Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, execute arbitrary SQL code, cause a DoS (Denial of Service), and to compromise a user's system.
3e2c52041a67de08602f27a62b78a5890370fbf520ecea4993c1d35a23e10e12
TITLE:
SUSE Updates for Multiple Packages
SECUNIA ADVISORY ID:
SA19897
VERIFY ADVISORY:
http://secunia.com/advisories/19897/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Cross Site Scripting, Exposure of sensitive
information, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SuSE Linux Office Server
http://secunia.com/product/1172/
SuSE Linux Firewall on CD/Admin host
http://secunia.com/product/1179/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/
SuSE Linux Enterprise Server 7
http://secunia.com/product/1170/
SuSE Linux Desktop 1.x
http://secunia.com/product/2002/
SuSE Linux Database Server
http://secunia.com/product/1178/
SuSE Linux Connectivity Server
http://secunia.com/product/1169/
SUSE Linux 9.3
http://secunia.com/product/4933/
SuSE eMail Server 3.x
http://secunia.com/product/1168/
SUSE Linux 10
http://secunia.com/product/6221/
SuSE Linux 7.x
http://secunia.com/product/140/
SuSE Linux 8.x
http://secunia.com/product/141/
SuSE Linux 9.0
http://secunia.com/product/2467/
SuSE Linux 9.1
http://secunia.com/product/3473/
SUSE Linux 9.2
http://secunia.com/product/4258/
DESCRIPTION:
SUSE has issued updates for multiple packages. These fix some
vulnerabilities, which can be exploited by malicious users to conduct
script insertion attacks and by malicious people to disclose sensitive
information, conduct cross-site scripting attacks, execute arbitrary
SQL code, cause a DoS (Denial of Service), and to compromise a user's
system.
For more information:
SA17970
SA19246
SA19469
SA19531
SA19556
SA19659
SA19800
SA19778
SA19838
SOLUTION:
Apply updated packages.
Updated packages are available using YaST Online Update or via the
SUSE FTP site.
ORIGINAL ADVISORY:
http://www.novell.com/linux/security/advisories/2006_04_28.html
OTHER REFERENCES:
SA17970:
http://secunia.com/advisories/17970/
SA19246:
http://secunia.com/advisories/19246/
SA19469:
http://secunia.com/advisories/19469/
SA19531:
http://secunia.com/advisories/19531/
SA19556:
http://secunia.com/advisories/19556/
SA19659:
http://secunia.com/advisories/19659/
SA19778:
http://secunia.com/advisories/19778/
SA19800:
http://secunia.com/advisories/19800/
SA19838:
http://secunia.com/advisories/19838/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------