__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN libxslt Security Update [Red Hat RHSA-2008:0287-2] May 22, 2008 13:00 GMT Number S-297 [REVISED 29 May 2008] ______________________________________________________________________________ PROBLEM: The libxslt library did not properly process long "transformation match" conditions in the XSL stylesheet files. PLATFORM: RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3, v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS, ES, WS (v. 2.1, v. 3, v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor Debian GNU/Linux 4.0 (etch) DAMAGE: DoS or possibly execute and arbitrary code. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is MEDIUM. An attacker could create a malicious XSL ASSESSMENT: file that would cause a crash, or, possibly, execute and arbitrary code with the privileges of the application using libxslt library to perform XSL transformations. ______________________________________________________________________________ CVSS 2 BASE SCORE: 6.8 TEMPORAL SCORE: 5.3 VECTOR: (AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C) ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/s-297.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2008-0287.html ADDITIONAL LINK: http://www.debian.org/security/2008/dsa-1589 CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2008-1767 ______________________________________________________________________________ REVISION HISTORY: 05/29/2008 - revised S-297 to add a link to Debian Security Advisory DSA-1589-1 for Debian GNU/Linux 4.0 (etch). [***** Start Red Hat RHSA-2008:0287-2 *****] Important: libxslt security update Advisory: RHSA-2008:0287-2 Type: Security Advisory Severity: Important Issued on: 2008-05-21 Last updated on: 2008-05-21 Affected Products: RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor OVAL: com.redhat.rhsa-20080287.xml CVEs (cve.mitre.org): CVE-2008-1767 Details Updated libxslt packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. libxslt is a C library, based on libxml, for parsing of XML files into other textual formats (eg HTML, plain text and other XML representations of the underlying data) It uses the standard XSLT stylesheet transformation mechanism and, being written in plain ANSI C, is designed to be simple to incorporate into other applications Anthony de Almeida Lopes reported the libxslt library did not properly process long "transformation match" conditions in the XSL stylesheet files. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute and arbitrary code with the privileges of the application using libxslt library to perform XSL transformations. (CVE-2008-1767) All users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 Updated packages RHEL Desktop Workstation (v. 5 client) -------------------------------------------------------------------------------- IA-32: libxslt-devel-1.1.17-2.el5_1.1.i386.rpm 65b60c7ca2293cbaea8c78957b456b86 x86_64: libxslt-devel-1.1.17-2.el5_1.1.i386.rpm 