS class of vulnerabilities. Additional Documentation: * vSphere: KB67577 should be thoroughly reviewed to ensure a strong understanding of the Hypervisor-Specific Mitigations enablement process for MDS and potential CPU capacity impacts * Workstation/Fusion: KB68025 should be thoroughly reviewed to ensure a strong understanding of the Hypervisor-Specific Mitigations enablement process for MDS and potential CPU capacity impacts. Notes: * VMware Hypervisors running on 2nd Generation Intel? Xeon Scalable Processors (formerly known as Cascade Lake) are not affected by MDS vulnerabilities. Acknowledgements: * None. Resolution Matrix: +----------------------------------------------------------------------------------------------------------+ |Product |Version|Running|CVE Identifier|CVSSv3|Severity|Fixed Version |Workarounds|Additional | | | |On | | | | | |Documentation| |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| |vCenter |6.7 |Any |N/A |N/A |N/A |6.7 U2a |None |KB67577 | |Server^1 | | | | | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| |vCenter |6.5 |Any |N/A |N/A |N/A |6.5 U2g |None |KB67577 | |Server^1 | | | | | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| |vCenter |6.0 |Any |N/A |N/A |N/A |6.0 U3i |None |KB67577 | |Server^1 | | | | | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | |ESXi670-201905401-BG | | | |ESXi |6.7 |Any |CVE-2018-12127|6.5 |Moderate|ESXi670-201905402-BG^|None |KB67577 | | | | |CVE-2018-12130| | |2 | | | | | | |CVE-2019-11091| | |ESXi670-201905403-BG | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | |ESXi650-201905401-BG | | | |ESXi |6.5 |Any |CVE-2018-12127|6.5 |Moderate|ESXi650-201905402-BG^|None |KB67577 | | | | |CVE-2018-12130| | |2 | | | | | | |CVE-2019-11091| | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | |ESXi600-201905401-BG | | | |ESXi |6.0 |Any |CVE-2018-12127|6.5 |Moderate|ESXi600-201905402-BG^|None |KB67577 | | | | |CVE-2018-12130| | |2 | | | | | | |CVE-2019-11091| | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |Workstation|15.x |Any |CVE-2018-12127|6.5 |Moderate|15.1.0 |None |KB68025 | | | | |CVE-2018-12130| | | | | | | | | |CVE-2019-11091| | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |Fusion |11.x |Any |CVE-2018-12127|6.5 |Moderate|11.1.0 |None |KB68025 | | | | |CVE-2018-12130| | | | | | | | | |CVE-2019-11091| | | | | | +----------------------------------------------------------------------------------------------------------+ 1. vCenter updates are listed in the above table as a requirement for Hypervisor-Specific Mitigations as these updates include enhanced EVC modes which support the new MD-CLEAR functionality included in ESXi microcode updates. 2. These patches contain updated microcode. At the time of this publication Sandy Bridge DT/EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi. 3b. Hypervisor-Assisted Guest Mitigations for MDS vulnerabilities - - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 Description: vCenter Server, ESXi, Workstation, and Fusion updates support Hypervisor-Assisted Guest Mitigations for MDS speculative execution vulnerabilities. These updates expose new CPU control bits via microcode listed in the table below to the Virtual Machine layer. VMware has evaluated the severity of these issues to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5. Known Attack Vectors: A malicious user must have local access to a virtual machine and the ability to execute code to infer data otherwise protected by architectural mechanisms within the Guest Operating System (Intra-VM) via MDS vulnerabilities. Virtual Machines hosted by VMware Hypervisors running on 2nd Generation Intel? Xeon Scalable Processors (formerly known as Cascade Lake) are not affected by MDS vulnerabilities. There are two known attack vector categories for MDS at the Virtual Machine level: * Sequential-context attack vector (Intra-VM): a malicious local user of a Virtual Machine can potentially infer recently accessed data of a previous context