Search This Blog

Saturday, July 31, 2010

[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities

Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2080-1 Moritz Muehlenhoff
August 01, 2010
- ------------------------------------------------------------------------

Package : ghostscript
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2007-6725 CVE-2008-3522 CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 CVE-2009-4270 CVE-2010-1869

Several security issues have been discovered in Ghostscript, the GPL
PostScript/PDF interpreter, which might lead to the execution of
arbitrary code if a user processes a malformed PDF or Postscript file.

For the stable distribution (lenny), these problems have been fixed in
version 8.62.dfsg.1-3.2lenny4.

For the unstable distribution (sid), these problems have been fixed in
version 8.71~dfsg-4.

We recommend that you upgrade your ghostscript packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
Size/MD5 checksum: 104592 c1f5f4ee971ea44f4b0cef7488fea58a
Size/MD5 checksum: 104465 712a48aa6a1a28c2800ee3a950f24c93
Size/MD5 checksum: 12212309 42fc1b31aa745c3765c2fcd2da243236

Architecture independent packages:
Size/MD5 checksum: 28702 dcf8382cede0279d2ced25016b5d63b0
Size/MD5 checksum: 28704 a62393cb1d1449c44398279e40804a20
Size/MD5 checksum: 2784654 379db3cc220700a5320c0f3505ec6185
Size/MD5 checksum: 28692 f327874c01d90518ae69cc746ae8c245
Size/MD5 checksum: 28902 d790c6a598e425e86655613e3d842feb
Size/MD5 checksum: 28696 6e1b2ffd61b41b2210c80035fa1c18d2

alpha architecture (DEC Alpha)
Size/MD5 checksum: 66154 af55aa7bcd5471ef673c0c5f5fddf693
Size/MD5 checksum: 36444 e2e1d7dbf80456743f43c063ddd31d2a
Size/MD5 checksum: 797568 50220131de97010d530c84e4685b9ba3
Size/MD5 checksum: 2629590 bf6713489c1974a68e72244cd0ab313e

amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 63102 b381fcd9f08a512ec234aefc4db55e6d
Size/MD5 checksum: 794264 1d6aa96ecda1cc3caaee6e02ec8131d0
Size/MD5 checksum: 36296 1c234970f6695e233c98f6c8b17a228d
Size/MD5 checksum: 2322612 ff18916f3e0b984520dc6a65a1850545

arm architecture (ARM)
Size/MD5 checksum: 59898 691db1eafdbb597550e41936a588dc2e
Size/MD5 checksum: 2179214 fce17c2014ef0633694921ff7a2dbbf6
Size/MD5 checksum: 34898 94bfb293db43933b96defcc65c2ce1e4
Size/MD5 checksum: 796618 133283cd0ce5ad2ddfb180149dd1cdde

armel architecture (ARM EABI)
Size/MD5 checksum: 797658 bfee3d7ee43ecf42c762f707e15be417
Size/MD5 checksum: 63604 ba4c4769c7a604e1cbd65e42d4a20308
Size/MD5 checksum: 2214322 659428a1eb467fd459a8a10ac6e57f53
Size/MD5 checksum: 36442 59d91a5b9a24bec78946a5e01345589b

hppa architecture (HP PA RISC)
Size/MD5 checksum: 66854 e46caba3e0fc3e99c9d672210b414c85
Size/MD5 checksum: 2573688 98b1cb485944aeec0c762f4d3d6b5627
Size/MD5 checksum: 36330 5a36e8704d153f1c1269ddbe3d37368e
Size/MD5 checksum: 800058 3770d71e6644cf0bf82b5618c07879fe

i386 architecture (Intel ia32)
Size/MD5 checksum: 35476 2c35e644cc7bc6d5a29125de9bda777c
Size/MD5 checksum: 2221692 263aab297fcd59829a0c5e0e2b0f1e6d
Size/MD5 checksum: 761660 44c35e23d34cb081bb785c5a89683701
Size/MD5 checksum: 60818 b150caecdd7fdd47538ac364b3a23baa

ia64 architecture (Intel ia64)
Size/MD5 checksum: 80902 c44a55178f56e171274891ff828be57c
Size/MD5 checksum: 36332 59188d6b794be8a8632f68c99e53fabe
Size/MD5 checksum: 3613878 b2037a5a573797ed7e8db63b25c54980
Size/MD5 checksum: 801702 f478ffb34fedecea724a6eff2c0c6aeb

mips architecture (MIPS (Big Endian))
Size/MD5 checksum: 62840 1bf8443154d4ed4a3d7329078b16839f
Size/MD5 checksum: 34916 965449e1371593ca5fdc0614c49f05ad
Size/MD5 checksum: 798628 3673f32bc99ec26b919ad9a5a53742bc
Size/MD5 checksum: 2304896 3713df01d5717a4d4af157cf0bb6fc88

mipsel architecture (MIPS (Little Endian))
Size/MD5 checksum: 35472 322427312d6cc997684dd4070f47e870
Size/MD5 checksum: 61774 22a19e60d87c94a8bcaa931b13f20179
Size/MD5 checksum: 762160 90c8fb7ba07e88329bb247ab49cf290f
Size/MD5 checksum: 2300466 2d7ba5f0f3cc18775f25bbd3881bd5f4

powerpc architecture (PowerPC)
Size/MD5 checksum: 801086 eee24a6fc08a2e68405adc584d090819
Size/MD5 checksum: 36432 4b62009ca227ff2aa28808ba5a696c02
Size/MD5 checksum: 66012 ba51af4c986f7db06b66f7c3f3bef07e
Size/MD5 checksum: 2408918 14806baf03b217ba15b6808493f4d46b

s390 architecture (IBM S/390)
Size/MD5 checksum: 36452 6a0cffde06a5f3fc635ac214fa874a94
Size/MD5 checksum: 2437882 dd3fd6a06b07f8d45c9f07b339fe26dc
Size/MD5 checksum: 64412 e60524ff7457eb9bf7a3430afcfba513
Size/MD5 checksum: 800832 c91e9753ad83a76eebdf9abc7694f681

sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 2187340 476ff570ae6d30c7f881caba112b6e34
Size/MD5 checksum: 36350 4970f1e66a790e2a7b0aa4b285363c07
Size/MD5 checksum: 797876 f79742ddd68bee7476a39d4fde6ab68c
Size/MD5 checksum: 59956 d7458a00b7f62c43b114aeff6deeec0c