65b60c7ca2293cbaea8c78957b456b86 libxslt-devel-1.1.17-2.el5_1.1.x86_64.rpm 74de81181096085184be4e903ba2ef0e Red Hat Desktop (v. 3) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.33-6.src.rpm 3503db7cca9cd6f0c2dee1bb17f87c04 IA-32: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-devel-1.0.33-6.i386.rpm 51cf6e87109ed9bfc8096c1ab1e61d33 x86_64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.x86_64.rpm 05b8595bd5a6ee2094c2aad21d7194b6 libxslt-devel-1.0.33-6.x86_64.rpm 13b8e94f7dd351bda8a3fd2b36dae6c1 Red Hat Desktop (v. 4) -------------------------------------------------------------------------------- SRPMS: libxslt-1.1.11-1.el4_6.1.src.rpm a3ea6e78e45df10ff0f618fadff44038 IA-32: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-devel-1.1.11-1.el4_6.1.i386.rpm 84e036bc8c0eb262487b0f83de2c927f libxslt-python-1.1.11-1.el4_6.1.i386.rpm fa7cef400421c41b5b2638f90ff4748c x86_64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.x86_64.rpm dacea7103b284aa21878fb16313bd052 libxslt-devel-1.1.11-1.el4_6.1.x86_64.rpm 84de9a33b9c412bc589053f169f64eea libxslt-python-1.1.11-1.el4_6.1.x86_64.rpm 761252a8f16224ac07ed8d1cae83d2c1 Red Hat Enterprise Linux (v. 5 server) -------------------------------------------------------------------------------- SRPMS: libxslt-1.1.17-2.el5_1.1.src.rpm 5105cad8d59bdf6bbcf87c80c00dbfdd IA-32: libxslt-1.1.17-2.el5_1.1.i386.rpm f7de7b4383514c2cdc07fcc88a5a732a libxslt-devel-1.1.17-2.el5_1.1.i386.rpm 65b60c7ca2293cbaea8c78957b456b86 libxslt-python-1.1.17-2.el5_1.1.i386.rpm fa1b8a68113b3e5b9859ca30661d37b8 IA-64: libxslt-1.1.17-2.el5_1.1.i386.rpm f7de7b4383514c2cdc07fcc88a5a732a libxslt-1.1.17-2.el5_1.1.ia64.rpm 8f22de6e04ad1d466d4938389d20bf54 libxslt-devel-1.1.17-2.el5_1.1.ia64.rpm 9728bae479f2569eb91cb985835f78a2 libxslt-python-1.1.17-2.el5_1.1.ia64.rpm d66d6d0483a32fa7fcaac2f23b5f2b97 PPC: libxslt-1.1.17-2.el5_1.1.ppc.rpm a1eb2adbac89467c8ffa0d23efa3dd92 libxslt-1.1.17-2.el5_1.1.ppc64.rpm c0292c5f91a3aec22b1daecab1bf0504 libxslt-devel-1.1.17-2.el5_1.1.ppc.rpm 46d3087ce542493d677081960d16893d libxslt-devel-1.1.17-2.el5_1.1.ppc64.rpm e7a1cfe8f696b3860eab7ed5e2fcc6cd libxslt-python-1.1.17-2.el5_1.1.ppc.rpm 9975faa193082e5a90c947fb4424ebc1 s390x: libxslt-1.1.17-2.el5_1.1.s390.rpm 17b3a5a3add00de3f418c4272a4b2744 libxslt-1.1.17-2.el5_1.1.s390x.rpm a2d1ad7b23490f20741c48ccb8976de3 libxslt-devel-1.1.17-2.el5_1.1.s390.rpm a67a0b17e447c35d552aac0e7a1e3727 libxslt-devel-1.1.17-2.el5_1.1.s390x.rpm d618e7701bdae86845c6b1f712450da9 libxslt-python-1.1.17-2.el5_1.1.s390x.rpm 6f4029663d4c33a0e377be43ecbc5f5d x86_64: libxslt-1.1.17-2.el5_1.1.i386.rpm f7de7b4383514c2cdc07fcc88a5a732a libxslt-1.1.17-2.el5_1.1.x86_64.rpm 59a901acfb519d5cc05682a0a6ca3706 libxslt-devel-1.1.17-2.el5_1.1.i386.rpm 65b60c7ca2293cbaea8c78957b456b86 libxslt-devel-1.1.17-2.el5_1.1.x86_64.rpm 74de81181096085184be4e903ba2ef0e libxslt-python-1.1.17-2.el5_1.1.x86_64.rpm 4b213e59a5c41b1ba3db4bf90fc58d71 Red Hat Enterprise Linux