otherwise protected by architectural mechanisms in the context of the same Virtual Machine. * Concurrent-context attack vector (Intra-VM): a malicious local user of a Virtual Machine can potentially infer recently accessed data of a concurrently executing context on the other logical processor of the Hyper-Threading-enabled processor core in the context of the same Virtual Machine. Resolution: * Sequential-context attack vector (Intra-VM): mitigations are supported via Hypervisor updates listed in the table below. These mitigations are then enabled via Guest Operating System updates obtained through the operating system vendor (for VMware appliances see section 3c). These mitigations are dependent on Intel microcode updates (provided in separate ESXi patches for most Intel hardware platforms) listed in the table below. This mitigation is enabled by default and does not impose a significant performance impact. * Concurrent-context attack vector (Intra-VM): is mitigated through enablement of the ESXi Side-Channel-Aware Scheduler Version 1. The ESXi Side-Channel-Aware Scheduler Version 2 does not mitigate MDS Concurrent-context attack vectors at the Virtual Machine layer. These options may impose a non-trivial performance impact and are not enabled by default. Guest Operating Systems will also require Operating System-Specific Mitigations to support these Hypervisor-Assisted Guest Mitigations (see section 3c. for VMware Virtual Appliances). Workarounds: * Operating System-Specific workarounds for VMware Virtual Appliances are documented in section 3c. Additional Documentation: * KB68024 should be thoroughly reviewed to ensure a strong understanding of the Hypervisor-Assisted Guest Mitigations enablement process for MDS and potential CPU capacity impacts. Notes: * Virtual Machines hosted by VMware Hypervisors running on 2nd Generation Intel? Xeon Scalable Processors (formerly known as Cascade Lake) are not affected by MDS vulnerabilities. Acknowledgements: * None. Resolution Matrix: +----------------------------------------------------------------------------------------------------------+ |Product |Version|Running|CVE Identifier|CVSSv3|Severity|Fixed Version |Workarounds|Additional | | | |On | | | | | |Documentation| |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| |vCenter |6.7 |Any |N/A |N/A |N/A |6.7 U2a |None |KB68024 | |Server^1 | | | | | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| |vCenter |6.5 |Any |N/A |N/A |N/A |6.5 U2g |None |KB68024 | |Server^1 | | | | | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| |vCenter |6.0 |Any |N/A |N/A |N/A |6.0 U3i |None |KB68024 | |Server^1 | | | | | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | |ESXi670-201905401-BG | | | |ESXi |6.7 |Any |CVE-2018-12127|6.5 |Moderate|ESXi670-201905402-BG^|None |KB68024 | | | | |CVE-2018-12130| | |2 | | | | | | |CVE-2019-11091| | |ESXi670-201905403-BG | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | |ESXi650-201905401-BG | | | |ESXi |6.5 |Any |CVE-2018-12127|6.5 |Moderate|ESXi650-201905402-BG^|None |KB68024 | | | | |CVE-2018-12130| | |2 | | | | | | |CVE-2019-11091| | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | |ESXi600-201905401-BG | | | |ESXi |6.0 |Any |CVE-2018-12127|6.5 |Moderate|ESXi600-201905402-BG^|None |KB68024 | | | | |CVE-2018-12130| | |2 | | | | | | |CVE-2019-11091| | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |Workstation|15.x |Any |CVE-2018-12127|6.5 |Moderate|15.1.0 |None |KB68024 | | | | |CVE-2018-12130| | | | | | | | | |CVE-2019-11091| | | | | | |-----------+-------+-------+--------------+------+--------+---------------------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |Fusion |11.x |Any |CVE-2018-12127|6.5 |Moderate|11.1.0 |None |KB68024 | | | | |CVE-2018-12130| | | | | | | | | |CVE-2019-11091| | | | | | +----------------------------------------------------------------------------------------------------------+ 1. vCenter updates are listed in the above table as a requirement for Hypervisor-Assisted Guest Mitigations as these updates include enhanced EVC modes which support the new MD-CLEAR functionality included in ESXi microcode updates. 