copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2005.0206 -- RHSA-2005:277-01 -- Critical: mozilla security update

Date: 07 March 2005

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                     ESB-2005.0206 -- RHSA-2005:277-01
                     Critical: mozilla security update
                               7 March 2005

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           mozilla
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux AS/ES/WS 4
                   Red Hat Desktop version 4
                   Linux variants
                   UNIX variants
Impact:            Execute Arbitrary Code/Commands
Access:            Remote/Unauthenticated
CVE Names:         CAN-2005-0255

Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-277.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Critical: mozilla security update
Advisory ID:       RHSA-2005:277-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-277.html
Issue date:        2005-03-04
Updated on:        2005-03-04
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2005-0255
- - ---------------------------------------------------------------------

1. Summary:

Updated mozilla packages that fix a buffer overflow issue are now available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.

A bug was found in the Mozilla string handling functions. If a malicious
website is able to exhaust a system's memory, it becomes possible to
execute arbitrary code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0255 to this issue.

Please note that other security issues have been found that affect Mozilla.
These other issues have a lower severity, and are therefore planned to be
released as additional security updates in the future.

Users of Mozilla should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

150124 - CAN-2005-0255 Memory overwrite in string library

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm
f38dbc4a876a2e8a7d22bf87b76fd615  mozilla-1.7.3-19.EL4.src.rpm

i386:
39ae3210517d35d921e930006841ee43  mozilla-1.7.3-19.EL4.i386.rpm
4ee1aef2c3beaa885da379f3269e8c6d  mozilla-chat-1.7.3-19.EL4.i386.rpm
29012dae4a799da739161abbb2d92191  mozilla-devel-1.7.3-19.EL4.i386.rpm
eb579278872aa0c63991657c267709d9  mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm
c35b92bcb3231bddb30ee8c5b085f7f1  mozilla-js-debugger-1.7.3-19.EL4.i386.rpm
55e70ed5c693b518abd3e6655b2756c3  mozilla-mail-1.7.3-19.EL4.i386.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
51c68d470ff73cda32e53faccf0d09de  mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
998c5006ebadb4dc0667dd45c062481a  mozilla-nss-devel-1.7.3-19.EL4.i386.rpm

ia64:
ca68d27df9d703f28caf702f03a2c815  mozilla-1.7.3-19.EL4.ia64.rpm
c9613d7843931c8f307e7d030bcfeebb  mozilla-chat-1.7.3-19.EL4.ia64.rpm
50112396b34bd6724f61db2bdda37f3c  mozilla-devel-1.7.3-19.EL4.ia64.rpm
08f955d73348162bc74d205b1afcb2f4  mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm
bcbad4d5cf1df6b85c25d5718c3297e7  mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm
246c4095425ed95cf3d4e7524eabafc6  mozilla-mail-1.7.3-19.EL4.ia64.rpm
a0c490f4e9cd7f9d89b72a84fc8382b0  mozilla-nspr-1.7.3-19.EL4.ia64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
2bb0039d09b0b9e90ec2ba2a45b349d3  mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm
b6566d37c099e89a790247f5ee01511b  mozilla-nss-1.7.3-19.EL4.ia64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
162f10e927ac46eb5c997fb8fb8aef31  mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm

ppc:
4f14f23c3f82b7cd991c8c307346c3b4  mozilla-1.7.3-19.EL4.ppc.rpm
8929adbac27a0119b282fe1afc98f0ef  mozilla-chat-1.7.3-19.EL4.ppc.rpm
b899f513c30ace575ab4e9b83162bb5e  mozilla-devel-1.7.3-19.EL4.ppc.rpm
105b7865dc67efa9f589f805a64ec9af  mozilla-dom-inspector-1.7.3-19.EL4.ppc.rpm
bf2755837521d659b2d497949dfc86c0  mozilla-js-debugger-1.7.3-19.EL4.ppc.rpm
7b8a29af2710b33b664548c933484f8f  mozilla-mail-1.7.3-19.EL4.ppc.rpm
c615451892c2a69503c57a9f4e75e007  mozilla-nspr-1.7.3-19.EL4.ppc.rpm
c2de101cf5751833f149ae4102e21cff  mozilla-nspr-devel-1.7.3-19.EL4.ppc.rpm
96b763974d10ac72401f364ff196b290  mozilla-nss-1.7.3-19.EL4.ppc.rpm
f7f3f84a81eae1936be81d1a3d887e58  mozilla-nss-devel-1.7.3-19.EL4.ppc.rpm