AS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.15-3.src.rpm 167ae21cdda82ff6ad1c1dbfacb35f5a IA-32: libxslt-1.0.15-3.i386.rpm a72ede6a742b97ab42bac7c0b1c45c3d libxslt-devel-1.0.15-3.i386.rpm 6f066c4f8e3e64f8212f526b17370adf libxslt-python-1.0.15-3.i386.rpm add5fe311fcac0db4a6cebc40d2fb05c IA-64: libxslt-1.0.15-3.ia64.rpm 972e8a3c2b2294d9e95d2a02ff247d5f libxslt-devel-1.0.15-3.ia64.rpm ee6d2b4ea393a95a0c342b5e128c520f libxslt-python-1.0.15-3.ia64.rpm a45c502dc00f62831232b1611e1a9866 Red Hat Enterprise Linux AS (v. 3) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.33-6.src.rpm 3503db7cca9cd6f0c2dee1bb17f87c04 IA-32: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-devel-1.0.33-6.i386.rpm 51cf6e87109ed9bfc8096c1ab1e61d33 IA-64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.ia64.rpm cf7982a70e688fd44bb2cce1a44f8b7c libxslt-devel-1.0.33-6.ia64.rpm 0e87a8d0bf4fdb465cc6796bd44fe20e PPC: libxslt-1.0.33-6.ppc.rpm 10f368a9cfc818530c7cade9d3a66261 libxslt-1.0.33-6.ppc64.rpm fe5c9d6a4af38fe3687cfbc6b68ac3ea libxslt-devel-1.0.33-6.ppc.rpm 2b48f8ee000ad5f6e79d5fe960a9f94a s390: libxslt-1.0.33-6.s390.rpm 241b9186adfc45d06103484866d19c29 libxslt-devel-1.0.33-6.s390.rpm ec6336910bbc68deb252a3b236c14f84 s390x: libxslt-1.0.33-6.s390.rpm 241b9186adfc45d06103484866d19c29 libxslt-1.0.33-6.s390x.rpm df05c2199cb4de957d43447c2de7bda8 libxslt-devel-1.0.33-6.s390x.rpm 2335d18264c5aee0c080509e54d953ac x86_64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.x86_64.rpm 05b8595bd5a6ee2094c2aad21d7194b6 libxslt-devel-1.0.33-6.x86_64.rpm 13b8e94f7dd351bda8a3fd2b36dae6c1 Red Hat Enterprise Linux AS (v. 4) -------------------------------------------------------------------------------- SRPMS: libxslt-1.1.11-1.el4_6.1.src.rpm a3ea6e78e45df10ff0f618fadff44038 IA-32: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-devel-1.1.11-1.el4_6.1.i386.rpm 84e036bc8c0eb262487b0f83de2c927f libxslt-python-1.1.11-1.el4_6.1.i386.rpm fa7cef400421c41b5b2638f90ff4748c IA-64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.ia64.rpm 79d969152d2469216a15c5e841650c3c libxslt-devel-1.1.11-1.el4_6.1.ia64.rpm 1ce2001e1443bf64deb55c89f1d52cc7 libxslt-python-1.1.11-1.el4_6.1.ia64.rpm 8bb01e87965bccef3bb444b33ca3f44e PPC: libxslt-1.1.11-1.el4_6.1.ppc.rpm 2b074a732465709ab334b9a14a9d0796 libxslt-1.1.11-1.el4_6.1.ppc64.rpm c1f09fb7d803f6a7cae94410cb9fd747 libxslt-devel-1.1.11-1.el4_6.1.ppc.rpm 0048da21aa84bc4efc5e239be950df08 libxslt-python-1.1.11-1.el4_6.1.ppc.rpm 656301a73e20b78b5b86ff7ab60b7e24 s390: libxslt-1.1.11-1.el4_6.1.s390.rpm 340ccad46d02b6b2c231497e75e5d86e libxslt-devel-1.1.11-1.el4_6.1.s390.rpm dbba954fd4a30929f30f7c090d222175 libxslt-python-1.1.11-1.el4_6.1.s390.rpm b30bc6cc470df14b9cf354035c1d9baf s390x: libxslt-1.1.11-1.el4_6.1.s390.rpm 340ccad46d02b6b2c231497e75e5d86e libxslt-1.1.11-1.el4_6.1.s390x.rpm 6775f937408d66728842c0a351bf4f68 libxslt-devel-1.1.11-1.el4_6.1.s390x.rpm 4c2fc004000cbe7176ab285ec45ed40a libxslt-python-1.1.11-1.el4_6.1.s390x.rpm 