copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2014.2341 - [RedHat] kernel: Multiple vulnerabilities

Date: 10 December 2014
References: ESB-2014.0110  ESB-2014.0188  ESB-2014.0329  ESB-2014.1839  ESB-2014.2016  ESB-2014.2403  ESB-2014.2412.2  ESB-2014.2438  ESB-2015.0093  ESB-2015.0137  
ESB-2015.0144  ESB-2015.0189  ESB-2015.0266  ESB-2015.0485  ESB-2015.0736  ESB-2015.1935  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.2341
               Important: kernel security and bug fix update
                             10 December 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Root Compromise        -- Console/Physical      
                   Access Privileged Data -- Existing Account      
                   Denial of Service      -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-6410 CVE-2014-5045 CVE-2014-4656
                   CVE-2014-4655 CVE-2014-4654 CVE-2014-4652
                   CVE-2014-4027 CVE-2014-3688 CVE-2014-3687
                   CVE-2014-3673 CVE-2014-3631 CVE-2014-3186
                   CVE-2014-3185 CVE-2014-3184 CVE-2014-3182
                   CVE-2014-3181 CVE-2014-1739 CVE-2013-2929

Reference:         ESB-2014.2016
                   ESB-2014.1839
                   ESB-2014.0329
                   ESB-2014.0188
                   ESB-2014.0110

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2014-1971.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2014:1971-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2014-1971.html
Issue date:        2014-12-09
CVE Names:         CVE-2013-2929 CVE-2014-1739 CVE-2014-3181 
                   CVE-2014-3182 CVE-2014-3184 CVE-2014-3185 
                   CVE-2014-3186 CVE-2014-3631 CVE-2014-3673 
                   CVE-2014-3687 CVE-2014-3688 CVE-2014-4027 
                   CVE-2014-4652 CVE-2014-4654 CVE-2014-4655 
                   CVE-2014-4656 CVE-2014-5045 CVE-2014-6410 
=====================================================================

1. Summary:

Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

* A flaw was found in the way the Linux kernel's SCTP implementation
handled malformed or duplicate Address Configuration Change Chunks
(ASCONF). A remote attacker could use either of these flaws to crash the
system. (CVE-2014-3673, CVE-2014-3687, Important)

* A flaw was found in the way the Linux kernel's SCTP implementation
handled the association's output queue. A remote attacker could send
specially crafted packets that would cause the system to use an excessive
amount of memory, leading to a denial of service. (CVE-2014-3688,
Important)

* Two flaws were found in the way the Apple Magic Mouse/Trackpad
multi-touch driver and the Minibox PicoLCD driver handled invalid HID
reports. An attacker with physical access to the system could use these
flaws to crash the system or, potentially, escalate their privileges on the
system. (CVE-2014-3181, CVE-2014-3186, Moderate)

* A memory corruption flaw was found in the way the USB ConnectTech
WhiteHEAT serial driver processed completion commands sent via USB Request
Blocks buffers. An attacker with physical access to the system could use
this flaw to crash the system or, potentially, escalate their privileges on
the system. (CVE-2014-3185, Moderate)

* A flaw was found in the way the Linux kernel's keys subsystem handled the
termination condition in the associative array garbage collection
functionality. A local, unprivileged user could use this flaw to crash the
system. (CVE-2014-3631, Moderate)

* Multiple flaws were found in the way the Linux kernel's ALSA
implementation handled user controls. A local, privileged user could use
either of these flaws to crash the system. (CVE-2014-4654, CVE-2014-4655,
CVE-2014-4656, Moderate)

* A flaw was found in the way the Linux kernel's VFS subsystem handled
reference counting when performing unmount operations on symbolic links.
A local, unprivileged user could use this flaw to exhaust all available
memory on the system or, potentially, trigger a use-after-free error,
resulting in a system crash or privilege escalation. (CVE-2014-5045,
Moderate)

* A flaw was found in the way the get_dumpable() function return value was
interpreted in the ptrace subsystem of the Linux kernel. When
'fs.suid_dumpable' was set to 2, a local, unprivileged local user could
use this flaw to bypass intended ptrace restrictions and obtain
potentially sensitive information. (CVE-2013-2929, Low)