s390:
f2e1f2a5d33abf7e1b9350c169a2cc84  mozilla-1.7.3-19.EL4.s390.rpm
0a51da8cec34280604a009e7c09144bc  mozilla-chat-1.7.3-19.EL4.s390.rpm
b5280f95e1d4fbcfd2fbe3ebe5c7128b  mozilla-devel-1.7.3-19.EL4.s390.rpm
84a2fafb4d8581067fdd255d9ee161a8  mozilla-dom-inspector-1.7.3-19.EL4.s390.rpm
8da4e2d1d8c81cb195b911e8c40ed9f8  mozilla-js-debugger-1.7.3-19.EL4.s390.rpm
a983613094c5b1f2e9f1369c94aa651e  mozilla-mail-1.7.3-19.EL4.s390.rpm
2d6ab4a4a5c13efaa9a84ce14393284a  mozilla-nspr-1.7.3-19.EL4.s390.rpm
4086ab3ca9b912854a0eea21fd6f9a40  mozilla-nspr-devel-1.7.3-19.EL4.s390.rpm
91042804e7acdc601033c5953021defb  mozilla-nss-1.7.3-19.EL4.s390.rpm
68a8b46fa0f9944d822e1f3cfd2582a1  mozilla-nss-devel-1.7.3-19.EL4.s390.rpm

s390x:
1802303fc112de0d5418f1bbb65ffe13  mozilla-1.7.3-19.EL4.s390x.rpm
e080b19af615c3f3fc6c9995c179bfa9  mozilla-chat-1.7.3-19.EL4.s390x.rpm
e66986eda1e3df2916cd01883acb4479  mozilla-devel-1.7.3-19.EL4.s390x.rpm
5269aba3adb89b23321948cfcad311bc  mozilla-dom-inspector-1.7.3-19.EL4.s390x.rpm
d06443ccad52994058ee252d16801f87  mozilla-js-debugger-1.7.3-19.EL4.s390x.rpm
a768d5077632f588070be23882b937c2  mozilla-mail-1.7.3-19.EL4.s390x.rpm
baf7c42fdaa423b0c3494ee682a39dd1  mozilla-nspr-1.7.3-19.EL4.s390x.rpm
2d6ab4a4a5c13efaa9a84ce14393284a  mozilla-nspr-1.7.3-19.EL4.s390.rpm
05d4351be5e8e1d5c382d9cf0b353713  mozilla-nspr-devel-1.7.3-19.EL4.s390x.rpm
37901c38badcb3d39cb7a64397ec4f93  mozilla-nss-1.7.3-19.EL4.s390x.rpm
91042804e7acdc601033c5953021defb  mozilla-nss-1.7.3-19.EL4.s390.rpm
8d67688575c64ad370a5283342be5109  mozilla-nss-devel-1.7.3-19.EL4.s390x.rpm

x86_64:
9f52dbcbe3bf5a56f22eadf2969d9c6a  mozilla-1.7.3-19.EL4.x86_64.rpm
598e7b559ed697719b65982ad5797252  mozilla-chat-1.7.3-19.EL4.x86_64.rpm
0ac7afa778ab2b8aaaf6d0f30016d0cd  mozilla-devel-1.7.3-19.EL4.x86_64.rpm
97fc7abc0299fa2810ce0d225908433a  mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm
3d967bdd0340af26c9e8a0ab2ad5b0c6  mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm
95bc074f815a069613faf291c61a9a69  mozilla-mail-1.7.3-19.EL4.x86_64.rpm
62c81b6dc5d6b86f08a2541980221a11  mozilla-nspr-1.7.3-19.EL4.x86_64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
cb1cb0147b778d54e643576b3a5f2da1  mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm
63d679f77661d47ea5b4292976ce756d  mozilla-nss-1.7.3-19.EL4.x86_64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
bb682fbbfe26f9b914cee41e6bb27984  mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm
f38dbc4a876a2e8a7d22bf87b76fd615  mozilla-1.7.3-19.EL4.src.rpm

