Search...

[SECURITY] [DSA-011-1] New version of mgetty released

2001-01-10T00:00:00

ID DEBIAN:DSA-011-1:E329E
Type debian
Reporter Debian
Modified 2001-01-10T00:00:00

Description

Debian Security Advisory DSA-011-1 security@debian.org http://www.debian.org/security/ Michael Stone January 10, 2001

Package: mgetty Vulnerability: insecure tempfile Debian-specific: no

Immunix reports that mgetty does not create temporary files in a secure manner, which could lead to a symlink attack. This has been corrected in mgetty 1.1.21-3potato1

We recommend you upgrade your mgetty package immediately.

wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 2.2 alias potato

Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures.

Source archives: http://security.debian.org/debian-security/dists/stable/updates/main/source/mgetty_1.1.21-3potato1.diff.gz MD5 checksum: 7fa9561fad8dbe7a4a288c8135b33174 http://security.debian.org/debian-security/dists/stable/updates/main/source/mgetty_1.1.21-3potato1.dsc MD5 checksum: 0d4b5d68d1bb236970e1fe5f6ae02264 http://security.debian.org/debian-security/dists/stable/updates/main/source/mgetty_1.1.21.orig.tar.gz MD5 checksum: 41b23fb60b123a25179067bb0711b935

Architecture-independent files: http://security.debian.org/debian-security/dists/stable/updates/main/binary-all/mgetty-docs_1.1.21-3potato1_all.deb MD5 checksum: c406e21ea10a22497b4f8d6a0473b537

Alpha architecture: http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty-fax_1.1.21-3potato1_alpha.deb MD5 checksum: 835087610bd00ccd5a40e01936e61bb2 http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty-viewfax_1.1.21-3potato1_alpha.deb MD5 checksum: e2958b3b698687bfc9de34742c1b90b6 http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty-voice_1.1.21-3potato1_alpha.deb MD5 checksum: 1c0981919bca639e309799d9e532b2d6 http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty_1.1.21-3potato1_alpha.deb MD5 checksum: d838cb1009a5925ced1c92411b013ffc

ARM architecture: http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty-fax_1.1.21-3potato1_arm.deb MD5 checksum: 1cf2e00618425cec1dd76dde1515f6c9 http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty-viewfax_1.1.21-3potato1_arm.deb MD5 checksum: dfd5bb2c08ec7fc06518f8df29c0df97 http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty-voice_1.1.21-3potato1_arm.deb MD5 checksum: c8b9477a35b82f439b37bff1147aad93 http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty_1.1.21-3potato1_arm.deb MD5 checksum: 9a06b9274f595c849e7ffc40ec902e33

Intel ia32 architecture: http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty-fax_1.1.21-3potato1_i386.deb MD5 checksum: fc841c1e78fa0d3347115cf8a50d63cf http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty-viewfax_1.1.21-3potato1_i386.deb MD5 checksum: 57992604cc9437ce1b3362f8e05403ab http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty-voice_1.1.21-3potato1_i386.deb MD5 checksum: 14f6f890c3595c020508b936204fa177 http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty_1.1.21-3potato1_i386.deb MD5 checksum: 52c203e583636f32389244c851823afa

Motorola 680x0 architecture: not yet available

PowerPC architecture: not yet available

Sun Sparc architecture: http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty-fax_1.1.21-3potato1_sparc.deb MD5 checksum: 5fcec09109acc945db8612710ab87e9d http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty-viewfax_1.1.21-3potato1_sparc.deb MD5 checksum: 4e2a6603b8d11c495d519dec3ad2946d http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty-voice_1.1.21-3potato1_sparc.deb MD5 checksum: f4203cbdba33a85f05b63e5883887af4 http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty_1.1.21-3potato1_sparc.deb MD5 checksum: 02bd00238010590cb9a4e73d8122f2f7

These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.

For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

JSON Vulners Source

Initial Source

{"id": "DEBIAN:DSA-011-1:E329E", "bulletinFamily": "unix", "title": "[SECURITY] [DSA-011-1] New version of mgetty released", "description": "- ----------------------------------------------------------------------------\nDebian Security Advisory DSA-011-1 security@debian.org\nhttp://www.debian.org/security/ Michael Stone\nJanuary 10, 2001\n- ----------------------------------------------------------------------------\n\nPackage: mgetty\nVulnerability: insecure tempfile\nDebian-specific: no\n\nImmunix reports that mgetty does not create temporary files in a secure\nmanner, which could lead to a symlink attack. This has been corrected \nin mgetty 1.1.21-3potato1\n\nWe recommend you upgrade your mgetty package immediately.\n\nwget url\n\twill fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 2.2 alias potato\n- ------------------------------------\n\n Potato was released for the alpha, arm, i386, m68k, powerpc and sparc\n architectures.\n\n Source archives:\n http://security.debian.org/debian-security/dists/stable/updates/main/source/mgetty_1.1.21-3potato1.diff.gz\n MD5 checksum: 7fa9561fad8dbe7a4a288c8135b33174\n http://security.debian.org/debian-security/dists/stable/updates/main/source/mgetty_1.1.21-3potato1.dsc\n MD5 checksum: 0d4b5d68d1bb236970e1fe5f6ae02264\n http://security.debian.org/debian-security/dists/stable/updates/main/source/mgetty_1.1.21.orig.tar.gz\n MD5 checksum: 41b23fb60b123a25179067bb0711b935\n\n Architecture-independent files:\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-all/mgetty-docs_1.1.21-3potato1_all.deb\n MD5 checksum: c406e21ea10a22497b4f8d6a0473b537\n\n Alpha architecture:\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty-fax_1.1.21-3potato1_alpha.deb\n MD5 checksum: 835087610bd00ccd5a40e01936e61bb2\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty-viewfax_1.1.21-3potato1_alpha.deb\n MD5 checksum: e2958b3b698687bfc9de34742c1b90b6\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty-voice_1.1.21-3potato1_alpha.deb\n MD5 checksum: 1c0981919bca639e309799d9e532b2d6\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-alpha/mgetty_1.1.21-3potato1_alpha.deb\n MD5 checksum: d838cb1009a5925ced1c92411b013ffc\n\n ARM architecture:\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty-fax_1.1.21-3potato1_arm.deb\n MD5 checksum: 1cf2e00618425cec1dd76dde1515f6c9\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty-viewfax_1.1.21-3potato1_arm.deb\n MD5 checksum: dfd5bb2c08ec7fc06518f8df29c0df97\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty-voice_1.1.21-3potato1_arm.deb\n MD5 checksum: c8b9477a35b82f439b37bff1147aad93\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-arm/mgetty_1.1.21-3potato1_arm.deb\n MD5 checksum: 9a06b9274f595c849e7ffc40ec902e33\n\n Intel ia32 architecture:\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty-fax_1.1.21-3potato1_i386.deb\n MD5 checksum: fc841c1e78fa0d3347115cf8a50d63cf\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty-viewfax_1.1.21-3potato1_i386.deb\n MD5 checksum: 57992604cc9437ce1b3362f8e05403ab\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty-voice_1.1.21-3potato1_i386.deb\n MD5 checksum: 14f6f890c3595c020508b936204fa177\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-i386/mgetty_1.1.21-3potato1_i386.deb\n MD5 checksum: 52c203e583636f32389244c851823afa\n\n Motorola 680x0 architecture:\n not yet available\n\n PowerPC architecture:\n not yet available\n\n Sun Sparc architecture:\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty-fax_1.1.21-3potato1_sparc.deb\n MD5 checksum: 5fcec09109acc945db8612710ab87e9d\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty-viewfax_1.1.21-3potato1_sparc.deb\n MD5 checksum: 4e2a6603b8d11c495d519dec3ad2946d\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty-voice_1.1.21-3potato1_sparc.deb\n MD5 checksum: f4203cbdba33a85f05b63e5883887af4\n http://security.debian.org/debian-security/dists/stable/updates/main/binary-sparc/mgetty_1.1.21-3potato1_sparc.deb\n MD5 checksum: 02bd00238010590cb9a4e73d8122f2f7\n\n These files will be moved into\n ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.\n\nFor not yet released architectures please refer to the appropriate\ndirectory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .\n\n- ----------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "published": "2001-01-10T00:00:00", "modified": "2001-01-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2001/msg00000.html", "reporter": "Debian", "references": [], "cvelist": [], "type": "debian", "lastseen": "2018-10-16T22:14:45", "history": [], "edition": 1, "hashmap": [{"key": "affectedPackage", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "452accfa66a296a1d293cefa05b5efd2"}, {"key": "href", "hash": "32c476379de5d0b37050097611a4f06e"}, {"key": "modified", "hash": "0fac1479836309f69fd7e11253027f21"}, {"key": "published", "hash": "0fac1479836309f69fd7e11253027f21"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "6fe8b98c53e8d099686936732785d471"}, {"key": "title", "hash": "016d1ab6c9962216af910400416565e4"}, {"key": "type", "hash": "6e9552c9bd8e61c8f277c21220160234"}], "hash": "f7ccb27639e12e35d941e979a522b30eb561955523d4d1f16b9990bb60f709fd", "viewCount": 1, "enchantments": {"score": {"value": 2.5, "vector": "NONE", "modified": "2018-10-16T22:14:45"}, "dependencies": {"references": [{"type": "wired", "idList": ["WIRED:CEA4D86E501AC67CF5DD29AC64675460"]}, {"type": "schneier", "idList": ["SCHNEIER:E4E1F90EEAE1566CE5D0C0B33366B904", "SCHNEIER:53C1B909EF08CE92EA40C57418C45B1A"]}, {"type": "kitploit", "idList": ["KITPLOIT:824364705223593346", "KITPLOIT:5327567625025429751"]}, {"type": "nmap", "idList": ["NMAP:RDP-NTLM-INFO.NSE"]}, {"type": "talosblog", "idList": ["TALOSBLOG:D9ED82B2BDA44A16C57321E1CBED23B1"]}, {"type": "zeustracker", "idList": ["ZEUSTRACKER:DOMAIN", "ZEUSTRACKER:IP"]}, {"type": "zdt", "idList": ["1337DAY-ID-32865", "1337DAY-ID-32866"]}, {"type": "exploitdb", "idList": ["EDB-ID:46991", "EDB-ID:46989"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:9339"]}, {"type": "myhack58", "idList": ["MYHACK58:62201994544"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310140211"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1553-1", "OPENSUSE-SU-2019:1551-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4462-1:92FB2"]}, {"type": "xen", "idList": ["XSA-295"]}], "modified": "2018-10-16T22:14:45"}, "vulnersScore": 2.5}, "objectVersion": "1.3", "affectedPackage": []}

