[15419] in bugtraq
FW: Vulnerabilities in Norton Antivirus for Exchange
daemon@ATHENA.MIT.EDU (Mike Giordano)
Wed Jun 21 15:19:24 2000
MIME-Version: 1.0
Content-type: multipart/mixed;
Boundary="0__=F7RO5xF8aRmoju91bSgjFR3sC6MMcgpl7NgKRALn0T8MeN1Wcp62RRMm"
Content-Disposition: inline
Message-ID: <OF16AB62DA.D26E5050-ON88256905.005570DD@symantec.com>
Date: Wed, 21 Jun 2000 08:38:47 -0700
Reply-To: Mike Giordano <mgiordano@SYMANTEC.COM>
From: Mike Giordano <mgiordano@SYMANTEC.COM>
X-To: jr@AMANUE.COM
To: BUGTRAQ@SECURITYFOCUS.COM
--0__=F7RO5xF8aRmoju91bSgjFR3sC6MMcgpl7NgKRALn0T8MeN1Wcp62RRMm
Content-type: text/plain; charset=us-ascii
Hello there,
Your below e-mail was sent to me from one of my customers as they were
concerned with how Symantec was going to address the issues you pointed out
with our Norton AntiVirus for Exchange product.
Per my Systems Engineer:
"We have Fixed both the issues listed, the Fail-Open issue that he is
describing was fixed with the 2.01 code and the second one dealing with the
LFN zip files was fixed by SARC in a scan engine update."
I thought you might find this info useful.
Michael Giordano
Symantec Corporation
Educational Account Representative
115 Murray Drive
Allentown, PA 18104
(610)530-8300
(610)530-8989 Fax
MGiordano@Symantec.com
---------------------- Forwarded by Mike Giordano/Cupertino/Cal/SYMANTEC on
06/21/2000 08:33 AM ---------------------------
"Malm, Loren D." <LMALM@bsu.edu> on 06/16/2000 06:58:44 AM
To: Mike Giordano/Cupertino/Cal/SYMANTEC@SYMANTEC
cc: "'jbechtol@bellind.com'" <jbechtol@bellind.com>
Subject: FW: Vulnerabilities in Norton Antivirus for Exchange
Mike,
We are anxiously awaiting the quotes I discussed with you in my earlier
e-mail message, please see that one for details. Additionally, I would
be interested to learn when these problems aer going to be addressed.
We have seen this behavior as well.
Loren
-----Original Message-----
Date: 06/14/2000 09:02 pm -0500 (Wednesday)
From: Jim Rosenberg <jr@AMANUE.COM>
To: <BUGTRAQ@SECURITYFOCUS.COM>
Subject: Vulnerabilities in Norton Antivirus for Exchange
Norton Antivirus for Exchange (NavExchange), a product of Symantec,
suffers
from two major problems, with impact described below. The system tested
was
version 1.5. The most recent version is 2.0, which I have not had the
opportunity to test, but based on information from Symantec I believe
2.0 is
also vulnerable to the same problems.
These problems were reported to Symantec on 5/22/00, acknowledged as
received on 5/23/00. Symantec's only response so far is to say that the
issues have been "forwarded to QC". They have not given me as a
customer
any indication that a fix is available, or that they understand the
urgency
of the problem.
The issues below were reported to CERT on 6/6/00.
1. "Fail-Open" Design
When an inbound e-mail message arrives, a separate service (NavExchange)
is
contacted to scan messages for viruses. Under certain circumstances --
not
entirely clear -- NavExchange will enter a state in which it fails to
properly respond. When it enters this state, messages containing
viruses
will be transmitted through to the addressed recipent(s), leaving the
system
completely unprotected. I have at least one fairly clear case in which
it
apparently entered this state as the result of the LiveUpdate process.
In
other cases I suspect it can enter this state as the result of errors in
the
scanning process, e.g. 2. below.
When NavExchange has entered this "fail-open" state, an incoming e-mail
message containing a virus will leave an error message in the Event Log.
