Mailing-List: contact bugtraq-jp-help@securityfocus.com; run by ezmlm
Precedence: bulk
To: BUGTRAQ-JP@SECURITYFOCUS.COM
References: <Pine.LNX.4.55.0305130905350.7305@mail.securityfocus.com>
Subject: SecurityFocus Newsletter #196 2003-5-5->2003-5-9
From: SAKAI Yoriyuki <sakai@lac.co.jp>
Message-Id: <200305192125.EAG61107.JBTLB@lac.co.jp>
Date: Mon, 19 May 2003 21:26:03 +0900
Mime-Version: 1.0
Content-Type: multipart/signed;
    protocol="application/pkcs7-signature";
    micalg=sha1; Boundary="---------1053347161-4172429"

-----------1053347161-4172429
Content-Type: text/plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

$B:d0f(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 196 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

---------------------------------------------------------------------------
BugTraq-JP $B$K4X$9$k(B FAQ($BF|K\8l(B):
http://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
---------------------------------------------------------------------------
---------------------------------------------------------------------------
SecurityFocus Newsletter $B$K4X$9$k(BFAQ($B1Q8l(B):
http://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
BugTraq $B$K4X$9$k(B FAQ($B1Q8l(B):
http://www.securityfocus.com/popups/forums/bugtraq/faq.shtml
---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
  $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
  $B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
  $B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^(B
  $B$9!#(B
---------------------------------------------------------------------------
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"4F=$<T(B (sakai@lac.co.jp) $B$K$*CN$i$;$/$@$5$$!#(B
  $B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
---------------------------------------------------------------------------
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 13 May 2003 09:07:12 -0600 (MDT)
Message-ID: <Pine.LNX.4.55.0305130905350.7305@mail.securityfocus.com>

SecurityFocus Newsletter #196
-----------------------------

This is issue is sponsored by: AirDefense

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
	1. Starting from Scratch: Formatting and Reinstalling after...
	2. U.S. Information Security Law, Part 3
	3. The Nowhere Men
	4. Security's Failed Past and Risky Future
II. BUGTRAQ SUMMARY
	1. KDE Konqueror Malformed HTML Page Denial of Service Vulnerability
	2. HP-UX RWrite Buffer Overflow Vulnerability
	3. WebcamXP Message Field HTML Code Injection Vulnerability
	4. Ethereal Multiple Dissector One Byte Buffer Overflow...
	5. Ethereal Mount Dissector Integer Overflow Vulnerability
	6. Ethereal PPP Dissector Integer Overflow Vulnerability
	7. Microsoft MN-500 Plaintext Password Disclosure Weakness
	8. FlashFXP User Password Encryption Weakness
	9. Mod_Survey SYSBASE Disk Resource Consumption DOS...
	10. GNU Privacy Guard Insecure Trust Path To User ID Weakness
	11. MySQL Weak Password Encryption Vulnerability
	12. CommuniGate Pro Webmail Session Hijacking Vulnerability
	13. Mirabilis ICQ POP3 Client UIDL Command Format String...
	14. Mirabilis ICQ POP3 Client Subject Field Signed Integer...
	15. Mirabilis ICQ Features On Demand Remote Command Execution...
	16. Mirabilis ICQ GIF Parsing Denial Of Service Vulnerability
	17. Mirabilis ICQ Message Session Window Denial Of Service...
	18. Mirabilis ICQ POP3 Client Date Field Signed Integer Overflow...
	19. Microsoft Internet Explorer DHTML AnchorClick Partial Denial...
	20. Youbin HOME Buffer Overflow Vulnerability
	21. Leksbot Multiple Unspecified Vulnerabilities
	22. Siemens Mobile Phones %IMG_NAME Denial Of Service Vulnerability
	23. Floosietek FTGate PRO SMTP MAIL FROM Buffer Overflow...
	24. Floosietek FTGate PRO SMTP RCPT TO Buffer Overflow Vulnerability
III. SECURITYFOCUS NEWS ARTICLES
	1. 'Banned' Xbox Hacking Book Selling Fast
	2. Report: Too Many Watch Lists
	3. Senate broadens powerful U.S. terror surveillance law
	4. Microsoft admits Passport identity service was vulnerable
IV. SECURITYFOCUS TOP 6 TOOLS
	1. Data Thief v1.0
	2. DISCO v1.0
	3. linux-identd v1.3
	4. mod_protection v0.0.2
	5. pcInternet Patrol
	6. Active Spam Killer v2.3 beta2

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
---------------------------------

II. BUGTRAQ SUMMARY
-------------------
1. KDE Konqueror Malformed HTML Page Denial of Service Vulnerability
BugTraq ID: 7486
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 02 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7486
$B$^$H$a(B:

Konqueror $B$O(B KDE $B%G%9%/%H%C%W4D6-$KF1:-$5$l$F$$$k!"%*!<%W%s%=!<%9$N(B Web
$B%V%i%&%6$G$"$k!#$3$N%=%U%H%&%'%"$O(B Linux $B%G%#%9%H%j%S%e!<%7%g%s$GF0:n2D(B
$BG=$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$O0-0U$"$k%G!<%?$r4^$`(B HTML $B$r2r<a$9$k:]$K(B
DoS $B>uBV$K4Y$kLdBj$rJz$($k5?$$$,$"$k!#6qBNE*$K$O!"$3$N%=%U%H%&%'%"$O(B
'\xFF\xFE\r\r\n' $B$,Ls(B 30000 $B%P%$%H$KEO$C$F7+$jJV$5$l$F$$$k%G!<%?$r4^$`(B 
HTML$B$r2r<a$9$k:]$K!"(Bcore $B$N@8@.$K<:GT$7$F$7$^$&$N$G$"$k!#(B

$B967b<T$O$3$N(B Web $B%V%i%&%6$rMxMQ$9$k%j%b!<%H$N%f!<%6$N%;%C%7%g%s$r(B DoS$B>u(B
$BBV$K4Y$i$;$k$?$a$K!"$3$NLdBj$rMxMQ$9$k967b$r4k$F$k2DG=@-$,$"$k!#(B

$B$J$*!"$3$l$OL$8!>Z$G$O$"$k$b$N$N!"$3$NLdBj$O967b<T$K$H$C$FM?$($i$l$?%3!<(B
$B%I$r<B9T$9$k$?$a$N967b$KMxMQ$5$l$k2DG=@-$,$"$k!#(B

$B$3$NLdBj$K4X$9$kL@3N$J5;=Q>\:Y$O8=;~E@$G$OL$>\$G$"$k!#K\(B BID $B$O$5$i$J$k(B
$B>pJs$,8x3+$5$l<!Bh!"99?7M=Dj$G$"$k!#(B

2. HP-UX RWrite Buffer Overflow Vulnerability
BugTraq ID: 7489
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: May 02 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7489
$B$^$H$a(B:

$BJs9p$K$h$k$H!"(BHP-UX $B$KF1:-$5$l$F$$$k(B /usr/lbin/rwrite $B%f!<%F%#%j%F%#$O(B
$B%P%C%U%!%*!<%P%U%m!<$,@8$8$kLdBj$rJz$($F$$$k5?$$$,$"$k!#L$8!>Z$G$O$"$k(B
$B$,!"$h$j>:3J$5$l$?8"8B$G$N%3!<%I<B9T$,2DG=$G$"$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$OHs>o$KBgNL$J!"(B14628 $B%P%$%H0J>e$ND9$5$N%G!<%?$,!"LdBj$rJz$($k(B
$B%=%U%H%&%'%"$K%3%^%s%I%i%$%s%Q%i%a!<%?$N0lIt$H$7$F0z$-EO$5$l$k:]$K@8$8(B
$B$k!#$3$N%=%U%H%&%'%"$,$3$N<o$N0U?^E*$J%Q%i%a!<%?$r2r<a$9$k:]$K%;%0%a%s(B
$B%F!<%7%g%s%U%)%k%H$,H/@8$9$k!#$3$l$O!"$3$N%f!<%F%#%j%F%#MQ$K3NJ]$5$l$?(B
$B%a%b%jNN0hFb$N%P%C%U%!$K%G!<%?$r%3%T!<$9$kA0$N!"%G!<%?$KBP$9$k6-3&%A%'%C(B
$B%/$,IT==J,$G$"$k$?$a$K@8$8$F$$$k$H9M$($i$l$F$$$k!#BgNL$N%G!<%?$O%P%C%U%!(B
$B$N6-3&$r1[$(!"6a@\$7$?NN0h$KB8:_$9$k!"%W%m%0%i%`$N<B9T<j=g$d<B9T<j=g$N(B
$B4IM}$r:81&$9$k=EMW$JCM$r>e=q$-$9$k2DG=@-$,$"$k!#$J$*!"$3$l$OL$8!>Z$G$O(B
$B$"$k$,!"$3$NLdBj$NK\<A$+$i9M;!$9$k$H!"967b<T$O0U?^E*$J%3!<%I$r<B9T2DG=(B
$B$G$"$k$H9M$($i$l!"$3$N%3%^%s%I$N%G%U%)%k%H%$%s%9%H!<%k>uBV$r9MN8$9$k$J(B
$B$i$P!"0U?^E*$J%3!<%I$O(B root $B8"8B$G<B9T$5$l$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$K4X$9$kL@3N$J5;=Q>\:Y$O8=;~E@$G$OL$>\$G$"$k!#K\(B BID $B$O$5$i$J$k(B
$B>pJs$,8x3+$5$l<!Bh!"99?7M=Dj$G$"$k!#(B

$B$3$NLdBj$O(B HP-UX 11.00 $B$K1F6A$r5Z$\$9$HJs9p$5$l$F$$$k$,!"B>$N%P!<%8%g%s(B
$B$bF1MM$NLdBj$rJz$($k2DG=@-$,$"$kE@$ON10U$9$Y$-$G$"$k!#(B

3. WebcamXP Message Field HTML Code Injection Vulnerability
BugTraq ID: 7490
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 02 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7490
$B$^$H$a(B:

WebcamXP $B$O(B Microsoft Windows $B4D6-$GF0:n$9$k$h$&$K@_7W$5$l$?!"(BWeb $B%5!<(B
$B%P5!G=$rHw$($k(B Web $B%+%a%iMQ$N%f!<%F%#%j%F%#$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$N%A%c%C%H%Z!<%8$K$O!"%j%b!<%H$N%f!<%6$,$3$N%=%U%H%&%'(B
$B%"$r2TF0$5$;$F$$$k(B Web $B%5%$%H$HF13J$N8"8B$G!"0U?^$7$?%9%/%j%W%H<B9T2DG=(B
$B$H$J$kLdBj$,B8:_$9$k!#$3$NLdBj$O!"(BWeb $B%Z!<%8$N(B 'message' $B%U%#!<%k%I$r2p(B
$B$7$FAw?.$5$l$k%f!<%6$K$h$C$FM?$($i$l$?F~NOCM$KBP$7$F9T$o$l$k%U%#%k%?%j(B
$B%s%0(B (sanitize) $B$,IT==J,$G$"$k$3$H$K5/0x$9$k!#(B