2. These patches contain updated microcode. At the time of this publication Sandy Bridge DT/EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi. 3c. Operating System-Specific Mitigations for MDS vulnerabilities - - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 Description: A malicious user must have local access to a virtual machine and the ability to execute code to infer data otherwise protected by architectural mechanisms within the Guest Operating System (Intra-VM) via MDS vulnerabilities. Known Attack Vectors: A malicious user must have local access to a virtual machine and the ability to execute code to infer data otherwise protected by architectural mechanisms within the Guest Operating System (Intra-VM) via MDS vulnerabilities. There are two known attack vector categories for MDS at the Virtual Machine level: * Sequential-context attack vector (Intra-VM): a malicious local user of a Virtual Machine can potentially infer recently accessed data of a previous context otherwise protected by architectural mechanisms in the context of the same Virtual Machine. * Concurrent-context attack vector (Intra-VM): a malicious local user of a Virtual Machine can potentially infer recently accessed data of a concurrently executing context on the other logical processor of the Hyper-Threading-enabled processor core in the context of the same Virtual Machine. Resolution: * Sequential-context attack vector (Intra-VM): mitigations are supported via Hypervisor-Assisted Guest Mitigations enumerated in section 3b and enabled via updated Linux kernels included with Virtual Appliance releases shown in the table below. These mitigations are dependent on Intel microcode updates (provided in separate ESXi patches for most Intel hardware platforms) listed in the table below. * Concurrent-context attack vector (Intra-VM): is mitigated through enablement of the ESXi Side-Channel-Aware Scheduler. The ESXi Side-Channel-Aware Scheduler Version 2 introduced in 6.7u2 does NOT mitigate MDS Intra-VM Concurrent-context attack vectors at the Virtual Machine layer. These options may impose a non-trivial performance impact and are not enabled by default. Workarounds: * Some VMware Virtual Appliances can workaround MDS vulnerabilities by disabling local non-administrative accounts to ensure there is no available path for a malicious user to execute code. Additional Documentation: * None. Notes: * Virtual Machines hosted by VMware Hypervisors running on 2nd Generation Intel Xeon Scalable Processors (formerly known as Cascade Lake) are not affected by MDS vulnerabilities. * VMware Virtual Appliances NOT listed in the Resolution Matrix below do not have valid attack vectors under supported configurations and are considered unaffected. Acknowledgements: * None. Resolution Matrix: +---------------------------------------------------------------------------------------------+ |Product |Version|Running |CVE Identifier|CVSSv3|Severity|Fixed |Workarounds|Additional | | | |On | | | |Version| |Documentation| |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| |vCloud | | |CVE-2018-12126| | | | | | |Usage |x.x |Virtual |CVE-2018-12127|6.5 |Moderate|Patch |KB52467 |None | |Meter | |Appliance|CVE-2018-12130| | |Pending| | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |Identity |x.x |Virtual |CVE-2018-12127|6.5 |Moderate|Patch |KB52284 |None | |Manager | |Appliance|CVE-2018-12130| | |Pending| | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |vCenter |6.7 |Virtual |CVE-2018-12127|6.5 |Moderate|6.7u2c |KB52312 |None | |Server | |Appliance|CVE-2018-12130| | | | | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |vCenter |6.5 |Virtual |CVE-2018-12127|6.5 |Moderate|6.5u3 |KB52312 |None | |Server | |Appliance|CVE-2018-12130| | | | | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |vCenter |6.0 |Virtual |CVE-2018-12127|6.5 |Moderate|Patch |KB52312 |None | |Server | |Appliance|CVE-2018-12130| | |Pending| | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| |VMware | | |CVE-2018-12126| | | | | | |Data |6.x |Virtual |CVE-2018-12127|6.5 |Moderate|Patch |None |None | |protection| |Appliance|CVE-2018-12130| | |Pending| | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| |VMware | | |CVE-2018-12126| | | | | | |Integrated|1.x |Virtual |CVE-2018-12127|6.5 |Moderate|Patch |None |None | |Containers| |Appliance|CVE-2018-12130| | |Pending| | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |vRealize |7.x |Virtual |CVE-2018-12127|6.5 |Moderate|Patch |KB52377 |None | |Automation| |Appliance|CVE-2018-12130| | |Pending| | | | | | |CVE-2019-11091| | | | | | |----------+-------+---------+--------------+------+--------+-------+-----------+-------------| | | | |CVE-2018-12126| | | | | | |vRealize | |Virtual |CVE-2018-12127| | |Patch | | | |Automation|6.x |Appliance|CVE-2018-12130|6.5 |Moderate|Pending|KB52497 |None | | | | |CVE-2019-11091| | | | | | | | | | | | | | | | +---------------------------------------------------------------------------------------------+ 4. References: Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091 Fixed Version(s) and Release Notes: vCenter 6.7 U2c https://my.vmware.com/web/vmware/details?downloadGroup=VC67U2C&productId=742 vCenter 6.7 U2a https://my.vmware.com/group/vmware/get-download?downloadGroup=VC67U2A vCenter 6.5 u3 https://my.vmware.com/web/vmware/details?downloadGroup=VC65U3&productId=614 vCenter 6.5 U2g https://my.vmware.com/group/vmware/get-download?downloadGroup=VC65U2G vCenter 6.0 U3i https://my.vmware.com/group/vmware/get-download?downloadGroup=VC60U3I ESXi 6.7, Patch Release ESXi670-201905001 https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/6.7/rn/esxi670-201905001.html ESXi 6.5, Patch Release ESXi650-201905001 https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/6.5/rn/esxi650-201905001.html ESXi 6.0, Patch Release ESXi600-201905001 https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/6.0/rn/esxi600-201905001.html VMware Workstation 15.1.0 https://www.vmware.com/go/downloadworkstation https://docs.vmware.com/en/VMware-Workstation-Pro/index.html VMware Fusion 11.1.0 https://www.vmware.com/go/downloadfusion https://docs.vmware.com/en/VMware-Fusion/index.html Workarounds: https://kb.vmware.com/s/article/52467 https://kb.vmware.com/s/article/52284 https://kb.vmware.com/s/article/52312 https://kb.vmware.com/s/article/52377 https://kb.vmware.com/s/article/52497 Additional Documentation: https://kb.vmware.com/s/article/67577 https://kb.vmware.com/s/article/68025 https://kb.vmware.com/s/article/68024 5. Change Log: 2019-05-14: Initial security advisory in conjunction with vSphere, Workstation, and Fusion updates and patches released on 2019-05-14. 2019-08-05: VMSA-2019-0008.1 Updated security advisory with Operating System-Specific Mitigations included with vCenter Server Appliance 6.7u2c and vCenter Server Appliance 6.5u3. 6. Contact: E-mail list for product security notifications and announcements: http:// lists.vmware.com/cgi-bin/mailman/listinfo/security-announce Copyright 2019 VMware Inc. All rights reserved. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXUjI82aOgq3Tt24GAQj1bA/7BhYDSXvNKRv12Pj0mJSpWOLl81Pz5NFX Iwc3KOKV6SdkqIc68c+t7vk61dgxqnA7kQZC8pv9007eRu2sGqraEI8a8lEl8XmW b9vW+jcaCTKIJORZdQTZrQdT4obczZriQYbh/7WAVL1dwS7o87xNHk14oVg8zvmK qiHraDxMtpLL2VMOfNR+85qVstedeelRGhBSJ0oGoUmcBWKr5RA0Fam5EmYlIWE1 9AUzUgJ6g2CGwuBFSKH8F1kZZscemrpObxsozJadZVpCtTRONhw2t3VdKrlG8iaC eEx1Cfippqd5yBvhr7Sbe0ESnj3J7TS9GREkdc23b4BsThunDHwvSx4+pv5NQ8hK n+xxZUeqtaledUC8hTmV8dYCn95D5tRCtvtFxUD6UakvybRiTFs7oxK7gYX0r1Qk Fk652BcHRibLqwEyIVzbTRO8ON+sMZmk9JvpttuExC30IVHORHP+V5kG0VjGszVO dcfkn1iuVMmYJV8PYDhqdG+9G3kItrDFvU8+y/KT+OGKN5LMy5hzMPHxKwFkHaAn XBhrjG8HizbcOJP6+Hx9QiVf4TP4cbj/jXCx0go4exRAyrjRgTdI2hhHBy6j3BJr aGdOkyMqQW99Y/69lOXw165LivYIm9tPN7egeis7J5KKSbHWeAXNWYHuwl16juBD p/WB7mPfLkw= =1bqC -----END PGP SIGNATURE-----