Thus the NavExchange system is not completely "dead", and even seems
somehow
aware of its own failure. It is not clear that Symantec has warned
customers of the urgency of acting on these Event Log messages, or that
they
are completely unprotected when this happens.
An example of such a message (as exported by the NT Resource Kit utility
DUMPEL) looks like this:
6/6/2000 4:07:42 AM 1 400 45 NavExchange N/A MAIL 80004005h Jim
Rosenberg\Inbox Automated Virus Check Message eicar_eicar.com
By contrast, a "normal" virus detection Event Log message looks like
this:
6/6/2000 5:53:17 AM 2 384 3 NavExchange N/A MAIL EICAR Test String.68
eicar_eicar.com Jim Rosenberg\Inbox Repaired
When NavExchange has entered this "fail-open" state it will apparently
stay
in this state indefinitely until the service is stopped and restarted.
Once
the service has been restarted, it appears virus protection is restored.
2. Buffer Overrun in the NavExchange unzip engine
Because an e-mail message could contain an attachment which is a .zip
file,
and members of the .zip archive might contain viruses, NavExchange
includes
a component for unzipping files. This component contains a buffer
overrun
when the .zip attachment contains long file names.
On 5/15/00, a message was posted to Bugtraq publishing a vulnerability
in
Eudora concerning .zip attachments with long file names. An attachment
was
included to illustrate the problem. This attachment caused a
NavExchange
failure, indicating that NavExchange suffers from the same problem.
The message in question has Message-ID
<002801bfbe6c$eccd5bd0$0100a8c0@ultor> from Ultor <Ultor@HERT.ORG>,
subject:
Eudora Pro & Outlook Overflow - too long filenames again
By sending this message through my mail system I can, with 100%
reproduceability, cause NavExchange to fail. The vendor has
acknowledged
that this attachment "will take down our decomposers".
Impacts fall into three grades of severity:
A) Entry Mechanism for viruses
A virus "armored" inside of a .zip attachment with long file names is
virtually guaranteed to be able to slip through NavExchange and reach
the
recipient. In this case the system administrator will have an Event Log
message noting the failure, but may not realize the implications. Many
NT
systems have no method of explicitly notifying the system administrator
when
Event Log messages of a particular kind occur, and indeed the whole
Event
Log mechanism typically requires dilligence on the part of the system
administrator to scan these logs manually. Since such an armored e-mail
message could arrive overnight or on a weekend, there is more than
sufficent
time for the message to trigger an infection before the Event Log
message is
noticed.
B) A remote user may be able to disable virus protection
I suspect but cannot prove that mechanism 2) above may be able to induce
the
fail-open state 1) described above. I cannot actually cause this to
happen.
I do know that subsequent to receiving the Bugtraq message described
above,
my system was in the fail-open state and was unprotected for several
days.
C) A remote user may be able to compromise the security of the mail
server
Because problem 2) above is a buffer overrun, there is the potential
that a
suitably designed exploit could execute code as the Exchange user. I
should
emphasize that I *don't know* if this buffer overrun is exploitable, but
I
suspect it is. Such an exploit could at a minimum compromise any files
or
registry keys to which the Exchange user has rights, and in the worst
case
(if the Exchange user runs as Administrator) the entire mail server.