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>
Version: GnuPG v1.4.10 (GNU/Linux)


To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

Ajaye Shah invites you to join Ecademy

photoEcademy - Supporting Business PeopleHi,

Join Ecademy now for business networking and support >

- Share Knowledge
- Build your Network
- Grow your Business

Ajaye Shah

This email was sent to
To avoid receiving these emails in the future send an email from that address to
or go to The Ecademy Limited, Stronsay, Tilford Road, Hindhead, Surrey, GU26 6UG, UK

Registered in England and Wales Company Registration: 3651083 VAT: 718 0377 36

Re: controlling p2p & bittorrent

Steven Piercy wrote at 2010-07-30 12:27 -0500:
> so couldn't you use the uid of your fw/shaper process and apply the mangle
> method to all tcp connections through the fw?

I don't understand. Would not something like that include all connections? I
just want p2p/bittorrent...

[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution

Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-2078-1 Nico Golde
July 31nd, 2010
- --------------------------------------------------------------------------

Package : mapserver
Vulnerability : several
Problem type : remote
Debian-specific: no
Debian bug : none
CVE ID : CVE-2010-2539 CVE-2010-2540

Several vulnerabilities have been discovered in mapserver, a CGI-based
web framework to publish spatial data and interactive mapping applications.
The Common Vulnerabilities and Exposures project identifies the following


A stack-based buffer overflow in the msTmpFile function might lead to
arbitrary code execution under some conditions.


It was discovered that the CGI debug command-line arguments which are
enabled by default are insecure and may allow a remote attacker to
execute arbitrary code. Therefore they have been disabled by default.

For the stable distribution (lenny), this problem has been fixed in
version 5.0.3-3+lenny5.

For the testing distribution (squeeze), this problem has been fixed in
version 5.6.4-1.

For the unstable distribution (sid), this problem has been fixed in
version 5.6.4-1.

We recommend that you upgrade your mapserver packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
Size/MD5 checksum: 1476034 a9a7f020278337a51221a05fa511fd7b
Size/MD5 checksum: 2033 68c11dc4ccdad6a879c3bf740a5be723
Size/MD5 checksum: 1806528 953a131497132baef84ca33f8432d299

Architecture independent packages:
Size/MD5 checksum: 44864 82a253777cce2d5f0824efa68a8bb23e
Size/MD5 checksum: 168594 617c9ea230e9b977125f3b61740da142

alpha architecture (DEC Alpha)
Size/MD5 checksum: 651986 d8c0530185dd31a632fcd63f0b9215b6
Size/MD5 checksum: 4836912 672ab7959ddbbbc2802f2022920f995d
Size/MD5 checksum: 987682 4936bbc546910ff46053da7ece063c55
Size/MD5 checksum: 783410 ce5a425c4275ab3d6882d2958ccd3db1
Size/MD5 checksum: 1600886 8d198b42884d1ab52475431708b7a1ff
Size/MD5 checksum: 844650 9f847e58b9b8b24f01e855e204d18bfc
Size/MD5 checksum: 844346 c37869d321987c809d1e0c1616b73495

amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 795898 78cbe0e6a3a3168c183c7416a82a0aa3
Size/MD5 checksum: 795722 268b04d141a8241ef5c07f0df54a6ec3
Size/MD5 checksum: 587892 a67bbbb52e209477b58b9e660df1c64a
Size/MD5 checksum: 1459544 c8ec6f3b401f13617e7cf40448540f6c
Size/MD5 checksum: 888798 18e87961972af3e0297e942c85265903
Size/MD5 checksum: 4314946 be1c04d3a8f6452f40044127bf2e7102
Size/MD5 checksum: 710242 646f6b9634e24c4fb4aaf33770aec24d

arm architecture (ARM)
Size/MD5 checksum: 566044 5a2f2b8765bda3007b1beed9550a034c
Size/MD5 checksum: 1357464 6576953eb07a966c57cc39603d9787f3
Size/MD5 checksum: 738608 6a726cefd00960065100fc6f07c605ca
Size/MD5 checksum: 665920 6d7768f23e9c2dd4ff5a3c9d1a97a160
Size/MD5 checksum: 4147860 c3ed72b7de42dde8d17d2df141136f0b
Size/MD5 checksum: 738450 b4f15b7376f85946a1816990006f23b3
Size/MD5 checksum: 829762 908620cb8c44a5826f1a7827b2fa4240

armel architecture (ARM EABI)
Size/MD5 checksum: 1450730 964c038833ff9c68a2ddea571d7b1e36
Size/MD5 checksum: 878128 694dd69a4b1d573b7558488917ab4d08
Size/MD5 checksum: 785180 058a406b43825426dd8af219f834b265
Size/MD5 checksum: 4483936 339df34bec8ad5544a3ef9e4d6a239ac
Size/MD5 checksum: 710424 4bce82a913c61fe90425f44b33058469
Size/MD5 checksum: 784796 59257832f49e6fa9413e73d180c48c47
Size/MD5 checksum: 609312 aced11565d3753ef3eadbde490093939

