SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VoIP)  >   NBX (Telephony System) Vendors:   3Com
3Com SuperStack 3 NBX and NBX 100 Telephony Systems Can Be Crashed By Remote Users Sending FTP Commands
SecurityTracker Alert ID:  1005732
SecurityTracker URL:  http://securitytracker.com/id/1005732
CVE Reference:   CVE-2002-2300   (Links to External Site)
Updated:  Jun 8 2008
Original Entry Date:  Dec 2 2002
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 4_1_4 and prior versions (using ftpd version 5.4 or 5.4.2 or possibly others)
Description:   A denial of service vulnerability was reported in 3Com's SuperStack 3 NBX and NBX 100 voice-over-IP telephony systems. A remote user can crash the system.

A remote user can cause the system's FTP server to crash by sending the following type of command, with a string that is 2048 bytes in length:

CEL aaaa[...]aaaa

A remote user can disable the FTP server as well as the web-based administrative console and the call manager. This will reportedly disable all calls. According to the report, calls that are in progress at the time of the crash cannot be disconnected.

A hard reboot (power-cycle) is required to return the system to normal operations.

The underlying vulnerability resides in VxWorks 5.2 and 5.3.

SECNAP Network Security reported this vulnerability.

Impact:   A remote user can crash the system.
Solution:   The vendor issued an updated advisory on July 7, 2006 indicating that a fix (Release 4.5) is available for the CS 1000 R2.0.

The Nortel advisory number is 2005006034.2.

The underlying vulnerability has been corrected in VxWorks 5.4 and later versions.

The Call Sever - SSC (Small System controller - Option 11C) and Call Sever based on CP3/CP4 (Motorola Processor), both of which use older versions of VxWorks, are still vulnerable. The vendor indicates that the FTP server is only used for software upgrades and not for call processing and, therefore, represents a low risk in these older versions.

Vendor URL:  www.3com.com/products/en_US/prodlist.jsp?tab=cat&pathtype=purchase&cat=23&selcat=Telephone+Systems+%26%2338%3B+Applications&family=135 (Links to External Site)
Cause:   Boundary error

Message History:   None.


 Source Message Contents

Subject:  [Full-Disclosure] [VU#317417] Denial of Service condition in vxworks ftpd/3com nbx


This is a multi-part message in MIME format.

------_=_NextPart_001_01C29A2D.4379BC14
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 8bit            

Information:
Name:  3com NBX IP phone system Denial of Service Attack
Systems: 3com NBX IP Phone Call manager, FW Versions  through 4_1_4
Severity:  Critical
Category: Denial of Service
Classification: Boundary Condition Error
Vendor URL:   http://www.3com.com
Author:   Michael S. Scheidell (scheidell@secnap.net)
Date:   December 2nd, 2002
Notifications: (3com, WindRiver and CERT) Notified October 31st, 2002
Contact with 3com October 31st, November 1st, 5th, 6th, 15th and November 22nd
Contact with WindRiver: October 31st, November  6th, 22nd, and 24th. No response from WindRiver.

Discussion: (From 3com's and WindRiver's web site)

 communications for up to 1500 devices (lines/stations) Ensures high system availability with the Wind River VxWorks real-time operating
 system (also used in pacemakers and artificial hearts), so server and PC downtime does not impact your telephone service.

VxWorks and pSOSystem are the most widely adopted real-time operating systems (RTOSs) in the embedded industry -- for good reason.
 They are flexible, scalable, reliable, and available on all popular CPU platforms. They are also, by most measures, the fastest RTOSs
 available today. 

Exploit:

It was possible to make the remote FTP server crash by issuing this command :
        CEL aaaa[...]aaaa where string is 2048 bytes long.  This can be done with netcat,
        a windows client by telnetting to the nbx server on port 21 or by running the aix_ftpd.nasl test
        in nessus (www.nessus.org)

The 3com NBX uses VXWORKS Embedded Real time Operating system and what appears to be their own internal ftp server. This buffer overflow
 problem seems to be one similar to the AIX ftpd reported in CVE 1999-0789 and bugtraq id 679.