(See attached file: Mime.822)
--0__=F7RO5xF8aRmoju91bSgjFR3sC6MMcgpl7NgKRALn0T8MeN1Wcp62RRMm
Content-type: application/octet-stream;
name="Mime.822"
Content-Disposition: attachment; filename="Mime.822"
Content-transfer-encoding: base64
UmVjZWl2ZWQ6IGZyb20gcG9ydGFsLmJzdS5lZHUNCglieSBndy5ic3UuZWR1OyBUaHUsIDE1IEp1
biAyMDAwIDEzOjE3OjE3IC0wNTAwDQpSZWNlaXZlZDogKGZyb20gZGFlbW9uQGxvY2FsaG9zdCkN
CglieSBwb3J0YWwuYnN1LmVkdSAoOC44LjcvOC44LjcpIGlkIE5BQTAwMzk3Ow0KCVRodSwgMTUg
SnVuIDIwMDAgMTM6MTQ6MjQgLTA1MDAgKEVTVCkNClJlY2VpdmVkOiBmcm9tIGxpc3RzLnNlY3Vy
aXR5Zm9jdXMuY29tIChsaXN0cy5zZWN1cml0eWZvY3VzLmNvbSBbMjA3LjEyNi4xMjcuNjhdKQ0K
CWJ5IHBvcnRhbC5ic3UuZWR1ICg4LjguNy84LjguNykgd2l0aCBTTVRQIGlkIE5BQTAwMzM5Ow0K
CVRodSwgMTUgSnVuIDIwMDAgMTM6MTQ6MTMgLTA1MDAgKEVTVCkNClJlY2VpdmVkOiBmcm9tIGxp
c3RzLnNlY3VyaXR5Zm9jdXMuY29tIChsaXN0cy5zZWN1cml0eWZvY3VzLmNvbSBbMjA3LjEyNi4x
MjcuNjhdKQ0KCWJ5IGxpc3RzLnNlY3VyaXR5Zm9jdXMuY29tIChQb3N0Zml4KSB3aXRoIEVTTVRQ
DQoJaWQgMkQ4N0ExRjA3MjsgVGh1LCAxNSBKdW4gMjAwMCAxMTowNzo0OCAtMDcwMCAoUERUKQ0K
UmVjZWl2ZWQ6IGZyb20gTElTVFMuU0VDVVJJVFlGT0NVUy5DT00gYnkgTElTVFMuU0VDVVJJVFlG
T0NVUy5DT00NCiAgICAgICAgICAoTElTVFNFUlYtVENQL0lQIHJlbGVhc2UgMS44ZCkgd2l0aCBz
cG9vbCBpZCAxMDcyOTU1OCBmb3INCiAgICAgICAgICBCVUdUUkFRQExJU1RTLlNFQ1VSSVRZRk9D
VVMuQ09NOyBUaHUsIDE1IEp1biAyMDAwIDExOjA3OjMyIC0wNzAwDQpBcHByb3ZlZC1CeTogYWxl
cGgxQFNFQ1VSSVRZRk9DVVMuQ09NDQpEZWxpdmVyZWQtVG86IGJ1Z3RyYXFAbGlzdHMuc2VjdXJp
dHlmb2N1cy5jb20NClJlY2VpdmVkOiBmcm9tIHNlY3VyaXR5Zm9jdXMuY29tIChtYWlsLnNlY3Vy
aXR5Zm9jdXMuY29tIFsyMDcuMTI2LjEyNy43OF0pIGJ5DQogICAgICAgICAgbGlzdHMuc2VjdXJp
dHlmb2N1cy5jb20gKFBvc3RmaXgpIHdpdGggU01UUCBpZCA1MzUzNTFFRUExIGZvcg0KICAgICAg
ICAgIDxidWd0cmFxQGxpc3RzLnNlY3VyaXR5Zm9jdXMuY29tPjsgV2VkLCAxNCBKdW4gMjAwMCAx
ODoxMTo1NyAtMDcwMA0KICAgICAgICAgIChQRFQpDQpSZWNlaXZlZDogKHFtYWlsIDQ1MzAgaW52
