[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 832/06 - Two Mandriva Linux Security Advisories:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 832/06 dated 19.12.06 time 10:30
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is available from the NISCC website at www.niscc.gov.uk
______________________________________________________________________________

Title
=====

Two Mandriva Linux Security Advisories:

1. MDKSA-2006:232 - Updated proftpd packages fix mod_ctrls vulnerability

2. MDKSA-2006:233 - Updated dbus packages fix vulnerability

Detail
======

1.  Stack-based buffer overflow in the pr_ctrls_recv_request function in  
ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local  
users to execute arbitrary code via a large reqarglen length value.

2.  A vulnerability was discovered in D-Bus that could be exploited by a  
local attacker to cause a Denial of Service.



1.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:232
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : proftpd
 Date    : December 18, 2006
 Affected: 2007.0
 _______________________________________________________________________
 
 Problem Description:
 
 Stack-based buffer overflow in the pr_ctrls_recv_request function in  ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1
allows local  users to execute arbitrary code via a large reqarglen length value.

 Packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6563
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 afa8803b9eede3fb73f55d31cb33e594  2007.0/i586/proftpd-1.3.0-4.4mdv2007.0.i586.rpm
 a1239dcf4957c20d234084c22a063812  2007.0/i586/proftpd-anonymous-1.3.0-4.4mdv2007.0.i586.rpm
 e9e9a955957310f3ef26fa55e24a191d  2007.0/i586/proftpd-mod_autohost-1.3.0-4.4mdv2007.0.i586.rpm
 f1b9111ed66ef2316e386e992bff56a8  2007.0/i586/proftpd-mod_case-1.3.0-4.4mdv2007.0.i586.rpm
 2f2aa9286bc126898cb23eaac5547cc0  2007.0/i586/proftpd-mod_clamav-1.3.0-4.4mdv2007.0.i586.rpm
 c5c71f0f78f6506842756ba9c79d121e  2007.0/i586/proftpd-mod_ctrls_admin-1.3.0-4.4mdv2007.0.i586.rpm
 bafbeb5bfc0684fcd053caec876646e8  2007.0/i586/proftpd-mod_facl-1.3.0-4.4mdv2007.0.i586.rpm
 4f4c8bd3a36ff3b68e7a479590a3ee25  2007.0/i586/proftpd-mod_gss-1.3.0-4.4mdv2007.0.i586.rpm
 d5c741aec06c740e9d7f035a887f68d5  2007.0/i586/proftpd-mod_ifsession-1.3.0-4.4mdv2007.0.i586.rpm
 e61958daf818219eb409565efb0be974  2007.0/i586/proftpd-mod_ldap-1.3.0-4.4mdv2007.0.i586.rpm
 c6f84f04b1a35ef26d6985a9063f0993  2007.0/i586/proftpd-mod_load-1.3.0-4.4mdv2007.0.i586.rpm
 dc0fec8773907dd7739fab6f5f6a5c78  2007.0/i586/proftpd-mod_quotatab-1.3.0-4.4mdv2007.0.i586.rpm
 860e998696b9140c94357457136be823  2007.0/i586/proftpd-mod_quotatab_file-1.3.0-4.4mdv2007.0.i586.rpm
 31478a97cf53f3da2b02ff26a19f9f69  2007.0/i586/proftpd-mod_quotatab_ldap-1.3.0-4.4mdv2007.0.i586.rpm
 355b61338fd647be4054d19e6c01587c  2007.0/i586/proftpd-mod_quotatab_sql-1.3.0-4.4mdv2007.0.i586.rpm
 aef74c8839a8cb1fef322573a5c8d484  2007.0/i586/proftpd-mod_radius-1.3.0-4.4mdv2007.0.i586.rpm
 39b8c05989e14fc1aeb6fd1395d43973  2007.0/i586/proftpd-mod_ratio-1.3.0-4.4mdv2007.0.i586.rpm
 61317e3f7742f4de4cfb26780f5cdd9a  2007.0/i586/proftpd-mod_rewrite-1.3.0-4.4mdv2007.0.i586.rpm
 4eba5eb110289f346d1ba0881ac82d50  2007.0/i586/proftpd-mod_shaper-1.3.0-4.4mdv2007.0.i586.rpm
 481a8ed2e0ffbc03751d26cd2ae0acb3  2007.0/i586/proftpd-mod_site_misc-1.3.0-4.4mdv2007.0.i586.rpm
 76e926b07afbe8748f0ca072a1456c9b  2007.0/i586/proftpd-mod_sql-1.3.0-4.4mdv2007.0.i586.rpm
 834b63d40bb375af7694165303dbaf54  2007.0/i586/proftpd-mod_sql_mysql-1.3.0-4.4mdv2007.0.i586.rpm
 68190d61d5f9dc321d5e96eebdc6bc17  2007.0/i586/proftpd-mod_sql_postgres-1.3.0-4.4mdv2007.0.i586.rpm
