---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports. http://secunia.com/secunia_security_specialist/ ---------------------------------------------------------------------- TITLE: SUSE update for vixie-cron SECUNIA ADVISORY ID: SA20388 VERIFY ADVISORY: http://secunia.com/advisories/20388/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: UnitedLinux 1.0 http://secunia.com/product/2003/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SuSE Linux Desktop 1.x http://secunia.com/product/2002/ SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SuSE Linux 9.1 http://secunia.com/product/3473/ SUSE Linux 10 http://secunia.com/product/6221/ DESCRIPTION: SUSE has issued an update for vixie-cron. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA20380 SOLUTION: Apply updated packages. -- x86 Platform -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cron-4.1-45.3.i586.rpm e497e8d493f1b94c0891af1026be4d0a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/cron-4.1-26.2.i586.rpm a7daa9be8f6d1f3d5b87904e934ee235 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/cron-4.1-20.2.i586.rpm feabbd699c9504dc4cf0bf0ba91e6f2d SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/cron-4.1-14.2.i586.rpm 0979cea40c43166044c66364b148101b SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cron-3.0.1-920.12.i586.rpm e140f798e6146f52ca2621a6ef678a45 -- Power PC Platform -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cron-4.1-45.3.ppc.rpm 0b0550667503fc422ae7601b4cb513e6 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/cron-4.1-26.2.ppc.rpm 711aeec2e8bfcb02835478e3c5bc62c8 -- x86-64 Platform -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cron-4.1-45.3.x86_64.rpm 01885af8563e8f2e093b7741e0e7ee95 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/cron-4.1-26.2.x86_64.rpm 3716db1e6d608fc4714b8ac137c94059 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/cron-4.1-20.2.x86_64.rpm 4287461b019ece311e32082fd87bc0a9 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/cron-4.1-14.2.x86_64.rpm 574294ae7f583add41bd45774988cb4e SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cron-3.0.1-920.12.x86_64.rpm 6b26840c02592f7978d841f99743371d -- Sources -- SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/cron-4.1-45.3.src.rpm f43d85f87f2571b7a72c580f40027abd SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/cron-4.1-26.2.src.rpm 78ea0581677076016e90b109e6154b12 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/cron-4.1-20.2.src.rpm 9a1b7e7f96f6daaa2ce77f922ff9df9a SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/cron-4.1-14.2.src.rpm 26adb41a9c1beb796184323a0c0fed8a SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/cron-3.0.1-920.12.src.rpm 84e82588b2fcd45ff23e02502acbc8d2 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/cron-3.0.1-920.12.src.rpm c0aa0ac7fb31ae24da6404b0e0cdc218 -- Packages from the maintenance web -- UnitedLinux 1.0: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/9b78595924034dfdf1a0dcd1777838f9.html SUSE SLES 9: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/9b78595924034dfdf1a0dcd1777838f9.html SuSE Linux Desktop 1.0: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/9b78595924034dfdf1a0dcd1777838f9.html SuSE Linux Enterprise Server 8: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/9b78595924034dfdf1a0dcd1777838f9.html ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2006-05-32.html OTHER REFERENCES: SA20380: http://secunia.com/advisories/20380/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------