{"symantec": [{"lastseen": "2020-01-08T16:40:07", "bulletinFamily": "software", "description": "### Description\n\nLinux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Versions prior to Linux kernel 5.3 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 2.0.0 \n * Linux kernel 2.0.1 \n * Linux kernel 2.0.10 \n * Linux kernel 2.0.11 \n * Linux kernel 2.0.12 \n * Linux kernel 2.0.13 \n * Linux kernel 2.0.14 \n * Linux kernel 2.0.15 \n * Linux kernel 2.0.16 \n * Linux kernel 2.0.17 \n * Linux kernel 2.0.18 \n * Linux kernel 2.0.19 \n * Linux kernel 2.0.2 \n * Linux kernel 2.0.20 \n * Linux kernel 2.0.21 \n * Linux kernel 2.0.22 \n * Linux kernel 2.0.23 \n * Linux kernel 2.0.24 \n * Linux kernel 2.0.25 \n * Linux kernel 2.0.26 \n * Linux kernel 2.0.27 \n * Linux kernel 2.0.28 \n * Linux kernel 2.0.29 \n * Linux kernel 2.0.3 \n * Linux kernel 2.0.30 \n * Linux kernel 2.0.31 \n * Linux kernel 2.0.32 \n * Linux kernel 2.0.33 \n * Linux kernel 2.0.34 \n * Linux kernel 2.0.35 \n * Linux kernel 2.0.36 \n * Linux kernel 2.0.37 \n * Linux kernel 2.0.38 \n * Linux kernel 2.0.39 \n * Linux kernel 2.0.4 \n * Linux kernel 2.0.40 \n * Linux kernel 2.0.5 \n * Linux kernel 2.0.6 \n * Linux kernel 2.0.7 \n * Linux kernel 2.0.8 \n * Linux kernel 2.0.9 \n * Linux kernel 2.1.0 \n * Linux kernel 2.1.132 \n * Linux kernel 2.1.89 \n * Linux kernel 2.2.0 \n * Linux kernel 2.2.1 \n * Linux kernel 2.2.10 \n * Linux kernel 2.2.11 \n * Linux kernel 2.2.12 \n * Linux kernel 2.2.13 \n * Linux kernel 2.2.14 \n * Linux kernel 2.2.15 \n * Linux kernel 2.2.16 \n * Linux kernel 2.2.17 \n * Linux kernel 2.2.18 \n * Linux kernel 2.2.19 \n * Linux kernel 2.2.2 \n * Linux kernel 2.2.20 \n * Linux kernel 2.2.21 \n * Linux kernel 2.2.22 \n * Linux kernel 2.2.23 \n * Linux kernel 2.2.24 \n * Linux kernel 2.2.25 \n * Linux kernel 2.2.26 \n * Linux kernel 2.2.3 \n * Linux kernel 2.2.4 \n * Linux kernel 2.2.5 \n * Linux kernel 2.2.6 \n * Linux kernel 2.2.7 \n * Linux kernel 2.2.8 \n * Linux kernel 2.2.9 \n * Linux kernel 2.3.0 \n * Linux kernel 2.3.1 \n * Linux kernel 2.3.10 \n * Linux kernel 2.3.11 \n * Linux kernel 2.3.12 \n * Linux kernel 2.3.13 \n * Linux kernel 2.3.14 \n * Linux kernel 2.3.15 \n * Linux kernel 2.3.16 \n * Linux kernel 2.3.17 \n * Linux kernel 2.3.18 \n * Linux kernel 2.3.19 \n * Linux kernel 2.3.2 \n * Linux kernel 2.3.20 \n * Linux kernel 2.3.21 \n * Linux kernel 2.3.22 \n * Linux kernel 2.3.23 \n * Linux kernel 2.3.24 \n * Linux kernel 2.3.25 \n * Linux kernel 2.3.26 \n * Linux kernel 2.3.27 \n * Linux kernel 2.3.28 \n * Linux kernel 2.3.29 \n * Linux kernel 2.3.3 \n * Linux kernel 2.3.30 \n * Linux kernel 2.3.31 \n * Linux kernel 2.3.32 \n * Linux kernel 2.3.33 \n * Linux kernel 2.3.34 \n * Linux kernel 2.3.35 \n * Linux kernel 2.3.36 \n * Linux kernel 2.3.37 \n * Linux kernel 2.3.38 \n * Linux kernel 2.3.39 \n * Linux kernel 2.3.4 \n * Linux kernel 2.3.40 \n * Linux kernel 2.3.41 \n * Linux kernel 2.3.42 \n * Linux kernel 2.3.43 \n * Linux kernel 2.3.44 \n * Linux kernel 2.3.45 \n * Linux kernel 2.3.46 \n * Linux kernel 2.3.47 \n * Linux kernel 2.3.48 \n * Linux kernel 2.3.49 \n * Linux kernel 2.3.5 \n * Linux kernel 2.3.50 \n * Linux kernel 2.3.51 \n * Linux kernel 2.3.6 \n * Linux kernel 2.3.7 \n * Linux kernel 2.3.8 \n * Linux kernel 2.3.9 \n * Linux kernel 2.3.99 \n * Linux kernel 2.4.0 \n * Linux kernel 2.4.1 \n * Linux kernel 2.4.10 \n * Linux kernel 2.4.11 \n * Linux kernel 2.4.12 \n * Linux kernel 2.4.13 \n * Linux kernel 2.4.14 \n * Linux kernel 2.4.15 \n * Linux kernel 2.4.16 \n * Linux kernel 2.4.17 \n * Linux kernel 2.4.18 \n * Linux kernel 2.4.19 \n * Linux kernel 2.4.2 \n * Linux kernel 2.4.20 \n * Linux kernel 2.4.21 \n * Linux kernel 2.4.22 \n * Linux kernel 2.4.23 \n * Linux kernel 2.4.24 \n * Linux kernel 2.4.25 \n * Linux kernel 2.4.26 \n * Linux kernel 2.4.27 \n * Linux kernel 2.4.28 \n * Linux kernel 2.4.29 \n * Linux kernel 2.4.3 \n * Linux kernel 2.4.30 \n * Linux kernel 2.4.31 \n * Linux kernel 2.4.32 \n * Linux kernel 2.4.33 2 \n * Linux kernel 2.4.33 \n * Linux kernel 2.4.33.1 \n * Linux kernel 2.4.33.4 \n * Linux kernel 2.4.33.5 \n * Linux kernel 2.4.33.7 \n * Linux kernel 2.4.34 \n * Linux kernel 2.4.34.1 \n * Linux kernel 2.4.34.2 \n * Linux kernel 2.4.34.3 \n * Linux kernel 2.4.34.5 \n * Linux kernel 2.4.34.6 \n * Linux kernel 2.4.35 \n * Linux kernel 2.4.35.2 \n * Linux kernel 2.4.35.3 \n * Linux kernel 2.4.36 \n * Linux kernel 2.4.36.1 \n * Linux kernel 2.4.36.4 \n * Linux kernel 2.4.36.5 \n * Linux kernel 2.4.36.6 \n * Linux kernel 2.4.36.7 \n * Linux kernel 2.4.36.8 \n * Linux kernel 2.4.36.9 \n * Linux kernel 2.4.37 \n * Linux kernel 2.4.37.5 \n * Linux kernel 2.4.37.6 \n * Linux kernel 2.4.37.7 \n * Linux kernel 2.4.37.8 \n * Linux kernel 2.4.37.9 \n * Linux kernel 2.4.4 \n * Linux kernel 2.4.5 \n * Linux kernel 2.4.6 \n * Linux kernel 2.4.7 \n * Linux kernel 2.4.8 \n * Linux kernel 2.4.9 \n * Linux kernel 2.5.1 \n * Linux kernel 2.5.10 \n * Linux kernel 2.5.11 \n * Linux kernel 2.5.12 \n * Linux kernel 2.5.13 \n * Linux kernel 2.5.14 \n * Linux kernel 2.5.15 \n * Linux kernel 2.5.16 \n * Linux kernel 2.5.17 \n * Linux kernel 2.5.18 \n * Linux kernel 2.5.19 \n * Linux kernel 2.5.2 \n * Linux kernel 2.5.20 \n * Linux kernel 2.5.21 \n * Linux kernel 2.5.22 \n * Linux kernel 2.5.23 \n * Linux kernel 2.5.24 \n * Linux kernel 2.5.25 \n * Linux kernel 2.5.26 \n * Linux kernel 2.5.27 \n * Linux kernel 2.5.28 \n * Linux kernel 2.5.29 \n * Linux kernel 2.5.3 \n * Linux kernel 2.5.30 \n * Linux kernel 2.5.31 \n * Linux kernel 2.5.32 \n * Linux kernel 2.5.33 \n * Linux kernel 2.5.34 \n * Linux kernel 2.5.35 \n * Linux kernel 2.5.36 \n * Linux kernel 2.5.37 \n * Linux kernel 2.5.38 \n * Linux kernel 2.5.39 \n * Linux kernel 2.5.4 \n * Linux kernel 2.5.40 \n * Linux kernel 2.5.41 \n * Linux kernel 2.5.42 \n * Linux kernel 2.5.43 \n * Linux kernel 2.5.44 \n * Linux kernel 2.5.45 \n * Linux kernel 2.5.46 \n * Linux kernel 2.5.47 \n * Linux kernel 2.5.48 \n * Linux kernel 2.5.49 \n * Linux kernel 2.5.5 \n * Linux kernel 2.5.50 \n * Linux kernel 2.5.51 \n * Linux kernel 2.5.52 \n * Linux kernel 2.5.53 \n * Linux kernel 2.5.54 \n * Linux kernel 2.5.55 \n * Linux kernel 2.5.56 \n * Linux kernel 2.5.57 \n * Linux kernel 2.5.58 \n * Linux kernel 2.5.59 \n * Linux kernel 2.5.6 \n * Linux kernel 2.5.60 \n * Linux kernel 2.5.61 \n * Linux kernel 2.5.62 \n * Linux kernel 2.5.63 \n * Linux kernel 2.5.64 \n * Linux kernel 2.5.65 \n * Linux kernel 2.5.66 \n * Linux kernel 2.5.67 \n * Linux kernel 2.5.68 \n * Linux kernel 2.5.69 \n * Linux kernel 2.5.7 \n * Linux kernel 2.5.8 \n * Linux kernel 2.5.9 \n * Linux kernel 2.6.0 \n * Linux kernel 2.6.1 \n * Linux kernel 2.6.10 \n * Linux kernel 2.6.11 \n * Linux kernel 2.6.11.1 \n * Linux kernel 2.6.11.10 \n * Linux kernel 2.6.11.11 \n * Linux kernel 2.6.11.12 \n * Linux kernel 2.6.11.2 \n * Linux kernel 2.6.11.3 \n * Linux kernel 2.6.11.4 \n * Linux kernel 2.6.11.5 \n * Linux kernel 2.6.11.6 \n * Linux kernel 2.6.11.7 \n * Linux kernel 2.6.11.8 \n * Linux kernel 2.6.11.9 \n * Linux kernel 2.6.12 \n * Linux kernel 2.6.12.1 \n * Linux kernel 2.6.12.2 \n * Linux kernel 2.6.12.3 \n * Linux kernel 2.6.12.4 \n * Linux kernel 2.6.12.5 \n * Linux kernel 2.6.12.6 \n * Linux kernel 2.6.13 \n * Linux kernel 2.6.13.1 \n * Linux kernel 2.6.13.2 \n * Linux kernel 2.6.13.3 \n * Linux kernel 2.6.13.4 \n * Linux kernel 2.6.13.5 \n * Linux kernel 2.6.14 .1 \n * Linux kernel 2.6.14 .2 \n * Linux kernel 2.6.14 .3 \n * Linux kernel 2.6.14 \n * Linux kernel 2.6.14.1 \n * Linux kernel 2.6.14.2 \n * Linux kernel 2.6.14.3 \n * Linux kernel 2.6.14.4 \n * Linux kernel 2.6.14.5 \n * Linux kernel 2.6.14.6 \n * Linux kernel 2.6.14.7 \n * Linux kernel 2.6.15 .4 \n * Linux kernel 2.6.15 \n * Linux kernel 2.6.15.1 \n * Linux kernel 2.6.15.11 \n * Linux kernel 2.6.15.2 \n * Linux kernel 2.6.15.3 \n * Linux kernel 2.6.15.4 \n * Linux kernel 2.6.15.5 \n * Linux kernel 2.6.15.6 \n * Linux kernel 2.6.15.7 \n * Linux kernel 2.6.16 .1 \n * Linux kernel 2.6.16 .23 \n * Linux kernel 2.6.16 \n * Linux kernel 2.6.16.10 \n * Linux kernel 2.6.16.11 \n * Linux kernel 2.6.16.12 \n * Linux kernel 2.6.16.13 \n * Linux kernel 2.6.16.14 \n * Linux kernel 2.6.16.15 \n * Linux kernel 2.6.16.16 \n * Linux kernel 2.6.16.17 \n * Linux kernel 2.6.16.18 \n * Linux kernel 2.6.16.19 \n * Linux kernel 2.6.16.2 \n * Linux kernel 2.6.16.20 \n * Linux kernel 2.6.16.21 \n * Linux kernel 2.6.16.22 \n * Linux kernel 2.6.16.24 \n * Linux kernel 2.6.16.25 \n * Linux kernel 2.6.16.26 \n * Linux kernel 2.6.16.27 \n * Linux kernel 2.6.16.28 \n * Linux kernel 2.6.16.29 \n * Linux kernel 2.6.16.3 \n * Linux kernel 2.6.16.30 \n * Linux kernel 2.6.16.31 \n * Linux kernel 2.6.16.32 \n * Linux kernel 2.6.16.33 \n * Linux kernel 2.6.16.34 \n * Linux kernel 2.6.16.35 \n * Linux kernel 2.6.16.36 \n * Linux kernel 2.6.16.37 \n * Linux kernel 2.6.16.38 \n * Linux kernel 2.6.16.39 \n * Linux kernel 2.6.16.4 \n * Linux kernel 2.6.16.40 \n * Linux kernel 2.6.16.41 \n * Linux kernel 2.6.16.43 \n * Linux kernel 2.6.16.44 \n * Linux kernel 2.6.16.45 \n * Linux kernel 2.6.16.46 \n * Linux kernel 2.6.16.47 \n * Linux kernel 2.6.16.48 \n * Linux kernel 2.6.16.49 \n * Linux kernel 2.6.16.5 \n * Linux kernel 2.6.16.50 \n * Linux kernel 2.6.16.51 \n * Linux kernel 2.6.16.52 \n * Linux kernel 2.6.16.53 \n * Linux kernel 2.6.16.6 \n * Linux kernel 2.6.16.7 \n * Linux kernel 2.6.16.8 \n * Linux kernel 2.6.16.9 \n * Linux kernel 2.6.17 .8 \n * Linux kernel 2.6.17 \n * Linux kernel 2.6.17.1 \n * Linux kernel 2.6.17.10 \n * Linux kernel 2.6.17.11 \n * Linux kernel 2.6.17.12 \n * Linux kernel 2.6.17.13 \n * Linux kernel 2.6.17.14 \n * Linux kernel 2.6.17.2 \n * Linux kernel 2.6.17.3 \n * Linux kernel 2.6.17.4 \n * Linux kernel 2.6.17.5 \n * Linux kernel 2.6.17.6 \n * Linux kernel 2.6.17.7 \n * Linux kernel 2.6.17.9 \n * Linux kernel 2.6.18 .1 \n * Linux kernel 2.6.18 \n * Linux kernel 2.6.18.1 \n * Linux kernel 2.6.18.2 \n * Linux kernel 2.6.18.3 \n * Linux kernel 2.6.18.4 \n * Linux kernel 2.6.18.5 \n * Linux kernel 2.6.18.6 \n * Linux kernel 2.6.18.7 \n * Linux kernel 2.6.18.8 \n * Linux kernel 2.6.19 \n * Linux kernel 2.6.19.1 \n * Linux kernel 2.6.19.2 \n * Linux kernel 2.6.19.3 \n * Linux kernel 2.6.19.4 \n * Linux kernel 2.6.2 \n * Linux kernel 2.6.20 \n * Linux kernel 2.6.20-2 \n * Linux kernel 2.6.20.1 \n * Linux kernel 2.6.20.10 \n * Linux kernel 2.6.20.11 \n * Linux kernel 2.6.20.12 \n * Linux kernel 2.6.20.13 \n * Linux kernel 2.6.20.14 \n * Linux kernel 2.6.20.15 \n * Linux kernel 2.6.20.2 \n * Linux kernel 2.6.20.3 \n * Linux kernel 2.6.20.4 \n * Linux kernel 2.6.20.5 \n * Linux kernel 2.6.20.6 \n * Linux kernel 2.6.20.7 \n * Linux kernel 2.6.20.8 \n * Linux kernel 2.6.20.9 \n * Linux kernel 2.6.21 .1 \n * Linux kernel 2.6.21 4 \n * Linux kernel 2.6.21 \n * Linux kernel 2.6.21.2 \n * Linux kernel 2.6.21.3 \n * Linux kernel 2.6.21.6 \n * Linux kernel 2.6.21.7 \n * Linux kernel 2.6.22 \n * Linux kernel 2.6.22.1 \n * Linux kernel 2.6.22.11 \n * Linux kernel 2.6.22.12 \n * Linux kernel 2.6.22.13 \n * Linux kernel 2.6.22.14 \n * Linux kernel 2.6.22.15 \n * Linux kernel 2.6.22.16 \n * Linux kernel 2.6.22.17 \n * Linux kernel 2.6.22.2 \n * Linux kernel 2.6.22.3 \n * Linux kernel 2.6.22.4 \n * Linux kernel 2.6.22.5 \n * Linux kernel 2.6.22.6 \n * Linux kernel 2.6.22.7 \n * Linux kernel 2.6.22.8 \n * Linux kernel 2.6.23 \n * Linux kernel 2.6.23.09 \n * Linux kernel 2.6.23.1 \n * Linux kernel 2.6.23.10 \n * Linux kernel 2.6.23.14 \n * Linux kernel 2.6.23.2 \n * Linux kernel 2.6.23.3 \n * Linux kernel 2.6.23.4 \n * Linux kernel 2.6.23.5 \n * Linux kernel 2.6.23.6 \n * Linux kernel 2.6.23.7 \n * Linux kernel 2.6.24 \n * Linux kernel 2.6.24.1 \n * Linux kernel 2.6.24.2 \n * Linux kernel 2.6.24.3 \n * Linux kernel 2.6.24.4 \n * Linux kernel 2.6.24.6 \n * Linux kernel 2.6.25 .15 \n * Linux kernel 2.6.25 19 \n * Linux kernel 2.6.25 \n * Linux kernel 2.6.25.1 \n * Linux kernel 2.6.25.10 \n * Linux kernel 2.6.25.11 \n * Linux kernel 2.6.25.12 \n * Linux kernel 2.6.25.13 \n * Linux kernel 2.6.25.2 \n * Linux kernel 2.6.25.3 \n * Linux kernel 2.6.25.4 \n * Linux kernel 2.6.25.5 \n * Linux kernel 2.6.25.6 \n * Linux kernel 2.6.25.7 \n * Linux kernel 2.6.25.8 \n * Linux kernel 2.6.25.9 \n * Linux kernel 2.6.26 7 \n * Linux kernel 2.6.26 \n * Linux kernel 2.6.26.1 \n * Linux kernel 2.6.26.3 \n * Linux kernel 2.6.26.4 \n * Linux kernel 2.6.26.5 \n * Linux kernel 2.6.26.6 \n * Linux kernel 2.6.27 12 \n * Linux kernel 2.6.27 3 \n * Linux kernel 2.6.27 6 \n * Linux kernel 2.6.27 \n * Linux kernel 2.6.27.12 \n * Linux kernel 2.6.27.13 \n * Linux kernel 2.6.27.14 \n * Linux kernel 2.6.27.24 \n * Linux kernel 2.6.27.26 \n * Linux kernel 2.6.27.46 \n * Linux kernel 2.6.27.49 \n * Linux kernel 2.6.27.51 \n * Linux kernel 2.6.27.54 \n * Linux kernel 2.6.27.8 \n * Linux kernel 2.6.28 \n * Linux kernel 2.6.28.1 \n * Linux kernel 2.6.28.10 \n * Linux kernel 2.6.28.2 \n * Linux kernel 2.6.28.3 \n * Linux kernel 2.6.28.4 \n * Linux kernel 2.6.28.5 \n * Linux kernel 2.6.28.6 \n * Linux kernel 2.6.28.8 \n * Linux kernel 2.6.28.9 \n * Linux kernel 2.6.29 \n * Linux kernel 2.6.29.1 \n * Linux kernel 2.6.29.4 \n * Linux kernel 2.6.3 \n * Linux kernel 2.6.30 \n * Linux kernel 2.6.30.1 \n * Linux kernel 2.6.30.10 \n * Linux kernel 2.6.30.3 \n * Linux kernel 2.6.30.4 \n * Linux kernel 2.6.30.5 \n * Linux kernel 2.6.31 \n * Linux kernel 2.6.31.1 \n * Linux kernel 2.6.31.11 \n * Linux kernel 2.6.31.13 \n * Linux kernel 2.6.31.2 \n * Linux kernel 2.6.31.4 \n * Linux kernel 2.6.31.5 \n * Linux kernel 2.6.31.6 \n * Linux kernel 2.6.32 \n * Linux kernel 2.6.32.1 \n * Linux kernel 2.6.32.10 \n * Linux kernel 2.6.32.11 \n * Linux kernel 2.6.32.12 \n * Linux kernel 2.6.32.13 \n * Linux kernel 2.6.32.14 \n * Linux kernel 2.6.32.15 \n * Linux kernel 2.6.32.16 \n * Linux kernel 2.6.32.17 \n * Linux kernel 2.6.32.18 \n * Linux kernel 2.6.32.2 \n * Linux kernel 2.6.32.22 \n * Linux kernel 2.6.32.28 \n * Linux kernel 2.6.32.3 \n * Linux kernel 2.6.32.4 \n * Linux kernel 2.6.32.5 \n * Linux kernel 2.6.32.6 \n * Linux kernel 2.6.32.60 \n * Linux kernel 2.6.32.61 \n * Linux kernel 2.6.32.62 \n * Linux kernel 2.6.32.7 \n * Linux kernel 2.6.32.8 \n * Linux kernel 2.6.32.9 \n * Linux kernel 2.6.33 \n * Linux kernel 2.6.33.1 \n * Linux kernel 2.6.33.7 \n * Linux kernel 2.6.34 \n * Linux kernel 2.6.34.1 \n * Linux kernel 2.6.34.13 \n * Linux kernel 2.6.34.14 \n * Linux kernel 2.6.34.2 \n * Linux kernel 2.6.34.3 \n * Linux kernel 2.6.35 \n * Linux kernel 2.6.35.1 \n * Linux kernel 2.6.35.13 \n * Linux kernel 2.6.35.4 \n * Linux kernel 2.6.35.5 \n * Linux kernel 2.6.36 \n * Linux kernel 2.6.37 \n * Linux kernel 2.6.37.2 \n * Linux kernel 2.6.38 \n * Linux kernel 2.6.38.2 \n * Linux kernel 2.6.38.3 \n * Linux kernel 2.6.38.4 \n * Linux kernel 2.6.38.6 \n * Linux kernel 2.6.39 \n * Linux kernel 2.6.4 \n * Linux kernel 2.6.5 \n * Linux kernel 2.6.6 \n * Linux kernel 2.6.7 \n * Linux kernel 2.6.8 \n * Linux kernel 2.6.9 \n * Linux kernel 3.0 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.1 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.15.6-200.fc20 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.102 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.1.47 \n * Linux kernel 4.1.51 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.15 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.10.5 \n * Linux kernel 4.10.6 \n * Linux kernel 4.10.7 \n * Linux kernel 4.10.8 \n * Linux kernel 4.10.9 \n * Linux kernel 4.11.0 \n * Linux kernel 4.11.1 \n * Linux kernel 4.11.2 \n * Linux kernel 4.11.3 \n * Linux kernel 4.11.4 \n * Linux kernel 4.11.5 \n * Linux kernel 4.11.7 \n * Linux kernel 4.11.8 \n * Linux kernel 4.11.9 \n * Linux kernel 4.12 \n * Linux kernel 4.12.1 \n * Linux kernel 4.12.10 \n * Linux kernel 4.12.2 \n * Linux kernel 4.12.3 \n * Linux kernel 4.12.4 \n * Linux kernel 4.12.9 \n * Linux kernel 4.13 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.14 \n * Linux kernel 4.14.1 \n * Linux kernel 4.14.10 \n * Linux kernel 4.14.109 \n * Linux kernel 4.14.11 \n * Linux kernel 4.14.114 \n * Linux kernel 4.14.120 \n * Linux kernel 4.14.13 \n * Linux kernel 4.14.14 \n * Linux kernel 4.14.15 \n * Linux kernel 4.14.2 \n * Linux kernel 4.14.25 \n * Linux kernel 4.14.3 \n * Linux kernel 4.14.31 \n * Linux kernel 4.14.4 \n * Linux kernel 4.14.5 \n * Linux kernel 4.14.6 \n * Linux kernel 4.14.67 \n * Linux kernel 4.14.7 \n * Linux kernel 4.14.71 \n * Linux kernel 4.14.78 \n * Linux kernel 4.14.8 \n * Linux kernel 4.14.90 \n * Linux kernel 4.15.0 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.4 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.7 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.7 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.19.9 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3.3 \n * Linux kernel 4.4 \n * Linux kernel 4.4.0-57 \n * Linux kernel 4.4.1 \n * Linux kernel 4.4.105 \n * Linux kernel 4.4.121 \n * Linux kernel 4.4.125 \n * Linux kernel 4.4.14 \n * Linux kernel 4.4.157 \n * Linux kernel 4.4.177 \n * Linux kernel 4.4.180 \n * Linux kernel 4.4.194 \n * Linux kernel 4.4.195 \n * Linux kernel 4.4.2 \n * Linux kernel 4.4.22 \n * Linux kernel 4.4.23 \n * Linux kernel 4.4.24 \n * Linux kernel 4.4.25 \n * Linux kernel 4.4.26 \n * Linux kernel 4.4.27 \n * Linux kernel 4.4.28 \n * Linux kernel 4.4.29 \n * Linux kernel 4.4.30 \n * Linux kernel 4.4.38 \n * Linux kernel 4.4.7 \n * Linux kernel 4.5 \n * Linux kernel 4.5.5 \n * Linux kernel 4.6 \n * Linux kernel 4.6.1 \n * Linux kernel 4.6.2 \n * Linux kernel 4.6.3 \n * Linux kernel 4.7 \n * Linux kernel 4.7.4 \n * Linux kernel 4.7.9 \n * Linux kernel 4.8 \n * Linux kernel 4.8.1 \n * Linux kernel 4.8.11 \n * Linux kernel 4.8.12 \n * Linux kernel 4.8.13 \n * Linux kernel 4.8.14 \n * Linux kernel 4.8.3 \n * Linux kernel 4.8.6 \n * Linux kernel 4.8.7 \n * Linux kernel 4.9.0 \n * Linux kernel 4.9.11 \n * Linux kernel 4.9.128 \n * Linux kernel 4.9.13 \n * Linux kernel 4.9.135 \n * Linux kernel 4.9.166 \n * Linux kernel 4.9.177 \n * Linux kernel 4.9.3 \n * Linux kernel 4.9.36 \n * Linux kernel 4.9.4 \n * Linux kernel 4.9.53 \n * Linux kernel 4.9.6 \n * Linux kernel 4.9.68 \n * Linux kernel 4.9.71 \n * Linux kernel 4.9.74 \n * Linux kernel 4.9.8 \n * Linux kernel 4.9.87 \n * Linux kernel 4.9.9 \n * Linux kernel 4.9.91 \n * Linux kernel 5.0 \n * Linux kernel 5.0.1 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.21 \n * Linux kernel 5.0.3 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.5 \n * Linux kernel 5.0.6 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.1 \n * Linux kernel 5.1.12 \n * Linux kernel 5.1.13 \n * Linux kernel 5.1.14 \n * Linux kernel 5.1.15 \n * Linux kernel 5.1.17 \n * Linux kernel 5.1.2 \n * Linux kernel 5.1.3 \n * Linux kernel 5.1.5 \n * Linux kernel 5.1.6 \n * Linux kernel 5.1.7 \n * Linux kernel 5.1.8 \n * Linux kernel 5.1.9 \n * Linux kernel 5.2.1 \n * Linux kernel 5.2.10 \n * Linux kernel 5.2.13 \n * Linux kernel 5.2.14 \n * Linux kernel 5.2.17 \n * Linux kernel 5.2.2 \n * Linux kernel 5.2.3 \n * Linux kernel 5.2.6 \n * Linux kernel 5.2.8 \n * Linux kernel 5.2.9 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nAllow only trusted individuals to have user accounts and local access to the resources. \n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights. \n\nCurrently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.