$B7k2L$H$7$F!"0-0U$"$k%f!<%6$O(B Web $B%5!<%P$KBP$7$F!"(BHTML $B$H$7$F2r<a$5$lF@(B
$B$k$k%3!<%I$r4^$`Ej9FFbMF$rAw?.$G$-$k2DG=@-$,$"$k!#$3$N<o$N%3!<%I$O%f!<(B
$B%6$N(B Web $B%V%i%&%6$K$h$C$F!"LdBj$rJz$($k%=%U%H%&%'%"$r2TF0$5$;$F$$$k(B Web
$B%5%$%H$HF13J$N%3%s%F%-%9%H$G<B9T$5$l$k!#(B

$B$3$NLdBj$rMxMQ$7$?967b$K$h$j!"LdBj$rJz$($k%=%U%H%&%'%"$r2TF0$5$;$F$$$k(B
Web $B%5%$%H$N@55,%f!<%6$+$i(B Cookie $B$KM3Mh$9$kG'>ZMQ>pJs$r:q<h$5$l$k2DG=(B
$B@-$,$"$k!#$^$?D94|E*$J%5!<%S%9ITG=967b$r4^$`!"$=$NB>$N967b$b2DG=$G$"$k!#(B
$B$3$N967b$K$h$k1F6AHO0O$O%f!<%6$,;HMQ$9$k%V%i%&%6$K$h$C$F0[$J$k!#(B

$B$3$NLdBj$O(B WebcamXP 1.02.432 $B$*$h$S(B 1.02.535.4.0 $B$K1F6A$,$"$k$HJs9p$5$l(B
$B$F$$$k$,!"$3$l0JA0$N%P!<%8%g%s$X$b1F6A$,5Z$V2DG=@-$,$"$kE@$ON10U$9$Y$-(B
$B$G$"$k!#(B

4. Ethereal Multiple Dissector One Byte Buffer Overflow Vulnerabilities
BugTraq ID: 7493
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 03 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7493
$B$^$H$a(B:

Ethereal $B$O%U%j!<$GMxMQ2DG=$J!"%*!<%W%s%=!<%9$N%M%C%H%o!<%/%H%i%U%#%C%/(B
$B2r@O%D!<%k$G$"$k!#$3$l$O(B Ethereal Project $B$K$*$$$FJ]<i$5$l$F$*$j!"B?$/(B
$B$N(B Unix $B$dMM!9$J(B Linux $BM3Mh$N(B OS$B!"$^$?F1MM$K!"(BMicrosoft Windows $B$K$*$$(B
$B$F$bF0:n$9$k%=%U%H%&%'%"$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$KHw$($i$l$F$$$k!"J#?t$N%W%m%H%3%k2r@OIt$K$O%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$kLdBj$,B8:_$9$k!#6qBNE*$K$O!"LdBj$rJz$($k%W%m%H%3%k(B
$B2r@OIt$G$O%;%-%e%"$G$O$J$$J}K!$G(B tvb_get_nstringz() $B4X?t(B $B$*$h$S(B
tvb_get_nstringz0() $B4X?t$rMQ$$$F$$$k!#$3$NLdBj$rMxMQ$9$k967b$K$h$j!"96(B
$B7b<T$O(B 1 $B%P%$%H$N$:$l$N$_$G%P%C%U%!%*!<%P!<%U%m!<$r0z$-5/$3$9$3$H$,2DG=(B
$B$K$J$k!#(BAIM$B!"(BGIOP Gryphon$B!"(BOSPF$B!"(BPPTP$B!"(BQuake$B!"(BQuake2$B!"(BQuake3$B!"(BRsync$B!"(BSMB$B!"(B
SMPP$B!"$*$h$S(B TSP $B%W%m%H%3%k$N2r@OIt$,$3$NLdBj$rJz$($F$$$k!#(B

$B$3$NLdBj$K4X$9$kL@3N$J5;=Q>\:Y$O8=;~E@$G$OL$>\$G$"$k!#K\(B BID $B$O>\:Y>pJs(B
$B$,8x3+$5$l<!Bh!"99?7M=Dj$G$"$k!#(B

$B967b<T$OFCJL$KAH$_N)$F$i$l$?%Q%1%C%H$rLdBj$rJz$($k%P!<%8%g%s$N$3$N%=%U(B
$B%H%&%'%"$r2TF0$5$;$F$$$k%3%s%T%e!<%?$XAw?.$9$k$+!"0U?^E*$KAH$_N)$F$i$l(B
$B$?%Q%1%C%H%H%l!<%9%U%!%$%k$rLdBj$rJz$($k%P!<%8%g%s$N$3$N%=%U%H%&%'%"$,(B
$BFI$_9~$`$h$&$K%f!<%6$rM6F3$9$k$3$H$K$h$j!"$3$NLdBj$rMxMQ$9$k967b$r4k$F(B
$B$k$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$NK\<A$+$i9M;!$9$k$J$i$P!"967b<T$O%a%b%j>e$N=EMW$JNN0h$r>e=q$-(B
$B$9$k>u67$r>7$/$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#$3$NLdBj$rMxMQ$9$k967b$,@.(B
$B8y$7$?>l9g!"$3$N%=%U%H%&%'%"$N%W%m%;%9$N<B9T8"8B$G0U?^E*$J%3!<%I$,<B9T(B
$B$5$l$k2DG=@-$,$"$k!#(B

$B$3$NLdBj$O(B Ethereal 0.9.11 $B0JA0$K1F6A$r5Z$\$9!#(B

5. Ethereal Mount Dissector Integer Overflow Vulnerability
BugTraq ID: 7494
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 03 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7494
$B$^$H$a(B:

Ethereal $B$O%U%j!<$GMxMQ2DG=$J!"%*!<%W%s%=!<%9$N%M%C%H%o!<%/%H%i%U%#%C%/(B
$B2r@O%D!<%k$G$"$k!#$3$l$O(B Ethereal Project $B$K$*$$$FJ]<i$5$l$F$*$j!"B?$/(B
$B$N(B Unix $B$dMM!9$J(B Linux $BM3Mh$N(B OS$B!"$^$?F1MM$K!"(BMicrosoft Windows $B$K$*$$(B
$B$F$bF0:n$9$k%=%U%H%&%'%"$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$N(B Mount $B%W%m%H%3%k$N2r@OIt$O@0?t7e$"$U$l$K$h$k%*!<%P!<(B
$B%U%m!<$rH/@8$9$kLdBj$rJz$($F$$$k!#(B

$B$3$NLdBj$K4X$9$kL@3N$J5;=Q>\:Y$O8=;~E@$G$OL$>\$G$"$k!#K\(B BID $B$O>\:Y>pJs(B
$B$,8x3+$5$l<!Bh!"99?7M=Dj$G$"$k!#(B

$B967b<T$OFCJL$KAH$_N)$F$i$l$?%Q%1%C%H$rLdBj$rJz$($k%P!<%8%g%s$N(B Mount $B%W(B
$B%m%H%3%k$N2r<aIt$rMxMQ$9$k!"$3$N%=%U%H%&%'%"$r2TF0$5$;$F$$$k%3%s%T%e!<%?(B
$B$XAw?.$9$k$+!"0U?^E*$KAH$_N)$F$i$l$?%Q%1%C%H%H%l!<%9%U%!%$%k$rLdBj$rJz$((B
$B$k%P!<%8%g%s$N$3$N%=%U%H%&%'%"$,FI$_9~$`$h$&$K%f!<%6$rM6F3$9$k$3$H$K$h$j!"(B
$B$3$NLdBj$rMxMQ$9$k967b$r4k$F$k$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$NK\<A$+$i9M;!$9$k$J$i$P!"967b<T$O%a%b%j>e$N=EMW$JNN0h$r>e=q$-(B
$B$9$k>u67$r>7$/$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#$3$NLdBj$rMxMQ$9$k967b$,@.(B
$B8y$7$?>l9g!"$3$N%=%U%H%&%'%"$OM=B,ITG=$J5sF0$K4Y$k2DG=@-$,$"$k!#(B

$B$3$NLdBj$O(B Ethereal 0.9.11 $B0JA0$K1F6A$r5Z$\$9!#(B

6. Ethereal PPP Dissector Integer Overflow Vulnerability
BugTraq ID: 7495
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 03 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7495
$B$^$H$a(B:

Ethereal $B$O%U%j!<$GMxMQ2DG=$J!"%*!<%W%s%=!<%9$N%M%C%H%o!<%/%H%i%U%#%C%/(B
$B2r@O%D!<%k$G$"$k!#$3$l$O(B Ethereal Project $B$K$*$$$FJ]<i$5$l$F$*$j!"B?$/(B
$B$N(B Unix $B$dMM!9$J(B Linux $BM3Mh$N(B OS$B!"$^$?F1MM$K!"(BMicrosoft Windows $B$K$*$$(B
$B$F$bF0:n$9$k%=%U%H%&%'%"$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$N(B PPP $B%W%m%H%3%k$N2r@OIt$O@0?t7e$"$U$l$K$h$k%*!<%P!<%U(B
$B%m!<$rH/@8$9$kLdBj$rJz$($F$$$k!#(B

$B$3$NLdBj$K4X$9$kL@3N$J5;=Q>\:Y$O8=;~E@$G$OL$>\$G$"$k!#K\(B BID $B$O>\:Y>pJs(B
$B$,8x3+$5$l<!Bh!"99?7M=Dj$G$"$k!#(B

$B967b<T$OFCJL$KAH$_N)$F$i$l$?%Q%1%C%H$rLdBj$rJz$($k%P!<%8%g%s$N(B PPP $B%W%m(B
$B%H%3%k$N2r<aIt$rMxMQ$9$k!"$3$N%=%U%H%&%'%"$r2TF0$5$;$F$$$k%3%s%T%e!<%?(B
$B$XAw?.$9$k$+!"0U?^E*$KAH$_N)$F$i$l$?%Q%1%C%H%H%l!<%9%U%!%$%k$rLdBj$rJz(B
$B$($k%P!<%8%g%s$N$3$N%=%U%H%&%'%"$,FI$_9~$`$h$&$K%f!<%6$rM6F3$9$k$3$H$K(B
$B$h$j!"$3$NLdBj$rMxMQ$9$k967b$r4k$F$k$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$NK\<A$+$i9M;!$9$k$J$i$P!"967b<T$O%a%b%j>e$N=EMW$JNN0h$r>e=q$-(B
$B$9$k>u67$r>7$/$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#$3$NLdBj$rMxMQ$9$k967b$,@.(B
$B8y$7$?>l9g!"$3$N%=%U%H%&%'%"$OM=B,ITG=$J5sF0$K4Y$k2DG=@-$,$"$k!#(B

$B$3$NLdBj$O(B Ethereal 0.9.11 $B0JA0$K1F6A$r5Z$\$9!#(B

7. Microsoft MN-500 Plaintext Password Disclosure Weakness
BugTraq ID: 7496
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 03 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7496
$B$^$H$a(B:

MN-500 Wireless Base Station $B$OL5@~%M%C%H%o!<%/$rMxMQ$9$k<jCJ$r2HDmFb$H(B
$B4k6HFb%M%C%H%o!<%/$K8~$1Ds6!$9$k5!4o$G$"$k!#(B