hppa architecture (HP PA RISC)
Size/MD5 checksum: 1596754 c6fc61abfdc93895ffc55e065d7041e6
Size/MD5 checksum: 814502 06afe60e1cc1161acf83f070a2d444ad
Size/MD5 checksum: 814796 8248fb7ce698f8f424edd70b49e7e9e2
Size/MD5 checksum: 760676 fd4f5ec5bceb20066a521e866208298a
Size/MD5 checksum: 4735786 6e22b92511050ff1c73f06565093605e
Size/MD5 checksum: 886554 fd8dd54391da71bc7a909caa1ce8b53b
Size/MD5 checksum: 640260 21c2bfabb7be2f780a44e3da4ab792f7

i386 architecture (Intel ia32)
Size/MD5 checksum: 742710 21d812ca064a5e2c984075dd7f434db9
Size/MD5 checksum: 1390216 1cbd32a02eb0a075b539f354c888f7a1
Size/MD5 checksum: 572754 b12132b649c3a5cddf2e545b7f1ef075
Size/MD5 checksum: 867252 ba842833fcd9497242f800bdf4ca96b7
Size/MD5 checksum: 4200654 be1e126789cf0db8c328a0a5aa27ab5d
Size/MD5 checksum: 689996 4e40ae4bfe72b970317d10c018017ee3
Size/MD5 checksum: 742870 d39dd9026f72f0d651eb32c6978a7c3b

ia64 architecture (Intel ia64)
Size/MD5 checksum: 6674628 9c69d2b7a63622a1121bec34af55c284
Size/MD5 checksum: 1130102 2e52b5b9d467a85bf35aca422ab549d0
Size/MD5 checksum: 889040 9183949992c2a1179f234259bcd90c90
Size/MD5 checksum: 1247058 e8a77cc702eaf3e9bf1c1ce41a153a84
Size/MD5 checksum: 2110176 c6002cc99c1b8db0a739f878706f311c
Size/MD5 checksum: 1017432 47098cea122028af156f288afacc57f5
Size/MD5 checksum: 1129828 d9666eea4c81585d885d2318c71db5e8

mips architecture (MIPS (Big Endian))
Size/MD5 checksum: 1412258 1ef515f6e48bce2279a797672c265e93
Size/MD5 checksum: 721540 6f2a0698b9e2703494b98aad32800164
Size/MD5 checksum: 631028 5eee1a9b96421778c44b9f1908943fdd
Size/MD5 checksum: 4666438 528fbee3eaa39de39ab5f428efa0e8f3
Size/MD5 checksum: 721256 335569219400881da2deac62653b949f
Size/MD5 checksum: 762248 da299e9ba0f8d7537912be490bd17ce9
Size/MD5 checksum: 703150 8b64fe2e8ab8ff5a5dadac68039773b9

mipsel architecture (MIPS (Little Endian))
Size/MD5 checksum: 703230 ac09f1f05a985714fed253a4659f279a
Size/MD5 checksum: 631660 d6e7a84d7e0cf619657e13e7ceb905b2
Size/MD5 checksum: 721020 0df7e8e7ee8ad125b68627d868a76801
Size/MD5 checksum: 1406832 ca391953501bad874bf99354e7a67c35
Size/MD5 checksum: 761194 ae18e6cd12d0e45421af7c325a6ae2a1
Size/MD5 checksum: 720752 5bbe0194ffe85165ac0785f12d2125d2
Size/MD5 checksum: 4672798 e2404be53067dcaf67d1f75b8668f2e1

powerpc architecture (PowerPC)
Size/MD5 checksum: 1521214 50bc7253fe9b74279820ccecc941dfd2
Size/MD5 checksum: 598164 176d267153de1d20d88d581aa4d120cf
Size/MD5 checksum: 802138 4bd27bc9b294c73279a86415ac7c8e69
Size/MD5 checksum: 743026 c4dbafb237c59753def9508de5c5c550
Size/MD5 checksum: 802396 8f5a323336968031c98a67c33466dfca
Size/MD5 checksum: 940956 f2ae7bd7603343504ebbfb092b11a75f
Size/MD5 checksum: 4409756 08594db874ef7d412f3a13b8f4e2947e

s390 architecture (IBM S/390)
Size/MD5 checksum: 4301392 43acc1f72ee199627436cdd773eff546
Size/MD5 checksum: 585428 9c7a88cd7ae7baea953d714eb52eea6b
Size/MD5 checksum: 707966 83b28f5b1fd81d9a4ded63bf757c53e6
Size/MD5 checksum: 1426136 fa7812c23e3424e836b8387f6f210a09
Size/MD5 checksum: 786392 0cc227efa11c9618061262c95589e313
Size/MD5 checksum: 750080 430ed549ae6bced72646d73cc418c7e5
Size/MD5 checksum: 749650 5c483e9e8922272aefedcac8f4854bb9

sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 695380 db003dfda896f801ee8004c24ccb149f
Size/MD5 checksum: 898284 bfc8d351c8d9b2a99f016564b6bdcd1d
Size/MD5 checksum: 766888 ccf3e355d775d8358592b30be3c0ee02
Size/MD5 checksum: 4203030 8303733ba0b79f16ecd3027e4acbadb1
Size/MD5 checksum: 766334 d3e258ae38fb80b2cbc51447e799319a
Size/MD5 checksum: 573652 bde2f214a08781a51500b5dca9019c0a
Size/MD5 checksum: 1434330 ff4b7a0af3a99005ade15e4d341f1958

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>

Version: GnuPG v1.4.10 (GNU/Linux)


To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

firewall-wizards Digest, Vol 51, Issue 2

Send firewall-wizards mailing list submissions to

To subscribe or unsubscribe via the World Wide Web, visit
or, via email, send a message with subject or body 'help' to

You can reach the person managing the list at

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."