b2tlZCBieSBhbGlhcyk7IDE1IEp1biAyMDAwIDAxOjEyOjEyIC0wMDAwDQpEZWxpdmVyZWQtVG86
IEJVR1RSQVFAU0VDVVJJVFlGT0NVUy5DT00NClJlY2VpdmVkOiAocW1haWwgNDUyNiBpbnZva2Vk
IGZyb20gbmV0d29yayk7IDE1IEp1biAyMDAwIDAxOjEyOjExIC0wMDAwDQpSZWNlaXZlZDogZnJv
bSBkb2l0LnBnaC5uZXQgKDIwOS4xNjYuMTkxLjEzNCkgYnkgbWFpbC5zZWN1cml0eWZvY3VzLmNv
bSB3aXRoDQogICAgICAgICAgU01UUDsgMTUgSnVuIDIwMDAgMDE6MTI6MTEgLTAwMDANClJlY2Vp
dmVkOiAoZnJvbSB1dWNwQGxvY2FsaG9zdCkgYnkgZG9pdC5wZ2gubmV0ICg4LjkuMC84LjkuMC9Q
R0guTkVULTAyKSB3aXRoDQogICAgICAgICAgVVVDUCBpZCBWQUEyMzE0MyBmb3IgQlVHVFJBUUBT
RUNVUklUWUZPQ1VTLkNPTTsgV2VkLCAxNCBKdW4gMjAwMA0KICAgICAgICAgIDIxOjA5OjUyIC0w
NDAwIChFRFQpDQpSZWNlaXZlZDogZnJvbSBmZW5lc3RyYSBieSBhbWFudWUuY29tIHdpdGggZXNt
dHAgaWQNCiAgICAgICAgICA8bTEzMk82Ni0wMDAyMDBDQGFtYW51ZS5jb20+IGZvciA8QlVHVFJB
UUBTRUNVUklUWUZPQ1VTLkNPTT47IFdlZCwgMTQNCiAgICAgICAgICBKdW4gMjAwMCAyMTowNToz
MCAtMDQwMCAoRURUKQ0KTUlNRS1WZXJzaW9uOiAxLjANCkNvbnRlbnQtdHlwZTogdGV4dC9wbGFp
bjsgY2hhcnNldD1VUy1BU0NJSQ0KQ29udGVudC10cmFuc2Zlci1lbmNvZGluZzogN0JJVA0KUHJp
b3JpdHk6IG5vcm1hbA0KWC1tYWlsZXI6IFBlZ2FzdXMgTWFpbCBmb3IgV2luMzIgKHYzLjEyYykN
Ck1lc3NhZ2UtSUQ6ICA8Mzk0N0YyRDguMTg5MDAuODlGMDAzQGxvY2FsaG9zdD4NCkRhdGU6ICAg
ICAgICAgV2VkLCAxNCBKdW4gMjAwMCAyMTowMjoxNiAtNTAwDQpSZXBseS1UbzogSmltIFJvc2Vu
YmVyZyA8anJAQU1BTlVFLkNPTT4NClNlbmRlcjogQnVndHJhcSBMaXN0IDxCVUdUUkFRQFNFQ1VS
SVRZRk9DVVMuQ09NPg0KWC1QSDogVjQuNEBwb3J0YWwNCkZyb206IEppbSBSb3NlbmJlcmcgPGpy
QEFNQU5VRS5DT00+DQpTdWJqZWN0OiAgICAgIFZ1bG5lcmFiaWxpdGllcyBpbiBOb3J0b24gQW50
aXZpcnVzIGZvciBFeGNoYW5nZQ0KVG86IEJVR1RSQVFAU0VDVVJJVFlGT0NVUy5DT00NCg0KTm9y
dG9uIEFudGl2aXJ1cyBmb3IgRXhjaGFuZ2UgKE5hdkV4Y2hhbmdlKSwgYSBwcm9kdWN0IG9mIFN5
bWFudGVjLCBzdWZmZXJzDQpmcm9tIHR3byBtYWpvciBwcm9ibGVtcywgd2l0aCBpbXBhY3QgZGVz