$B$3$NAuCV$O!"%j%b!<%H$N967b<T$K4IM}<T$NG'>ZMQ>pJs$rO31L$7$F$7$^$&LdBj$,(B
$BJs9p$5$l$F$$$k!#Js9p$K$h$l$P!"$3$NLdBj$O4IM}<TMQ%Q%9%o!<%I$,%P%C%/%"%C(B
$B%WMQ@_Dj%U%!%$%k$KJ?J8$GJ]B8$5$l$k$3$H$KM3Mh$7$F$$$k!#(B

$B%P%C%/%"%C%WMQ@_Dj%U%!%$%k$rF~<j2DG=$J967b<T$O!"LdBj$rJz$($kAuCV$N4IM}(B
$B<TMQ%Q%9%o!<%I$rC%<h2DG=$G$"$k!#(B

8. FlashFXP User Password Encryption Weakness
BugTraq ID: 7499
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7499
$B$^$H$a(B:

FlashFXP $B$O%/%i%$%"%s%H$H%5!<%P$N4V$G$N%U%!%$%kE>Aw$K2C$(!"%5%$%H4V$G$N(B
$BE>Aw$r9T$&(B FTP $B$N<BAu$G$"$k!#$3$l$O(B Microsoft Windows $B$GMxMQ2DG=$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$O!"I|9f2DG=$J%"%k%4%j%:%`$rMQ$$$F!"(BFTP $B%f!<%6$NG'>ZMQ(B
$B>pJs$r0E9f2=$7$F$$$k!#(BFTP $B%f!<%6$N%Q%9%o!<%I$O!"@H<e$J80$rMQ$$$k!"(BXOR
$B1i;;$K4p$E$/<jK!$rMQ$$$F0E9f2=$5$l$k!#$3$NLdBj$rMxMQ$9$k967b$K$h$j(B
sites.data $B$K%"%/%;%92DG=$J%m!<%+%k$N967b<T$O!"%j%b!<%H$N(B FTP $B%5%$%HFb(B
$B$K3JG<$5$l$F$$$k%f!<%6$NG'>ZMQ>pJs$K%"%/%;%92DG=$K$J$k2DG=@-$,$"$k!#(B

$B$J$*!"LdBj$rJz$($k%=%U%H%&%'%"$GMxMQ$5$l$F$$G'>ZMQ>pJs$,J#?t$N%5!<%S%9(B
$B$dJ#?t$N%5%$%H$G$bMxMQ$5$l$F$$$k>l9g!"967b<T$O$=$l$i$N%5!<%S%9$KBP$7$F(B
$B$b!"F1MM$KK\Mh%"%/%;%98"8B$r;}$C$F$$$J$$$K$b4X$o$i$:!"%"%/%;%92DG=$K$J(B
$B$k$H?d;!$5$l$k!#(B

9. Mod_Survey SYSBASE Disk Resource Consumption Denial of Service Vulnerability
BugTraq ID: 7498
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7498
$B$^$H$a(B:

Mod_Survey $B$O!"(BXML $B$G5-=R$5$l$?%"%s%1!<%H$dD4::$N=hM}$*$h$SI=<(5!G=$rDs(B
$B6!$9$k(B Apache $B%b%8%e!<%k$G$"$k!#$3$N%=%U%H%&%'%"$O!"(BLinux$B!"(BUnix$B!"$*$h$S(B
Microsoft Windows $B4D6-$GMxMQ2DG=$G$"$k!#(B

$BD4::%G!<%?$r3JG<$9$k$?$a$N%U%!%$%k72$X$N%"%/%;%9$,9T$o$l$k:]!"$3$N%b%8%e!<(B
$B%k$OJQ?t(B SYSBASE $B$,MxMQ$5$l$k!#$3$NJQ?t$N=i4|CM$OD4::%G!<%?$r3JG<$9$k$?(B
$B$a$N%U%!%$%k$N3JG<>l=j$G$"$j!"%-%c%C%7%e$d<A5?1~Ez$KMxMQ$5$l$k%G!<%?$r(B
$B3JG<$9$k$?$a$N!"D4::$K4XO"$9$kMM!9$J%U%!%$%k72$r3JG<$9$k$?$a$N%5%V%G%#(B
$B%l%/%H%j$r:n@.$9$k$?$a$KMxMQ$5$l$k!#$3$N%5%V%G%#%l%/%H%j$O%G!<%?$r3JG<(B
$B$9$k$?$a$N<gMW$J%j%]%8%H%j$H$7$FMxMQ$5$l$k>l=j$NG[2<$K:n@.$5$l!"E57?E*(B
$B$K$O(B /usr/local/mod_survey/data $BG[2<$K:n@.$5$l$k!#(B

$B$3$N%b%8%e!<%k$K$OB8:_$7$J$$D4::9`L\$X$N%j%/%(%9%H$N<h$j07$$$KLdBj$,B8(B
$B:_$9$k!#D4::%G!<%?$r3JG<$9$k$?$a$KMxMQ$5$l$k%U%!%$%k$,B8:_$9$k$+$I$&$+(B
$B$N3NG'A0$KJQ?t(B SYSBASE $B$K=i4|CM$,@_Dj$5$l$k$?$a!"K\MhITI,MW$J%G%#%l%/%H(B
$B%j$,:n@.$5$l$F$7$^$&$N$G$"$k!#%U%!%$%k$NB8:_3NG'=hM}$O%G%#%l%/%H%j:n@.(B
$B8e$K9T$o$l$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$K$h$j!"967b<T$O%O!<%I%G%#%9%/$N6u$-NN0h$d(B i-node
$B$N8O3i$r0U?^$9$k(B DoS $B967b$r0z$-5/$3$9$3$H$,2DG=$K$J$k!#MxMQ2DG=$J;q8;(B
$B$,>CHq$7?T$/$5$l$k7k2L!"967bBP>]$N%3%s%T%e!<%?$O%/%i%C%7%e$9$k$H?d;!$5(B
$B$l$k!#(B

$B$3$NLdBj$O(B Mod_Survey 3.0.15 $BL$K~$KB8:_$9$k$HJs9p$5$l$F$$$k!#(B

10. GNU Privacy Guard Insecure Trust Path To User ID Weakness
BugTraq ID: 7497
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7497
$B$^$H$a(B:

GNU Privacy Guard $B$O%U%j!<$+$D%*!<%W%s%=!<%9$H$7$FG[I[$5$l$F$$$k!"MM!9(B
$B$J4D6-$GF0:n2DG=$J(B PGP $B$NCV$-49$($H$J$k%=%U%H%&%'%"$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$OJ#?t$N%f!<%6(B ID $B$N?.MjEY$N<h$j07$$$KM3Mh$9$kLdBj$rJz(B
$B$($F$$$k$HJs9p$5$l$F$$$k!#Js9p$K$h$k$H!"$3$N%=%U%H%&%'%"$OJ#?t$N%f!<%6(B
ID $B$,@_Dj$5$l$?8x3+80$K$*$$$F!"3F8D?M(B ID $B$KIUM?$5$l$??.MjEY$N<1JL$,IT==(B
$BJ,$G$"$k!#IUM?$5$l$k?.MjEY$OA4(B ID $B$KBP$7F10l$G$"$j!"3:Ev$N8x3+80$K$*$1(B
$B$k:G$b?.MjEY$N9b$$(B ID $B$N?.MjEY$H$J$k!#(B

$B7k2L$H$7$F:G$b?.Mj$5$l$F$$$k(B ID $B$H$7$F?.Mj$5$l$F$$$k(B ID $B$r4^$`80$K4XO"(B
$B$E$1$i$l$F$$$k!"?.Mj$5$l$F$$$J$$%f!<%6(B ID $B$,@5Ev$H$7$F8+$J$5$l$k$3$H$K(B
$B$J$j!"$3$N:]!"%G!<%?$O$J$s$i7Y9p$rH/$;$i$l$:$K?.Mj$5$l$F$$$J$$(B ID $B$K$h$C(B
$B$FI|9f$5$l$k!#$^$?!"$3$NLdBj$rMxMQ$9$k967b$K$h$j!"?.Mj$9$k%f!<%68~$1$K(B
$BG[I[$5$l$k$3$H$rA[Dj$5$l$?>pJs$,O31L$9$k2DG=@-$,$"$k!#$^$?!"$3$NLdBj$r(B
$BMQ$$$kB>$N967b$b2DG=$G$"$k$H?d;!$5$l$k!#(B

11. MySQL Weak Password Encryption Vulnerability
BugTraq ID: 7500
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7500
$B$^$H$a(B:

MySQL $B$O%*!<%W%s%=!<%9$G%j%l!<%7%g%J%k%G!<%?%Y!<%9$r3+H/$9$k%W%m%8%'%/(B
$B%H$N@.2LJ*$G$"$j!"(BMicrosoft Windows$B!"(BLinux $B$*$h$S(B Unix $BM3Mh$N%7%9%F%`$G(B
$BMxMQ2DG=$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$O@H<e$J%Q%9%o!<%I0E9f2=%"%k%4%j%:%`$rMx(B
$BMQ$7$F$$$kLdBj$rJz$($F$$$k!#(BMySQL $BMQ%"%+%&%s%H$KMxMQ$5$l$k%Q%9%o!<%I$r(B
$B0E9f2=$9$k$?$a$KMxMQ$5$l$k(B MySQL $B$KHw$o$C$F$$$C$F$$$k4X?t$O%Q%9%o!<%I$N(B
$B0E9f2==hM}$r0lEY$7$+9T$C$F$$$J$/!"$^$?!":8%7%U%H1i;;$K4p$E$/0B0W$J0E9f(B
$B2=<jK!$rMxMQ$7$F$$$k!#$3$N4X?t$K$h$j@8@.$5$l$?%Q%9%o!<%I$N%O%C%7%e$ODc(B
$B$$%(%s%H%m%T!<$G$"$k$?$a!"%O%C%7%e$N@8@.$KMxMQ$5$l$F$$$k@H<e$J%"%k%4%j(B
$B%:%`$N85$KF10l$N%O%C%7%eCM$r8+$D$1=P$7!"$=$3$+$i%Q%9%o!<%I$NJ?J8$r?dB,(B
$B$9$kAmEv$j967b<jK!(B (bruteforce method) $B$rMQ$$!"C;$$;~4V$GJ?J8$,2rFI$5$l(B
$B$k2DG=@-$,$"$k!#(B

$B967b<T$O!"$3$NJ}K!$K$h$jC%<h$7$?>pJs$rMQ$$$F!"$3$N%=%U%H%&%'%"$rF0:n$5(B
$B$;$F$$$k%3%s%T%e!<%?$KBP$9$k!"$5$i$J$k967b$r;E3]$1$k2DG=@-$,$"$k!#(B

12. CommuniGate Pro Webmail Session Hijacking Vulnerability
BugTraq ID: 7501
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7501
$B$^$H$a(B:

