copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
Search this site

On this site

 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login


ESB-2009.1379 - [Debian] graphicsmagick: Multiple vulnerabilities

Date: 08 October 2009
References: ESB-2007.0722  ESB-2008.0390  ESB-2009.1164  

Click here for printable version
Click here for PGP verifiable version
Hash: SHA1

             AUSCERT External Security Bulletin Redistribution

          New graphicsmagick packages fix several vulnerabilities
                              8 October 2009


        AusCERT Security Bulletin Summary

Product:           graphicsmagick
Publisher:         Debian
Operating System:  Debian GNU/Linux 4
                   Debian GNU/Linux 5
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Access Privileged Data          -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2009-1882 CVE-2008-6621 CVE-2008-6072
                   CVE-2008-6071 CVE-2008-6070 CVE-2008-3134
                   CVE-2008-1096 CVE-2007-4988 CVE-2007-4986
                   CVE-2007-4985 CVE-2007-1797 CVE-2007-1667

Reference:         ESB-2009.1164

Original Bulletin:

- --------------------------BEGIN INCLUDED TEXT--------------------

Hash: SHA1

- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1903                                  Giuseppe Iuculano
October 07, 2009            
- - ------------------------------------------------------------------------

Package        : graphicsmagick
Vulnerability  : several vulnerabilities
Problem type   : local (remote)
Debian-specific: no
CVE IDs        : CVE-2007-1667 CVE-2007-1797 CVE-2007-4985 CVE-2007-4986
                 CVE-2007-4988 CVE-2008-1096 CVE-2008-3134 CVE-2008-6070
                 CVE-2008-6071 CVE-2008-6072 CVE-2008-6621 CVE-2009-1882
Debian Bugs    : 414370 417862 444266 491439 530946

Several vulnerabilities have been discovered in graphicsmagick, a
collection of image processing tool, which can lead to the execution
of arbitrary code, exposure of sensitive information or cause DoS.
The Common Vulnerabilities and Exposures project identifies the
following problems:


  Multiple integer overflows in XInitImage function in xwd.c for
  GraphicsMagick, allow user-assisted remote attackers to cause a
  denial of service (crash) or obtain sensitive information via
  crafted images with large or negative values that trigger a
  buffer overflow. It only affects the oldstable distribution (etch).


  Multiple integer overflows allow remote attackers to execute arbitrary
  code via a crafted DCM image, or the colors or comments field in a
  crafted XWD image. It only affects the oldstable distribution (etch).


  A crafted image file can trigger an infinite loop in the ReadDCMImage
  function or in the ReadXCFImage function. It only affects the oldstable
  distribution (etch).


  Multiple integer overflows allow context-dependent attackers to execute
  arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file,
  which triggers a heap-based buffer overflow. It only affects the
  oldstable distribution (etch).


  A sign extension error allows context-dependent attackers to execute
  arbitrary code via a crafted width value in an image file, which
  triggers an integer overflow and a heap-based buffer overflow. It
  affects only the oldstable distribution (etch).


  The load_tile function in the XCF coder allows user-assisted remote
  attackers to cause a denial of service or possibly execute arbitrary
  code via a crafted .xcf file that triggers an out-of-bounds heap write.
  It affects only oldstable (etch).


  Multiple vulnerabilities in GraphicsMagick before 1.2.4 allow remote
  attackers to cause a denial of service (crash, infinite loop, or
  memory consumption) via vectors in the AVI, AVS, DCM, EPT, FITS,
  MTV,  PALM, RLA, and TGA decoder readers; and the
  GetImageCharacteristics function in magick/image.c, as reachable
  from a crafted PNG, JPEG, BMP, or TIFF file.


  Multiple heap-based buffer underflows in the ReadPALMImage function in
  coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers
  to ca use a denial of service (crash) or possibly execute arbitrary
  code via a crafted PALM image.


  Heap-based buffer overflow in the DecodeImage function in
  coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before
  1.2.3, allows remote attackers to cause a denial of service (crash)
  or possibly execute arbitrary code via a crafted PICT image.


  Multiple vulnerabilities in GraphicsMagick allow remote attackers to
  cause a denial of service (crash) via vectors in XCF and CINEON images.


  Vulnerability in GraphicsMagick allows remote attackers to cause a denial
  of service (crash) via vectors in DPX images.