By sending a specific string of data to the ftp server, an attacker can disable not only the ftp server, but the integrated web based
 administrative console and the call manager preventing diagnostics, control and all incoming, outgoing or internal calls.  Any calls
 in progress cannot be disconnected, and in the case of long distance calls, could result in excessive long distance bills and extended
 loss of use of the phone system.

This condition is not recovered without a Hard reboot (power off/on).  Since the 3com nbx is based on an embedded *nix operating system,
 and abrupt power off could cause loss of data, including corruption of voice mails in progress or logs.

A company who uses the VoIP features for remote locations, and who has the call manager located on the outside of their firewall,
 or has no firewall can have their voice communications disrupted easily.  Even if the company has call manager located on internal
 network, people with internal network access can also disrupt communications.

We have tested 3com nbx firmware version 4_0_17 (with ftpd version 5.4) and nbx firmware version 4_1_4 (ftpd version 5.4.2) and this
 bug seems to be present in both systems.

Vendor Response:
3com confirmed problem and received a field patch, TSR(296292) from vxworks to address the problem.  Neither WindRiver nor 3com has
 provided a test bed or access to a fixed system for us verify fix.  3com will be working to integrate this TSR into a future release
 of the nbx build but has no date yet for release. Also, since ftpd is only used for debugging and diagnostics, a future firmware
 will allow the administrator the ability to turn off ftpd if not used.

Please contact 3com for further information.

Solution:
There is no known fix.  If you have information about a fix, please contact security@secnap.net

There appears to be on way to turn off the build in ftp server in this version of the software, no way to do ip address limits via
 tcp wrapper or acls, and if there is a build in firewall, there is no documented way to access it.  The only way we know of to prevent
 a denial of service attack on the 3com nbx is to place it behind its own firewall.  If call manager is placed on the Internet side
 of the firewall or in the DMZ, care should be taken to prohibit any access to ftp port (tcp port 21) This may be impossible on an
 internal network unless 3com nbx is itself placed behind a firewall, or on a separate VLAN or network segment.

Care should be taken in this approach, since some firewalls may interfere with the VoIP operations.
(see Firewall limits vex VoIP users http://www.nwfusion.com/news/2002/0625bleeding.html )

Credit:
This problem was originally found during a routine security audit by Michael Scheidell, SECNAP Network Security, www.secnap.net using
 the Nessus vulnerabilities scanner, www.nessus.org.

Additional Information:
A tcpdump/pcap packet of the sploit and ftpd/nbx response can be found at
http://www.secnap.net/private/nbx.pcap

A copy of this report can be found at http://www.secnap.net/security/nbx001.html
and at http://www.kb.cert.org/vuls/id/317417
If you have snort or ISS's trons IDS, a signature to detect this attack can be found at
http://www.snort.org/snort-db/sid.html?sid=337

To test your systems for this vulnerability, you can use Nessus at www.nessus.org.  Either update your signatures, or download this
 nessus signature: vxworks_ftpd.nasl http://cgi.nessus.org/plugins/dump.php?id=11185

For a report on Security Risk Factors with IP Telephony based Networks see:
'http://www.sys-security.com/archive/papers/Security_Risk_Factors_with_IP_Telephony_based_Networks.pdf'

Also reference article "is VoIP vulnerable"? http://www.nwfusion.com/news/2002/0624voip.html 

Copyright:
Above Copyright(c) 2002, SECNAP Network Security, LLC.  World rights reserved.