\n", "modified": "2020-12-11T00:00:00", "published": "2020-12-11T00:00:00", "id": "SMNTC-111398", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111398", "title": "Linux Kernel CVE-2019-5108 Denial of Service Vulnerability", "type": "symantec", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2020-02-18T14:31:31", "bulletinFamily": "unix", "description": "This update for MozillaFirefox fixes the following issues:\n\n - Firefox Extended Support Release 68.5.0 ESR\n * Fixed: Various stability and security fixes\n - Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368)\n * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read\n in the parent process\n * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open\n permission could open arbitrary applications on Mac OSX\n * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could\n result in JavaScript injection\n * CVE-2020-6799 (bmo#1606596) Arbitrary code execution when opening pdf\n links from other applications, when Firefox is configured as default\n pdf reader\n * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851,\n bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in\n Firefox 73 and Firefox ESR 68.5\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2020-02-18T12:11:53", "published": "2020-02-18T12:11:53", "id": "OPENSUSE-SU-2020:0230-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00024.html", "title": "Security update for MozillaFirefox (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T14:31:31", "bulletinFamily": "unix", "description": "This update for MozillaThunderbird fixes the following issues:\n\n - Mozilla Thunderbird 68.5 (bsc#1162777) MFSA 2020-07 (bsc#1163368)\n * CVE-2020-6793 (bmo#1608539) Out-of-bounds read when processing certain\n email messages\n * CVE-2020-6794 (bmo#1606619) Setting a master password post-Thunderbird\n 52 does not delete unencrypted previously stored passwords\n * CVE-2020-6795 (bmo#1611105) Crash processing S/MIME messages with\n multiple signatures\n * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open\n permission could open arbitrary applications on Mac OSX\n * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could\n result in JavaScript injection\n * CVE-2020-6792 (bmo#1609607) Message ID calculcation was based on\n uninitialized data\n * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851,\n bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in\n Thunderbird 68.5\n\n * new: Support for Client Identity IMAP/SMTP Service Extension\n (bmo#1532388)\n * new: Support for OAuth 2.0 authentication for POP3 accounts\n (bmo#1538409)\n * fixed: Status area goes blank during account setup (bmo#1593122)\n * fixed: Calendar: Could not remove color for default categories\n (bmo#1584853)\n * fixed: Calendar: Prevent calendar component loading multiple times\n (bmo#1606375)\n * fixed: Calendar: Today pane did not retain width between sessions\n (bmo#1610207)\n * unresolved: When upgrading from Thunderbird version 60 to version 68,\n add-ons are not automatically updated during the upgrade process. They\n will however be updated during the add-\n on update check. It is of course possible to reinstall compatible\n add-ons via the Add-ons Manager or via addons.thunderbird.net.\n (bmo#1574183)\n * changed: Calendar: Task and Event tree colours adjusted for the dark\n theme (bmo#1608344)\n * fixed: Retrieval of S/MIME certificates from LDAP failed (bmo#1604773)\n * fixed: Address-parsing crash on some IMAP servers when preference\n mail.imap.use_envelope_cmd was set (bmo#1609690)\n * fixed: Incorrect forwarding of HTML messages caused SMTP servers to\n respond with a timeout (bmo#1222046)\n * fixed: Calendar: Various parts of the calendar UI stopped working when\n a second Thunderbird window opened (bmo#1608407)\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2020-02-18T12:11:14", "published": "2020-02-18T12:11:14", "id": "OPENSUSE-SU-2020:0231-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00023.html", "title": "Security update for MozillaThunderbird (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "threatpost": [{"lastseen": "2020-02-18T11:25:43", "bulletinFamily": "info", "description": "Fresh firmware vulnerabilities in Wi-Fi adapters, USB hubs, trackpads and cameras are putting millions of peripheral devices in danger of a range of cyberattacks, according to research from Eclypsium.\n\nTouchPad and TrackPoint firmware in Lenovo Laptops, HP Wide Vision FHD camera firmware in HP laptops and the Wi-Fi adapter on Dell XPS laptops were all found to lack secure firmware update mechanisms with proper code-signing.\n\n\u201cSoftware and network vulnerabilities are often the more-obvious focus of organizations\u2019 security priorities, but firmware vulnerabilities could give adversaries full control over the compromised device,\u201d Katie Teitler, senior analyst at TAG Cyber, said via email. \u201cThis could lead to implanted backdoors, network traffic sniffing, data exfiltration and more. Unfortunately, though, firmware vulnerabilities can be harder to detect and more difficult to patch.\u201d\n\n## Unsigned Firmware Updates: A Growing Problem\n\nFirmware for peripherals can be burned into the integrated circuit of the device itself, or the component may have its own flash memory where firmware is stored. Firmware can also be dynamically provided by the operating system at boot time. Regardless of the implementation approach, firmware is used as the device-specific operating system for the peripheral in question, and can provide criminals with a rich attack surface if found to be vulnerable.\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\n\u201cMany peripheral devices do not verify that firmware is properly signed with a high-quality public/private key before running the code,\u201d explained researchers at Eclypsium, in vulnerability research [released on Tuesday](<https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/>). \u201cThis means that these components have no way to validate that the firmware loaded by the device is authentic and should be trusted. An attacker could simply insert a malicious or vulnerable firmware image, which the component would blindly trust and run.\u201d\n\nThe scenario for an attack is thus a simple one. First, an attacker gains access to a device via any method, be it physical access, malware that allows remote code execution and so on, and, with basic user privileges, the attacker can write malicious firmware to a vulnerable component. If the component doesn\u2019t require the firmware to be properly signed, the attacker\u2019s code is loaded. Depending on the peripheral in question, this can lead to a range of malicious activity.