  Integer overflow allows remote attackers to cause a denial of service
  (crash) and possibly execute arbitrary code via a crafted TIFF file,
  which triggers a buffer overflow.

For the oldstable distribution (etch), these problems have been fixed in
version 1.1.7-13+etch1.

For the stable distribution (lenny), these problems have been fixed in
version 1.1.11-3.2+lenny1.

For the upcoming stable distribution (squeeze) and the unstable
distribution ion (sid), these problems have been fixed in version

We recommend that you upgrade your graphicsmagick packages.

Upgrade instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- - -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:    60962 43b19aeb820ec1f54351004a31f4b5ea
    Size/MD5 checksum:  5926667 9dec2209500b44c617a789b4072ed724
    Size/MD5 checksum:     1113 62a7a1a734a73d5b8e469c893bd613ce

Architecture independent packages:
    Size/MD5 checksum:    14598 57fab68d7fa464bd4cc0549ef133b383
    Size/MD5 checksum:    11076 3040d645f62708c6466a39499374d3d2

alpha architecture (DEC Alpha)
    Size/MD5 checksum:  2182840 3ffc12641521e440f57367172f92209a
    Size/MD5 checksum:  1288686 d2c9e6be4644a734269de1c88331f9ea
    Size/MD5 checksum:   926466 d972bbaed070a442d07114e6997a7cc1
    Size/MD5 checksum:   158644 0e126f10444d296e9b1380a64fa84241
    Size/MD5 checksum:  1385310 ce45e530d64facbc957e251ae9431441
    Size/MD5 checksum:   255890 b8fca51c4e9091055f8d9bb456df24e6
    Size/MD5 checksum:   593454 8f7cd8e970671563b8d5668e59ce6138

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   536024 f1f9facf37ba316ade9a7d956dfd6be9
    Size/MD5 checksum:   926254 7feab4f41622ac35ebcf96a1d50f8042
    Size/MD5 checksum:   219650 da5ae63d6c9878fb21c0c0ca47fc112f
    Size/MD5 checksum:  1186004 63bbc34fa5785aa860297bb3dd7bd8cb
    Size/MD5 checksum:  1384074 bcb5dbb66d566ee83ee5ddc6cf49e949
    Size/MD5 checksum:   238412 7464579f4fa23ef86957b197917551d5
    Size/MD5 checksum:  1571362 b2af543a9be34e4c909121507abb0260

arm architecture (ARM)
    Size/MD5 checksum:   930420 21272f2bd54085e10583b24a92114d55
    Size/MD5 checksum:   533062 faf42b3930ba6834bad0219c2b1a43d7
    Size/MD5 checksum:  1181730 2c04ffadd1b33bf45c03350dbbe4b0ac
    Size/MD5 checksum:   153932 8f7247be475feeca9173ff46faaf9a75
    Size/MD5 checksum:   224486 025ef6457f64f92f10db9a41e8695557
    Size/MD5 checksum:  1309308 e8c527a20b44ca57f80b4ebaed9beb16
    Size/MD5 checksum:  1513490 bb12e86db793940c01e7597f8eb45f7d

hppa architecture (HP PA RISC)
    Size/MD5 checksum:  1368670 26b22802380d5994374b4320acf8b27d
    Size/MD5 checksum:   572540 0bb9b6868bc38e2d4268cbe64efa461c
    Size/MD5 checksum:   163528 b1290c88c4aa77faeaff7e0d058c93d0
    Size/MD5 checksum:   265172 6a105c2d3f3f4daae578418769c12829
    Size/MD5 checksum:  1320854 bb7a4e0a34ccf4f32b2213e3b564493b
    Size/MD5 checksum:   933560 882e78f3501ca00422d03ac4f464626c
    Size/MD5 checksum:  1811320 ce62629431b90205518ee3467e9172e2

i386 architecture (Intel ia32)
    Size/MD5 checksum:  1176848 9a1474b5d225db7e3043ba4b67745b18
    Size/MD5 checksum:   518478 1d7df110f7431939dab889105dcd980c
    Size/MD5 checksum:   928978 df0642e1a75bf97d3bb6b13cb96e4471
    Size/MD5 checksum:   245722 b2771087317ef6127f04f930b1f41f72
    Size/MD5 checksum:  1539990 b23864a65ace24a8164c0b8488491b66
    Size/MD5 checksum:   155218 97963ba6a5f638c79985517062e96d6a
    Size/MD5 checksum:  1320960 686f9e94c7163affe3268752c6471fab