This security report can be copied and redistributed electronically provided it is not edited and is quoted in its entirety without
 written consent of SECNAP Network Security, LLC.  Additional information or permission may be obtained by contacting SECNAP Network
 Security at 561-368-9561 or at www.secnap.com

-- 
Michael  S. Scheidell
SECNAP Network Security www.secnap.com
scheidell@secnap.net  / 1+561.368.9561, 1131


------_=_NextPart_001_01C29A2D.4379BC14
Content-Type: application/ms-tnef;
	name="winmail.dat"
Content-Transfer-Encoding: base64

eJ8+IiQSAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy
b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEEgAEAQQAAAFtWVSMzMTc0MTddIERlbmlh
bCBvZiBTZXJ2aWNlIGNvbmRpdGlvbiBpbiB2eHdvcmtzIGZ0cGQvM2NvbSBuYngACRYBBYADAA4A
AADSBwwAAgANAAQAHwABABgBASCAAwAOAAAA0gcMAAIADQAEAB8AAQAYAQEJgAEAIQAAADZCNTVD
QTUzNzBFMERGNDQ4RkREQUQ4N0U3QTk1ODY2AGUHAQOQBgBwFgAAMwAAAAsAAgABAAAAAwAmAAAA
AAALACsAAAAAAAIBMQABAAAAnwEAAFBDREZFQjA5AAEAAgCHAAAAAAAAADihuxAF5RAaobsIACsq
VsIAAEVNU01EQi5ETEwAAAAAAAAAABtV+iCqZhHNm8gAqgAvxFoMAAAAU0VDTkFQMgAvbz1TRUNO
QVAvb3U9Zmlyc3QgYWRtaW5pc3RyYXRpdmUgZ3JvdXAvY249UmVjaXBpZW50cy9jbj1TY2hlaWRl
bGwALgAAAAAAAADQI8GuH8OrR6Wh+gTHK7QxAQCzvK9CRqioSYOoDatQ/nJCAAAAABeUAABGAAAA
AAAAANAjwa4fw6tHpaH6BMcrtDEHALO8r0JGqKhJg6gNq1D+ckIAAAAAF5QAALO8r0JGqKhJg6gN
q1D+ckIAAAAA2PUAAC4AAAAAAAAA0CPBrh/Dq0elofoExyu0MQEAs7yvQkaoqEmDqA2rUP5yQgAA
AAFf3AAAEAAAAGtVylNw4N9Ej92th+epWGZBAAAAW1ZVIzMxNzQxN10gRGVuaWFsIG9mIFNlcnZp
Y2UgY29uZGl0aW9uIGluIHZ4d29ya3MgZnRwZC8zY29tIG5ieAAAAwA2AAAAAABAADkAFLx5Qy2a
wgEeAD0AAQAAAAEAAAAAAAAAAgFHAAEAAAAuAAAAYz11czthPSA7cD1TRUNOQVA7bD1TRUNOQVAy
LTAyMTIwMjE4MDQzMVotNTA2AAAAHgBwAAEAAABBAAAAW1ZVIzMxNzQxN10gRGVuaWFsIG9mIFNl
cnZpY2UgY29uZGl0aW9uIGluIHZ4d29ya3MgZnRwZC8zY29tIG5ieAAAAAACAXEAAQAAABYAAAAB