Today's Topics:

1. Re: covert timing channel data (Gautier . Rich)


Message: 1
Date: Fri, 30 Jul 2010 08:06:18 -0400
From: "Gautier . Rich" <>
Subject: Re: [fw-wiz] covert timing channel data
To: Firewall Wizards Security Mailing List
Content-Type: text/plain; charset="us-ascii"

Here is an example with regards to software algorithms

There is no 'actual interarrival times' or program to generate such an attack - A covert timing channel attack is a method (think of methods of cryptanalysis such as frequency analsysis) to analyze the inner operations of a program based on design differences in operations that make up how the system works. The page I included has an example of a password checking algorithm that could be 'attacked' using a covert timing channel attack because the methodology of the sample program differs based on successful password length.

Rich Gautier
Sr. Product Architect
Kadix Systems
Office: 571-226-8828
Cell: 703-231-2156

From: [] On Behalf Of Melissa Stockman
Sent: Saturday, July 24, 2010 12:05 PM
Subject: [fw-wiz] covert timing channel data


I'm doing research on covert timing channel detection and was not able to get data from any of the authors of various papers describing different covert timing channel techniques. Does anyone know where I can find such data? (either the program to generate it, or the actual interarrival times in a comma separated file)

Thanks and regards,

Melissa Stockman

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>


firewall-wizards mailing list

End of firewall-wizards Digest, Vol 51, Issue 2

[SECURITY] [DSA 2078-1] New kvirc packages fix arbitrary IRC command execution

Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2078-1 Moritz Muehlenhoff
July 31, 2010
- ------------------------------------------------------------------------

Package : kvirc
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-2785

It was discovered that incorrect parsing of CTCP commands in kvirc, a
KDE-based IRC client, could lead to the execution of arbitrary IRC
commands against other users.

For the stable distribution (lenny), this problem has been fixed in
version 2:3.4.0-6.

For the unstable distribution (sid), this problem has been fixed in
version 4:4.0.0-3.

We recommend that you upgrade your kvirc package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
Size/MD5 checksum: 7174211 0f1b85f3b6de354dfd44891923e48ef2
Size/MD5 checksum: 103370 35c6b5b288e21f1b2736a7aee463c8f6
Size/MD5 checksum: 1312 0db5bab03ef6dd87d89a541b7db4300c

Architecture independent packages:
Size/MD5 checksum: 3485832 d0f825b40255900e945396a6d33467d2

alpha architecture (DEC Alpha)
Size/MD5 checksum: 3989286 eb13425c5d3b6d16bf3dbbe6799cdab0
Size/MD5 checksum: 363058 85ad7e56fb7071fab9ca4b49c06ecf36

amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 360666 d64d34741c1363195456b2cdf2ce7229
Size/MD5 checksum: 3712634 0e792af0082b16e32dd1cf5618dba238

arm architecture (ARM)
Size/MD5 checksum: 3762830 bf42ca885cc6a6eb0b2734f2f13abcbe
Size/MD5 checksum: 382752 6bfdcd491c6fb27bbbf8e3eb055d9245

armel architecture (ARM EABI)
Size/MD5 checksum: 381176 9b876dec7a7d19261488a4c92fe0e17a
Size/MD5 checksum: 3227100 9aaaa2429d77f2266b4f4ebed139dc29

hppa architecture (HP PA RISC)
Size/MD5 checksum: 4039054 1ab24d4eff5d6b5745bbaab02dbf3376
Size/MD5 checksum: 386628 b41f84f4b3d213bf69be92498bb7c720

i386 architecture (Intel ia32)
Size/MD5 checksum: 362768 065afca44287281e2b862bb4ea7a04b2
Size/MD5 checksum: 3582112 697fa1f8d355470b3dd03359bcc529a0

ia64 architecture (Intel ia64)
Size/MD5 checksum: 4665172 a9e86a0948ad4d0d2ec109333e219ea4
Size/MD5 checksum: 385070 867eb6fbd8fa350b38ec2a64c0afea32

mips architecture (MIPS (Big Endian))
Size/MD5 checksum: 3364772 ffa424acbb31e619eabc368e07acdd1f
Size/MD5 checksum: 385918 03fec2e94f02017936f906c0efa7037f

mipsel architecture (MIPS (Little Endian))
Size/MD5 checksum: 3316258 12712dab0045b527204d270280561c49
Size/MD5 checksum: 363396 e386d21f7024e1242f8e75f788eeb9ca

powerpc architecture (PowerPC)
Size/MD5 checksum: 379950 66e321f4dd44c84dd6f7fff1a427c5bd
Size/MD5 checksum: 3915694 e43cda1285368979b6e4209e2ab2de0b

s390 architecture (IBM S/390)
Size/MD5 checksum: 3638826 12a1793bbfd297891589d678f0222655
Size/MD5 checksum: 362946 80717eeaad3784f156605ce38b8e2a22

sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 3529894 e5848f3feaa2252eb22d3813547b97fd
Size/MD5 checksum: 381298 e56d344f6c4e1d1f93390f6f5b513617

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>
Version: GnuPG v1.4.10 (GNU/Linux)


To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

Friday, July 30, 2010

Legal wiretap mechanisms may be open to abuse within ISPs

  B is for Botnets | Beauty Shots: Technology to Drool Over

  Network World Daily News PM

Forward this to a Friend >>>

Legal wiretap mechanisms may be open to abuse within ISPs
The built-in mechanism that lets many Internet providers tap communications for law enforcement agencies is susceptible to abuse by insiders who work for the ISPs, Black Hat 2010 was told. Read More

REPORT: Riverbed

Gartner: Magic Quadrant Report
Riverbed positioned in Leaders quadrant of 2009 Gartner Magic Quadrant for WAN Optimization Controllers. In this report, Gartner helps organizations interested in WAN Optimization Controller capabilities truly understand their options. Read now!