\n\n\u201cFor example, malicious firmware on a network adapter could allow an attacker to sniff, copy, redirect or alter traffic leading to a loss of data, man-in-the-middle and other attacks,\u201d according to the research. \u201cPCI-based devices could enable [Direct Memory Access (DMA) attacks](<https://threatpost.com/dell-hp-memory-access-bugskernel-privileges/152369/>) that could easily steal data or take full control over the victim system. Cameras could be used to capture data from the user\u2019s environment, while a compromised hard drive could allow the attacker to hide code and tools without being seen by the operating system.\u201d\n\nFurther, firmware attacks allow malicious activity to fly under the radar of endpoint protections; as recently seen in the [latest campaigns using the RobbinHood ransomware](<https://threatpost.com/byo-bug-windows-kernel-outdated-driver/152762/>), vulnerable drivers can be used to bypass security protections and enable ransomware to attack without interference.\n\nJesse Michael, principal researcher at Eclypsium, told Threatpost that the kinds of attacks that these bugs enable are not insignificant. For instance, the Black Energy attack that brought down part of the power grid in Ukraine used an unsigned firmware update to break serial-to-Ethernet adapters that were used to control relays.\n\n\u201cA similar incident occurred with Saudi Aramco,\u201d he said. \u201cThis made the system much harder to bring back online.\u201d He added that firmware-based attacks have seen a 7.5-time increase in firmware/hardware CVEs from three years ago.\n\n## New Vulnerabilities\n\nEclypsium researchers analyzed a Lenovo ThinkPad X1 Carbon 6th Gen laptop, which contains two vulnerable firmware mechanisms: Touchpad firmware (pr2812761-tm3288-011-0808.img) and TrackPoint firmware (PSG5E5_RANKA_fv06.bin).\n\n\u201cWe discovered that the Touchpad and TrackPoint use insecure firmware update mechanisms,\u201d according to the research. \u201cSpecifically, cryptographic signature verification was not required at the device level before firmware updates were applied. This lack of control made it possible to modify the firmware images through software to run arbitrary malicious code within these components.\u201d\n\nMeanwhile, the firmware updates distributed by HP for the HP Wide Vision FHD camera found in the HP Spectre x360 Convertible 13-ap0xxx laptop are unencrypted and lack authenticity checks, Eclypsium noted. The device\u2019s firmware updater is composed of SunplusIT\u2019s Windows-based firmware update tool along with the firmware image, and both have issues.\n\n\u201cThe firmware image does not include any form of cryptographic signature or other authenticity information,\u201d according to the report. \u201cThe Windows-based firmware update tool accepts firmware files that have been modified to adjust USB descriptor contents. This ability to modify USB descriptors can be leveraged to disable the device or cause it to be identified as a different type of USB device. Once additional details of the processor architecture are discovered, the camera module behavior can be altered to be malicious.\u201d\n\nAlso, the SunplusIT firmware updater can successfully update a device even as a normal user, rather than requiring administrator access \u2013 a violation of best practices.\n\nEclypsium researchers also found that the firmware of the Wi-Fi adapter on Dell XPS 15 9560 laptops running Windows 10 has a bug. While Windows 10 will confirm that the drivers are correctly signed, that\u2019s where the security checks stop. So, if the drivers are correctly signed, a small certificate icon is displayed next to the driver when viewed in the device manager. If they aren\u2019t correctly signed, a user can still successfully load them \u2013 the icon merely goes away. This means that a privileged attacker could easily replace driver files.\n\nAnd finally, the researchers also took a look at the Linux Vendor Firmware Service, which is a secure portal that allows hardware vendors to upload firmware updates. An analysis showed multiple insecure updates and drivers.\n\n\u201cFrom this resource we can focus specifically on update protocols and easily review which are signed and which are not,\u201d the researchers wrote. \u201cWhile we can see that some of the update protocols are related to transport, many others are protocols used for the actual update process. For example, VLI USB Hub firmware is unsigned.\u201d\n\n## Vendor Response\n\nEclypsium researchers notified HP of the webcam firmware vulnerability on August 4, and Lenovo of the TouchPad/TrackPoint vulnerability on Lenovo on June 13.\n\n\u201cWe expect some vendors will issue CVEs, but none have as of yet,\u201d Jesse Michael, principal researcher at Eclypsium, told Threatpost. \u201cFor these peripherals, the OEMs (HP and Lenovo) have to work with their suppliers to develop fixes. From what we\u2019ve seen, most of these existing components were initially designed to have unsigned firmware, making them inherently vulnerable. Our interactions with these OEMs lead us to expect that future systems will have firmware update authentication requirements built in.\u201d\n\nEclypsium also reported the Wi-Fi issue to both Qualcomm, who provides the chipset and driver for the wireless card, and to Microsoft, which checks that such drivers are signed.\n\n\u201cQualcomm responded that their chipset is subordinate to the processor, and that the software running on the CPU is expected to take responsibility for validating firmware,\u201d Michael said. \u201cThey stated that there was no plan to add signature verification for these chips. However, Microsoft responded that it was up to the device vendor to verify firmware that is loaded into the device.\u201d The result is that this will likely go unaddressed, since each is pointing the responsibility back to the other.\n\nBottom line: Unsigned firmware in peripheral devices remains a highly overlooked aspect of cybersecurity, and provides multiple pathways for malicious actors to compromise laptops and servers.\n\n\u201cOnce firmware on any of these components is infected, the malware stays undetected by any software security controls,\u201d Michael said. \u201cDespite previous in-the-wild attacks, peripheral manufacturers have been slow to adopt the practice of signing firmware, leaving millions of Windows and Linux systems at risk of firmware attacks that can exfiltrate data, disrupt operations and deliver ransomware.