ia64 architecture (Intel ia64)
    Size/MD5 checksum:  1650298 b545397e819c157a5a79e058c618060b
    Size/MD5 checksum:   184830 3a823d3177da2c873acb131012f13365
    Size/MD5 checksum:  2205550 9ba040707f78ded1495e97ec15a248d3
    Size/MD5 checksum:   927344 43b96bdb0cee1eb7ae4f37e9984463a8
    Size/MD5 checksum:  1404404 9d9e78598e12bddf101496f4acdca41e
    Size/MD5 checksum:   608162 3067077ece88b89c1da8060e9f05a8f7
    Size/MD5 checksum:   265590 efaa6e946881b0301032144f7c25c7a9

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:   932272 897abbb2d01b616ad8cf75fedfd80d02
    Size/MD5 checksum:   147638 4356750568514aee9dddbd3eb137701e
    Size/MD5 checksum:  1147350 90108ddec535812b9177d33f7c2a4c60
    Size/MD5 checksum:  1432494 de971f806f14a16cc6ce04938fe95394
    Size/MD5 checksum:   562142 8950d70ce44ee1cccce74a9dc2bb54b7
    Size/MD5 checksum:  1818700 0d99e93cb5073d48842f471a56e8162e
    Size/MD5 checksum:   241072 b4aa5f21489a822246f728cd68ede7f6

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:  1794276 d9ba13e2d4f380cc5725f9ee7554a236
    Size/MD5 checksum:   147850 5f2099e443ea7e0514585ce6d87fb4a3
    Size/MD5 checksum:   555092 04108d75ca39e8e717da742acc2673c5
    Size/MD5 checksum:   926254 6538d8c04fbfa1b80e5c448ad81621f0
    Size/MD5 checksum:  1138152 1147f1c76f1ff43cce2c5950283dcef5
    Size/MD5 checksum:  1398502 64334767beffa573d0b39aadb99813d2
    Size/MD5 checksum:   235740 e88daeeb20542d3e89d9e248860ae130

powerpc architecture (PowerPC)
    Size/MD5 checksum:  1172422 f8595dfa8cc09997d2a440f167c1a3cc
    Size/MD5 checksum:   539410 1c23a4d7ad9cd02b3233e05d150d2053
    Size/MD5 checksum:   928158 85a9d3b715b1e81e3857203a0a784d66
    Size/MD5 checksum:   156482 488aed97ea79498f5e0faca8a49c6324
    Size/MD5 checksum:  1639482 bab569480acecb60d76740921718859d
    Size/MD5 checksum:  1360008 a4ca3b6fbf9baf62de1d581f3f34c9fa
    Size/MD5 checksum:   240778 1d3a668cfbc45b2b9252d1f5f1b14bf6

s390 architecture (IBM S/390)
    Size/MD5 checksum:   155102 f4e1d40317c3537ed6b2c9f4d200d3e6
    Size/MD5 checksum:  1213490 a3ba287c19962dcdfbc1ed6687443d80
    Size/MD5 checksum:   926374 24141a4f663234560004920efd3e7629
    Size/MD5 checksum:   541402 0d5fa0879a74731d9fa17172887c1533
    Size/MD5 checksum:  1388758 67e7c27ca60173569b70d4be4a0dd835
    Size/MD5 checksum:  1581736 11209282b0715c633eb126578529cb3b
    Size/MD5 checksum:   246090 1b60cd99ad55353318e69c3a25fbe1cc

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:  1281462 3f361f6c4937c43536bcb3ddef0c641d
    Size/MD5 checksum:  1659818 882f46e5c53e2414504bcc933e72159c
    Size/MD5 checksum:   244558 bce23f3e274dcaf0081f1fcdc67c9eeb
    Size/MD5 checksum:   155798 f66d486c2ff76d8a24ea306e999b3eb9
    Size/MD5 checksum:   931830 54807bc4f4ed4da9917b818219942fbb
    Size/MD5 checksum:   517870 9114c6bf0b72341fecc36ee25a67a540
    Size/MD5 checksum:  1207890 047c434cf04fcaf8c60267b0da8ee15b

