Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes multiple vulnerabilities where some have an unknown impact and others can be exploited by malicious, local users to bypass certain security restrictions and cause a DoS (Denial of Service), by malicious users to conduct script insertion and SQL injection attacks and cause a DoS (Denial of Service), and by malicious people to conduct spoofing, cross-site scripting, and SQL injection attacks, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.
5fa95392b3e1e766d5be2ab49778229fc34751364b09f2f317975c0ff07aeca3
----------------------------------------------------------------------
Looking for a job?
Secunia is hiring skilled researchers and talented developers.
http://secunia.com/company/jobs/
----------------------------------------------------------------------
TITLE:
SUSE update for Multiple Packages
SECUNIA ADVISORY ID:
SA39771
VERIFY ADVISORY:
http://secunia.com/advisories/39771/
DESCRIPTION:
SUSE has issued an update for multiple packages. This fixes multiple
vulnerabilities where some have an unknown impact and others can be
exploited by malicious, local users to bypass certain security
restrictions and cause a DoS (Denial of Service), by malicious users
to conduct script insertion and SQL injection attacks and cause a DoS
(Denial of Service), and by malicious people to conduct spoofing,
cross-site scripting, and SQL injection attacks, manipulate certain
data, disclose potentially sensitive information, cause a DoS (Denial
of Service), and compromise a vulnerable system.
For more information:
SA30134
SA33848
SA35284
SA36138
SA36159
SA36425
SA37255
SA37291
SA37372
SA37495
SA38261
SA38774
SA38836
SA39129
SA39365
SA39568
SA39576
SOLUTION:
Apply updated packages via YaST Online Update or the SUSE FTP server.
ORIGINAL ADVISORY:
SUSE-SR:2010:011:
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
OTHER REFERENCES:
SA30134:
http://secunia.com/advisories/30134/
SA33848:
http://secunia.com/advisories/33848/
SA35284:
http://secunia.com/advisories/35284/
SA36138:
http://secunia.com/advisories/36138/
SA36159:
http://secunia.com/advisories/36159/
SA36425:
http://secunia.com/advisories/36425/
SA37255:
http://secunia.com/advisories/37255/
SA37291:
http://secunia.com/advisories/37291/
SA37372:
http://secunia.com/advisories/37372/
SA37495:
http://secunia.com/advisories/37495/
SA38261:
http://secunia.com/advisories/38261/
SA38774:
http://secunia.com/advisories/38774/
SA38836:
http://secunia.com/advisories/38836/
SA39129:
http://secunia.com/advisories/39129/
SA39365:
http://secunia.com/advisories/39365/
SA39568:
http://secunia.com/advisories/39568/
SA39576:
http://secunia.com/advisories/39576/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------