\u201d\n\n**_Learn how Operational Technology and Information Technology systems are merging and changing security playbooks in this free Threatpost Webinar. Join us _**[**_Wednesday, Feb. 19 at 2 p.m. ET_**](<https://attendee.gotowebinar.com/register/2652328115100076035?source=art>)**_ when a panel of OT and IT security experts will discuss how this growing trend is shaping security approaches for IoT and 5G rollouts. This webinar is for security and DevOps engineers, IoT edge developers and security executives._**\n", "modified": "2020-02-18T11:00:08", "published": "2020-02-18T11:00:08", "id": "THREATPOST:815A85AC4471792F2F220EAD5DD49460", "href": "https://threatpost.com/lenovo-hp-dell-peripherals-unpatched-firmware/152936/", "type": "threatpost", "title": "Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs", "cvss": {"score": 0.0, "vector": "NONE"}}], "securelist": [{"lastseen": "2020-02-18T11:33:08", "bulletinFamily": "blog", "description": "![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2019/04/09094920/abstract-digital-blue-990x400.jpg)\n\n[AZORult](<https://securelist.com/azorult-analysis-history/89922/>) has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. \n\n[![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080117/azorult_protonvpn_01.png)](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080117/azorult_protonvpn_01.png>)\n\n_Screenshot of a fake ProtonVPN website_\n\nThe campaign started at the end of November 2019 when the threat actor behind it registered a new domain under the name **protonvpn[.]store**. The Registrar used for this campaign is from Russia. \n\nWe have found that at least one of the infection vectors is through affiliation banners networks ([Malvertising](<https://encyclopedia.kaspersky.com/glossary/malvertising/?utm_source=securelist&utm_medium=blog&utm_campaign=termin-explanation>)).\n\nWhen the victim visits a counterfeit website and downloads a fake ProtonVPN installer for Windows, they receive a copy of the Azorult botnet implant.\n\n[![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080121/azorult_protonvpn_02.png)](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080121/azorult_protonvpn_02.png>)\n\nThe Website is an HTTrack copy of the original ProtonVPN website as shown below.\n\n[![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080123/azorult_protonvpn_03.png)](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080123/azorult_protonvpn_03.png>)\n\nOnce the victim runs the implant, it collects the infected machine's environment information and reports it to the C2, located on the same **accounts[.]protonvpn[.]store ** server.\n \n \n {\n \"config: \": [\n \"MachineID :\",\n \"EXE_PATH :\",\n \"Windows :\",\n \"Computer(Username) :\",\n \"Screen:\",\n \"Layouts:\",\n \"LocalTime:\",\n \"Zone:\",\n \"[Soft]\",\n \"Host: User-Agent: Accept: ; charset=Content-Type: HTTP/1.0POST text/*utf-8text/htmlHTTP/Proxy-AuthenticateAcceptContent-TypeContent-Lengthrealmhttp::Connection::connect: using proxy %1%http::Connection::connect: testing %1% for proxy routing\"\n ]\n }\n\nIn their greed, the threat actors have designed the malware to steal cryptocurrency from locally available wallets (Electrum, Bitcoin, Etherium, etc.), FTP logins and passwords from FileZilla, email credentials, information from locally installed browsers (including cookies), credentials for WinSCP, Pidgin messenger and others.\n\n[![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080127/azorult_protonvpn_04.png)](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/02/17080127/azorult_protonvpn_04.png>)\n\nWe have been able to identify a few samples associated with the campaign:\n\nFilename | MD5 hash \n---|--- \nProtonVPN_win_v1.10.0.exe | cc2477cf4d596a88b349257cba3ef356 \nProtonVPN_win_v1.11.0.exe | 573ff02981a5c70ae6b2594b45aa7caa \nProtonVPN_win_v1.11.0.exe | c961a3e3bd646ed0732e867310333978 \nProtonVPN_win_v1.11.0.exe | 2a98e06c3310309c58fb149a8dc7392c \nProtonVPN_win_v1.11.0.exe | f21c21c2fceac5118ebf088653275b4f \nProtonVPN_win_v1.11.0.exe | 0ae37532a7bbce03e7686eee49441c41 \nUnknown | 974b6559a6b45067b465050e5002214b \n \nKaspersky products detect this threat as HEUR:Trojan-PSW.Win32.Azorult.gen", "modified": "2020-02-18T10:00:54", "published": "2020-02-18T10:00:54", "id": "SECURELIST:47DF82A394D0FF10D0C56839D8A239AE", "href": "https://securelist.com/azorult-spreads-as-a-fake-protonvpn-installer/96261/", "type": "securelist", "title": "AZORult spreads as a fake ProtonVPN installer", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2020-02-18T11:57:54", "bulletinFamily": "NVD", "description": "Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors.", "modified": "2020-02-18T06:15:00", "id": "CVE-2020-5530", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-5530", "published": "2020-02-18T06:15:00", "title": "CVE-2020-5530", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:57:53", "bulletinFamily": "NVD", "description": "Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.", "modified": "2020-02-18T04:15:00", "id": "CVE-2020-1842", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1842", "published": "2020-02-18T04:15:00", "title": "CVE-2020-1842", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:58:01", "bulletinFamily": "NVD", "description": "CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.", "modified": "2020-02-18T04:15:00", "id": "CVE-2020-8010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8010", "published": "2020-02-18T04:15:00", "title": "CVE-2020-8010", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:58:01", "bulletinFamily": "NVD", "description": "CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.", "modified": "2020-02-18T04:15:00", "id": "CVE-2020-8011", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8011", "published": "2020-02-18T04:15:00", "title": "CVE-2020-8011", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:58:01", "bulletinFamily": "NVD", "description": "CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.", "modified": "2020-02-18T04:15:00", "id": "CVE-2020-8012", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8012", "published": "2020-02-18T04:15:00", "title": "CVE-2020-8012", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:57:53", "bulletinFamily": "NVD", "description": "GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands.", "modified": "2020-02-18T03:15:00", "id": "CVE-2020-1790", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1790", "published": "2020-02-18T03:15:00", "title": "CVE-2020-1790", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:57:53", "bulletinFamily": "NVD", "description": "Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation.", "modified": "2020-02-18T03:15:00", "id": "CVE-2020-1843", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1843", "published": "2020-02-18T03:15:00", "title": "CVE-2020-1843", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:57:53", "bulletinFamily": "NVD", "description": "Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential.", "modified": "2020-02-18T03:15:00", "id": "CVE-2020-1789", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1789", "published": "2020-02-18T03:15:00", "title": "CVE-2020-1789", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:57:53", "bulletinFamily": "NVD", "description": "HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. Due