TITLE: SUSE update for phpMyAdmin SECUNIA ADVISORY ID: SA18618 VERIFY ADVISORY: http://secunia.com/advisories/18618/ CRITICAL: Highly critical IMPACT: Cross Site Scripting, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SuSE Linux 9.1 http://secunia.com/product/3473/ SuSE Linux 9.0 http://secunia.com/product/2467/ SUSE Linux 10 http://secunia.com/product/6221/ DESCRIPTION: SUSE has issued an update for phpMyAdmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. For more information: SA17578 SA17895 SA17925 SOLUTION: Apply updated packages. Platform Independent: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/noarch/phpMyAdmin-2.7.0pl2-1.2.noarch.rpm 7cbc7af360dd5791f869cbebfe3219d6 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/noarch/phpMyAdmin-2.7.0pl2-1.2.noarch.rpm a4b3baf33c3f9426e7ca54d555b3c078 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/noarch/phpMyAdmin-2.7.0pl2-1.2.noarch.rpm 0b8714574f839b323ba597d64b353afb SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/noarch/phpMyAdmin-2.7.0pl2-1.2.noarch.rpm 7b7c5fb9142964cc9938967660ae0bda ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/noarch/phpMyAdmin-2.7.0pl2-1.2.noarch.rpm 9bded98b55cd1249de2b894fce828a4e SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/noarch/phpMyAdmin-2.7.0pl2-3.noarch.rpm a7cab5e6787daa6b17995c0e505c2ca9 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/noarch/phpMyAdmin-2.7.0pl2-3.noarch.rpm ae7a60bd21a2fe3de1607d5d806e5ae9 Sources: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/phpMyAdmin-2.7.0pl2-1.2.src.rpm 0b73e931f2d7506ff6d0d5a7560a2aa2 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/phpMyAdmin-2.7.0pl2-1.2.src.rpm 9bd61252a955b01ab1ea685185388bc7 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/phpMyAdmin-2.7.0pl2-1.2.src.rpm 8c9216ec3c9ef219a4d60041c672b52c SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/phpMyAdmin-2.7.0pl2-1.2.src.rpm b9632cade67e8c7a4b8505492fd3f027 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/phpMyAdmin-2.7.0pl2-1.2.src.rpm d15b9c02417f88d427c1ab35434b561c SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/phpMyAdmin-2.7.0pl2-3.src.rpm 36f045d6238c0d39b2ec83cd2b7d8811 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/phpMyAdmin-2.7.0pl2-3.src.rpm 0e0fcc76ddf4304461a1f0ab4e015cc0 ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Jan/0006.html OTHER REFERENCES: SA17578: http://secunia.com/advisories/17578/ SA17895: http://secunia.com/advisories/17895/ SA17925: http://secunia.com/advisories/17925/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------