ISS Security Alert Summary AS04-07
From: X-Force (xforce_at_iss.net)
Date: 02/16/04
- Previous message: X-Force: "ISS Security Brief: Microsoft ASN.1 Integer Manipulation Vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net Date: Mon, 16 Feb 2004 13:48:51 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS04-07
February 16, 2004
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS04-07
_____
Contents:
* 56 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 02/10/2004
Brief Description: Microsoft Windows Server 2003 WINS /GS flag denial
of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2000 Any version, Windows NT 4.0, Windows
Server 2003 Any version
Vulnerability: win-wins-gsflag-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15037
Date Reported: 02/10/2004
Brief Description: Microsoft Windows ASN.1 Library buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows XP, Windows 2000 Any version, Windows NT
4.0, Windows NT 4.0 TSE, Windows Server 2003 Any
version
Vulnerability: win-asn1-library-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15039
Date Reported: 02/06/2004
Brief Description: DreamFTP Server username format string
Risk Factor: Low
Attack Type: Network Based
Platforms: DreamFTP Server 1.02, Windows Any version
Vulnerability: dreamftp-string-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/15070
Date Reported: 02/06/2004
Brief Description: Sambar Server HTTP POST request buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Sambar Server 6.0, Windows Any
version
Vulnerability: sambar-http-post-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15071
Date Reported: 02/06/2004
Brief Description: Linux-VServer allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Linux-VServer prior to 1.25
Vulnerability: linux-vserver-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15073
Date Reported: 02/07/2004
Brief Description: Palace long server address buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Macintosh Any version, Palace
3.5 and earlier, Unix Any version, Windows Any
version
Vulnerability: palace-server-address-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15074
Date Reported: 02/06/2004
Brief Description: Matrix FTP Server login and issue FTP LIST denial
of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Matrix FTP Server Any version,
Windows Any version
Vulnerability: matrixftp-login-list-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15075
Date Reported: 02/08/2004
Brief Description: PHP-Nuke News and Reviews modules cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, PHP-Nuke 6.x though 7.1.0, Unix
Any version, Windows Any version
Vulnerability: phpnuke-mulitple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15076
Date Reported: 02/09/2004
Brief Description: Clam AntiVirus uuencoded message denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Clam AntiVirus 0.65, Linux Any version, Unix Any
version
Vulnerability: clam-antivirus-uuencoded-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15077
Date Reported: 02/09/2004
Brief Description: Microsoft Internet Explorer vb script reports
different errors to obtain information
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer Any version, Windows
Any version
Vulnerability: ie-error-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15078
Date Reported: 02/06/2004
Brief Description: Jack's FormMail.php PHP file upload
Risk Factor: Medium
Attack Type: Network Based
Platforms: Jack's FormMail.php Any version, Linux Any version,
Unix Any version, Windows Any version
Vulnerability: jack-formmail-file-upload
X-Force URL: http://xforce.iss.net/xforce/xfdb/15079
Date Reported: 02/09/2004
Brief Description: PHP-Nuke public message feature SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, PHP-Nuke 6.x though 7.1.0, Unix
Any version, Windows Any version
Vulnerability: phpnuke-publicmessage-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15080
Date Reported: 02/08/2004
Brief Description: TrackMania denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, TrackMania Demo
version
Vulnerability: trackmania-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15081
Date Reported: 02/08/2004
Brief Description: Eggdrop share.mod module allows unauthorized access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Eggdrop 1.6.x - 1.6.15, Linux Any version, Unix Any
version, Windows Any version
Vulnerability: eggdrop-sharemod-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15084
Date Reported: 02/09/2004
Brief Description: Resin index.jsp information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Resin 2.1.12, Windows 2000 Any version, Windows NT
Any version
Vulnerability: resin-source-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/15085
Date Reported: 02/09/2004
Brief Description: Red-Alert long request denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Red-Alert 2.7.5, Red-Alert version 3.1 build 24
Vulnerability: redalert-long-request-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15086
Date Reported: 02/09/2004
Brief Description: Resin "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Resin 2.1.12, Windows 2000 Any version, Windows NT
Any version
Vulnerability: resin-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15087
Date Reported: 02/09/2004
Brief Description: Red-Alert allows unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms: Red-Alert 2.7.5, Red-Alert version 3.1 build 24
Vulnerability: redalert-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15088
Date Reported: 02/09/2004
Brief Description: Red-Alert security bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Red-Alert 2.7.5, Red-Alert version 3.1 build 24
Vulnerability: redalert-bypass-security
X-Force URL: http://xforce.iss.net/xforce/xfdb/15089
Date Reported: 02/08/2004