CommuniGate Pro $B$O%$%s%?!<%M%C%H%a%C%;!<%8%5!<%P$G$"$k!#$3$N%=%U%H%&%'(B
$B%"$O(B HTTP $B$rMQ$$$F%a!<%k%\%C%/%9$X$N%"%/%;%9<jCJ$rDs6!$9$k!"(BWebmail $B%5!<(B
$B%S%9$rF1:-$7$F$$$k!#$3$N%=%U%H%&%'%"$O!"(BUNIX $B$*$h$S(B Linux $BM3Mh$N(B OS$B!"(B
Micorosot Windows $B4D6-$r4^$`B?$/$N%W%i%C%H%U%)!<%`$GMxMQ2DG=$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$O%;%C%7%g%s$r>h$C<h$i$l$F$7$^$&LdBj(B
(session hijacking vulnerability) $B$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj$O!"(B
$B967bBP>]$N%f!<%6$,(B HTML $B7A<0$N(B Webmail $B$KAH$_9~$^$l$?2hA|$"$k$$$OF1<o$N(B
$B;q8;$r1\Mw$7$?:]$K@8$8$k!#6qBNE*$K$O!"$3$N%=%U%H%&%'%"$G;HMQ$5$l$F$$$k(B
$B8=:_$N%;%C%7%g%s(B ID $B$,!"0-0U$"$kEE;R%a!<%k$KAH$_9~$^$l$?2hA|$rMW5a$9$k(B
$B$?$a$K@8@.$5$l$k(B HTTP $B%j%/%(%9%HCf$G(B HTTP $B%X%C%@$N(B 'referrer' $B%U%#!<%k(B
$B%I$H$7$FAw?.$5$l$F$7$^$&!#(B

$B967b<T$O!"(BHTTP $B%X%C%@$rK5<u$7(B 'referrer' $B%U%#!<%k%I$K<($5$l$F$$$k(B URL
$B>pJs$r<h$j=P$92DG=@-$,$"$k!#7k2L$H$7$F!"967b<T$O<h$j=P$5$l$?(B URL $B$K%"%/(B
$B%;%9$7!"8=:_$N%f!<%6%;%C%7%g%s$r>h$C<h$k2DG=@-$,$"$k!#(B

13. Mirabilis ICQ POP3 Client UIDL Command Format String Vulnerability
BugTraq ID: 7461
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7461
$B$^$H$a(B:

Mirabilis ICQ $B$O!"(BMicrosoft Windows$B!"(BMacOS$B!"$*$h$S(B Palm $B4D6-$r4^$`!"B?(B
$B$/$N%W%i%C%H%U%)!<%`$GMxMQ2DG=$J%$%s%9%?%s%H%a%C%;!<%8%/%i%$%"%s%H$G$"(B
$B$k!#$3$N%=%U%H%&%'%"$OEE;R%a!<%k$rMxMQ$7$?DL?.$K;HMQ$5$l$k!"E}9g(B POP3
$B%/%i%$%"%s%H5!G=$rDs6!$7$F$$$k!#$3$N5!G=$O!"(BPOP3.dll $B%i%$%V%i%j$KAH$_9~(B
$B$^$l$?(B COM $B%*%V%8%'%/%H$G$"$k!#(B

$BDL>o!"(BPOP3 $B%/%i%$%"%s%H$,@8@.$9$k3F%a%C%;!<%8$K$O!"3F%5!<%P$K$h$C$F7hDj(B
$B$5$l$k0l0U$J<1JLJ8;zNs(B ($BNc$($P(B UIDL $B%3%^%s%I$GMxMQ$5$l$k(B) $B$,IUM?$5$l$k!#(B
$B$3$N<1JLHV9f$O@)8B$5$l$?J8;z%;%C%H$rMQ$$!":GBg(B 70 $B%P%$%H$G9=@.$5$l$k!#(B

$B$3$N(B POP3 $B%/%i%$%"%s%H$K$O!"<1JLJ8;zNs$N<h$j07$$$K$*$1$k!"=q<0;XDj;R$r(B
$B4^$`J8;zNs$N<h$j07$$$KM3Mh$9$kLdBj(B (format string vulnerability) $B$,H/8+(B
$B$5$l$F$$$k!#$3$NLdBj$O!"(BUIDL $B%3%^%s%I$KBP$9$k%5!<%P%l%9%]%s%9$G$NJ8;zNs(B
$B$N=hM}$KMQ$$$i$l$k4X?t$KB8:_$9$k!"%W%m%0%i%_%s%0>e$NITHw$K5/0x$7$F@8$8(B
$B$k$H?d;!$5$l$k!#(B

$B967b<T$O@5Ev$J(B POP3 $B%5!<%P$K@.$j$9$^$9$3$H$K$h$j!"LdBj$rJz$($k(B POP3 $B%/(B
$B%i%$%"%s%H08$FEE;R%a!<%k$N0l0U$J<1JLHV9f$KAH$_9~$^$l$k$h$&$K!"0-0U$"$k(B
$B=q<0;XDj;R$r4^$`J8;zNs$rAw?.$9$k2DG=@-$,$"$k!#EE;R%a!<%k%X%C%@$,=hM}$5(B
$B$l$k:]$K!"$3$N0-0U$"$k=q<0;XDj;R$,2r<a$5$l$k2DG=@-$,$"$k!#$3$NLdBj$rMx(B
$BMQ$9$k967b$N7k2L$H$7$F!"%a%b%jFb$N=EMW$JNN0h$r=q$-49$(2DG=$G$"$k$H?d;!(B
$B$5$l$k!#$3$NLdBj$rMxMQ$9$k967b$K$h$j!":G=*E*$K$O967b<T$K$h$C$FM?$($i$l(B
$B$k%3!<%I$,<B9T$5$l$k7k2L$r>7$/$H9M$($i$l$k!#(B

14. Mirabilis ICQ POP3 Client Subject Field Signed Integer Overflow Vulnerability
BugTraq ID: 7462
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7462
$B$^$H$a(B:

Mirabilis ICQ $B$O!"(BMicrosoft Windows$B!"(BMacOS$B!"$*$h$S(B Palm $B4D6-$r4^$`!"B?(B
$B$/$N%W%i%C%H%U%)!<%`$GMxMQ2DG=$J%$%s%9%?%s%H%a%C%;!<%8%/%i%$%"%s%H$G$"(B
$B$k!#$3$N%=%U%H%&%'%"$OEE;R%a!<%k$rMxMQ$7$?DL?.$K;HMQ$5$l$k!"E}9g(B POP3
$B%/%i%$%"%s%H5!G=$rDs6!$7$F$$$k!#$3$N5!G=$O!"(BPOP3.dll $B%i%$%V%i%j$KAH$_9~(B
$B$^$l$?(B COM $B%*%V%8%'%/%H$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N(B POP3 $B%/%i%$%"%s%H$K$O967b<T$K$h$C$FM?$($i$l$?0U?^E*(B
$B$J%3!<%I$,<B9T$5$l$kLdBj$rJz$($kLdBj$,B8:_$9$k!#(B

$B$3$NLdBj$O!"FCDj$NEE;R%a!<%k%X%C%@%U%#!<%k%I$ND9$5$KBP$9$kBEEv@-3NG'$r(B
$B9T$&:]$K!"$3$N(B POP3 $B%/%i%$%"%s%H$K$h$C$F9T$o$l$k6-3&%A%'%C%/$,IT==J,$G(B
$B$"$k$3$H$K5/0x$9$k!#6qBNE*$K$O!"(B'Subject' $B%X%C%@$N%X%C%@D9$O!"(B16 $B%S%C%H(B
$B$NId9fIU$-@0?t$K3JG<$5$l$k!#7k2L$H$7$F!"(B'Subject' $B%U%#!<%k%I$K2aBg$J%G!<(B
$B%?$rM?$($k$3$H$K$h$C$F!"$3$NId9fIU$-@0?t$r%i%C%W$5$;!"Ii$NCM$K$9$k$3$H(B
$B$,2DG=$G$"$k$H?d;!$5$l$k!#(B

$B967b<T$O!"(B33000 $BJ8;z0J>e$NHs>o$KD9$$(B 'Subject' $B%X%C%@$r;}$DEE;R%a!<%k$r(B
$BAH$_N)$F!"$=$l$r967bBP>]$N%f!<%6$KAw?.$9$k$3$H$K$h$C$F!"$3$NLdBj$rMxMQ(B
$B$9$k967b$r<B9T2DG=$G$"$k!#$3$NLdBj$rMxMQ$9$k967b$N7k2L$H$7$F!"LdBj$rJz(B
$B$($k%=%U%H%&%'%"Fb$GA[Dj$5$l$F$$$J$$1i;;=hM}$r9T$o$;$k$3$H$,2DG=$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"967b<T$O0-0U$"$kCM$K$h$C$F%a%b%j(B
$BFb$N=EMW$JCM$r>e=q$-$7!"7k2L$H$7$F%/%i%$%"%s%H$OL$Dj5A$NNc30=hM}$r@8$8(B
$B$?8e$K%/%i%C%7%e$7$F$7$^$&$N$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$K$h$j!"967b<T$K$h$C$FM?$($i$l$?%3!<%I$N<B9T$,0z(B
$B$-5/$3$5$l$k2DG=@-$bA[Dj$5$l$k!#(B

$B$3$NLdBj$O!"(BMirabilis ICQ 2003a $B0JA0$KB8:_$9$k$HJs9p$5$l$F$$$k!#(B

15. Mirabilis ICQ Features On Demand Remote Command Execution Vulnerability
BugTraq ID: 7464
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7464
$B$^$H$a(B:

Mirabilis ICQ $B$O!"(BMicrosoft Windows $B4D6-$r4^$a!"B?$/$NF0:n4D6-$GMxMQ2D(B
$BG=$J%$%s%9%?%s%H%a%C%;!<%8%/%i%$%"%s%H$G$"$k!#(B

Mirabilis ICQ Features on Demand $B$O!"(BMirabilis ICQ Phone $B$d(BMirabilis ICQ
Web Search $B$H$$$C$?(B ICQ $BMQ%"%I%*%s%/%i%$%"%s%H%=%U%H%&%'%"$N%@%&%s%m!<(B
$B%I$*$h$S%$%s%9%H!<%k5!G=$rDs6!$9$k!#(B

Features on Demand $B$O!"%"%I%*%s%=%U%H%&%'%"$N%$%s%9%H!<%k%Q%C%1!<%8$r<h(B
$BF@$9$k:]!"%O!<%I%3!<%F%#%s%0$5$l$?(B URL $B$rMQ$$$k!#$3$N(B URL $B$O(B Packages.ini
$B%U%!%$%kFb$N(B [General] $B%X%C%@0J2<$K3JG<$5$l$F$$$k!#(B

Features on Demand $B$O<B9T;~$KE,@Z$J%Q%C%1!<%8$r%@%&%s%m!<%I$9$k$?$a!";X(B
$BDj$5$l$?(B URL $B$X$N@\B3$r;n$_$k$,!"%@%&%s%m!<%I$9$k%Q%C%1!<%8$KBP$9$kBEEv(B
$B@-$N3NG'$rBU$C$F$$$k!#$3$N$?$a!"0-0U$"$k%f!<%6$O(B DNS $B1x@w967b(B (DNS
poisoning attack) $B$J$I$N967b$rMxMQ$7$F!"%Q%C%1!<%8$NG[I[85$N@.$j$9$^$7(B
$B$,2DG=$K$J$k$H?d;!$5$l$k!#$3$N(B ICQ $B%/%i%$%"%s%H$K$h$C$F%@%&%s%m!<%I$5$l(B
$B$k0-0U$"$k%Q%C%1!<%8$O!"$3$N%=%U%H%&%'%"$N<B9T8"8B$HF13J$N8"8B$G<B9T$5(B
$B$l$k!#(B