Y3JpYmVkIGJlbG93LiAgVGhlIHN5c3RlbSB0ZXN0ZWQgd2FzDQp2ZXJzaW9uIDEuNS4gIFRoZSBt
b3N0IHJlY2VudCB2ZXJzaW9uIGlzIDIuMCwgd2hpY2ggSSBoYXZlIG5vdCBoYWQgdGhlDQpvcHBv
cnR1bml0eSB0byB0ZXN0LCBidXQgYmFzZWQgb24gaW5mb3JtYXRpb24gZnJvbSBTeW1hbnRlYyBJ
IGJlbGlldmUgMi4wIGlzDQphbHNvIHZ1bG5lcmFibGUgdG8gdGhlIHNhbWUgcHJvYmxlbXMuDQoN
ClRoZXNlIHByb2JsZW1zIHdlcmUgcmVwb3J0ZWQgdG8gU3ltYW50ZWMgb24gNS8yMi8wMCwgYWNr
bm93bGVkZ2VkIGFzDQpyZWNlaXZlZCBvbiA1LzIzLzAwLiAgU3ltYW50ZWMncyBvbmx5IHJlc3Bv
bnNlIHNvIGZhciBpcyB0byBzYXkgdGhhdCB0aGUNCmlzc3VlcyBoYXZlIGJlZW4gImZvcndhcmRl
ZCB0byBRQyIuICBUaGV5IGhhdmUgbm90IGdpdmVuIG1lIGFzIGEgY3VzdG9tZXINCmFueSBpbmRp
Y2F0aW9uIHRoYXQgYSBmaXggaXMgYXZhaWxhYmxlLCBvciB0aGF0IHRoZXkgdW5kZXJzdGFuZCB0
aGUgdXJnZW5jeQ0Kb2YgdGhlIHByb2JsZW0uDQoNClRoZSBpc3N1ZXMgYmVsb3cgd2VyZSByZXBv
cnRlZCB0byBDRVJUIG9uIDYvNi8wMC4NCg0KMS4gICJGYWlsLU9wZW4iIERlc2lnbg0KDQpXaGVu
IGFuIGluYm91bmQgZS1tYWlsIG1lc3NhZ2UgYXJyaXZlcywgYSBzZXBhcmF0ZSBzZXJ2aWNlIChO
YXZFeGNoYW5nZSkgaXMNCmNvbnRhY3RlZCB0byBzY2FuIG1lc3NhZ2VzIGZvciB2aXJ1c2VzLiAg
VW5kZXIgY2VydGFpbiBjaXJjdW1zdGFuY2VzIC0tIG5vdA0KZW50aXJlbHkgY2xlYXIgLS0gTmF2
RXhjaGFuZ2Ugd2lsbCBlbnRlciBhIHN0YXRlIGluIHdoaWNoIGl0IGZhaWxzIHRvDQpwcm9wZXJs
eSByZXNwb25kLiAgV2hlbiBpdCBlbnRlcnMgdGhpcyBzdGF0ZSwgbWVzc2FnZXMgY29udGFpbmlu
ZyB2aXJ1c2VzDQp3aWxsIGJlIHRyYW5zbWl0dGVkIHRocm91Z2ggdG8gdGhlIGFkZHJlc3NlZCBy
ZWNpcGVudChzKSwgbGVhdmluZyB0aGUgc3lzdGVtDQpjb21wbGV0ZWx5IHVucHJvdGVjdGVkLiAg
SSBoYXZlIGF0IGxlYXN0IG9uZSBmYWlybHkgY2xlYXIgY2FzZSBpbiB3aGljaCBpdA0KYXBwYXJl
bnRseSBlbnRlcmVkIHRoaXMgc3RhdGUgYXMgdGhlIHJlc3VsdCBvZiB0aGUgTGl2ZVVwZGF0ZSBw
cm9jZXNzLiAgSW4NCm90aGVyIGNhc2VzIEkgc3VzcGVjdCBpdCBjYW4gZW50ZXIgdGhpcyBzdGF0
ZSBhcyB0aGUgcmVzdWx0IG9mIGVycm9ycyBpbiB0aGUNCnNjYW5uaW5nIHByb2Nlc3MsIGUuZy4g
Mi4gYmVsb3cuDQoNCldoZW4gTmF2RXhjaGFuZ2UgaGFzIGVudGVyZWQgdGhpcyAiZmFpbC1vcGVu