WEBCAST: Accelops

Why Private Clouds May Prevail
Cloud computing's perceived challenges of security, visibility and management may give the upper hand to private clouds. Join Yankee Group for this Webcast that discusses how to ensure you deploy a cloud that meets your organization's security and compliance needs. View Now

B is for Botnets
Today Our Cool Tools Blogger Keith Shaw launched a new video series, "The ABCs of IT." It stars I.T. Jinglehopper (but Keith says you can call him Neal for short) and his sidekick/intern Jackson. The two will explain the alphabet of IT terms and hopefully provide some entertainment along the way. Read More

Beauty Shots: Technology to Drool Over
Take a gander at some of the most gorgeous tech of the year from the 2010 Industrial Design Excellence Awards. Read More

Microsoft to issue patch for dangerous USB rootkit hole
Microsoft on Tuesday will release a rare out-of-band patch to fix the highly dangerous zero-day vulnerability that has caused multiple researchers to issuing warnings earlier this month. The patch will be for all supported versions of Windows and will require a restart. Read More

AirTight defends Wi-Fi WPA2 'vulnerability' claim
AirTight is defending its claim to have uncovered a vulnerability in the 802.11 specification, and to have mounted an undetectable insider attack based on it. Some have dismissed it as a "publicity stunt." Read More


Security in the Cloud
This technology dossier contains four papers that address security considerations in cloud computing. It includes IDG Research results on what IT managers have to say about cloud security, executive viewpoints on blending cloud solutions to optimize security, and a strategy paper that addresses protecting data. Read now!

FBI rings organizers over Defcon contest
A Defcon contest that invites contestants to trick employees at U.S. corporations into revealing not-so-sensitive data has rattled some nerves. Read More

How business is putting the iPad to work
When Steve Jobs unveiled the iPad in January, he pitched it mostly as a consumer device--a relaxation tool people would use to read books, play games, watch video and peruse family photos. But Michael Kanzleiter and his colleagues at Mercedes-Benz Financial saw something else: A better way to sell cars. Read More

News podcast: Network World 360
Microsoft is in the process of tuning Windows 7 to work on slate PCs, according to to CEO Steve Ballmer. Also, Google's search engine in China appeared to have been blocked on Thursday night, but was up and running again by Friday morning local time. (2:25) Read More

Open source web apps often insecure, new tool discovers
Security company Qualys has released a new open source tool, BlindElephant, which can accurately fingerprint web applications down to version level in order to better manage the security issues which now plague such software. Read More

Security firm Sourcefire gaining financial strength
Sourcefire, a 10-year-old firm specializing in intrusion detection and prevention, Thursday announced increased year-over-year second quarter revenue and earnings and predicted an even better third quarter. Read More

Cisco Q4 looking good
Cisco fourth quarter sales are ahead of expectations, according to investment firm Oppenheimer & Co. Read More

Facebook, nannying, and objectives
Gibbs ponders the problems with employees and social networking and suggests that nannying won't cut it. Read More

Smartphones, tablets seen boosting mobile health
Smartphones, tablet PCs and other wireless devices are poised to play a greater role in health care as doctors and patients embrace the mobile Internet, panelists at a mobile health technology conference in Boston said Thursday. Read More


Join us on LinkedIn

Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today!
- Jeff Caruso, Executive Online Editor

Books for you from Microsoft Subnet and Cisco Subnet

Throw your name in the hat for a complete CompTIA Security+ study guide and the SharePoint bible, Essential SharePoint 2010. Deadline July 31. Enter today!


Mobile deathmatch: Apple iOS 4 vs. Android 2.2
Apple's iOS has been wowing users for four years in the iPhone and now the iPad. Available in smartphones and now tablets from various vendors going on two years, Google's Android has proven itself to be a strong contender that has the only real chance to surpass iOS.

15 summer vacation ideas for geeks
From Star Trek and Space Camp to baseball minutiae, vintage video games, anime, pirates, Harry Potter and They Might Be Giants, there's a vacation option for any type of geek this summer.


  1. 'Unhackable' Android phone can be hacked
  2. ATM hack gives cash on demand
  3. Black Hat gets its video feed hacked
  4. Happy SysAdmin Day (despite the pay)
  5. FBI rings organizers over Defcon contest
  6. WPA2 vulnerability found
  7. Microsoft's 2010 software 'most complicated lock-in decision in years'
  8. Microsoft: Gmail like a Jaguar with 'vinyl seats'
  9. Bad guys could read RFID passports at 217 feet, maybe more
  10. New Zealand pizza lovers suffer information theft from Hell


Do You Tweet?
Follow everything from on Twitter @NetworkWorld.

You are currently subscribed to networkworld_daily_news_alert as

Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy

If you are interested in advertising in this newsletter, please contact:

To contact Network World, please send an e-mail to

Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to **


Security Management Weekly - July 30, 2010


  Learn more! ->   sm professional  

July 30, 2010
Corporate Security

  1. "Four Journalists Kidnapped in Mexico"
  2. "Eastern European Gangs Hit ATMs: Police" Melbourne, Australia
  3. "South Africa: Piracy on East Coast is Creeping Closer"
  4. "Two Laundry Workers Get Steamed as Gun is Pulled in Workplace Brawl" Fayetteville, Ga.
  5. "Today's Energy Theft Detection Models Help Protect Revenues While Enhancing Neighborhood Safety"
Homeland Security

  1. "Computer Evidence Ties Leaks to Soldier"
  2. "WikiLeaks Fallout: Tighter Access to US Secrets?"
  3. "Nuclear Forensics Skill is Declining in U.S., Report Says"
  4. "Judge Blocks Arizona Law"
  5. "FCC, Public Safety Groups Clash Over Broadband Plan"
Cyber Security

  1. "What Your Phone App Doesn't Say: It's Watching"
  2. "Most Breaches Caused by Crime Gangs"
  3. "So Many Bugs, So Little Time" Tools and Techniques for Discovering Security Flaws
  4. "Cyber Risks Place New Demands on Public/Private Partnership"
  5. "Cybercrime Costs a Business $3.8 Million/Year, Study Finds"




Four Journalists Kidnapped in Mexico
Wall Street Journal (07/29/10) De Cordoba, Jose; Casey, Nicholas

Four Mexican journalists were kidnapped by drug cartels in the northern city of Gomez Palacio on Monday. The four journalists were taken hostage after they photographed the penitentiary where inmates were protesting the arrest of prison head Margarita Rojas, who has been arrested and charged with providing weapons to a group of prisoners and allowing them to go free so that they could attack a party in the northern city of Torreon nearly two weeks ago. Seventeen people were killed in that attack. After the journalists were captured, the two cars that they had been traveling in were found burned a short distance away from the prison. No remains were found. It is believed that the reporters are being held hostage by the drug cartels because they are upset about their coverage of the Rojas case. The incident is the latest in a series of attacks by drug cartels that aim to prevent the press in northern Mexico from covering the region's drug wars. According to George Grayson, a professor and expert on illegal drugs at the College of William & Mary, drug cartels in the region are believed to have been behind the murders of about 12 journalists.

Eastern European Gangs Hit ATMs: Police
Sydney Morning Herald (Australia) (07/29/10)

Police in Victoria, Australia, say that Eastern European gangs are responsible for millions of dollars lost from an ATM scam that has targeted 28 ATMs in the Melbourne area since March 2010. Police have thus far found 10 machines that still had the scamming devices attached. The devices reportedly used a fake card entry point and a panel hiding a pinhole camera above the keyboard to capture PIN numbers. In order to prevent this kind of theft, police recommend customers use their free hand to shield their PIN codes from view. They should also use ATMs with which they are familiar whenever possible so that customers can recognize any small differences that could indicate a scamming device is in use. Additionally, all customers are asked to regularly check their bank statements for unauthorized withdrawals.

South Africa: Piracy on East Coast is Creeping Closer (07/28/10) Baumann, Julius

Africa's maritime sector is currently facing a number of critical challenges, but the increasing aggression and frequency of pirate attacks is drawing the most attention. The International Maritime Organisation (IMO) has reported 38 incidents of attempted hijacking in the month of May, mostly around Somalia. The Brenthurst Foundation, in a document titled "Maritime Development in Africa," noted that piracy is one of the greatest threats to Africa's economic development and security. Pirates near Somalia have not yet attacked a South African registered or flagged ship, but many officials are concerned that this risk will increase as piracy moves further south. To counter the threat from piracy, an overarching maritime strategy for the entire continent of Africa needs to be developed, said retired Rear-Adm. Steve Stead, an author of the foundation's report. The Brenthurst report found that the increase in pirate activity has had a number of effects on commerce in the region. For example, there has been a 12 percent to 15 percent increase in premiums for general insurance, the report found. Meanwhile, Ocean Africa Container Lines decided not to introduce a new service through the Gulf of Aden because of piracy. Despite these problems, most African navies have not taken steps to fight piracy. Instead, the North Atlantic Treaty Organization has largely taken responsibility for protecting Africa's east coast. South African Navy spokesman Capt. Jaco Theunissen says the South African government does not provide patrols or other support outside its own waters unless assistance is requested from a neighboring government, which has not yet occurred.

Two Laundry Workers Get Steamed as Gun is Pulled in Workplace Brawl
Fayette Citizen (07/27/10) Nelms, Ben

A workplace dispute over clothes at a dry cleaners in Fayetteville, Ga., has resulted in the arrest of two coworkers. The first employee, Melinda James, was charged with aggravated assault, battery, carrying a concealed weapon, obstruction, pointing a weapon at others, reckless conduct, and using fighting words. The other, Adelina Brovo-Ricardes was charged with battery, fighting in public, and using fighting words. The dispute reportedly began verbally and escalated to pushing, shoving, and slapping. At one point, James pushed Brovo-Ricardes to the floor, injuring her left shoulder. James then reportedly brought a gun from her car into the business and pointed it at Brovo-Ricardes, who ran out of the store, telling the clerk on duty that James had a gun. She also reported the incident to the police the following day. When confronted by police, James initially lied about the weapon, though it was later found, loaded, on the premises.

Today's Energy Theft Detection Models Help Protect Revenues While Enhancing Neighborhood Safety
Pipeline & Gas Journal (07/10) Vol. 237, No. 7, P. 16; Madrazo, Michael

Energy theft is on the rise due to the recession, and unauthorized use of power results in higher costs for all customers. Annually, usage of energy without the utilities' knowledge causes a loss of billions of dollars worth of revenues, which means higher prices for customers as utilities try to recover revenue. LDCs should be motivated to catch gas thieves because of public safety, lost revenues, desire to lower customer billing rates, community responsibility, liability, and gas emissions standards. Utilities typically use meter readers and service personnel for tips on gas theft, but because automatic meter reading and advanced meter infrastructure have become popular, the meter reader is no longer around as often. The only way to find thieves is to understand how each customer uses natural gas and focus on those who differentiate from expected consumption. It is helpful to understand the factors of an account in order to know the customer's gas usage. The energy usage can then be compared to a group of similar customers who have similar characteristics. Outliers can be further investigated. There are two theft detection models, peer comparison and characteristic analysis, which contrasts all information about residential and commercial customers to similar homes and businesses with geographical settings and look for differences in consumption patterns that could show un-metered equipment in an account. More than one model should be run together to analyze an account's energy usage and flag anomalies based on different types of assessment. Finding gas theft is important in order to save utilities' revenue.