 d2a242a9d88ac200a5715ec3a979627d  2007.0/i586/proftpd-mod_time-1.3.0-4.4mdv2007.0.i586.rpm
 a5d110ed77605d7056795a759d620774  2007.0/i586/proftpd-mod_tls-1.3.0-4.4mdv2007.0.i586.rpm
 6d563b023289499bafa6438e18bea304  2007.0/i586/proftpd-mod_wrap-1.3.0-4.4mdv2007.0.i586.rpm
 97066280186fe51879b1f9f83a0fe865  2007.0/i586/proftpd-mod_wrap_file-1.3.0-4.4mdv2007.0.i586.rpm
 2a8ffd5324411ca4c5579b0f3cc821e0  2007.0/i586/proftpd-mod_wrap_sql-1.3.0-4.4mdv2007.0.i586.rpm
 9ebf57be4074ca06a03e73ea67157225  2007.0/SRPMS/proftpd-1.3.0-4.4mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 952398679665b5a5647ef5f879797074  2007.0/x86_64/proftpd-1.3.0-4.4mdv2007.0.x86_64.rpm
 b67b546a78493bc67296b001da9f6dc5  2007.0/x86_64/proftpd-anonymous-1.3.0-4.4mdv2007.0.x86_64.rpm
 57d7228f8190ad5956221ddd33748b2d  2007.0/x86_64/proftpd-mod_autohost-1.3.0-4.4mdv2007.0.x86_64.rpm
 c81674d9864512a2b47b00a4b9fc7ea2  2007.0/x86_64/proftpd-mod_case-1.3.0-4.4mdv2007.0.x86_64.rpm
 38629437de2866467dbee64942ef3d55  2007.0/x86_64/proftpd-mod_clamav-1.3.0-4.4mdv2007.0.x86_64.rpm
 59b89afa67aa44cf302b4585738d6b0c  2007.0/x86_64/proftpd-mod_ctrls_admin-1.3.0-4.4mdv2007.0.x86_64.rpm
 11d2e9e34803433fb623bff58e19fcc3  2007.0/x86_64/proftpd-mod_facl-1.3.0-4.4mdv2007.0.x86_64.rpm
 904dc5ff6e1ca7205eb28a0d31db67df  2007.0/x86_64/proftpd-mod_gss-1.3.0-4.4mdv2007.0.x86_64.rpm
 c3eed275e17b61dc989e898531c3f2ed  2007.0/x86_64/proftpd-mod_ifsession-1.3.0-4.4mdv2007.0.x86_64.rpm
 a060e67e5b0fe1e15dbc2e6d148de9b2  2007.0/x86_64/proftpd-mod_ldap-1.3.0-4.4mdv2007.0.x86_64.rpm
 959febcf9f74abccf5e3f249b3cd4501  2007.0/x86_64/proftpd-mod_load-1.3.0-4.4mdv2007.0.x86_64.rpm
 f0807b9080f431540bfe8b5729b2005f  2007.0/x86_64/proftpd-mod_quotatab-1.3.0-4.4mdv2007.0.x86_64.rpm
 b0c463356a8cbc6140d6ea7b28c6dc72  2007.0/x86_64/proftpd-mod_quotatab_file-1.3.0-4.4mdv2007.0.x86_64.rpm
 7dc4d54215124488579a572f49e4eea8  2007.0/x86_64/proftpd-mod_quotatab_ldap-1.3.0-4.4mdv2007.0.x86_64.rpm
 2e8fbfc88d28b2fd367088ffb66b044e  2007.0/x86_64/proftpd-mod_quotatab_sql-1.3.0-4.4mdv2007.0.x86_64.rpm
 6569fcc36cc6d11dfcc50db89a33037f  2007.0/x86_64/proftpd-mod_radius-1.3.0-4.4mdv2007.0.x86_64.rpm
 39838f915a30da0f1ed0245fc521051e  2007.0/x86_64/proftpd-mod_ratio-1.3.0-4.4mdv2007.0.x86_64.rpm
 dd89c2a4e5878c440fa506b36104f0fb  2007.0/x86_64/proftpd-mod_rewrite-1.3.0-4.4mdv2007.0.x86_64.rpm
 4b581f3bc61e0d34ff91f4dfad973ea1  2007.0/x86_64/proftpd-mod_shaper-1.3.0-4.4mdv2007.0.x86_64.rpm
 37c2b30dcfc23cd9d1b6483e3b436442  2007.0/x86_64/proftpd-mod_site_misc-1.3.0-4.4mdv2007.0.x86_64.rpm
 a6ea95e4cdc9c3a17d06442c41169d69  2007.0/x86_64/proftpd-mod_sql-1.3.0-4.4mdv2007.0.x86_64.rpm
 a7011c17a1a97a32b46a0a125fcaa28e  2007.0/x86_64/proftpd-mod_sql_mysql-1.3.0-4.4mdv2007.0.x86_64.rpm
 f65a272ba0af2f52a26fba6ebd216ee0  2007.0/x86_64/proftpd-mod_sql_postgres-1.3.0-4.4mdv2007.0.x86_64.rpm
 3187bcd5a199bbdafa6b49a43eb6cf91  2007.0/x86_64/proftpd-mod_time-1.3.0-4.4mdv2007.0.x86_64.rpm
 296952dc6fd46b23a309e762d7784044  2007.0/x86_64/proftpd-mod_tls-1.3.0-4.4mdv2007.0.x86_64.rpm
 dad6e49ca6ea17a06d22740532acfc33  2007.0/x86_64/proftpd-mod_wrap-1.3.0-4.4mdv2007.0.x86_64.rpm
 c3fa12831336500d533262efe59541a7  2007.0/x86_64/proftpd-mod_wrap_file-1.3.0-4.4mdv2007.0.x86_64.rpm
 3359395a670ecb3d7a94fc9e5d75373a  2007.0/x86_64/proftpd-mod_wrap_sql-1.3.0-4.4mdv2007.0.x86_64.rpm
 9ebf57be4074ca06a03e73ea67157225  2007.0/SRPMS/proftpd-1.3.0-4.4mdv2007.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFhyHEmqjQ0CJFipgRAszVAKDv2+bcq/wUxBU+DoUAIULG2/3GnACfctm9
T7DEwmtzr0kb7QLa9xkBPH0=
=ZF2C
- -----END PGP SIGNATURE-----