IiBzdGF0ZSwgYW4gaW5jb21pbmcgZS1tYWlsDQptZXNzYWdlIGNvbnRhaW5pbmcgYSB2aXJ1cyB3
aWxsIGxlYXZlIGFuIGVycm9yIG1lc3NhZ2UgaW4gdGhlIEV2ZW50IExvZy4NClRodXMgdGhlIE5h
dkV4Y2hhbmdlIHN5c3RlbSBpcyBub3QgY29tcGxldGVseSAiZGVhZCIsIGFuZCBldmVuIHNlZW1z
IHNvbWVob3cNCmF3YXJlIG9mIGl0cyBvd24gZmFpbHVyZS4gIEl0IGlzIG5vdCBjbGVhciB0aGF0
IFN5bWFudGVjIGhhcyB3YXJuZWQNCmN1c3RvbWVycyBvZiB0aGUgdXJnZW5jeSBvZiBhY3Rpbmcg
b24gdGhlc2UgRXZlbnQgTG9nIG1lc3NhZ2VzLCBvciB0aGF0IHRoZXkNCmFyZSBjb21wbGV0ZWx5
IHVucHJvdGVjdGVkIHdoZW4gdGhpcyBoYXBwZW5zLg0KDQpBbiBleGFtcGxlIG9mIHN1Y2ggYSBt
ZXNzYWdlIChhcyBleHBvcnRlZCBieSB0aGUgTlQgUmVzb3VyY2UgS2l0IHV0aWxpdHkNCkRVTVBF
TCkgbG9va3MgbGlrZSB0aGlzOg0KDQo2LzYvMjAwMAk0OjA3OjQyIEFNCTEJNDAwCTQ1CU5hdkV4
Y2hhbmdlCU4vQQlNQUlMCTgwMDA0MDA1aCBKaW0NClJvc2VuYmVyZ1xJbmJveCBBdXRvbWF0ZWQg
VmlydXMgQ2hlY2sgTWVzc2FnZSBlaWNhcl9laWNhci5jb20NCg0KQnkgY29udHJhc3QsIGEgIm5v
cm1hbCIgdmlydXMgZGV0ZWN0aW9uIEV2ZW50IExvZyBtZXNzYWdlIGxvb2tzIGxpa2UgdGhpczoN
Cg0KNi82LzIwMDAJNTo1MzoxNyBBTQkyCTM4NAkzCU5hdkV4Y2hhbmdlCU4vQQlNQUlMCUVJQ0FS
IFRlc3QgU3RyaW5nLjY4DQplaWNhcl9laWNhci5jb20gSmltIFJvc2VuYmVyZ1xJbmJveCBSZXBh
aXJlZA0KDQpXaGVuIE5hdkV4Y2hhbmdlIGhhcyBlbnRlcmVkIHRoaXMgImZhaWwtb3BlbiIgc3Rh
dGUgaXQgd2lsbCBhcHBhcmVudGx5IHN0YXkNCmluIHRoaXMgc3RhdGUgaW5kZWZpbml0ZWx5IHVu
dGlsIHRoZSBzZXJ2aWNlIGlzIHN0b3BwZWQgYW5kIHJlc3RhcnRlZC4gIE9uY2UNCnRoZSBzZXJ2
aWNlIGhhcyBiZWVuIHJlc3RhcnRlZCwgaXQgYXBwZWFycyB2aXJ1cyBwcm90ZWN0aW9uIGlzIHJl
c3RvcmVkLg0KDQoyLiAgQnVmZmVyIE92ZXJydW4gaW4gdGhlIE5hdkV4Y2hhbmdlIHVuemlwIGVu
Z2luZQ0KDQpCZWNhdXNlIGFuIGUtbWFpbCBtZXNzYWdlIGNvdWxkIGNvbnRhaW4gYW4gYXR0YWNo
bWVudCB3aGljaCBpcyBhIC56aXAgZmlsZSwNCmFuZCBtZW1iZXJzIG9mIHRoZSAuemlwIGFyY2hp
dmUgbWlnaHQgY29udGFpbiB2aXJ1c2VzLCBOYXZFeGNoYW5nZSBpbmNsdWRlcw0KYSBjb21wb25l