Computer Evidence Ties Leaks to Soldier
Wall Street Journal (07/30/10) Barnes, Julian E.; Bustillo, Miguel; Rhoads, Christopher

A unnamed U.S. defense official says that investigators have tied Pfc. Bradley Manning, who has already been charged in a separate case in which he allegedly provided secret and classified data to the whistleblower site WikiLeaks, to the recent release of thousands of secret reports from Afghanistan to the site. According to the official, a search of computers used by Manning--an intelligence analyst who was supposed to be examining data from Iraq--uncovered evidence that he used his "Top Secret/SCI" clearance to download war logs from Afghanistan. It remains unclear exactly what evidence was uncovered during the search. In addition, investigators also found other classified documents on the computers that had not been made public. Meanwhile, investigators are also looking into whether civilians helped Manning give the documents to WikiLeaks. Several defense officials say that the release of the documents could have serious consequences. Defense Secretary Robert Gates, who has promised to find ways to prevent similar breaches from taking place in the future, has said that the release of the documents could hurt U.S. relations with Pakistan and put Afghans who helped the U.S. at risk. In addition, Joint Chiefs of Staff Chairman Adm. Michael Mullen said that the breach could result in the deaths of U.S. soldiers or Afghan civilians.

WikiLeaks Fallout: Tighter Access to US Secrets?
Associated Press (07/29/10) Dozier, Kimberly

The recent publication of thousands of secret documents by the Web site WikiLeaks is being blamed on the reforms of the nation's intelligence community that took place in the wake of the September 11, 2001 terrorist attacks. Among those reforms was the expansion of access to a Defense Department intranet system known as the Secret Internet Protocol Router Network, or SIPRNet. Since 2001, intelligence analysts and troops in the field have been able to use SIPRNet to access military field reports from Iraq and Afghanistan, as well as State Department and intelligence Web sites. According to one U.S. official, all of the documents that were leaked in the WikiLeaks case could have been accessed over SIPRNet. In addition to the expanded access to SIPRNet, the government has put more information on the network by adding portals that give users access to an interagency data-sharing system called Intelink. Although passwords are required to access top-secret information through these portals, they are not required to access the secret material that was made public by WikiLeaks. Experts say that those reforms, which aimed to increase the sharing of information among government agencies, contributed to the release of the documents in the WikiLeaks case because they made it too easy to lose control over secret information. In the wake of the release of the documents, experts are saying that additional security measures should be implemented to protect sensitive data, including using tools that monitor everything government employees type. However, some lawmakers are warning that there would be serious consequences if the sharing of information among intelligence analysts and agencies is limited because of the WikiLeaks case.

Nuclear Forensics Skill is Declining in U.S., Report Says
New York Times (07/29/10) Broad, William J.

A report released by the National Research Council on Thursday indicates that the nation's nuclear attribution capabilities have declined dangerously in recent years. Nuclear attribution, in which nuclear forensics experts study clues from fallout and radioactive debris to identify potential creators and users of nuclear devices, would provide essential information to the country in the event of a nuclear terrorist attack. The major goals of nuclear attribution are to identify the culprit in order to assess retaliation options and to deter terrorists by letting them know they cannot set off such a device without fear of reprisal. Researchers, led by nuclear engineer Albert Carnesale of the University of California, Los Angeles, attributed the decline in U.S. nuclear forensics capabilities to a decrease in funding since the end of the Cold War as well as a lack of coordination between responsible government agencies, a lack of skilled personnel, the use of outdated instruments, and the existence of old facilities in need of upgrading. In order to address these concerns, the report calls on the federal government to improve planning, shore up budgets, ensure clearer lines of authority, and create more realistic exercises.

Judge Blocks Arizona Law
Wall Street Journal (07/29/10) Jordan, Miriam

U.S. District Judge Susan Bolton has granted a preliminary injunction against several provisions of the controversial new Arizona immigration law that was set to take effect on July 29. Judge Bolton said that her decision was based on the fact that it is the responsibility of the federal government, not the states, to handle immigration enforcement. Arizona Gov. Jan Brewer has said that the state plans to file an expedited appeal of the decision with the Ninth Circuit Court of Appeals. In the meantime, the state will be unable to enforce provisions of the law that would require police to check the immigration status of people stopped for routine infractions like traffic violations, if they suspect they are illegal immigrants. In addition, Arizona will be unable to detain individuals until their legal status is clarified, require foreigners to carry proper immigration documentation, and ban illegal immigrants from seeking employment in Arizona. However, Judge Bolton did allow other provisions of the law to take effect including a section that makes it a state crime to harbor and transport illegal immigrants and another that prohibits disruption of traffic to pick up a day laborer. In addition to the suit by the Justice Department, six other lawsuits were filed to halt the law by civil-rights groups and a Phoenix police officer. Judge Bolton applied the ruling to all of the challenges.