Features on Demand $B$O(B ICQ 2002a $B$+$i4^$^$l$k5!G=$G$"$j!"$3$l0J9_$N%P!<(B
$B%8%g%s$G$bMxMQ2DG=$G$"$k!#(B

16. Mirabilis ICQ GIF Parsing Denial Of Service Vulnerability
BugTraq ID: 7466
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7466
$B$^$H$a(B:

Mirabilis ICQ $B$O!"(BMicrosoft Windows $B4D6-$r4^$a!"B?$/$NF0:n4D6-$GMxMQ2D(B
$BG=$J%$%s%9%?%s%H%a%C%;!<%8%/%i%$%"%s%H$G$"$k!#(B

Mirabilis ICQ $B$O(B GIF $B2hA|Fb$K4^$^$l$k(B GIF89a $B7A<0%X%C%@$N=hM};~$K!"(BDoS
$B>uBV$K4Y$kLdBj$rJz$($F$$$k!#$3$l$O$3$N%/%i%$%"%s%H$KHw$o$j!"(BGIF $B7A<0$N(B
$B2hA|$N2r<a$dI=<($KMxMQ$5$l$F$$$k(B icqateimg32.dll $B$G@8$8$k!#(B

$B$3$NLdBj$O(B GIF $B7A<0$N2hA|$,$3$N%i%$%V%i%jFb$GI|9f$5$l$kJ}K!$KB8:_$9$k8m(B
$B$j$KM3Mh$7$F$$$k!#$3$N%i%$%V%i%j$,(B GIF $B%U%!%$%k$NI|9f2=$r;n$_$k:]!"(BGCT
(Global Color Table) $B$^$?$O(B LCT (Local Color Table) $B$,(B GIF89a $B7A<0%X%C(B
$B%@Fb$KB8:_$9$k$3$H$r2>Dj$7$F$$$k!#%X%C%@Fb$K$3$l$i$N%F!<%V%k$,B8:_$7$J(B
$B$$>l9g$K$3$N%i%$%V%i%j$,3:Ev$N(B GIF $B%U%!%$%k$N2r<a$r;n$_$k:]$KLdBj$,@8$8(B
$B$k$N$G$"$k!#$3$NLdBj$K$h$j!"$3$N%=%U%H%&%'%"$O%/%i%C%7%e$7!"7k2L$H$7$F(B
DoS $B>uBV$K4Y$k!#(B

$B967b<T$O!"$3$N(B GIF $B2r@O$*$h$S2r<a%i%$%V%i%j$K$h$j=hM}$5$l$k$h$&$K!"FCJL(B
$B$KAH$_N)$F$i$l$?%X%C%@$r;}$D(B GIF $B%U%!%$%k$r0z$-EO$9$3$H$K$h$j!"$3$NLdBj(B
$BMxMQ$9$k967b$r4k$F$k$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#(B

17. Mirabilis ICQ Message Session Window Denial Of Service Vulnerability
BugTraq ID: 7465
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7465
$B$^$H$a(B:

Mirabilis ICQ $B$O!"(BMicrosoft Windows$B!"(BMacOS$B!"$*$h$S(B Palm $B4D6-$r4^$`!"B?(B
$B$/$N%W%i%C%H%U%)!<%`$GMxMQ2DG=$J%$%s%9%?%s%H%a%C%;!<%8%/%i%$%"%s%H$G$"(B
$B$k!#(B

ICQ $B%a%C%;!<%8%&%#%s%I%&(B ($B%a%C%;!<%8%;%C%7%g%s(B) $B$N3F!9$O!"%/%i%$%"%s%H(B
$B$,%j%/%(%9%H$9$k9-9p>pJs$r(B ADS $B%5!<%P$+$i<u?.$7$FI=<($7$F$$$k!#$3$l$i$N(B
$B9-9p>pJs$O(B ADS $B%5!<%P$KBP$7%i%s%@%`$J(B HTML $B%U%!%$%k$rMW5a$9$k!"0U?^E*$K(B
$BAH$_N)$F$i$l$?(B HTTP $B%j%/%(%9%H$r@8@.$9$k$3$H$K$h$C$F<hF@$5$l$k!#(B
$B$3$N(B HTTP $B%j%/%(%9%H$O%i%s%@%`$J%U%!%$%kL>$rMW5a$7$F$O$$$k$,!"FCDj$N(B URL
$B$KBP$7$F$N$_9T$o$l$F$$$k!#(B

$B$7$+$7!"$3$N0lO"$NDL?.$N:]$K(B ICQ $B%/%i%$%"%s%H$H(B ADS $B%5!<%P4V$NG'>Z$O9T(B
$B$o$l$F$$$J$$$N$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$,9-9p%3!<%I$N=hM}$KMQ$$$k(B HTML $B2r<a%i%$%V%i%j$K$O(B DoS
$B>uBV$K4Y$kLdBj$,H/8+$5$l$F$$$k!#$3$NLdBj$O!"$3$N%i%$%V%i%j$,0-0U$"$k(B HTML
<table> $B%?%0$NFCDj$NB0@-$rE,@Z$K=hM}$7$J$$$3$H$K5/0x$7$F@8$8$k!#6qBNE*(B
$B$K$O!"(B'width' $BB0@-$NCM$,(B '-1' $B$N(B <table> $B%?%0$,(B DoS $B>uBV$r0z$-5/$3$9!#(B
$B$3$N<o$N0-0U$"$k(B HTML $B$r2r<a$9$k:]!"LdBj$rJz$($k%=%U%H%&%'%"$O%U%j!<%:(B
$B$7!"$^$?!"$3$N%=%U%H%&%'%"$r2TF0$5$;$F$$$k%3%s%T%e!<%?$N(B CPU $B;HMQN($O(B
100 $B%Q!<%;%s%H$^$G>e>:$9$k!#(B

$B9-9p$r<hF@$9$k:]$NG'>Z$,IT==J,$G$"$k$3$H$+$i!"967b<T$O$3$NLdBj$r967b2D(B
$BG=$G$"$k$H?d;!$5$l$k!#(BADS $B%5!<%P$K@.$j$9$^$9$3$H$K$h$C$F!"(BICQ $B%/%i%$%"(B
$B%s%H$N%j%/%(%9%H$r967b<T$N4IM}2<$K$"$k%5!<%P$KBP$7$F9T$o$;$k$3$H$,2DG=(B
$B$G$"$k$H?d;!$5$l$k!#$3$N7k2L!"%a%C%;!<%8%;%C%7%g%s$K$F0-0U$"$k(B HTML $B9-(B
$B9p$,2r<a$5$l$k2DG=@-$,$"$k!#(B

18. Mirabilis ICQ POP3 Client Date Field Signed Integer Overflow Vulnerability
BugTraq ID: 7463
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7463
$B$^$H$a(B:

Mirabilis ICQ $B$O!"(BMicrosoft Windows$B!"(BMacOS$B!"$*$h$S(B Palm $B4D6-$r4^$`!"B?(B
$B$/$N%W%i%C%H%U%)!<%`$GMxMQ2DG=$J%$%s%9%?%s%H%a%C%;!<%8%/%i%$%"%s%H$G$"(B
$B$k!#$3$N%=%U%H%&%'%"$OEE;R%a!<%k$rMxMQ$7$?DL?.$K;HMQ$5$l$k!"E}9g(B POP3
$B%/%i%$%"%s%H5!G=$rDs6!$7$F$$$k!#$3$N5!G=$O!"(BPOP3.dll $B%i%$%V%i%j$KAH$_9~(B
$B$^$l$?(B COM $B%*%V%8%'%/%H$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N(B POP3 $B%/%i%$%"%s%H$K$O967b<T$K$h$C$FM?$($i$l$?0U?^E*(B
$B$J%3!<%I$,<B9T$5$l$kLdBj$rJz$($F$$$k!#(B

$B$3$NLdBj$O!"FCDj$NEE;R%a!<%k%X%C%@%U%#!<%k%I$ND9$5$KBP$9$kBEEv@-3NG'$r(B
$B9T$&:]$K!"$3$N(B POP3 $B%/%i%$%"%s%H$K$h$C$F9T$o$l$k6-3&%A%'%C%/$,IT==J,$G(B
$B$"$k$3$H$K5/0x$9$k!#6qBNE*$K$O!"(B'Date' $B%X%C%@$N%X%C%@D9$O!"(B16 $B%S%C%H$N(B
$BId9fIU$-@0?t$K3JG<$5$l$k!#7k2L$H$7$F!"(B'Date' $B%U%#!<%k%I$K2aBg$J%G!<%?$r(B
$BM?$($k$3$H$K$h$C$F!"$3$NId9fIU$-@0?t$r%i%C%W$5$;!"Ii$NCM$K$9$k$3$H$,2D(B
$BG=$G$"$k$H?d;!$5$l$k!#(B

$B967b<T$O!"(B32000 $B%P%$%H0J>e$NHs>o$KD9$$(B 'Date' $B%X%C%@$r;}$DEE;R%a!<%k$r(B
$BAH$_N)$F!"$=$l$r967bBP>]$N%f!<%6$KAw?.$9$k$3$H$K$h$C$F!"$3$NLdBj$rMxMQ(B
$B967b$r<B9T2DG=$G$"$k!#$3$NLdBj$rMxMQ$9$k967b$N7k2L$H$7$F!"LdBj$rJz$($k(B
$B%=%U%H%&%'%"Fb$GA[Dj$5$l$F$$$J$$1i;;=hM}$r9T$o$;$k$3$H$,2DG=$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"967b<T$O0-0U$"$kCM$K$h$C$F%a%b%j(B
$BFb$N=EMW$JCM$r>e=q$-$7!"7k2L$H$7$F%/%i%$%"%s%H$OL$Dj5A$NNc30=hM}$rH/9T(B
$B$7$?8e$K%/%i%C%7%e$7$F$7$^$&$N$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$K$h$j!"967b<T$K$h$C$FM?$($i$l$?%3!<%I$N<B9T$,0z(B
$B$-5/$3$5$l$k2DG=@-$bA[Dj$5$l$k!#(B

$B$3$NLdBj$O!"(BMirabilis ICQ 2003a $B0JA0$KB8:_$9$k$HJs9p$5$l$F$$$k!#(B

19. Microsoft Internet Explorer DHTML AnchorClick Partial Denial Of Service Vulnerability
BugTraq ID: 7502
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 05 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7502
$B$^$H$a(B:

Microsoft Internet Explorer $B$OFCDj$N(B DHTML $B$N%*%V%8%'%/%H$r=hM}$9$k:]!"(B
DoS $B>uBV$K4Y$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#(B