wpotRfgqBRD+tkhBOJqD7eGdDokEAAAeABoMAQAAABUAAABNaWNoYWVsIFMuIFNjaGVpZGVsbAAA
AAAeAB0OAQAAAEEAAABbVlUjMzE3NDE3XSBEZW5pYWwgb2YgU2VydmljZSBjb25kaXRpb24gaW4g
dnh3b3JrcyBmdHBkLzNjb20gbmJ4AAAAAAIBCRABAAAAxA4AAMAOAACYGgAATFpGddZyiB4DAAoA
cmNwZzEyNRYyAPgLYG4OEDAzM48B9wKkA+MCAHBycQ5QCGZjaArAc2V0MFYgBxMCgH0KgXYIkHfS
awuAZDQMYGMAUAsDUQu1IEluAhByAMB0mmkCIDoKogqATmEHgFA6ICAzBaBtB7BCQlgUIFAgcGgC
IGVAIHN5c3RlFfBEYwnwBzEgb2YGUhKAY+0WwEECQADQaxT0BrAXAtZzFZAVylAWk0MHQAMgCQOB
YWcEkCwgRlc8IFYEkACQAiAEICB0AmgDYHVnaCA0X0wxXxMAGORldgZxdPp5FZFDHgEN4AdAFPQa
4P0XEGcFsB4xF18e9QtgBBDnBpAesRSjIEIIYBLgCsA2eRrQAiBkHpECICBFenIDYHIU9BvwEuAF
sVUkUkwVkSBoAkBwOqgvL3clkC4Vwi4V0bkU9EF1HJAFsCTiTQ3gZRFQZQMgUy4GABFAZbZpAQAb
ASgE8CglQBGAkmMbUHAuFrB0KRT0fkQfYSTiH/AYQAbQBJAgbjIS4BugAdAwDlAVBG+3FKAhxhmR
KBXCG6BXEtFUUmkd4SAAcGQa0EU4UlQpB7AscwmAIE/IY3RvKzIzMRcAK6r/IvEYkQVAA/AckBW0
L5wsYLcd4CsjMCM1HJAboDY0Au4xM/EuUzMXMitxML8c8P8txxWQMj8rFDQ0NbIboC5iXDI0HJAn
4CxgIAlwc95wHEEWwANSLbguFPQqBZkEAGN1IZEiIihGO3I9FcInBCAuYi3HPnF3ZXZiFtAeEGUp
9TxYCzBz5mIPQAFAc2FBcRWwCFBNJkAnJ5AGAHVwBJBT+xiTQmIzFgJCUy5iQhIWA2tB0inBdwWw
ay9hFxBs9mUWgiLQcwbwJsAcMxfAzmYrQQPwAQAtcg8RC4BuZxZwBRAYQC9CwRRTbv8YQQdAFxAE
oBSRHeAEIC+wkztQHhAgeQhhIGI9UP8LgAeQBCAWsAmASiIioCLQ/y5iL7AEYCOhJbBCD0MfB7G1
RWZURfdTRpUf4WwuEk8EIANgSwEwQWZ1GwAtv0dAFJAIcC9hSwcV0W0igP8stjtQBbFN0EoyNJBB
4QEA2xgiBCAoUUBLQS8XACzUnS7gRQCAUsEEIGhpHOHZFuVhdgtwC2BiAxAeET8xhByQFsAtwgfw
LhNWeP5XRYFRkVKQUmAUoAeAF7DvTeEUkUghFuUoB0BGgFTAvxGALoALgBZwANAXIGFFoP9RgS5i
CsAsgxeCKCBeYVbgnxugXMERgBgQLjVQQ1Vw30zwAjBbQiRwB5FuLHBdMP5tXXFKlUXmFsEYBDxA
VhKPCvUkA1p1LmJwU08ZNL9eURbAWXIEYBcAR3NsTDH/JHAFMC9hWu9b91XhLsBlkG9W4V1BWXIr
EmQBAF0iZPNR4SLBLS1Ugx+QBHBnwvVGgG4n4FQoIEwxZiEO8OhleGkCYGVfgR7BAaD/bdIJcFFA