FCC, Public Safety Groups Clash Over Broadband Plan
Homeland Security Today (07/10) McCarter, Mickey

The Federal Communications Commission (FCC) has announced that it hopes to auction off 10 megahertz (MHz) of broadband spectrum to generate $6-8 billion over the next 10 years to fund a public safety spectrum owned and operated by the private sector on those frequencies. The majority of the public safety community appears to favor receiving the spectrum directly and allowing first responders to decide how to use it through a public/private partnership. The plan has also gained the endorsement of several former members of the 9/11 Commission. Congress will have the final say over the details of the deal. If implemented, the plan would also grant first responders priority access to the D-Block spectrum that commercial companies could allocate to other purposes until they were required. Congress is expected to look to the Department of Homeland Security (DHS) as it will need to address the concerns of first responders. Regardless of whether the D-Block is auctioned or directly transferred to the public safety community, DHS will need to set public safety standards for use of broadband and must help define technical and legal capabilities. DHS representatives say that, before they can achieve this goal, they must have assurances from the FCC that their arrangement is technologically feasible.

What Your Phone App Doesn't Say: It's Watching
Associated Press (07/28/10) Robertson, Jordan

Lookout, a mobile phone security company, scanned nearly 300,000 free applications for Apple iPhones and devices built around Google's Android software and found that a number of them covertly take sensitive information from users' phones and transmit it to third parties without notification. That is a significant concern that has been popping up among privacy and security professionals. The data can include complete details about users' friends, their pictures, text messages, and Internet and search histories. Among these third parties are advertisers and companies that analyze user information. The data is used by companies to target advertisements and accrue more user information. The risk, however, is that the data becomes susceptible to hacking and use in identity theft if the third party does not carefully secure the data. Lookout shared its findings in late July during the Black Hat computer security conference in Las Vegas. Lookout found that nearly one in four iPhone apps and almost 50 percent of the Android apps contained software code that enabled these capabilities. "We found that not only users, but developers as well, don't know what's happening in their apps, even in their own apps, which is fascinating," says Lookout CEO John Hering.

Most Breaches Caused by Crime Gangs (07/28/10) McGlasson, Linda

Eighty-five percent of all stolen data last year was the work of organized crime, according to the annual Verizon Data Breach Investigations Report, produced in collaboration with the U.S. Secret Service. Of the 143 million records compromised in 2009, 85 percent of them stemmed from financial service incidents. In addition to organized crime, there was greater incidence of breaches attributable to insiders and social engineering. The Verizon report also notes that most of the breaches could have been avoided if security fundamentals had been implemented. Financial services accounted for a third of the cases investigated, while hospitality made up 23 percent and retail 15 percent. ID Experts CEO Rick Kam points to the growth of hybrid attacks involving collaboration between insiders and external organized cybercriminals. Kam says that criminals are employing advanced data-mining data methods to build more complete identities by "stealing data from public and private data sources that contain both sensitive financial data, as well as other identifiers like health insurance numbers, diagnosis, personal information from social Web sites like Facebook."

So Many Bugs, So Little Time
Technology Review (07/27/10) Naone, Erica

A new technique known as fuzzing has changed the way software bugs are discovered. Fuzzing involves forcing a program to crash by repeatedly feeding it randomly altered inputs. Inputs that cause a program to crash could reveal an important bug. The work required to identify important crashes is compounded by a new, more intensive approach called industrial fuzzing. COSEINC senior security researcher Ben Nagy is developing a tool that could help researchers determine exactly where a program has gone wrong after a crash occurs. Meanwhile, University of California, Berkeley researcher Dawn Song has developed BitBlaze, a platform that can follow exactly what is happening within a program, making it easier to analyze the potential security flaws found through industrial fuzzing. If industrial fuzzing works with all types of software, it could change the way companies test to make sure their codes are secure, says Zynamics' Vincenzo Iozzo.

Cyber Risks Place New Demands on Public/Private Partnership
Federal Computer Week (07/26/10) Corrin, Amber

Collaboration between the public and private sectors is a necessary but difficult factor for helping ensure the cyber security of U.S. infrastructure. "We need to be realistic about the fact that it's not just military networks that are at risk [of cyber attack], it's all networks," said Army Brig. Gen. John Davis, director of current operations at U.S. Cyber Command (Cybercom), at a recent cyber security symposium. "And we realize that military networks are built on the networks of industry." The symposium focused on the National Security Agency's Perfect Citizen program to monitor the networks of publicly owned utilities that function as critical infrastructure, scanning them for any indication of a potentially crippling cyber attack. Government and military officials at the event argued that to shield U.S. cyber space, they need to work out a new plan for the public/private partnership that includes exchanging information in order to learn from each other and identify best practices. "The private sector is the lowest common denominator in cyber security," said INSA President Ellen McCarthy. She noted that strong information sharing and open communication standards must be adopted to get the collaboration right, and among the responsibilities of the public/private partnership is protecting private citizens' interests. Many hope that Cybercom can facilitate a new epoch of public/private collaboration as the Defense Department expands its cyber space footprint.

Cybercrime Costs a Business $3.8 Million/Year, Study Finds
Network World (07/26/10) Messmer, Ellen

A recent study of 45 U.S. organizations found that cybercrime—including online attacks, pernicious code, and rogue insiders—costs them an average of $3.8 million a year and results in at least one successful attack a week. The "First Annual Cost of Cyber Crime Study," carried out by the Ponemon Institute and funded by ArcSight, involved seven months of research and on-site interviews with the organizations. The participating midsize and large companies—from 500 to more than 105,000 employees—represent a wide array of industries and government agencies. Researchers spoke with IT security specialists, as well as network, forensics, and management personnel, to understand the costs of addressing and mitigating cybercrime attacks. Although $3.8 million was the average annual cybercrime cost, organizations reported from a low of $1 million to a maximum of $52 million, according to the report. "The eye-popping thing we found is a lot of organizations are very disorganized in even understanding the environments they're dealing with," Ponemon says.

Abstracts Copyright © 2010 Information, Inc. Bethesda, MD

  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online