Brief Description: palmhttpd accept function buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: palmhttpd Any version, Windows Any version
Vulnerability: palmhttpd-accept-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15090
Date Reported: 02/09/2004
Brief Description: JShop Server search.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: JShop Server Any version, Linux Any version, Unix
Any version, Windows Any version
Vulnerability: jshop-searchphp-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15100
Date Reported: 02/07/2004
Brief Description: Microsoft Windows XP helpctr.exe cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows XP Any version
Vulnerability: winxp-helpctr-hcp-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15101
Date Reported: 02/09/2004
Brief Description: eTrust InoculateIT for Linux symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: eTrust InoculateIT for Linux 6.0, Linux Any version
Vulnerability: etrust-inoculateit-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/15102
Date Reported: 02/10/2004
Brief Description: eTrust InoculateIT for Linux directories have
insecure permissions
Risk Factor: High
Attack Type: Host Based
Platforms: eTrust InoculateIT for Linux 6.0, Linux Any version
Vulnerability: etrust-inoculateit-insecure-permissions
X-Force URL: http://xforce.iss.net/xforce/xfdb/15103
Date Reported: 02/09/2004
Brief Description: EvolutionX command line denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: EvolutionX 3921, EvolutionX 3935, Windows Any
version
Vulnerability: evolutionx-command-line-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15104
Date Reported: 02/08/2004
Brief Description: GNU Mailman command handler denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: GNU Mailman prior to 2.0.14, Linux Any version, Red
Hat Advanced Workstation 2.1, Red Hat Enterprise
Linux 2.1AS, Red Hat Enterprise Linux 2.1ES, Unix
Any version
Vulnerability: mailman-command-handler-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15106
Date Reported: 02/08/2004
Brief Description: Nokia OBEX denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Nokia 6310i Any version
Vulnerability: nokia-obex-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15107
Date Reported: 02/09/2004
Brief Description: Linux rsync open_socket_out function buffer
overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, rsync 2.5.7 and earlier
Vulnerability: linux-rsync-opensocketout-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15108
Date Reported: 02/10/2004
Brief Description: Microsoft Virtual PC for Mac allows elevated
privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Macintosh Any version, Microsoft Virtual PC for Mac
6.0, Microsoft Virtual PC for Mac 6.01, Microsoft
Virtual PC for Mac 6.02, Microsoft Virtual PC for
Mac 6.1
Vulnerability: virtual-pc-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15113
Date Reported: 02/10/2004
Brief Description: PHP-Nuke Search and Web_links modules SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, PHP-Nuke 6.9 and earlier, Unix
Any version, Windows Any version
Vulnerability: phpnuke-modules-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15115
Date Reported: 02/10/2004
Brief Description: MaxWebPortal dl_showall.asp, Personal Messages, and
down.asp cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MaxWebPortal prior to 1.32,
Windows Any version
Vulnerability: maxwebportal-multiple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15120
Date Reported: 02/10/2004
Brief Description: MaxWebPortal Personal Messages SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MaxWebPortal prior to 1.32,
Windows Any version
Vulnerability: maxwebportal-personalmesssages-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15121
Date Reported: 02/10/2004
Brief Description: MaxWebPortal register form cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MaxWebPortal prior to 1.32,
Windows Any version
Vulnerability: maxwebportal-register-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15122
Date Reported: 02/10/2004
Brief Description: RealOne Player .RMP "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, RealOne
Enterprise Desktop Any version, RealOne Player 1.0,
RealOne Player 2.0
Vulnerability: realoneplayer-rmp-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15123
Date Reported: 02/10/2004
Brief Description: Microsoft Internet Explorer and Outlook null
character in host name denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 6.0, Microsoft Outlook
2002, Microsoft Outlook 2003, Windows Any version
Vulnerability: ie-host-null-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15127
Date Reported: 02/10/2004
Brief Description: XFree86 font.alias file buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Gentoo Linux Any version, Immunix OS 7.3, Red Hat
Linux 9, Slackware Linux 8.1, Slackware Linux 9.0,
Slackware Linux 9.1, Slackware Linux current,
XFree86 4.1.0 through 4.3.0
Vulnerability: xfree86-fontalias-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15130
Date Reported: 02/10/2004
Brief Description: Samba smbmnt allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Samba 3.x
Vulnerability: samba-smbmnt-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15131
Date Reported: 02/09/2004
Brief Description: Samba mksmbpasswd.sh could allow an attacker to
gain access to user's account
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Samba 3.0, Samba 3.0.1
Vulnerability: samba-mksmbpasswd-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15132
Date Reported: 02/11/2004
Brief Description: BosDates calendar SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: BosDates 3.2 and earlier, Linux Any version, Unix
Any version, Windows Any version
Vulnerability: bosdates-calendar-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15133
Date Reported: 02/11/2004