blReI1hkRgAXsDcDoBryOwBwUkAKwUNQ3lUWcAtgADAUYXNsyVyi/RugYiLQZpMHgCGAV0IboP1Z
cmYhgBcQZrFpo2+JS/PTJ+A8WkV4C1BvHhAU5f0U9EkxcSGAcJEhkXWkGyG/RaBZYwlwBGAXEBuw
VBZgv1/VBQAhgBzwcwEEAXVIEv8ckAQAU5MuYhTlJPF9gy6gpkwuUH5BWy5+kF1+Qn8xgCggZiFr
UUgSfGEB0DT2OHLxdJEgCQAPICfgbNH/fGIDkSswYKEWsTGTKcEh4f4sfSx/ARLRTPBTgVFACfB/
BUBzAUXhKcFb00pBWXJufGJ4X8YjYTsAACArYDH3F7BK4SLQciKAAwB8E0QRyGl4XwGAcGQpsCGA
/wMgdJJ9LF1BS0I9UCiQJZL1iwQuBbBnQCts4RW4XPGBBCBWWFdPUksF8LpFapZSZ+EcgGgyT1ue
7y5ifyAUkC5QcE3gEWFKMvuB0VlxaYbhYNBdMUmTAyD/iRFfxWzCfGFLAEczMyFI0P8JAAfgEOAv
wEYAFfARgGlSP5IkFqMHcFiBYnGF9EFJHxYwiRI6wYcyXRRDVkUFM5A5mdAtMDc4OcsuU0sAZ2tg
YXFdMC6A6DY3OTxLQkZhJFFIEv9/ADrwBZAhsn92F8EioAGQ/4XWk7g54i5QGIN7AgORIyD/QbBv
8mGSAiBnIZ7eSwAFQL9ZcpMiCcAfYZExP7FiIYD/L2FnUJdgAwBrUUnTU5EAgP8G8EQUWXIewRsX
SEEd0WDh/0ghIyAbYGGQFwAN4HPxpaH/a2AG8F4UGwELgBXRSBEboP0IYHQfkJ3jBcCTJ6aiceH/
EcBGUavjXTMDYAnBU3IAcP9hkoHSPSECIBawL6AJgDnk/2oVHsA7MRfBgNKgwgGQSTL/q+Oo0lJA
Z7JXMEmAXTJtkP9VwQCQpXGwfFixrNEuYm2Q/xcQEuAvYQkABBEXwVzxF7L/WXIWijxLgUQjB3xh
YZIJcL8FoB3ho+IxoaqRg+FICxH3OsEG4GGhKDsAP6CG4QEg6i8CICmBEVOp8WY0FcO/hlKUkqRj
cDKyoWqWKgMA94ZwW45vNWKIEAUxu6extf8ewLXytXaeUhugqfEKQJyz7wWhwSIjUhfBdndQGEEA
wG8DEKzsBbEJAGdx4DxaQX9TkgqwRlF/IFzTSiFZgVb+bxZRUoVUdHoVCQAsxTnk/8iSEVDJBKar
yvO+NFlyqpH/AJABALYlkrEhwAlweIAbAP+qcQXAzCJhkM9ngYMRUKVx/5KExTRTraDRwSIvYWxx
AxD/diEjgKehXTC2RMgWzCLMr//NtZMnRUUboE3gW4BwATGT+9e+LlBjsuKBg1yj04VTnf08S1cW
wNGEdKEvYb1Hz3G+bXiAZiFRYiNSHRAwHSAeN4thMaKYc9/mNS40fy7gLmLfH+AkHTEokOE+Lv4y
4jR8Q5qhljuncZyBsnP/BuAxsWkVPEskRY9gOvQU5f8Vw6Wh4tIvYZXGLmK5kSgw/x3gXkFKYSeg
ZVEUkBFAG6CAVFNSKDI5Nu4wc+VhO2N2eEVySiNnUGT/rXO2Y5XUgREHwDGhK0EtyP9hkC/xFdLM
IpXBEoBq0p6Bv3SiaqGHotql74JKYXgvYe8W5VSTBCAd4mYi0PUxgRH/FcMD8BsBgdFFcoWlo2d8
NP/t8ZMS9PMmwFLBbqJscbYX/4ZSSwADEFLyBUDQRZ5RFsDeeRGQyjX68yfgQXKzSyH/GEGYc3xh