to improperly validation of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations.", "modified": "2020-02-18T03:15:00", "id": "CVE-2020-1812", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1812", "published": "2020-02-18T03:15:00", "title": "CVE-2020-1812", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-18T11:57:53", "bulletinFamily": "NVD", "description": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode.", "modified": "2020-02-18T03:15:00", "id": "CVE-2020-1791", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1791", "published": "2020-02-18T03:15:00", "title": "CVE-2020-1791", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2020-02-18T14:50:57", "bulletinFamily": "unix", "description": "Package : libgd2\nVersion : 2.1.0-5+deb8u14\nCVE ID : CVE-2018-14553\nDebian Bug : 951287\n\n\nA vulnerability was discovered in libgd2, the GD graphics library,\nwhereby an attacker can employ a specific function call sequence to\ntrigger a NULL pointer dereference, subsequently crash the application\nusing libgd2, and create a denial of service.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n2.1.0-5+deb8u14.\n\nWe recommend that you upgrade your libgd2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2020-02-18T02:02:00", "published": "2020-02-18T02:02:00", "id": "DEBIAN:DLA-2106-1:26506", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202002/msg00014.html", "title": "[SECURITY] [DLA 2106-1] libgd2 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "kitploit": [{"lastseen": "2020-02-18T04:39:15", "bulletinFamily": "tools", "description": "** GoSpider ** \\- Fast web [ spider ](<https://www.kitploit.com/search/label/Spider> \"spider\" ) written in Go \n \n** Installation ** \n\n \n \n go get -u github.com/jaeles-project/gospider\n\n \n** Features ** \n\n\n * Fast web crawling \n * Brute force and parse sitemap.xml \n * Parse robots.txt \n * Generate and verify link from JavaScript files \n * Link Finder \n * Find AWS-S3 from response source \n * Find [ subdomains ](<https://www.kitploit.com/search/label/Subdomains> \"subdomains\" ) from response source \n * Get URLs from Wayback Machine, Common Crawl, Virus Total, Alien Vault \n * Format output easy to Grep \n * Support Burp input \n * Crawl multiple sites in parallel \n * Random mobile/web User-Agent \n \n** Showcases ** \n \n\n\n[ ![](https://1.bp.blogspot.com/-2s8mkcRylHk/Xksub7oiNMI/AAAAAAAARtQ/S4w3Pc_g71kwNrWBPa3qIUMNRv6Oj-IcwCNcBGAsYHQ/s640/301827.png) ](<https://asciinema.org/a/301827>)\n\n \n** Usage ** \n\n \n \n Fast web spider written in Go - v1.1.0 by @theblackturtle\n \n Usage:\n gospider [flags]\n \n Flags:\n -s, --site string Site to crawl\n -S, --sites string Site list to crawl\n -p, --proxy string Proxy (Ex: http://127.0.0.1:8080)\n -o, --output string Output folder\n -u, --user-agent string User Agent to use\n web: random web user-agent\n mobi: random mobile user-agent\n or you can set your special user-agent (default \"web\")\n --cookie string Cookie to use (testA=a; testB=b)\n -H, --header stringArray Header to use (Use multiple flag to set multiple header)\n --burp string Load headers and cookie from burp raw http request\n --blacklist string Blacklist URL Regex\n -t, --threads int Number of threads (Run sites in parallel) (default 1)\n -c, --concurrent int The number of the maximum allowed concurrent requests of the matching domains (default 5)\n -d, --depth int MaxDepth limits the recursion depth of visited URLs. (Set it to 0 for infinite recursion) (default 1)\n -k, --delay int Delay is the duration to wait before creating a new request to the matching domains (second)\n -K, --random-delay int RandomDelay is the extra randomized duration to wait added to Delay before creating a new request (second)\n -m, --timeout int Request timeout (second) (default 10)\n --sitemap Try to crawl sitemap.xml\n --robots Try to crawl robots.txt (default true)\n -a, --other-source Find URLs from 3rd party (Archive.org, CommonCrawl.org, VirusTotal.com)\n -w, --include-subs Include subdomains crawled from 3rd party. Default is main domain\n -r, --include-other-source Also include other-source's urls (still crawl and request)\n --debug Turn on debug mode\n -v, --verbose Turn on verbose\n --no-redirect Disable redirect\n --version Check version\n -h, --help help for gospider\n\n \n** Example commands ** \n \n** Run with single site ** \n\n \n \n gospider -s \"https://google.com/\" -o output -c 10 -d 1\n\n \n** Run with site list ** \n\n \n \n gospider -S sites.txt -o output -c 10 -d 1\n\n \n** Run with 20 sites at the same time with 10 bot each site ** \n\n \n \n gospider -S sites.txt -o output -c 10 -d 1 -t 20\n\n \n** Also get URLs from 3rd party (Archive.org, CommonCrawl.org, VirusTotal.com, AlienVault.com) ** \n\n \n \n gospider -s \"https://google.com/\" -o output -c 10 -d 1 --other-source\n\n \n** Also get URLs from 3rd party (Archive.org, CommonCrawl.org, VirusTotal.com, AlienVault.com) and include subdomains ** \n\n \n \n gospider -s \"https://google.com/\" -o output -c 10 -d 1 --other-source --include-subs\n\n \n** Use custom header/cookies ** \n\n \n \n gospider -s \"https://google.com/\" -o output -c 10 -d 1 --other-source -H \"Accept: */*\" -H \"Test: test\" --cookie \"testA=a; testB=b\"\n \n gospider -s \"https://google.com/\" -o output -c 10 -d 1 --other-source --burp burp_req.txt\n\n \n** Blacklist url/file extension. ** \n** P/s ** : gospider blacklisted ` .(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|ico) ` as default \n\n \n \n gospider -s \"https://google.com/\" -o output -c 10 -d 1 --blacklist \".(woff|pdf)\"\n\n \n \n\n\n** [ Download Gospider ](<https://github.com/jaeles-project/gospider> \"Download Gospider\" ) **\n", "modified": "2020-02-18T00:24:35", "published": "2020-02-18T00:24:35", "id": "KITPLOIT:9141899868061668982", "href": "http://www.kitploit.com/2020/02/gospider-fast-web-spider-written-in-go.html", "title": "Gospider - Fast Web Spider Written In Go", "type": "kitploit", "cvss": {"score": 0.0, "vector": "NONE"}}]}