Debian GNU/Linux 5.0 alias lenny
- - --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:     1536 261662b6fb3b77604edab132d10977f6
    Size/MD5 checksum:   149167 cdd750ffe34e093cdfac225fa6b33a73
    Size/MD5 checksum:  6046139 16a032350a153d822ac07cae01961a91

Architecture independent packages:
    Size/MD5 checksum:    12644 7f81eeb86f1c06e48621f4af601c03af
    Size/MD5 checksum:    16174 618b4b262760b75319c81d651ee50644

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   251806 29e9e837be9cd8c9c87a309145f2c22a
    Size/MD5 checksum:  2216918 0d5e5032c154d0ab97c6a4b77dd9be28
    Size/MD5 checksum:   168342 2187fed80ec9cf16dea83f52424ad3d5
    Size/MD5 checksum:   949600 9d92e776db75aa661c182ff152c4e2c7
    Size/MD5 checksum:  1324724 c655909ae89de20960e7225c276b61e6
    Size/MD5 checksum:   556386 c6df7b7224329fccece081214a6ed79c
    Size/MD5 checksum:  2009766 7907b14755aa75158eebd4998fc110ad

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   239660 0be014a0260c90ae142c9749910f6456
    Size/MD5 checksum:  1610384 abfe17a246506f033d7227e55a63ec28
    Size/MD5 checksum:   167466 d72dfa520eeda623e58b5a807a5406fa
    Size/MD5 checksum:   506742 a2dc0acfa050e18f406d01b01e2e0c8b
    Size/MD5 checksum:  1236754 e5ccc560c88ba1ad2924bf3535bebb05
    Size/MD5 checksum:   945486 e6ea0625e241d50517a7ca1182de1049
    Size/MD5 checksum:  2005048 40fe099ac414b0404646209fc42670b6

arm architecture (ARM)
    Size/MD5 checksum:   946626 5f255f377c27b879be0a2903733455f2
    Size/MD5 checksum:  1249668 bea4ceabc7fe916a4026e02092805eaf
    Size/MD5 checksum:  1574460 fd8cfc2243cc19fbd82fe92218ea914a
    Size/MD5 checksum:   163864 ce222e8399e0345e0d881496707aa129
    Size/MD5 checksum:   507532 b694e7aeb81ea08f22cd76a1aa93d464
    Size/MD5 checksum:   215798 2cb250710d1e84407987ec863706548a
    Size/MD5 checksum:  1931104 cbca2a3875a1851ffc9edd8c7a016bd2

armel architecture (ARM EABI)
    Size/MD5 checksum:   207264 b56450fa017cb7e3dc10d65da47e0bc2
    Size/MD5 checksum:  1636040 2fe6d4efc39d3945fcb16b30870c90ed
    Size/MD5 checksum:   167494 ec677cc0f8ef06268b9d4720ee74f9e3
    Size/MD5 checksum:  1298728 3247f6ceac07b95858d8d9413f83fa21
    Size/MD5 checksum:   498980 6a0783b5257f3bddd9601540e054749c
    Size/MD5 checksum:   949262 11d9a1a9efe215d6f4fef5c34538f050
    Size/MD5 checksum:  1956524 96d2182fc3a47dcaeade26c98c2d2767

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   252100 41a80ecd3e2ac149bacff6a13f966283
    Size/MD5 checksum:  1961592 50ba5004f54c01856327347a6e9cf203
    Size/MD5 checksum:   950914 699725caa3e0148687788ac6705c60a8
    Size/MD5 checksum:  1354340 ff850be4165bf377cd93d84316e14716
    Size/MD5 checksum:   173022 3e8c132fd21ffa94954b5f6f4aa605eb
    Size/MD5 checksum:  1842306 cfc168761af19d8b0aad35a8427cdf1b
    Size/MD5 checksum:   543212 4d7220d235f2f10d3aff32d92ff98e9a

i386 architecture (Intel ia32)
    Size/MD5 checksum:   494178 4ff97dc9e9ea733d22a3829a05e895a8
    Size/MD5 checksum:  1544146 1914a5d9a26fc909e98e8e926ddb78d1
    Size/MD5 checksum:   947238 741fbb514c8cb4835b395b45184f76e3
    Size/MD5 checksum:   163900 3dac4dabd442279dfa97118e99a4ac6a
    Size/MD5 checksum:  1200420 6ccb85e8b7eaeeee2e4fe00d832803b2
    Size/MD5 checksum:  1891742 8d98c6b5ddfcaab523ab24a7ddd63b4a
    Size/MD5 checksum:   244172 a376387d274be4e565cdcdefc7e02ac8