i386:
39ae3210517d35d921e930006841ee43  mozilla-1.7.3-19.EL4.i386.rpm
4ee1aef2c3beaa885da379f3269e8c6d  mozilla-chat-1.7.3-19.EL4.i386.rpm
29012dae4a799da739161abbb2d92191  mozilla-devel-1.7.3-19.EL4.i386.rpm
eb579278872aa0c63991657c267709d9  mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm
c35b92bcb3231bddb30ee8c5b085f7f1  mozilla-js-debugger-1.7.3-19.EL4.i386.rpm
55e70ed5c693b518abd3e6655b2756c3  mozilla-mail-1.7.3-19.EL4.i386.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
51c68d470ff73cda32e53faccf0d09de  mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
998c5006ebadb4dc0667dd45c062481a  mozilla-nss-devel-1.7.3-19.EL4.i386.rpm

x86_64:
9f52dbcbe3bf5a56f22eadf2969d9c6a  mozilla-1.7.3-19.EL4.x86_64.rpm
598e7b559ed697719b65982ad5797252  mozilla-chat-1.7.3-19.EL4.x86_64.rpm
0ac7afa778ab2b8aaaf6d0f30016d0cd  mozilla-devel-1.7.3-19.EL4.x86_64.rpm
97fc7abc0299fa2810ce0d225908433a  mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm
3d967bdd0340af26c9e8a0ab2ad5b0c6  mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm
95bc074f815a069613faf291c61a9a69  mozilla-mail-1.7.3-19.EL4.x86_64.rpm
62c81b6dc5d6b86f08a2541980221a11  mozilla-nspr-1.7.3-19.EL4.x86_64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
cb1cb0147b778d54e643576b3a5f2da1  mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm
63d679f77661d47ea5b4292976ce756d  mozilla-nss-1.7.3-19.EL4.x86_64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
bb682fbbfe26f9b914cee41e6bb27984  mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm
f38dbc4a876a2e8a7d22bf87b76fd615  mozilla-1.7.3-19.EL4.src.rpm

i386:
39ae3210517d35d921e930006841ee43  mozilla-1.7.3-19.EL4.i386.rpm
4ee1aef2c3beaa885da379f3269e8c6d  mozilla-chat-1.7.3-19.EL4.i386.rpm
29012dae4a799da739161abbb2d92191  mozilla-devel-1.7.3-19.EL4.i386.rpm
eb579278872aa0c63991657c267709d9  mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm
c35b92bcb3231bddb30ee8c5b085f7f1  mozilla-js-debugger-1.7.3-19.EL4.i386.rpm
55e70ed5c693b518abd3e6655b2756c3  mozilla-mail-1.7.3-19.EL4.i386.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
51c68d470ff73cda32e53faccf0d09de  mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
998c5006ebadb4dc0667dd45c062481a  mozilla-nss-devel-1.7.3-19.EL4.i386.rpm

ia64:
ca68d27df9d703f28caf702f03a2c815  mozilla-1.7.3-19.EL4.ia64.rpm
c9613d7843931c8f307e7d030bcfeebb  mozilla-chat-1.7.3-19.EL4.ia64.rpm
50112396b34bd6724f61db2bdda37f3c  mozilla-devel-1.7.3-19.EL4.ia64.rpm
08f955d73348162bc74d205b1afcb2f4  mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm
bcbad4d5cf1df6b85c25d5718c3297e7  mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm
246c4095425ed95cf3d4e7524eabafc6  mozilla-mail-1.7.3-19.EL4.ia64.rpm
a0c490f4e9cd7f9d89b72a84fc8382b0  mozilla-nspr-1.7.3-19.EL4.ia64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
2bb0039d09b0b9e90ec2ba2a45b349d3  mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm
b6566d37c099e89a790247f5ee01511b  mozilla-nss-1.7.3-19.EL4.ia64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
162f10e927ac46eb5c997fb8fb8aef31  mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm

x86_64:
9f52dbcbe3bf5a56f22eadf2969d9c6a  mozilla-1.7.3-19.EL4.x86_64.rpm
598e7b559ed697719b65982ad5797252  mozilla-chat-1.7.3-19.EL4.x86_64.rpm
0ac7afa778ab2b8aaaf6d0f30016d0cd  mozilla-devel-1.7.3-19.EL4.x86_64.rpm
97fc7abc0299fa2810ce0d225908433a  mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm
3d967bdd0340af26c9e8a0ab2ad5b0c6  mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm
95bc074f815a069613faf291c61a9a69  mozilla-mail-1.7.3-19.EL4.x86_64.rpm
62c81b6dc5d6b86f08a2541980221a11  mozilla-nspr-1.7.3-19.EL4.x86_64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
cb1cb0147b778d54e643576b3a5f2da1  mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm
63d679f77661d47ea5b4292976ce756d  mozilla-nss-1.7.3-19.EL4.x86_64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
bb682fbbfe26f9b914cee41e6bb27984  mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm
f38dbc4a876a2e8a7d22bf87b76fd615  mozilla-1.7.3-19.EL4.src.rpm