2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:233
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : dbus
 Date    : December 18, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0  _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was discovered in D-Bus that could be exploited by a  local attacker to cause a Denial of Service.

 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 157420971aee9447fe45a6989c977b6f  2006.0/i586/dbus-0.23.4-5.2.20060mdk.i586.rpm
 8880db0565d247075ca954caa5ef1fab  2006.0/i586/dbus-python-0.23.4-5.2.20060mdk.i586.rpm
 b2349a9c93daee901c2a4122a928460b  2006.0/i586/dbus-x11-0.23.4-5.2.20060mdk.i586.rpm
 37ab661a3f6e6786349562efacb37668  2006.0/i586/libdbus-1_0-0.23.4-5.2.20060mdk.i586.rpm
 665252fd7ec462c7e1a771f2fc649d5b  2006.0/i586/libdbus-1_0-devel-0.23.4-5.2.20060mdk.i586.rpm
 f5e7a8a261a90c0abd7cba5323d365b6  2006.0/i586/libdbus-glib-1_0-0.23.4-5.2.20060mdk.i586.rpm
 4d9b722ad5f26be663108b011645d2dd  2006.0/i586/libdbus-qt-1_0-0.23.4-5.2.20060mdk.i586.rpm
 0cc5027f1378ba34ee4c812536dc3eaa  2006.0/i586/libdbus-qt-1_0-devel-0.23.4-5.2.20060mdk.i586.rpm
 3ae5fcaa025ca99a30876dd757f91c17  2006.0/SRPMS/dbus-0.23.4-5.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 ebd67615affd1f1cb636b22a9c7d595f  2006.0/x86_64/dbus-0.23.4-5.2.20060mdk.x86_64.rpm
 89b3b13503f01dad8876e16064c216d0  2006.0/x86_64/dbus-python-0.23.4-5.2.20060mdk.x86_64.rpm
 9652189a6b3459458313544b7da84f02  2006.0/x86_64/dbus-x11-0.23.4-5.2.20060mdk.x86_64.rpm
 c2fcfd767785038f74d25e0532f77ef5  2006.0/x86_64/lib64dbus-1_0-0.23.4-5.2.20060mdk.x86_64.rpm
 38254d5bef798ae2e5aa13f942a7fd3c  2006.0/x86_64/lib64dbus-1_0-devel-0.23.4-5.2.20060mdk.x86_64.rpm
 f575dd010c4e3c2e64576f941d9f5723  2006.0/x86_64/lib64dbus-glib-1_0-0.23.4-5.2.20060mdk.x86_64.rpm
 d0c3cb484539042a6035eb548931bf7e  2006.0/x86_64/lib64dbus-qt-1_0-0.23.4-5.2.20060mdk.x86_64.rpm
 53250a34e675c61994ed0740e95a4171  2006.0/x86_64/lib64dbus-qt-1_0-devel-0.23.4-5.2.20060mdk.x86_64.rpm
 3ae5fcaa025ca99a30876dd757f91c17  2006.0/SRPMS/dbus-0.23.4-5.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 068faa33b6cb80a6e9cb434ff45f9c3c  2007.0/i586/dbus-0.92-8.2mdv2007.0.i586.rpm
 5b7890f6585084f62c30a805ae413542  2007.0/i586/dbus-x11-0.92-8.2mdv2007.0.i586.rpm