oZNc81SSDtCaof9IAy5iqCv6R+LX95Ma8ZWR/4iTpMjpoYiTWLWF4ghwxOK/F9D/NBfQYZJc8jxL
UPr0/6jyMVIVw1SSUjBecPFS/uB/FFc8S1CWFOVs4WYhuSMg7mthkJLx9uRJF9BKsdF0/wqJwPG6
dPUx2LEInClRBjD/HhEpSYx9cnKRuyNheIAF3P9ZcvwEXUGfGGoEfGHf5rY1/0aAnxDfkhug0IEV
FSRwXTD/VODvtlFAl2BfUMUgbuCPoPpjVOB3R9CRsYbh9FKxgv+vQ7ZDDSR/ABZYz4cdl/zi/csA
dY/QkzGRMRUk2qUSAP+BE3ASZyEVEj+gDaO2Izqw/6d1g+EoUIhAj4GeIWM1n/X/zea9SiOScOBJ
QUqBKzBXkP+vUhthDdTPlA5Epqt8YSdT/c3XSZMz/XHOmdCoqyNZY/hETVqo0WYSe2DCI5JS913B
aiEjom9XkFiwupFQYff0eJ8ShzMoG9KHNeIwgUP/xZBrgIHRYdF41r5k2Z/S0P9GANrhvUobUe1A
wfAqtSflP+0Cz5kPwl/BZBH5IlZM3EFOh6LaJhJAZyByB7v+Qy5/1NIXpZGh8xDaoO3B//7URoCP
0c92MvSTI0dBgjX3ySdbhdzYKJZBenDQxhsmL7LAyVRc8VGBaIWAcDq0Ly+Lg3dSMOASLo2BFi+2
0IRgL4AgMDIvujDuUDWhEb7wW+EuRQD2balQjGtDUtF3Z4FDlcb/eILpoFeg/uBwYfbBunABQv8R
4ZzT8xBQwWMDEdRgMMPx/YTjTQHw1fDtQLyQ7bDPMINnAc/hU0VDTkF6oPvxENpEUxHF7dCLghJI
XOH3iFbxEIsjdrJQttAcIAWD/4SwXgBuEa6xn6GLjMcsasD/uMOPgSuQD1cMhcfwG9FrMPlh4C9w
biAxcaAyoXEYpf93M2AziRJGcIZhrXHqA4GG/0uk0xB9JEUJEkhYkBHwb6DbkNBawi5Yosc+cGuA
tjP/fGGYxFueRPpdqRG2WsJG4J4xR+N9JMDDYltrYkYwd6uAIdCMMS9S8Uaw80AvujPgoDTgoHf1
Dolz8jHDoXHpsElTUycxAfMQ8dNRSURTAiJ48KhQydP/GgOCsK7RPaUllFuvXL5pYuNnA2lTLWRi
Y8DzQEfj4j/OkT0zM2gljNWX0f90og6h6bDoJfXzF8RTCVDB/w6igZK18lKFkXFUjdSR8TT/2+D9
FHKTayYCEQBikuHC0O8aoHw0iwVrFzru9okJRQX+YwDgi7lYkAwgAOFGsFhSUV8AaHA/cOExfyA4
+jUHykb0QmD2D8FQVo9Q+7PA2oBGCTHpoLSA4OPJgf5U+uG2ojMxpGNP1VPRllDtDIUnYnqQsC0R
tkYzl5Bf7bDx4ViQEoDf8S9QVl9VgcJfghVf4OJfyYBfNYMXX6RTX4QWXwBkZv4nxzvbYvrQQIK0
ApeQAeE9NAEiuFHJY1L2NcAiP/dE/0YPRxI00jESkEfzO3t/YEFLAY9AV5a7QKVxkwcoHmPiMEbS
T09QWExMQ/33EVfpoLHyk1Jg4hcjB6z/uDNNF2EMYDHtMOzh7EOwwv8R8Pxh0/I1wK7galHS8Uti
P/MHJ7G5JUkym6W4UXF1/8qxr2MbUqey+tAFwbo2HBD/EgC1AaWT52LDIZWflqxWOf8POumhv7Gq
MLMBD8EzFevQ/wkgTNH8QayBCQTAAqMfTTYBupA1NjEtMzY4/C05quH0M3YUEkXq0QfK/C0tkjVO