$BJs9p$K$h$k$H!"(BDHTML $B$N(B 'A' $B$*$h$S(B 'AnchorClick' $B%*%V%8%'%/%H$r;HMQ$9$k(B
$B:]!"967b<T$O(B HREF $B7A<0$N(B URL $B%j%s%/$r;H$o$:$K%U%)%k%@$r;XDj$9$k2DG=@-$,(B
$B$"$k!#(B
'AnchorClick' $B$O(B DHTML $B$NI8=`;EMM$NHO0OFb$G$"$k$,!"967b<T$,$3$N%U%#!<%k(B
$B%I$,6u$N$^$^$N%j%s%/$rITMQ?4$J%f!<%6$XM?$($F0-0U$"$k%j%s%/$rC)$i$;$?>l(B
$B9g!"$3$N%=%U%H%&%'%"$O(B DoS $B>uBV$K4Y$k!#$3$NLdBj$O(B null $B%]%$%s%?$K%"%/%;(B
$B%9$7$h$&$H$9$k;n$_$N$?$a$K!"L$Dj5A$NNc30=hM}$,@8$8$k$k7k2L$G$"$k$H?d;!(B
$B$5$l$k!#(B

$B$3$NLdBj$O%"%/%F%#%V$J(B Internet Explorer $B%&%#%s%I%&$K$N$_1F6A$7!"$=$l0J(B
$B30$N(BInternet Explorer $B%&%#%s%I%&(B $B$K1F6A$O$J$$$H8+$i$l$F$$$k!#(B

$B$3$NLdBj$O(B Internet Explorer 6.0 SP1 $B$,1F6A$r<u$1$k$HJs9p$5$l$F$$$k$,!"(B
$B$3$l$h$jA0$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$kE@$ON10U$5$l$k$Y$-$G$"$k!#(B

20. Youbin HOME Buffer Overflow Vulnerability
BugTraq ID: 7503
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: May 06 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7503
$B$^$H$a(B:

youbin $B$O(B biff $B$N8e7Q$H$7$F@_7W$5$l$?%M%C%H%o!<%/>e$GMxMQ2DG=$J%a!<%kCe(B
$B?.DLCN%=%U%H%&%'%"$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$K$O%m!<%+%k$+$i967b2DG=$J%P%C%U%!%*!<%P!<(B
$B%U%m!<$NLdBj$,B8:_$9$k!#$3$NLdBj$O4D6-JQ?t(B HOME $B$N=hM}$K4X78$7$F$$$k!#(B

$B6qBNE*$K$O!"BgNL$N%G!<%?$r4^$`4D6-JQ?t(B HOME $B$r=hM}$9$k:]$KFbIt%a%b%j%P%C(B
$B%U%!$,0n$l$k2DG=@-$,$"$k!#$3$NLdBj$O967b<T$K$h$C$FLdBj$N860x$H$J$k%P%C(B
$B%U%!$K6a@\$7$?%a%b%jNN0h$rGK2u$9$k$?$a$KMxMQ$5$l$k2DG=@-$,$"$k!#(B

$BLdBj$N860x$H$J$k%P%C%U%!$K6a@\$7$?%a%b%jNN0h$K$O%W%m%0%i%`$N<B9T<j=g$r(B
$B@)8f$9$k$?$a$KMxMQ$5$l$k!"Hs>o$K=EMW$JCM$,3JG<$5$l$F$$$k2DG=@-$,$"$k$?(B
$B$a!"7k2L$H$7$F967b<T$O$3$N%=%U%H%&%'%"$N%W%m%;%9$N<B9T8"8B!"E57?E*$K$O(B
root $B8"8B$G0U?^E*$J%3!<%I$r<B9T2DG=$K$J$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$O(B youbin 3.4 $B$KB8:_$9$k$HJs9p$5$l$F$$$k$,!"$3$l0JA0$N%P!<%8%g(B
$B%s$bF1MM$NLdBj$rJz$($k2DG=@-$,$"$kE@$K$ON10U$9$Y$-$G$"$k!#(B

21. Leksbot Multiple Unspecified Vulnerabilities
BugTraq ID: 7505
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: May 06 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7505
$B$^$H$a(B:

Leksbot $B$O%U%j!<$KMxMQ2DG=$J?"J*3XMQ8l$N<-=q$G$"$k!#$3$l$O(B Microsoft
Windows$B!"(BLinux $B$r4^$`MM!9$J4D6-$GMxMQ2DG=$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$K$OJ#?t$NLdBj$,Js9p$5$l$F$$$k!#$3$l$i$NLdBj$NL@3N$JK\(B
$B<A$O8=;~E@$G$OL$>\$G$"$k$,!"$3$NLdBj$rMxMQ$7$?967b$K$h$j967b<T$O8"8B>:(B
$B3J$,2DG=$G$"$k$H?d;!$5$l$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$r%$%s%9%H!<%k$7$?$$$/$D$+$N4D6-$G$O!"K\(B
$BMhITI,MW$J(B setuid root $B$,(B /usr/bin/KATAXWR $B$K@_Dj$5$l$k!#$3$N$h$&$K@_Dj(B
$B$5$l$F$$$k%7%9%F%`$G$O!"967b<T$,(B root $B8"8B$rC%<h2DG=$J%;%-%e%j%F%#>e$N(B
$B%j%9%/$rJz$($F$$$k5?$$$,$"$k!#(B

$B$3$l$i$NLdBj$O(B Debian $B$K$3$N%=%U%H%&%'%"$r%$%s%9%H!<%k$7$?4D6-$K1F6A$r(B
$B5Z$\$9$3$H$,3NG'$5$l$F$$$k!#L$8!>Z$G$O$"$k$,!"$=$NB>$N%7%9%F%`$X%$%s%9(B
$B%H!<%k$5$l$?>l9g$b$3$NLdBj$rJz$($F$$$k5?$$$,$"$k!#(B

$BK\(B BID $B$O$5$i$J$k>pJs$,8x3+$5$l<!Bh!"99?7M=Dj$G$"$k!#(B

22. Siemens Mobile Phones %IMG_NAME Denial Of Service Vulnerability
BugTraq ID: 7507
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 06 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7507
$B$^$H$a(B:

Siemens $B<R$N7HBSEEOC$O!"(BSMS $B%a%C%;!<%8$KE:IU$5$l$?0U?^E*$KAH$_N)$F$i$l(B
$B$?2hA|$r=hM}$9$k:]$K%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$k!#Js9p$K$h$k$H!"$3(B
$B$NLdBj$O6-3&%A%'%C%/$KM3Mh$9$kLdBj(B (boundary condition error) $B$K5/0x$9(B
$B$k!#(B

$B2hA|E:IU%U%!%$%k$N@5$7$$=q<0$O!"(BIMG_NAME $B$rE:IU$5$l$k2hA|$N%U%!%$%kL>$H(B
$B$9$k$H!"(B"%IMG_NAME" $B$G$"$k!#(BIMG_NAME $B$NCM$,(B 157 $BJ8;z$G$"$C$?>l9g!"$3$N(B
$BLdBj$,@8$8$k!#$3$N$h$&$K0U?^E*$J(B SMS $B%a%C%;!<%8$r<u$1<h$k$H%5!<%S%9ITG=(B
$B>uBV$K4Y$k2DG=@-$,$"$j!"$3$l$K$h$j7HBSEEOC$,DL?.ITG=$K$J$k!#$^$?!"%f!<(B
$B%6$O<u?.%\%C%/%9(B (INBOX) $B$K%"%/%;%9ITG=$K$J$k$H$bJs9p$5$l$F$$$k!#$3$NLd(B
$BBj$O!"%f!<%6$,LdBj$rJz$($k(B Siemens $B<R$N7HBSEEOC$+$i0U?^E*$KAH$_N)$F$i$l(B
$B$?%a%C%;!<%8$rAw?.$9$k>l9g$bF1MM$KH/@8$9$k2DG=@-$,$"$kE@$ON10U$9$Y$-$G(B
$B$"$k!#(B

$B$3$NLdBj$O!"(BSiemens $B<R$N(B *45 $B%7%j!<%:$N7HBSEEOC$KB8:_$9$k$HJs9p$5$l$F$$(B
$B$k$,!"B>5!<o$K$*$$$F$b1F6A$r<u$1$k2DG=@-$,$"$k!#(B

23. Floosietek FTGate PRO SMTP MAIL FROM Buffer Overflow Vulnerability
BugTraq ID: 7506
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 06 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7506
$B$^$H$a(B:

Floosietek FTGate PRO $B$O!"(BMicrosoft Windows $B8~$1$N%a!<%k%5!<%P$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$K$O%P%C%U%!%*!<%P!<%U%m!<$,@8$8$kLdBj$,(B
$BB8:_$9$k!#$3$NLdBj$O$3$N%=%U%H%&%'%"$,Hs>o$KD9$$0z?t$rH<$&(B SMTP $B%3%^%s(B
$B%I(B 'MAIL FROM' $B$r=hM}$7$h$&$H$9$k:]$KH/@8$9$k!#6qBNE*$K8@$&$H!"$3$N%=%U(B
$B%H%&%'%"$,(B 'MAIL FROM' $B$N0z?t$H$7$F(B 2017 $BJ8;z0J>e$NJ8;zNs$+$i$J$k0-0U$"(B
$B$kEE;R%a!<%k%"%I%l%9$r=hM}$9$k:]$K!"$3$N%=%U%H%&%'%"$O%/%i%C%7%e$7$F$7(B
$B$^$&!#$3$l$O!"Nc30%O%s%I%i$,IT@5$KMxMQ$5$l$k$3$H$K5/0x$9$k$HJs9p$5$l$F(B
$B$$$k!#L$8!>Z$G$"$k$,!"$3$NLdBj$NK\<A$+$i9M;!$9$k$H!"$3$NLdBj$rMxMQ$7$?(B
$B967b$K$h$j!"967b<T$K$h$C$FM?$($i$l$?0U?^E*$J%3!<%I$,(B SYSTEM $B8"8B$G<B9T(B
$B2DG=$G$"$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$O!"(BFTGate PRO 1.22 Hotfix (1328) $B$KB8:_$9$k$HJs9p$5$l$F$$$k$,!"(B
$B$3$l0JA0$N%P!<%8%g%s$X$b1F6A$,5Z$V2DG=@-$,$"$k!#(B

24. Floosietek FTGate PRO SMTP RCPT TO Buffer Overflow Vulnerability
BugTraq ID: 7508
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: May 06 2003 12:00AM
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/7508
$B$^$H$a(B:

Floosietek FTGate PRO $B$O!"(BMicrosoft Windows $B8~$1$N%a!<%k%5!<%P$G$"$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$K$O%P%C%U%!%*!<%P!<%U%m!<$,@8$8$kLdBj$,(B
$BB8:_$9$k!#$3$NLdBj$O$3$N%=%U%H%&%'%"$,Hs>o$KD9$$0z?t$rH<$&(B SMTP $B%3%^%s(B
$B%I(B 'RCPT TO' $B$r=hM}$7$h$&$H$9$k:]$KH/@8$9$k!#6qBNE*$K8@$&$H!"$3$N%=%U(B
$B%H%&%'%"$,(B 'RCPT TO' $B$N0z?t$H$7$F(B 2017 $BJ8;z0J>e$NJ8;zNs$+$i$J$k0-0U$"(B
$B$kEE;R%a!<%k%"%I%l%9$r=hM}$9$k:]$K!"$3$N%=%U%H%&%'%"$O%/%i%C%7%e$7$F$7(B
$B$^$&!#$3$l$O!"Nc30%O%s%I%i$,IT@5$KMxMQ$5$l$k$3$H$K5/0x$9$k$HJs9p$5$l$F(B
$B$$$k!#L$8!>Z$G$"$k$,!"$3$NLdBj$NK\<A$+$i9M;!$9$k$H!"$3$NLdBj$rMxMQ$7$?(B
$B967b$K$h$j!"967b<T$K$h$C$FM?$($i$l$?0U?^E*$J%3!<%I$,(B SYSTEM $B8"8B$G<B9T(B
$B2DG=$G$"$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$O!"(BFTGate PRO 1.22 Hotfix (1328) $B$KB8:_$9$k$HJs9p$5$l$F$$$k$,!"(B
$B$3$l0JA0$N%P!<%8%g%s$X$b1F6A$,5Z$V2DG=@-$,$"$k!#(B

III. SECURITYFOCUS NEWS AND COMMENTARY
--------------------------------------
1. 'Banned' Xbox Hacking Book Selling Fast
$BCx<T(B:  Kevin Poulsen

$B5;=Q=PHG6H<T$,0v9"$+$i<j$,=P$k$[$IM_$7$/$J$k$h$&$J(B Microsoft $B$N%2!<%`%3(B
$B%s%=!<%k$r96N,$9$k$?$a$NAm9g%,%$%I$,!"(BAndrew Huang $B;a$K$h$j<+Hq=PHG$5$l(B
$B$?!#=PHG$N?t=54VA0$K$O4{$K=iHG$NH>?t$,M=Ls:Q$_$G$"$C$?!#(B

http://www.securityfocus.com/news/4580

2. Report: Too Many Watch Lists
$BCx<T(B:  Kevin Poulsen

$BJFO"K.5D2q$N;pLd5!4X$O(B 12 $BBf$b$N0[$J$kD4::MQ$N%G!<%?%Y!<%9$r(B 1 $BBf$K$^(B
$B$H$a$k$h$&JF@/I\$KMW@A$7$F$$$k!#(B

http://www.securityfocus.com/news/4419

3. Senate broadens powerful U.S. terror surveillance law
$BCx<T(B:  Ted Bridis, The Associated Press

$B$3$NLZMKF|$KJF9q>e1!$O!"%F%mAH?%$b$7$/$OFH:[9q2H$N@/I\$K4XO"$7$=$&$K$b(B
$B$J$$309q?M$KBP$7$F$b!"A\::41$,DL?.K5<u$rI}9-$/9T$J$($k$h$&!"%9%Q%$$d%F(B
$B%mD4::$KMxMQ$5$l$F$$$k87$7$$4F;kK!$NE,MQ$r3HBg$9$kK!0F$rAa!9$KDL2a$7$?!#(B

http://www.securityfocus.com/news/4590

4. Microsoft admits Passport identity service was vulnerable
$BCx<T(B:  Ted Bridis, The Associated Press

$B%Q%-%9%?%s$N$"$k%3%s%T%e!<%?8&5f<T$O!"J#?t$N>CHq<T8~$1>&<h0z(B Web $B%5%$%H(B
$B$X$N%"%/%;%9<jCJ!"EE;R%a!<%k$NAw?.MQG'>Z!";~$K$O%/%l%8%C%H%+!<%I$rMxMQ(B
$B$9$k>&IJ9XF~<jCJ$bJ]8n$9$k$h$&$K@_7W$5$l$?(B Microsoft $B<R$N%;%-%e%j%F%#<j(B
$BCJ$NCf$G$b?M5$$N9b$$(B Internet Passport $B%5!<%S%9$N?/32J}K!$rH/8+$7$?!#(B

http://www.securityfocus.com/news/4575

IV. SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. Data Thief v1.0
$B:n<T(B: Application Security, Inc
$B4XO"$9$k(B URL:
http://www.appsecinc.com/resources/freetools/
$B%W%i%C%H%U%)!<%`(B: Linux$B!"(BUNIX
$B$^$H$a(B:

Data Thief $B$O!"G!2?$KMF0W$K(B SQL $B9=J8$,A^F~2DG=$K$J$kLdBj(B (SQL Injection
Vulnerability) $B$rJz$($F$$$k(B Web $B%"%W%j%1!<%7%g%s$+$i%G!<%?$r@`<h$G$-$k(B
$B$+$r(B Web $B4IM}<T$*$h$S3+H/<T$KNc<($9$k$?$a$KMQ$$$i$l$k!"!V%3%s%;%W%H<B>Z(B
(proof-on-concept)$B!W%D!<%k$G$9!#$3$N%D!<%k$O!"$3$NLdBj$rJz$($F$$$k(B Web
$B%"%W%j%1!<%7%g%s$N%P%C%/%(%s%I%G!<%?%Y!<%9$H$7$F2TF0$7$F$$$k(B Microsoft
SQL Server $B$+$i%G!<%?$r<h$j=P$7$^$9!#$3$NLdBj$NB8:_$,3NG'$5$l$k$H!"$3$N(B
$B%D!<%k$O!"%j%s%/%5!<%P$rNs5s$7!"%G!<%?%Y!<%9%9%-!<%^$r%l%$%"%&%H$7!"<B(B
$B:]$KLdBj$rJz$($k(B Web $B%"%W%j%1!<%7%g%s$N%G!<%?%Y!<%9%F!<%V%k$KBP$7$F(B select
$B9=J8$r<B9T$7$^$9!#(B

2. DISCO v1.0
$B:n<T(B: P
$B4XO"$9$k(B URL:
http://www.altmode.com/disco/
$B%W%i%C%H%U%)!<%`(B: FreeBSD$B!"(BLinux$B!"(BNetBSD$B!"(BOpenBSD
$B$^$H$a(B:

DISCO $B$O!"%M%C%H%o!<%/Cf$N3F%;%0%a%s%H$K@_CV$5$l!"0l0U$J(B IP $B%"%I%l%9$N(B
$B8!=P$*$h$S(B TCP SYN $B%Q%1%C%H$N<uF0E*$J%U%#%s%,!<%W%j%s%F%#%s%0$r9T$&$?$a(B
$B$K@_7W$5$l$?!"<uF0E*$J(B IP $B8!=P%f!<%F%#%j%F%#$G$9!#(B

3. linux-identd v1.3
$B:n<T(B: Per Liden per@fukt.bth.se
$B4XO"$9$k(B URL:
http://www.fukt.bth.se/~per/identd/
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

linux-identd $B$O!"(BIdentification Protocol (RFC1413) $B$r<BAu$9$k(B Linux $B$G(B
$BF0:n$9$k!"%f!<%6<1JL$r9T$&%G!<%b%s$G$9!#$3$N%W%m%H%3%k$O!"%"%/%F%#%V$J(B
TCP $B@\B3$r<1JL$N$?$a$KMQ$$$i$l$^$9!#$3$N%G!<%b%s$O(B TCP 113 $BHV%]!<%H(B (auth)
$B$G%3%M%/%7%g%s$rBT$A<u$1!"%9%?%s%I%"%m%s%5!<%P$H$7$F$b!"(Binetd $B7PM3$G$b(B
$B<B9T$G$-$^$9!#(B

4. mod_protection v0.0.2
$B:n<T(B: Pierpaolo Giacomin
$B4XO"$9$k(B URL:
http://www.twlc.net/download.php?op=viewsdownload&sid=20
$B%W%i%C%H%U%)!<%`(B: UNIX$B!"(BWindows 2000$B!"(BWindows 95/98$B!"(BWindows NT$B!"(BWindows XP
$B$^$H$a(B:

mod_protection $B$O(B IDS ($B?/F~8!CN%7%9%F%`(B) $B$d%U%!%$%d%&%)!<%kMQ$N!"4pK\E*(B
$B$J5!G=$r<}=8$7$?(B Apache $B$N%b%8%e!<%k$G$9!#0-0U$r;}$C$?%/%i%$%"%s%H$,!"(B
$B%k!<%k$K%^%C%A$7$?%j%/%(%9%H$rAw?.$7$F$/$k$H!"4IM}<T$K$O7Y9p$,DLC#$5$l!"(B
$B%/%i%$%"%s%H$O%(%i!<%a%C%;!<%8$r<u$1<h$j$^$9!#(B

5. pcInternet Patrol
$B:n<T(B: Internet Security Alliance
$B4XO"$9$k(B URL:
http://www.isa-llc.com/downloads/pcip.php
$B%W%i%C%H%U%)!<%`(B: Windows 2000$B!"(BWindows 95/98$B!"(BWindows NT$B!"(BWindows XP
$B$^$H$a(B:

pcInternet Patrol $B$O!"%f!<%6$,$7$J$1$l$P$J$i$J$$:n6H$r:G>.$KM^$(!"J]8n(B
$B8z2L$r:GBg$K0z$-=P$7$^$9!#$3$N@=IJ$OB>$NM-L>$J%Q!<%=%J%k%U%!%$%"%&%)!<(B
$B%k$N(B 6 $BG\$NB.EY$G@x:_E*$K4m81$G$"$k%W%m%0%i%`$d%b%8%e!<%k$r8!:w$7$^$9!#(B
$B$=$NB>$K$O!"<!$N$h$&$JFCD9$,$"$j$^$9!#(B
$B!&L$CN!"4{CN$H$b$K!"A4$F$N?/F~%W%m%0%i%`$rM^;_$7$^$9!#(B
$B!&%"%C%W%G!<%H$NI,MW$O$J$/!"%W%m%0%i%`Dj5A%U%!%$%k$O>o$K:G?7$G$9!#(B
$B!&%f!<%6$H%3%s%T%e!<%?$N<j$rHQ$o$;$k$3$H$J$/!">uBV$rJ]$AB3$1$^$9!#(B
$B!&%f!<%6$"$k$$$O4IM}<T$KDLCN$5$l$k;v$J$/!"?/F~<T$,%W%m%0%i%`$rL58z2=$9(B
  $B$k$3$H$O=PMh$^$;$s!#(B
$B!&5?$$$,$"$l$P(B IP $B%"%I%l%9$r%H%l!<%9$9$k$3$H$G?/F~<T$NDI@W$r<B9T$7$^$9!#(B
$B!&?/F~<T$,:G=i$K%?!<%2%C%H$H$9$k(B NETBIOS $B%]!<%H$N>uBV$rO"B34F;k$7$^$9!#(B
$B!&%j%"%k%?%$%`$G%;%-%e%j%F%#LdBj$N<j=u$1$r$7$^$9!#(B

6. Active Spam Killer v2.3 beta2
$B:n<T(B: Marco Paganini paganin@paganini.net
$B4XO"$9$k(B URL:
http://www.paganini.net/ask/
$B%W%i%C%H%U%)!<%`(B: Python
$B$^$H$a(B:

Active Spam Killer (ASK) $B$O!"EE;R%a!<%kAw?.<T$NEE;R%a!<%k%"%I%l%9$r<B:](B
$B$KG[?.$5$l$kA0$K3NG'$9$k$3$H$K$h$j!"MxMQ<T$NEE;R%a!<%k%"%+%&%s%H$rJ]8n(B
$B$7$^$9!#$3$N3NG'$O!"A4$F$N!VITL@$J(B (unkonwn)$B!W%f!<%6$KBP$7$F<+F0E*$KAw(B
$B?.$5$l$k!V3NG'%a!<%k!W$K$h$C$F9T$o$l$^$9!#%a!<%kAw?.<T$,$3$N3NG'%a!<%k(B
$B$KJV?.$9$k$H(B($BC1=c$KJV?.$9$k(B)$B!"$=$NAw?.<T$+$i$N0J8e$NEE;R%a!<%k$OD>$A$K(B
$BG[?.$5$l$^$9!#MxMQ<T$O!"D>$A$K5v2D!"5qH](B($B$*CG$j%a!<%k$rMQ$$$k(B)$B!"$"$k$$(B
$B$OL5;k$9$kEE;R%a!<%k%"%I%l%9(B ($B@55,I=8=$G5-=R(B) $B$r;XDj2DG=$G$9!#$^$?!"$3(B
$B$N%Q%C%1!<%8$K$O!"0JA0$N%a!<%k%\%C%/%9$N%9%-%c%s$d<+F0E*$K5v2D$9$kEE;R(B
$B%a!<%k$N0lMw$r:n@.$9$k%f!<%F%#%j%F%#$rF1:-$7$F$$$^$9!#(B

--
$BLu(B: $B@>B<9/MN(B(NISHIMURA Yasuhiro)$B!"A}EDCR0l(B(MASUDA Tomokazu)$B!"(B
$B>.>>%_%5(B(KOMATSU Misa)
$B4F=$(B: $B:d0f=g9T(B(SAKAI Yoriyuki)
LAC Co., Ltd.
http://www.lac.co.jp/security/

-----------1053347161-4172429
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"

MIISGgYJKoZIhvcNAQcCoIISCzCCEgcCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
DzwwggI8MIIBpQIQMlAzz1DRVvNcga1lXE/IJTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQG
EwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj
IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjAw
MTA3MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1
BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4
Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiHmgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNeP
NGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEw
DQYJKoZIhvcNAQECBQADgYEAS0RmYGhk5Jgb87By5pWJfN17s5XAHS7Y2BnQLTQ9xlCaEIaM
qj87qAT8N1KVw9nJ283yhgbEsRvwgogwQo4XUBxkerg+mUl0l/ysAkP7lgxWBCUMfHyHnSSn
2PAyKbWk312iTMUWMqhC9kWmtja54L9lNpPC0tdr3N5Z1qI1+EUwggI9MIIBpgIRAM26f1bw
3+S8VP4irLNyqlUwDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZl
cmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmlj
YXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1
YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0fzGVu
DLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHiTkVWaR94AoDa
3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0GCSqGSIb3DQEBAgUAA4GB
AEw/uIvGaN/uQzMOXemmyweETXoz/5Ib9Dat2JUiNmgRbHxCzPOcLsQHPxSwD0//kJJ2+eK8
SumPzaCACvfFKfGCIl24sd2BI6N7JRVGMHkW+OoFS5R/HcIcyOO39BBAPBPDXx9T6EjkhrR7
oTWweyW6uNOOqz84nQA0AJjz0XGUMIICPTCCAaYCEQDz1GWTDuTHHs1vChERVlizMA0GCSqG
SIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUG
A1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
Fw05NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQK
Ew5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Rm/baNW
YS2ZSHH2Z965jeu3noaACpEO+jglr0aIguVzqKCbJF0NH8xlbgyw0FaEGIeaBpsQoXPftFg5
a27B9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR4k5FVmkfeAKA2txHkSm7NsljXMXg1y2He6G3
MrB7MLoqLzGq7qNn2tsCAwEAATANBgkqhkiG9w0BAQIFAAOBgQAjyGZsVZ9SYWqvFx3is89H
jkwbAjN1+UXvm0exsSugNTbRUnBpybul85NbkmD5ZH7xwT/p0RXx0sAXvaSdF67hB8+6gZbE
rnEZ9s5kv6cZ9VUof3wz1sK5t+slKf0p+GJwQTHdwwfbElMWYNCdB/kAZfyNbBhQILdn3H79
cEstDzCCAzwwggKloAMCAQICEAQa2pqnxtqHdYa+MJp9N08wDQYJKoZIhvcNAQECBQAwXzEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAx
IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk5MDkxNDAwMDAw
MFoXDTA5MDkwOTIzNTk1OVowgbUxHDAaBgNVBAoTE1ZlcmlTaWduIEphcGFuIEsuSy4xHzAd
BgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxPjA8BgNVBAsTNVRlcm1zIG9mIHVzZSBh
dCBodHRwczovL3d3dy52ZXJpc2lnbi5jby5qcC9SUEEgKGMpIDk4MTQwMgYDVQQDEytWZXJp
U2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQDnvpzpMy1glZcGiPmrsWEvOOXjEuTGvnb95mH1mMGeDPD3HmpNa7WG
Cp2NaO3eVRcRaBICMi2F3Edx6/eL5KtrsnroadWbYLPfBpPJ4BYttJND7Us7+oNdOuQmwFhj
xm9P25bndFT1lidp0Gx/xN5ekq3mNwt5iSWVdqOuEYKApQIDAQABo4GhMIGeMCQGA1UdEQQd
MBukGTAXMRUwEwYDVQQDEwxBZmZpbGlhdGUxLTUwEQYJYIZIAYb4QgEBBAQDAgEGMEUGA1Ud
IAQ+MDwwOgYKYIZIAYb4RQEHCzAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy52ZXJpc2ln
bi5jby5qcC9SUEEwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEC
BQADgYEAuIwwUgDQeNCIO/tzaT6ISelw4QjYJ9up3+be1dxZGHKcEFGtPfwaBNvlTMLV3eW3
BG6W5QRbNNhIaoVl0g8Yw1YuIexVFD7yUKcvQfOOThuG0y93V6Runzha6iErOLabtv05we+V
UnSsknF+qOCLYP9uMIKB/JmDiWnNpnUbAHMwggU2MIIEn6ADAgECAhA694H52SoKzzl8c6+t
xFqvMA0GCSqGSIb3DQEBBAUAMIG1MRwwGgYDVQQKExNWZXJpU2lnbiBKYXBhbiBLLksuMR8w
HQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMT4wPAYDVQQLEzVUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY28uanAvUlBBIChjKSA5ODE0MDIGA1UEAxMrVmVy
aVNpZ24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw0wMzA0MDIwMDAw
MDBaFw0wNDA0MDEyMzU5NTlaMIIBIzELMAkGA1UEBhMCSlAxHDAaBgNVBAoUE1ZlcmlTaWdu
IEphcGFuIEsuSy4xNDAyBgNVBAsUK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFs
IFN1YnNjcmliZXIxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9DUFMg
SW5jb3JwLiBieSBSZWYuLExJQUIuTFREKGMpOTkxPzA9BgNVBAsUNkRpZ2l0YWwgSUQgQ2xh
c3MgMSAtIFNNSU1FIE9yYW5nZXNvZnQgSW5jLi9XaW5iaWZmLzIuMTEXMBUGA1UEAxMOU0FL
QUkgWW9yaXl1a2kxHjAcBgkqhkiG9w0BCQEWD3Nha2FpQGxhYy5jby5qcDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMOW5FCo8Oo3dYNcIIh1hpsDoaMY1etZDMqVKLPp055W
5hr2lmJGfx5gS0s39c0JK00ufI6Vx0xOi8ZwIoTf9pwu21iwdQ7oe7GQR2G0R1GZV6Cm2+uV
aQaoPoeUBpiScy+lEY6BpUrxjUbFYd90hGSM95+z91ZvdFQi5QT/2y64xzaoYDeQnkaWzbYU
TV3Y7V3cCvb1ZZ7XiGGe/e3oV4NnHx/Xz8zoc2APbTc9vkcmuClwouujlxtA4JkNQL9ZXWu/
fZgMenOFT/w17Diof5DbqoUu/bYDVZFI+PWitTeaYT97wKusBaYgHAK+mMj/SnsAWrucPqB6
7djrDnpk1T8CAwEAAaOCAVAwggFMMAkGA1UdEwQCMAAwgawGA1UdIASBpDCBoTCBngYLYIZI
AYb4RQEHAQEwgY4wKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFMw
YgYIKwYBBQUHAgIwVjAVFg5WZXJpU2lnbiwgSW5jLjADAgEBGj1WZXJpU2lnbidzIENQUyBp
bmNvcnAuIGJ5IHJlZmVyZW5jZSBsaWFiLiBsdGQuIChjKTk3IFZlcmlTaWduMAsGA1UdDwQE
AwIFoDARBglghkgBhvhCAQEEBAMCB4AwcAYDVR0fBGkwZzBloGOgYYZfaHR0cDovL29uc2l0
ZWNybC52ZXJpc2lnbi5jb20vVmVyaVNpZ25KYXBhbktLVmVyaVNpZ25DbGFzczFDQUluZGl2
aWR1YWxTdWJzY3JpYmVyL0xhdGVzdENSTC5jcmwwDQYJKoZIhvcNAQEEBQADgYEAD+8QGRs2
/vWvx4M8eGs2C/65r3t2NRfRCDJUWQP1TNI16d2MJUX18S/GFsxtUqgs6Pvc1joJqMGMIONy
9fuIOQ3xJEOLEBfOdFcQEd0uC1LV3nVeDN33ViO1lAVRzGt7Xq1yjE+8rdpo5i+dJ9U19Viz
sLg5DGcblr77SkHB7g4xggKmMIICogIBATCByjCBtTEcMBoGA1UEChMTVmVyaVNpZ24gSmFw
YW4gSy5LLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE+MDwGA1UECxM1VGVy
bXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvLmpwL1JQQSAoYykgOTgxNDAy
BgNVBAMTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEDr3
gfnZKgrPOXxzr63EWq8wCQYFKw4DAhoFAKCBsTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
MBwGCSqGSIb3DQEJBTEPFw0wMzA1MTkxMjI2MDBaMCMGCSqGSIb3DQEJBDEWBBSfQ97lXWrA
9fA4gmcJh/oM1IkVJDBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMC
AgIAgDAHBgUrDgMCBzANBggqhkiG9w0DAgIBQDANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0B
AQEFAASCAQA+WmARoqcC3EAnF3bBVyYbHAoau5m9ZbnIc+RCwaQLxNvqCU+2h3feYD8UPsfP
pD+4eQdKJ8XaM6X5ajYGPoe8htXz7/ReX9rxwMV0D2LG3uqRb4n+mW2faBtw9udGXs58KhgS
TiecjXTxnp7zI2TswV/smLM6FNbJ3L9vYJp86xMyeRjSQnnNWUbLeTgPwZ68FplGO0V5PyUx
XUI1zc7pd/qlJtAVOQx4oASG5DQ6y8f6z8sEw4HsBEtGwKHRdNN85pA1VMk9b6M1mUWvjXot
T8VwdnAUzi/hcsKhJUmUyNKOwFPodd96qXb5WySpr7UY43KesE3oWltyK5himTI0

-----------1053347161-4172429--