Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, by malicious users to conduct SQL injection attacks and by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting attacks, disclose sensitive information and compromise a vulnerable system.
c65ce35474e7231a0fbbde91a81835a227100a45fb3b524073fe1ab82ba70c75
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
SUSE Updates for Multiple Packages
SECUNIA ADVISORY ID:
SA15629
VERIFY ADVISORY:
http://secunia.com/advisories/15629/
CRITICAL:
Highly critical
IMPACT:
Unknown, Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, Privilege escalation, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
SuSE eMail Server 3.x
http://secunia.com/product/1168/
SuSE Linux 7.x
http://secunia.com/product/140/
SuSE Linux 8.x
http://secunia.com/product/141/
SuSE Linux 9.0
http://secunia.com/product/2467/
SuSE Linux 9.1
http://secunia.com/product/3473/
SUSE Linux 9.2
http://secunia.com/product/4258/
SUSE Linux 9.3
http://secunia.com/product/4933/
SuSE Linux Connectivity Server
http://secunia.com/product/1169/
SuSE Linux Database Server
http://secunia.com/product/1178/
SuSE Linux Desktop 1.x
http://secunia.com/product/2002/
SuSE Linux Enterprise Server 7
http://secunia.com/product/1170/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SuSE Linux Firewall on CD/Admin host
http://secunia.com/product/1179/
SuSE Linux Office Server
http://secunia.com/product/1172/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
DESCRIPTION:
SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions with escalated privileges, by malicious users
to conduct SQL injection attacks and by malicious people to cause a
DoS (Denial of Service), conduct cross-site scripting attacks,
disclose sensitive information and compromise a vulnerable system.
For more information:
SA13962
SA14938
SA15130
SA15144
SA15292
SA15320
SA15361
SA15475
SOLUTION:
Apply updated packages.
Updated packages are available using YaST Online Update or the SUSE
FTP site.
ORIGINAL ADVISORY:
http://www.novell.com/linux/security/advisories/2005_14_sr.html
OTHER REFERENCES:
SA13962:
http://secunia.com/advisories/13962/
SA14938:
http://secunia.com/advisories/14938/
SA15130:
http://secunia.com/advisories/15130/
SA15144:
http://secunia.com/advisories/15144/
SA15292:
http://secunia.com/advisories/15292/
SA15320:
http://secunia.com/advisories/15320/
SA15361:
http://secunia.com/advisories/15361/
SA15475:
http://secunia.com/advisories/15475/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------