TITLE: SUSE Updates for Multiple Packages SECUNIA ADVISORY ID: SA17083 VERIFY ADVISORY: http://secunia.com/advisories/17083/ CRITICAL: Moderately critical IMPACT: Security Bypass, Exposure of sensitive information, Privilege escalation, System access WHERE: >From remote OPERATING SYSTEM: SuSE Linux Standard Server 8 http://secunia.com/product/2526/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Office Server http://secunia.com/product/1172/ SuSE Linux Firewall on CD/Admin host http://secunia.com/product/1179/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SuSE Linux Enterprise Server 7 http://secunia.com/product/1170/ SuSE Linux Desktop 1.x http://secunia.com/product/2002/ SuSE Linux Database Server http://secunia.com/product/1178/ SuSE Linux Connectivity Server http://secunia.com/product/1169/ SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SuSE Linux 9.1 http://secunia.com/product/3473/ SuSE Linux 9.0 http://secunia.com/product/2467/ SuSE Linux 8.x http://secunia.com/product/141/ SuSE Linux 7.x http://secunia.com/product/140/ SuSE eMail Server 3.x http://secunia.com/product/1168/ DESCRIPTION: SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges, or to disclose certain sensitive information, and by malicious people to compromise a user's system. For more information: SA16866 SA17047 Some other vulnerabilities which may be SUSE specific have also been fixed: 1) An error in the restriction of USB devices in resmgr can be exploited by local desktop users to access arbitrary USB devices. 2) The problem is that insecure permissions and ownerships may be set for YaST package repositories. 3) A boundary error in the YaST package handling can be exploited to cause a buffer overflow via specially crafted meta data. Successful exploitation may allow execution of arbitrary code. 4) A configuration error in the powersave daemon can be exploited by local desktop users to control the powersafe daemon (e.g. suspend the system). 5) Insecure use of the "LD_LIBRARY_PATH" variable in various applications has an unknown impact. SOLUTION: Apply updated packages. Updated packages are available using YaST Online Update or via the SUSE FTP site. PROVIDED AND/OR DISCOVERED BY: 2-3) The vendor credits Rene "l00m" Fischer. OTHER REFERENCES: SA16866: http://secunia.com/advisories/16866/ SA17047: http://secunia.com/advisories/17047/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------