 0b4b857d9b8214d4c8862d34c29f1bb6  2007.0/i586/libdbus-1_3-0.92-8.2mdv2007.0.i586.rpm
 6b24df1469fc9e02f8958fe070dea431  2007.0/i586/libdbus-1_3-devel-0.92-8.2mdv2007.0.i586.rpm
 413a21795748c8897eb74dece25e8187  2007.0/SRPMS/dbus-0.92-8.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 2b13e29b75d3b353ac7f773d29d99e00  2007.0/x86_64/dbus-0.92-8.2mdv2007.0.x86_64.rpm
 2d755ac55933d96ae2098887120aa9b3  2007.0/x86_64/dbus-x11-0.92-8.2mdv2007.0.x86_64.rpm
 154086ed8af376e8ed6e5a794a4ff20f  2007.0/x86_64/lib64dbus-1_3-0.92-8.2mdv2007.0.x86_64.rpm
 3a1d2f9656d0f23469267c1105c9c52f  2007.0/x86_64/lib64dbus-1_3-devel-0.92-8.2mdv2007.0.x86_64.rpm
 413a21795748c8897eb74dece25e8187  2007.0/SRPMS/dbus-0.92-8.2mdv2007.0.src.rpm

 Corporate 3.0:
 0da4e1ae5ccdfa2578a4648d097d7fe5  corporate/3.0/i586/dbus-0.20-7.2.C30mdk.i586.rpm
 d30d24f78af2516c80b83c38137e7ba7  corporate/3.0/i586/dbus-python-0.20-7.2.C30mdk.i586.rpm
 a75d84cd539b35ebcc3b71538e028884  corporate/3.0/i586/dbus-x11-0.20-7.2.C30mdk.i586.rpm
 8346ecc52caf074c8501ea7515991acc  corporate/3.0/i586/libdbus-1_0-0.20-7.2.C30mdk.i586.rpm
 52e7ebc3a55744296b8035ffa2f73098  corporate/3.0/i586/libdbus-1_0-devel-0.20-7.2.C30mdk.i586.rpm
 854973491bef16467a39563ee27b1e83  corporate/3.0/i586/libdbus-glib-1_0-0.20-7.2.C30mdk.i586.rpm
 9a95af41bd674b3421bbd8587515b9e1  corporate/3.0/i586/libdbus-qt-1_0-0.20-7.2.C30mdk.i586.rpm
 2f2de379e492bb5e3a59706d9fa0ca01  corporate/3.0/SRPMS/dbus-0.20-7.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 9f17293ce755710c2a8f17a51a5cadae  corporate/3.0/x86_64/dbus-0.20-7.2.C30mdk.x86_64.rpm
 8ecb34ef80a01d62819ca0366b55da82  corporate/3.0/x86_64/dbus-python-0.20-7.2.C30mdk.x86_64.rpm
 8f3a5758db4b1bff842a54fa287f53c3  corporate/3.0/x86_64/dbus-x11-0.20-7.2.C30mdk.x86_64.rpm
 5b46732a66d140e679efa345c5931efc  corporate/3.0/x86_64/lib64dbus-1_0-0.20-7.2.C30mdk.x86_64.rpm
 5ae46e081ca781086cec632e52f456e0  corporate/3.0/x86_64/lib64dbus-1_0-devel-0.20-7.2.C30mdk.x86_64.rpm
 c90ba4ffadc8e9698e13f1f732848f1f  corporate/3.0/x86_64/lib64dbus-glib-1_0-0.20-7.2.C30mdk.x86_64.rpm
 fce35cfd33d35fa2adfd9430fce967ff  corporate/3.0/x86_64/lib64dbus-qt-1_0-0.20-7.2.C30mdk.x86_64.rpm
 2f2de379e492bb5e3a59706d9fa0ca01  corporate/3.0/SRPMS/dbus-0.20-7.2.C30mdk.src.rpm