ia64 architecture (Intel ia64)
    Size/MD5 checksum:   195638 7b70cbcbf9eeba4330fa0aeb7fd2d7b9
    Size/MD5 checksum:  2264444 b9b6b0b2b847cd713c941c6eb822c5f7
    Size/MD5 checksum:   252220 b2c424a95db21886f85ade67cf8dbca5
    Size/MD5 checksum:  1916200 602e072ef850fcfaecc6588dd6e19439
    Size/MD5 checksum:  1715576 75d36a1b5ccab823fd2f69b535971f36
    Size/MD5 checksum:   946412 136b987cdc989350dbce3fb1d806d3ad
    Size/MD5 checksum:   540490 a879b1dbb228488b4e2303c206f600b4

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:  1180394 254b74e53118704db38d1ba9403469e8
    Size/MD5 checksum:  1848226 35ca658bd1bc3b2e2c3f06b0559bf301
    Size/MD5 checksum:   945546 4d68b75099f6e4a6212414fc70b173a8
    Size/MD5 checksum:   157450 6ef6d0d004b2867ced9abbf63987f174
    Size/MD5 checksum:   525386 508c0b5477c7fc207f0682e69e7d57f2
    Size/MD5 checksum:   226120 7b075eeefbac2a6c10a7fcdf7b802c2c
    Size/MD5 checksum:  2055422 6a59a172fab96dce98d703dff6ffc36b

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:  1173422 b6f5b4fc1a66f4d39f81f8252e430219
    Size/MD5 checksum:   521944 461f9b4680448356819d6f8718c33c7e
    Size/MD5 checksum:   220740 79b4f89356667b50a465ef85cc629056
    Size/MD5 checksum:  1822334 6923505f5a27c3731bb64aceaaffa03a
    Size/MD5 checksum:  2006132 09f4b1d90fee1f6120542063ae273960
    Size/MD5 checksum:   156878 ec91e40dece84bc24ef439007f40a8d4
    Size/MD5 checksum:   945608 72dd8ad6868ccd876659fb21eeede65b

powerpc architecture (PowerPC)
    Size/MD5 checksum:  1978330 f47acae685043877945fa45ed4bca219
    Size/MD5 checksum:   514834 d632aa29c6c0b2f9bfcb24d5a9134137
    Size/MD5 checksum:   252230 f3977d79ca01ed3e72b419af48b0ad9d
    Size/MD5 checksum:  1686838 ad076587458f06143ce9fd624d61d469
    Size/MD5 checksum:   948196 a98b9d31bc941316f6189f494fa5037e
    Size/MD5 checksum:  1261388 3b1bd6e3340f230a213d460f98b63ee8
    Size/MD5 checksum:   168756 6a8442ceec6ff7bb60eaedc971059ec2

s390 architecture (IBM S/390)
    Size/MD5 checksum:  1619252 ca38638e3a0cdc46d74a6559247c1104
    Size/MD5 checksum:   164322 dc2f9c9f70528498c042f28d84671a15
    Size/MD5 checksum:   945820 4384d0ece685cce403e7773ed386ed8a
    Size/MD5 checksum:  1258438 0cb12522f80b35c033f426c56b76c6f4
    Size/MD5 checksum:   505820 ff001a1176dcbf1a97c56ecf5dec9dac
    Size/MD5 checksum:   241000 256f30a486ed7534335bef219c956fee
    Size/MD5 checksum:  2062094 454a2670d82338fbb94cec98fb35bd08

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   240578 b86739138fc4965c4da087f241152bf8
    Size/MD5 checksum:  1839278 96243c2c34cdd3831409ff9d722f1c99
    Size/MD5 checksum:   494706 256ac758644a290485119cb82f41458c
    Size/MD5 checksum:   164854 cdce21d2ef7366b199fdb910e803ae35
    Size/MD5 checksum:  1670772 90013d3338f17f1d728ff1410f3c9fcf
    Size/MD5 checksum:   946684 96dc74d0e35a56bc5e060ea7cdef5b8b
    Size/MD5 checksum:  1240344 4d6ac112d418c4124197573190b9d577

  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>
Version: GnuPG v1.4.10 (GNU/Linux)


- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email:
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.