bnQgZm9yIHVuemlwcGluZyBmaWxlcy4gIFRoaXMgY29tcG9uZW50IGNvbnRhaW5zIGEgYnVmZmVy
IG92ZXJydW4NCndoZW4gdGhlIC56aXAgYXR0YWNobWVudCBjb250YWlucyBsb25nIGZpbGUgbmFt
ZXMuDQoNCk9uIDUvMTUvMDAsIGEgbWVzc2FnZSB3YXMgcG9zdGVkIHRvIEJ1Z3RyYXEgcHVibGlz
aGluZyBhIHZ1bG5lcmFiaWxpdHkgaW4NCkV1ZG9yYSBjb25jZXJuaW5nIC56aXAgYXR0YWNobWVu
dHMgd2l0aCBsb25nIGZpbGUgbmFtZXMuICBBbiBhdHRhY2htZW50IHdhcw0KaW5jbHVkZWQgdG8g
aWxsdXN0cmF0ZSB0aGUgcHJvYmxlbS4gIFRoaXMgYXR0YWNobWVudCBjYXVzZWQgYSBOYXZFeGNo
YW5nZQ0KZmFpbHVyZSwgaW5kaWNhdGluZyB0aGF0IE5hdkV4Y2hhbmdlIHN1ZmZlcnMgZnJvbSB0
aGUgc2FtZSBwcm9ibGVtLg0KDQpUaGUgbWVzc2FnZSBpbiBxdWVzdGlvbiBoYXMgTWVzc2FnZS1J
RA0KPDAwMjgwMWJmYmU2YyRlY2NkNWJkMCQwMTAwYThjMEB1bHRvcj4gZnJvbSBVbHRvciA8VWx0
b3JASEVSVC5PUkc+LCBzdWJqZWN0Og0KDQpFdWRvcmEgUHJvICYgT3V0bG9vayBPdmVyZmxvdyAt
IHRvbyBsb25nIGZpbGVuYW1lcyBhZ2Fpbg0KDQpCeSBzZW5kaW5nIHRoaXMgbWVzc2FnZSB0aHJv
dWdoIG15IG1haWwgc3lzdGVtIEkgY2FuLCB3aXRoIDEwMCUNCnJlcHJvZHVjZWFiaWxpdHksIGNh
dXNlIE5hdkV4Y2hhbmdlIHRvIGZhaWwuICBUaGUgdmVuZG9yIGhhcyBhY2tub3dsZWRnZWQNCnRo
YXQgdGhpcyBhdHRhY2htZW50ICJ3aWxsIHRha2UgZG93biBvdXIgZGVjb21wb3NlcnMiLg0KDQoN
CkltcGFjdHMgZmFsbCBpbnRvIHRocmVlIGdyYWRlcyBvZiBzZXZlcml0eToNCg0KQSkgRW50cnkg
TWVjaGFuaXNtIGZvciB2aXJ1c2VzDQoNCkEgdmlydXMgImFybW9yZWQiIGluc2lkZSBvZiBhIC56
aXAgYXR0YWNobWVudCB3aXRoIGxvbmcgZmlsZSBuYW1lcyBpcw0KdmlydHVhbGx5IGd1YXJhbnRl
ZWQgdG8gYmUgYWJsZSB0byBzbGlwIHRocm91Z2ggTmF2RXhjaGFuZ2UgYW5kIHJlYWNoIHRoZQ0K
cmVjaXBpZW50LiAgSW4gdGhpcyBjYXNlIHRoZSBzeXN0ZW0gYWRtaW5pc3RyYXRvciB3aWxsIGhh
dmUgYW4gRXZlbnQgTG9nDQptZXNzYWdlIG5vdGluZyB0aGUgZmFpbHVyZSwgYnV0IG1heSBub3Qg
cmVhbGl6ZSB0aGUgaW1wbGljYXRpb25zLiAgTWFueSBOVA0Kc3lzdGVtcyBoYXZlIG5vIG1ldGhv
ZCBvZiBleHBsaWNpdGx5IG5vdGlmeWluZyB0aGUgc3lzdGVtIGFkbWluaXN0cmF0b3Igd2hlbg0K
RXZlbnQgTG9nIG1lc3NhZ2VzIG9mIGEgcGFydGljdWxhciBraW5kIG9jY3VyLCBhbmQgaW5kZWVk