Brief Description: Mutt index menu buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Mandrake Linux 9.1, Mandrake Linux 9.2, Mandrake
Linux Corporate Server 2.1, Mutt prior to 1.4.2,
Red Hat Linux 9, Slackware Linux 8.1, Slackware
Linux 9.0, Slackware Linux 9.1, Slackware Linux
current, Trustix Secure Linux 2.0
Vulnerability: mutt-index-menu-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15134
Date Reported: 02/11/2004
Brief Description: ezContents multiple .php arbitrary PHP file
inclusion
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents 2.02 and earlier, Linux Any version
Vulnerability: ezcontents-multiple-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15135
Date Reported: 02/11/2004
Brief Description: ezContents login bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents 2.02 and earlier, Linux Any version
Vulnerability: ezcontents-login-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/15136
Date Reported: 02/11/2004
Brief Description: IBM AIX password enumeration
Risk Factor: Low
Attack Type: Network Based
Platforms: AIX 4.3.3, AIX 5.1
Vulnerability: aix-password-enumeration
X-Force URL: http://xforce.iss.net/xforce/xfdb/15172
Date Reported: 02/11/2004
Brief Description: Monkey httpd get_real_string denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Monkey HTTP Daemon 0.8.1 and
earlier
Vulnerability: monkey-getrealstring-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15187
Date Reported: 02/11/2004
Brief Description: Ratbag data length denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Dirt Track Racing 1.03 and earlier, Dirt Track
Racing 2 Any version, Dirt Track Racing Australia
Any version, Dirt Track Racing Sprint Cars 1.01 and
earlier, Leadfoot Any version, Windows Any version,
World of Outlaws Spring Cars Any version
Vulnerability: ratbag-data-length-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15188
Date Reported: 02/12/2004
Brief Description: phpCodeCabinet multiple scripts cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, phpCodeCabinet
0.4
Vulnerability: phpcodecabinet-multiple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15190
Date Reported: 02/12/2004
Brief Description: Sophos Anti-Virus incomplete MIME header denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: AIX Any version, FreeBSD 3.0 and later, HP-UX Any
version, Linux Any version, Solaris Any version,
Sophos Anti-Virus 3.78, Windows 2000 Any version,
Windows 2003 Any version, Windows NT Any version,
Windows XP Any version
Vulnerability: sophos-mime-header-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15191
Date Reported: 02/12/2004
Brief Description: Sophos Anti-Virus email virus may not be detected
Risk Factor: Medium
Attack Type: Network Based
Platforms: AIX Any version, FreeBSD 3.0 and later, HP-UX Any
version, Linux Any version, Solaris Any version,
Sophos Anti-Virus 3.78, Windows 2000 Any version,
Windows 2003 Any version, Windows NT Any version,
Windows XP Any version
Vulnerability: sophos-email-virus-undetected
X-Force URL: http://xforce.iss.net/xforce/xfdb/15192
Date Reported: 02/12/2004
Brief Description: SandSurfer undisclosed user authentication
unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, SandSurfer prior to 1.7.0
Vulnerability: sandsurfer-undisclosed-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15193
Date Reported: 02/12/2004
Brief Description: Macallan Mail Solution allows unauthorized access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Macallan Mail Solution 2.8.4.6 (Build 260),
Windows 2000 Any version, Windows XP Any version
Vulnerability: macallan-gain-unauthorized-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15194
Date Reported: 02/12/2004
Brief Description: AIM Sniff symlink attack
Risk Factor: Medium
Attack Type: Host Based
Platforms: AIM Sniff 0.9b, Linux Any version
Vulnerability: aim-sniff-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/15199
Date Reported: 02/12/2004
Brief Description: XFree86 CopyISOLatin1Lowered buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Immunix OS 7.3, Linux Any version, Red Hat Linux 9,
Slackware Linux 8.0, Slackware Linux 9.0, Slackware
Linux 9.1, Slackware Linux current, XFree86 4.1.0
through 4.3.0
Vulnerability: xfree86-copyisolatin1lLowered-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15200
Date Reported: 02/12/2004
Brief Description: Crob FTP Server multiple connections denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Crob FTP Server 3.5.2, Windows NT Any version
Vulnerability: crob-multiple-connections-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15201
Date Reported: 02/13/2004
Brief Description: PWLib message denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: PWLib prior to 1.6.0, Red Hat Linux 9
Vulnerability: pwlib-message-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15202
Date Reported: 02/13/2004
Brief Description: Mailmgr insecure temporary directory
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Mailmgr prior to 1.2.3, Unix Any
version
Vulnerability: mailmgr-insecure-temp-directory
X-Force URL: http://xforce.iss.net/xforce/xfdb/15203
Date Reported: 02/13/2004
Brief Description: Sami FTP Server CD and GET commands denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Sami FTP Server 1.1.3, Windows XP Any version
Vulnerability: sami-cd-get-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15204
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2004 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user's risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBQDEQdTRfJiV99eG9AQFTVAP+Nh1wGhiBSpIKxtqr0Dui22adqeFptQgN
2C4FnS9DmLasZwdMMjMuyyTk9hU321OeYNO0ZT02U6tzslYOegXBDRLiUaUoAu0S
F7zLeJS5QijQrLpmGMZPii1Et2U3R8Wh/yJCczE9fakVqKHQrqkeVFwem/gVs5w8
Dim4rDxPdFE=
=0IxE
-----END PGP SIGNATURE-----
- Previous message: X-Force: "ISS Security Brief: Microsoft ASN.1 Integer Manipulation Vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