* A stack overflow flaw caused by infinite recursion was found in the way
the Linux kernel's UDF file system implementation processed indirect ICBs.
An attacker with physical access to the system could use a specially
crafted UDF image to crash the system. (CVE-2014-6410, Low)

* An information leak flaw in the way the Linux kernel handled media device
enumerate entities IOCTL requests could allow a local user able to access
the /dev/media0 device file to leak kernel memory bytes. (CVE-2014-1739,
Low)

* An out-of-bounds read flaw in the Logitech Unifying receiver driver could
allow an attacker with physical access to the system to crash the system
or, potentially, escalate their privileges on the system. (CVE-2014-3182,
Low)

* Multiple out-of-bounds write flaws were found in the way the Cherry
Cymotion keyboard driver, KYE/Genius device drivers, Logitech device
drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote
control driver, and Sunplus wireless desktop driver handled invalid HID
reports. An attacker with physical access to the system could use either of
these flaws to write data past an allocated memory buffer. (CVE-2014-3184,
Low)

* An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp)
back end driver of the iSCSI Target subsystem could allow a privileged user
to leak the contents of kernel memory to an iSCSI initiator remote client.
(CVE-2014-4027, Low)

* An information leak flaw in the Linux kernel's ALSA implementation could
allow a local, privileged user to leak kernel memory to user space.
(CVE-2014-4652, Low)

4. Solution:

Red Hat would like to thank Frey Alfredsson for reporting CVE-2014-3631,
and Vasily Averin of Parallels for reporting CVE-2014-5045. The
CVE-2014-3673 was discovered by Liu Wei of Red Hat.

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not use
"rpm -Uvh" as that will remove the running kernel binaries from your
system. You may use "rpm -e" to remove old kernels after determining that
the new kernel functions properly on your system.

5. Bugs fixed (https://bugzilla.redhat.com/):

1028148 - CVE-2013-2929 kernel: exec/ptrace: get_dumpable() incorrect tests
1108744 - CVE-2014-4027 Kernel: target/rd: imformation leakage
1109774 - CVE-2014-1739 Kernel: drivers: media: an information leakage
1113406 - CVE-2014-4652 Kernel: ALSA: control: protect user controls against races & memory disclosure
1113445 - CVE-2014-4654 CVE-2014-4655 Kernel: ALSA: control: use-after-free in replacing user controls
1113470 - CVE-2014-4656 Kernel: ALSA: control: integer overflow in id.index & id.numid
1122472 - CVE-2014-5045 kernel: vfs: refcount issues during unmount on symlink
1140325 - CVE-2014-3631 kernel: keys: incorrect termination condition in assoc array garbage collection
1141173 - CVE-2014-3181 Kernel: HID: OOB write in magicmouse driver
1141210 - CVE-2014-3182 Kernel: HID: logitech-dj OOB array access
1141391 - CVE-2014-3184 Kernel: HID: off by one error in various _report_fixup routines
1141400 - CVE-2014-3185 Kernel: USB serial: memory corruption flaw
1141407 - CVE-2014-3186 Kernel: HID: memory corruption via OOB write
1141809 - CVE-2014-6410 kernel: udf: Avoid infinite loop when processing indirect ICBs
1147850 - CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
1155731 - CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks
1155745 - CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-123.13.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm
perf-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
kernel-doc-3.10.0-123.13.1.el7.noarch.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-123.13.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm
perf-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
kernel-doc-3.10.0-123.13.1.el7.noarch.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-123.13.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm

ppc64:
kernel-3.10.0-123.13.1.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debug-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debug-devel-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-123.13.1.el7.ppc64.rpm
kernel-devel-3.10.0-123.13.1.el7.ppc64.rpm
kernel-headers-3.10.0-123.13.1.el7.ppc64.rpm
kernel-tools-3.10.0-123.13.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
kernel-tools-libs-3.10.0-123.13.1.el7.ppc64.rpm
perf-3.10.0-123.13.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm

s390x:
kernel-3.10.0-123.13.1.el7.s390x.rpm
kernel-debug-3.10.0-123.13.1.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
kernel-debug-devel-3.10.0-123.13.1.el7.s390x.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-123.13.1.el7.s390x.rpm
kernel-devel-3.10.0-123.13.1.el7.s390x.rpm
kernel-headers-3.10.0-123.13.1.el7.s390x.rpm
kernel-kdump-3.10.0-123.13.1.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
kernel-kdump-devel-3.10.0-123.13.1.el7.s390x.rpm
perf-3.10.0-123.13.1.el7.s390x.rpm
perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm

x86_64:
kernel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm
perf-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

noarch:
kernel-doc-3.10.0-123.13.1.el7.noarch.rpm

ppc64:
kernel-debug-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-123.13.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-123.13.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
python-perf-3.10.0-123.13.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm

s390x:
kernel-debug-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-123.13.1.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
python-perf-3.10.0-123.13.1.el7.s390x.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-123.13.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm
kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm
perf-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:
kernel-doc-3.10.0-123.13.1.el7.noarch.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-3.10.0-123.13.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2013-2929
https://access.redhat.com/security/cve/CVE-2014-1739
https://access.redhat.com/security/cve/CVE-2014-3181
https://access.redhat.com/security/cve/CVE-2014-3182
https://access.redhat.com/security/cve/CVE-2014-3184
https://access.redhat.com/security/cve/CVE-2014-3185
https://access.redhat.com/security/cve/CVE-2014-3186
https://access.redhat.com/security/cve/CVE-2014-3631
https://access.redhat.com/security/cve/CVE-2014-3673
https://access.redhat.com/security/cve/CVE-2014-3687
https://access.redhat.com/security/cve/CVE-2014-3688
https://access.redhat.com/security/cve/CVE-2014-4027
https://access.redhat.com/security/cve/CVE-2014-4652
https://access.redhat.com/security/cve/CVE-2014-4654
https://access.redhat.com/security/cve/CVE-2014-4655
https://access.redhat.com/security/cve/CVE-2014-4656
https://access.redhat.com/security/cve/CVE-2014-5045
https://access.redhat.com/security/cve/CVE-2014-6410
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2014 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFUh2CJXlSAg2UNWIIRArzSAJ95AhqaUI998VyNBJGQaTXfSHeJuQCdFjTp
6IsJOT0XYi+TiyneMDOm9f4=
=a0Ai
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVIe5UhLndAQH1ShLAQJRCQ/7BbrMZHMNOsGC93AEqXYOkzFSkjit49bU
4DsIVFnn34O0isyrrj6OnV35fyj8ST1w46cW/jgnbmSP97Uhd4VE4DSk6etXWslk
fAYmqGvE107tntR0Rw9W4DSSLQP0a76Bsdx6bcmVm/i0b7GfBAllWckl4Wb+5Mvc
+4zOhyTV4wDDasz8xl4Mn2CWcIdn1T/FndS3ue3b2lGR8x4IQmlFvabW16RgMHJl
sqYMm96ZaEysGgvglBdWqC5wGm5UM6ZtBWRWTWyp9yK/tiKxMWLLscGdDANSPS9B
kgoV8Xo09wKJGrcLCVs2EVWtm/uI00ItKZyqlXnz+MDC9T/eSLP24D+Lg2lPGNkW
NfUEvu9xPOQONqy6L0AFAZcsvtPm1hD23Fy3HQr+Fjae0tNHxMRF7mvwmXHtzUNQ
OXvZzXht3leIGu6TiZQUnbIURDEzhia2UXjOazBD5NoUKWoU83JYtsJmL2NMnvfG
mOLepRVImZeCpYVlvdx08wrhrk+r6C9js0FnMYYlOAmIMPewDAKGJ4V+R2cKkwT5
/xKszo5cXSvzM7/8OXuUeWtV7gtANLg53+2yzK6ARoXZUJpKbeX+xASqC8bhYw8N
EbJhsajtkbrCgAmrDmIU0TqCeXjusj5Zv/DyAIyauDch6Hx6DSsOkJafssH3OOkX
m9eANFXUzsI=
=cDV4
-----END PGP SIGNATURE-----