IHRoZSB3aG9sZSBFdmVudA0KTG9nIG1lY2hhbmlzbSB0eXBpY2FsbHkgcmVxdWlyZXMgZGlsbGln
ZW5jZSBvbiB0aGUgcGFydCBvZiB0aGUgc3lzdGVtDQphZG1pbmlzdHJhdG9yIHRvIHNjYW4gdGhl
c2UgbG9ncyBtYW51YWxseS4gIFNpbmNlIHN1Y2ggYW4gYXJtb3JlZCBlLW1haWwNCm1lc3NhZ2Ug
Y291bGQgYXJyaXZlIG92ZXJuaWdodCBvciBvbiBhIHdlZWtlbmQsIHRoZXJlIGlzIG1vcmUgdGhh
biBzdWZmaWNlbnQNCnRpbWUgZm9yIHRoZSBtZXNzYWdlIHRvIHRyaWdnZXIgYW4gaW5mZWN0aW9u
IGJlZm9yZSB0aGUgRXZlbnQgTG9nIG1lc3NhZ2UgaXMNCm5vdGljZWQuDQoNCkIpIEEgcmVtb3Rl
IHVzZXIgbWF5IGJlIGFibGUgdG8gZGlzYWJsZSB2aXJ1cyBwcm90ZWN0aW9uDQoNCkkgc3VzcGVj
dCBidXQgY2Fubm90IHByb3ZlIHRoYXQgbWVjaGFuaXNtIDIpIGFib3ZlIG1heSBiZSBhYmxlIHRv
IGluZHVjZSB0aGUNCmZhaWwtb3BlbiBzdGF0ZSAxKSBkZXNjcmliZWQgYWJvdmUuICBJIGNhbm5v
dCBhY3R1YWxseSBjYXVzZSB0aGlzIHRvIGhhcHBlbi4NCkkgZG8ga25vdyB0aGF0IHN1YnNlcXVl
bnQgdG8gcmVjZWl2aW5nIHRoZSBCdWd0cmFxIG1lc3NhZ2UgZGVzY3JpYmVkIGFib3ZlLA0KbXkg
c3lzdGVtIHdhcyBpbiB0aGUgZmFpbC1vcGVuIHN0YXRlIGFuZCB3YXMgdW5wcm90ZWN0ZWQgZm9y
IHNldmVyYWwgZGF5cy4NCg0KQykgQSByZW1vdGUgdXNlciBtYXkgYmUgYWJsZSB0byBjb21wcm9t
aXNlIHRoZSBzZWN1cml0eSBvZiB0aGUgbWFpbCBzZXJ2ZXINCg0KQmVjYXVzZSBwcm9ibGVtIDIp
IGFib3ZlIGlzIGEgYnVmZmVyIG92ZXJydW4sIHRoZXJlIGlzIHRoZSBwb3RlbnRpYWwgdGhhdCBh
DQpzdWl0YWJseSBkZXNpZ25lZCBleHBsb2l0IGNvdWxkIGV4ZWN1dGUgY29kZSBhcyB0aGUgRXhj
aGFuZ2UgdXNlci4gIEkgc2hvdWxkDQplbXBoYXNpemUgdGhhdCBJICpkb24ndCBrbm93KiBpZiB0
aGlzIGJ1ZmZlciBvdmVycnVuIGlzIGV4cGxvaXRhYmxlLCBidXQgSQ0Kc3VzcGVjdCBpdCBpcy4g
IFN1Y2ggYW4gZXhwbG9pdCBjb3VsZCBhdCBhIG1pbmltdW0gY29tcHJvbWlzZSBhbnkgZmlsZXMg
b3INCnJlZ2lzdHJ5IGtleXMgdG8gd2hpY2ggdGhlIEV4Y2hhbmdlIHVzZXIgaGFzIHJpZ2h0cywg
YW5kIGluIHRoZSB3b3JzdCBjYXNlDQooaWYgdGhlIEV4Y2hhbmdlIHVzZXIgcnVucyBhcyBBZG1p
bmlzdHJhdG9yKSB0aGUgZW50aXJlIG1haWwgc2VydmVyLg0K
--0__=F7RO5xF8aRmoju91bSgjFR3sC6MMcgpl7NgKRALn0T8MeN1Wcp62RRMm--