 Corporate 4.0:
 c17bf8152d2f720687102826d1c7d91a  corporate/4.0/i586/dbus-0.23.4-5.2.20060mlcs4.i586.rpm
 105cd3f06c1db4326b13e617b23dbd98  corporate/4.0/i586/dbus-python-0.23.4-5.2.20060mlcs4.i586.rpm
 6abe23d4761f2055dfeec827fb73e37b  corporate/4.0/i586/dbus-x11-0.23.4-5.2.20060mlcs4.i586.rpm
 3c32ecf3c016ddc1250b76053943b5cf  corporate/4.0/i586/libdbus-1_0-0.23.4-5.2.20060mlcs4.i586.rpm
 3b8b8acef4788298e39fb8850f9dae84  corporate/4.0/i586/libdbus-1_0-devel-0.23.4-5.2.20060mlcs4.i586.rpm
 1a9bb5ec1ea6c6cc1fd53e0089582e6b  corporate/4.0/i586/libdbus-glib-1_0-0.23.4-5.2.20060mlcs4.i586.rpm
 d0627fc8df86636f77d00f460be39159  corporate/4.0/i586/libdbus-qt-1_0-0.23.4-5.2.20060mlcs4.i586.rpm
 d7bff85929ee4ec46af4aa3a3d95d9e5  corporate/4.0/i586/libdbus-qt-1_0-devel-0.23.4-5.2.20060mlcs4.i586.rpm
 d48bfee5da58ced50182d93e57f51040  corporate/4.0/SRPMS/dbus-0.23.4-5.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 394ac36df35781c105b2706b8db9906c  corporate/4.0/x86_64/dbus-0.23.4-5.2.20060mlcs4.x86_64.rpm
 fff86f6a37644bbec029dc91e9d12cfe  corporate/4.0/x86_64/dbus-python-0.23.4-5.2.20060mlcs4.x86_64.rpm
 e00c9c7f22f11e6b04608fb717f36f6d  corporate/4.0/x86_64/dbus-x11-0.23.4-5.2.20060mlcs4.x86_64.rpm
 df3c1c3cdd6f0b08888900e58699a04d  corporate/4.0/x86_64/lib64dbus-1_0-0.23.4-5.2.20060mlcs4.x86_64.rpm
 37b4efbc19b4272faa12cc184f8f1e3b  corporate/4.0/x86_64/lib64dbus-1_0-devel-0.23.4-5.2.20060mlcs4.x86_64.rpm
 7007d7ba7c172d4d64ae510abedc573b  corporate/4.0/x86_64/lib64dbus-glib-1_0-0.23.4-5.2.20060mlcs4.x86_64.rpm
 c0498bc99d42e57158d69262c760f42c  corporate/4.0/x86_64/lib64dbus-qt-1_0-0.23.4-5.2.20060mlcs4.x86_64.rpm
 a47ff9a620d21558b7c2a110834651d0  corporate/4.0/x86_64/lib64dbus-qt-1_0-devel-0.23.4-5.2.20060mlcs4.x86_64.rpm
 d48bfee5da58ced50182d93e57f51040  corporate/4.0/SRPMS/dbus-0.23.4-5.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFhybDmqjQ0CJFipgRAmoxAJ9BagLKU7/gik+V+C31inRelU+oBQCfTwOt
SFCPPn6dsW8NRZiYXxmBrSY=
=Scv+
- -----END PGP SIGNATURE-----



______________________________________________________________________________

NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Mandriva for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRYe+Kml7oeQsXfKvEQLm/QCgzTViRlzzg+xuXvUOknHImORYRTQAoL2K
BHPaegCyWfAET72tv4VLfHVQ
=wCq4
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________