64c3f2c1ba168fe45fffb07cff0108a3 x86_64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.x86_64.rpm dacea7103b284aa21878fb16313bd052 libxslt-devel-1.1.11-1.el4_6.1.x86_64.rpm 84de9a33b9c412bc589053f169f64eea libxslt-python-1.1.11-1.el4_6.1.x86_64.rpm 761252a8f16224ac07ed8d1cae83d2c1 Red Hat Enterprise Linux Desktop (v. 5 client) -------------------------------------------------------------------------------- SRPMS: libxslt-1.1.17-2.el5_1.1.src.rpm 5105cad8d59bdf6bbcf87c80c00dbfdd IA-32: libxslt-1.1.17-2.el5_1.1.i386.rpm f7de7b4383514c2cdc07fcc88a5a732a libxslt-python-1.1.17-2.el5_1.1.i386.rpm fa1b8a68113b3e5b9859ca30661d37b8 x86_64: libxslt-1.1.17-2.el5_1.1.i386.rpm f7de7b4383514c2cdc07fcc88a5a732a libxslt-1.1.17-2.el5_1.1.x86_64.rpm 59a901acfb519d5cc05682a0a6ca3706 libxslt-python-1.1.17-2.el5_1.1.x86_64.rpm 4b213e59a5c41b1ba3db4bf90fc58d71 Red Hat Enterprise Linux ES (v. 2.1) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.15-3.src.rpm 167ae21cdda82ff6ad1c1dbfacb35f5a IA-32: libxslt-1.0.15-3.i386.rpm a72ede6a742b97ab42bac7c0b1c45c3d libxslt-devel-1.0.15-3.i386.rpm 6f066c4f8e3e64f8212f526b17370adf libxslt-python-1.0.15-3.i386.rpm add5fe311fcac0db4a6cebc40d2fb05c Red Hat Enterprise Linux ES (v. 3) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.33-6.src.rpm 3503db7cca9cd6f0c2dee1bb17f87c04 IA-32: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-devel-1.0.33-6.i386.rpm 51cf6e87109ed9bfc8096c1ab1e61d33 IA-64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.ia64.rpm cf7982a70e688fd44bb2cce1a44f8b7c libxslt-devel-1.0.33-6.ia64.rpm 0e87a8d0bf4fdb465cc6796bd44fe20e x86_64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.x86_64.rpm 05b8595bd5a6ee2094c2aad21d7194b6 libxslt-devel-1.0.33-6.x86_64.rpm 13b8e94f7dd351bda8a3fd2b36dae6c1 Red Hat Enterprise Linux ES (v. 4) -------------------------------------------------------------------------------- SRPMS: libxslt-1.1.11-1.el4_6.1.src.rpm a3ea6e78e45df10ff0f618fadff44038 IA-32: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-devel-1.1.11-1.el4_6.1.i386.rpm 84e036bc8c0eb262487b0f83de2c927f libxslt-python-1.1.11-1.el4_6.1.i386.rpm fa7cef400421c41b5b2638f90ff4748c IA-64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.ia64.rpm 79d969152d2469216a15c5e841650c3c libxslt-devel-1.1.11-1.el4_6.1.ia64.rpm 1ce2001e1443bf64deb55c89f1d52cc7 libxslt-python-1.1.11-1.el4_6.1.ia64.rpm 8bb01e87965bccef3bb444b33ca3f44e x86_64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.x86_64.rpm dacea7103b284aa21878fb16313bd052 libxslt-devel-1.1.11-1.el4_6.1.x86_64.rpm 84de9a33b9c412bc589053f169f64eea libxslt-python-1.1.11-1.el4_6.1.x86_64.rpm 761252a8f16224ac07ed8d1cae83d2c1 Red Hat Enterprise Linux WS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.15-3.src.rpm 167ae21cdda82ff6ad1c1dbfacb35f5a IA-32: libxslt-1.0.15-3.i386.rpm a72ede6a742b97ab42bac7c0b1c45c3d libxslt-devel-1.0.15-3.i386.rpm 6f066c4f8e3e64f8212f526b17370adf libxslt-python-1.0.15-3.i386.rpm add5fe311fcac0db4a6cebc40d2fb05c Red Hat