i386:
39ae3210517d35d921e930006841ee43  mozilla-1.7.3-19.EL4.i386.rpm
4ee1aef2c3beaa885da379f3269e8c6d  mozilla-chat-1.7.3-19.EL4.i386.rpm
29012dae4a799da739161abbb2d92191  mozilla-devel-1.7.3-19.EL4.i386.rpm
eb579278872aa0c63991657c267709d9  mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm
c35b92bcb3231bddb30ee8c5b085f7f1  mozilla-js-debugger-1.7.3-19.EL4.i386.rpm
55e70ed5c693b518abd3e6655b2756c3  mozilla-mail-1.7.3-19.EL4.i386.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
51c68d470ff73cda32e53faccf0d09de  mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
998c5006ebadb4dc0667dd45c062481a  mozilla-nss-devel-1.7.3-19.EL4.i386.rpm

ia64:
ca68d27df9d703f28caf702f03a2c815  mozilla-1.7.3-19.EL4.ia64.rpm
c9613d7843931c8f307e7d030bcfeebb  mozilla-chat-1.7.3-19.EL4.ia64.rpm
50112396b34bd6724f61db2bdda37f3c  mozilla-devel-1.7.3-19.EL4.ia64.rpm
08f955d73348162bc74d205b1afcb2f4  mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm
bcbad4d5cf1df6b85c25d5718c3297e7  mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm
246c4095425ed95cf3d4e7524eabafc6  mozilla-mail-1.7.3-19.EL4.ia64.rpm
a0c490f4e9cd7f9d89b72a84fc8382b0  mozilla-nspr-1.7.3-19.EL4.ia64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
2bb0039d09b0b9e90ec2ba2a45b349d3  mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm
b6566d37c099e89a790247f5ee01511b  mozilla-nss-1.7.3-19.EL4.ia64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
162f10e927ac46eb5c997fb8fb8aef31  mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm

x86_64:
9f52dbcbe3bf5a56f22eadf2969d9c6a  mozilla-1.7.3-19.EL4.x86_64.rpm
598e7b559ed697719b65982ad5797252  mozilla-chat-1.7.3-19.EL4.x86_64.rpm
0ac7afa778ab2b8aaaf6d0f30016d0cd  mozilla-devel-1.7.3-19.EL4.x86_64.rpm
97fc7abc0299fa2810ce0d225908433a  mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm
3d967bdd0340af26c9e8a0ab2ad5b0c6  mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm
95bc074f815a069613faf291c61a9a69  mozilla-mail-1.7.3-19.EL4.x86_64.rpm
62c81b6dc5d6b86f08a2541980221a11  mozilla-nspr-1.7.3-19.EL4.x86_64.rpm
eb3c48388e576edb480b7c2effc4a33e  mozilla-nspr-1.7.3-19.EL4.i386.rpm
cb1cb0147b778d54e643576b3a5f2da1  mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm
63d679f77661d47ea5b4292976ce756d  mozilla-nss-1.7.3-19.EL4.x86_64.rpm
0f87bb5b91f895f7f2ddc50d8fa7a783  mozilla-nss-1.7.3-19.EL4.i386.rpm
bb682fbbfe26f9b914cee41e6bb27984  mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://www.mozilla.org/security/announce/mfsa2005-18.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0255

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCKCkxXlSAg2UNWIIRAmFoAKCd0JljpfDp1Li6oTreAZLQGv2XvQCcCP10
3+HfeqALjPlRANhJfghnYD0=
=Mh9/
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQivkqCh9+71yA2DNAQIF5wQAnna6DoajOgj3UM9gUDc4RMJQ03cB7BHg
e8zg3Yv8OgNt6FTljD/Hx0jLPsaNBPT0DzsyY0HuAqiFDY3wQXOcc1DvyRJxi7gL
ZBtVVAoCOpMp7o9lcVukPtW4itSo4N7uBma2MOOFEa8B2OgL1qIb0NxLX2s0b2m5
g9vKuzaNGgQ=
=gB7F
-----END PGP SIGNATURE-----