Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to disclose and manipulate sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, malicious users to cause a DoS and compromise a vulnerable system, and malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, cause a DoS, and compromise a vulnerable system.
9f9231945f0a83f638fee208297700964ebc21225ce33cb8e2c298943c6f8809
----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
The Public Beta has ended. Thanks to all that participated.
Learn more:
http://secunia.com/network_software_inspector_2/
----------------------------------------------------------------------
TITLE:
SUSE Update for Multiple Packages
SECUNIA ADVISORY ID:
SA30202
VERIFY ADVISORY:
http://secunia.com/advisories/30202/
CRITICAL:
Highly critical
IMPACT:
Cross Site Scripting, Manipulation of data, Exposure of sensitive
information, Privilege escalation, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
openSUSE 10.2
http://secunia.com/product/13375/
openSUSE 10.3
http://secunia.com/product/16124/
SUSE Linux 10
http://secunia.com/product/6221/
SUSE Linux 10.1
http://secunia.com/product/10796/
SUSE Linux Enterprise Server 10
http://secunia.com/product/12192/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SOFTWARE:
Novell Open Enterprise Server 1.x
http://secunia.com/product/4664/
DESCRIPTION:
SUSE has issued updates for multiple packages. These fix some
vulnerabilities, which can be exploited by malicious, local users to
disclose and manipulate sensitive information, cause a DoS (Denial of
Service), and gain escalated privileges, malicious users to cause a
DoS and compromise a vulnerable system, and malicious people to
disclose potentially sensitive information, conduct cross-site
scripting attacks, cause a DoS, and compromise a vulnerable system.
For more information:
SA27316
SA27672
SA27910
SA29363
SA29526
SA29668
SA29787
SA29816
SA29951
SA29980
SA30156
SOLUTION:
Updated packages are available via YaST Online Update or the SUSE FTP
server.
ORIGINAL ADVISORY:
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
OTHER REFERENCES:
SA27316:
http://secunia.com/advisories/27316/
SA27672:
http://secunia.com/advisories/27672/
SA27910:
http://secunia.com/advisories/27910/
SA29363:
http://secunia.com/advisories/29363/
SA29526:
http://secunia.com/advisories/29526/
SA29668:
http://secunia.com/advisories/29668/
SA29787:
http://secunia.com/advisories/29787/
SA29816:
http://secunia.com/advisories/29816/
SA29951:
http://secunia.com/advisories/29951/
SA29980:
http://secunia.com/advisories/29980/
SA30156:
http://secunia.com/advisories/30156/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------