Enterprise Linux WS (v. 3) -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.33-6.src.rpm 3503db7cca9cd6f0c2dee1bb17f87c04 IA-32: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-devel-1.0.33-6.i386.rpm 51cf6e87109ed9bfc8096c1ab1e61d33 IA-64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.ia64.rpm cf7982a70e688fd44bb2cce1a44f8b7c libxslt-devel-1.0.33-6.ia64.rpm 0e87a8d0bf4fdb465cc6796bd44fe20e x86_64: libxslt-1.0.33-6.i386.rpm 932324c6a50d41befece746d74e0aeb8 libxslt-1.0.33-6.x86_64.rpm 05b8595bd5a6ee2094c2aad21d7194b6 libxslt-devel-1.0.33-6.x86_64.rpm 13b8e94f7dd351bda8a3fd2b36dae6c1 Red Hat Enterprise Linux WS (v. 4) -------------------------------------------------------------------------------- SRPMS: libxslt-1.1.11-1.el4_6.1.src.rpm a3ea6e78e45df10ff0f618fadff44038 IA-32: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-devel-1.1.11-1.el4_6.1.i386.rpm 84e036bc8c0eb262487b0f83de2c927f libxslt-python-1.1.11-1.el4_6.1.i386.rpm fa7cef400421c41b5b2638f90ff4748c IA-64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.ia64.rpm 79d969152d2469216a15c5e841650c3c libxslt-devel-1.1.11-1.el4_6.1.ia64.rpm 1ce2001e1443bf64deb55c89f1d52cc7 libxslt-python-1.1.11-1.el4_6.1.ia64.rpm 8bb01e87965bccef3bb444b33ca3f44e x86_64: libxslt-1.1.11-1.el4_6.1.i386.rpm f1787d396f0dc93a17ee1079434aed9d libxslt-1.1.11-1.el4_6.1.x86_64.rpm dacea7103b284aa21878fb16313bd052 libxslt-devel-1.1.11-1.el4_6.1.x86_64.rpm 84de9a33b9c412bc589053f169f64eea libxslt-python-1.1.11-1.el4_6.1.x86_64.rpm 761252a8f16224ac07ed8d1cae83d2c1 Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor -------------------------------------------------------------------------------- SRPMS: libxslt-1.0.15-3.src.rpm 167ae21cdda82ff6ad1c1dbfacb35f5a IA-64: libxslt-1.0.15-3.ia64.rpm 972e8a3c2b2294d9e95d2a02ff247d5f libxslt-devel-1.0.15-3.ia64.rpm ee6d2b4ea393a95a0c342b5e128c520f libxslt-python-1.0.15-3.ia64.rpm a45c502dc00f62831232b1611e1a9866 (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 446809 - CVE-2008-1767 libxslt: fixed-sized steps array overflow via "template match" condition in XSL file References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 http://www.redhat.com/security/updates/classification/#important -------------------------------------------------------------------------------- These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat RHSA-2008:0287-2 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) S-213: Nukedit 'email' Parameter Vulnerability S-214: SurgeMail and WebMail 'Page' Command Vulnerability S-215: Symantec Backup Exec Scheduler ActiveX Control Multiple Vulnerabilities S-216: Juniper Networks Secure Access 2000 'rdremediate.cgi' Vulnerability S-217: Drupal Multiple HTML Vulnerabilities S-218: gd Security Update S-219: Juniper Networks Secure Access 2000 Web Root Path Vulnerability S-220: PHP-Nuke My_eGallery Module 'gid' Parameter Vulnerability S-221: Learn2 STRunner ActiveX Control Vulnerabilities S-222: Evolution Security Update