NryQ9xBOtwul/6lPTUSsH4URU/BO1RI59yBQLyAxK6rhLqshLl+rYu3QfyBn0AfKfYUgAAG2cB4A
NRABAAAAPAAAADxCM0JDQUY0MjQ2QThBODQ5ODNBODBEQUI1MEZFNzI0MjAxQjI2QUBzZWNuYXAy
LnNlY25hcC5jb20+AAMAgBD/////CwDyEAEAAAAfAPMQAQAAAI4AAABbAFYAVQAlADIAMwAzADEA
NwA0ADEANwBdACAARABlAG4AaQBhAGwAIABvAGYAIABTAGUAcgB2AGkAYwBlACAAYwBvAG4AZABp
AHQAaQBvAG4AIABpAG4AIAB2AHgAdwBvAHIAawBzACAAZgB0AHAAZAD/+DMAYwBvAG0AIABuAGIA
eAAuAEUATQBMAAAAAAALAPYQAAAAAEAABzAGlXJDLZrCAUAACDDkzoxDLZrCAQMA3j+vbwAAAwDx
PwkEAAAeAPg/AQAAABUAAABNaWNoYWVsIFMuIFNjaGVpZGVsbAAAAAACAfk/AQAAAF8AAAAAAAAA
3KdAyMBCEBq0uQgAKy/hggEAAAAAAAAAL089U0VDTkFQL09VPUZJUlNUIEFETUlOSVNUUkFUSVZF
IEdST1VQL0NOPVJFQ0lQSUVOVFMvQ049U0NIRUlERUxMAAAeAPo/AQAAABUAAABTeXN0ZW0gQWRt
aW5pc3RyYXRvcgAAAAACAfs/AQAAAB4AAAAAAAAA3KdAyMBCEBq0uQgAKy/hggEAAAAAAAAALgAA
AAMA/T/kBAAAAwAZQAAAAAADABpAAAAAAB4AMEABAAAACgAAAFNDSEVJREVMTAAAAB4AMUABAAAA
CgAAAFNDSEVJREVMTAAAAB4AOEABAAAACgAAAFNDSEVJREVMTAAAAB4AOUABAAAAAgAAAC4AAAAD
AAlZAwAAAAsAZoEIIAYAAAAAAMAAAAAAAABGAAAAAA6FAAAAAAAAAwB+gQggBgAAAAAAwAAAAAAA
AEYAAAAAUoUAAD9xAQAeAH+BCCAGAAAAAADAAAAAAAAARgAAAABUhQAAAQAAAAQAAAA5LjAAAwDC
gQggBgAAAAAAwAAAAAAAAEYAAAAAAYUAAAAAAAALAMeBCCAGAAAAAADAAAAAAAAARgAAAAADhQAA
AAAAAAMAzIEIIAYAAAAAAMAAAAAAAABGAAAAABGFAAAAAAAAAwDRgQggBgAAAAAAwAAAAAAAAEYA
AAAAEIUAAAAAAAADANiBCCAGAAAAAADAAAAAAAAARgAAAAAYhQAAAAAAAAsA8oEIIAYAAAAAAMAA
AAAAAABGAAAAAAaFAAAAAAAACwApAAEAAAALACMAAQAAAAMABhDRq2LFAwAHEBUUAAADABAQAAAA
AAMAERAAAAAAHgAIEAEAAABlAAAASU5GT1JNQVRJT046TkFNRTozQ09NTkJYSVBQSE9ORVNZU1RF
TURFTklBTE9GU0VSVklDRUFUVEFDS1NZU1RFTVM6M0NPTU5CWElQUEhPTkVDQUxMTUFOQUdFUixG
V1ZFUlNJTwAAAAACAX8AAQAAADwAAAA8QjNCQ0FGNDI0NkE4QTg0OTgzQTgwREFCNTBGRTcyNDIw
MUIyNkFAc2VjbmFwMi5zZWNuYXAuY29tPgCt2A==

------_=_NextPart_001_01C29A2D.4379BC14--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC