---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, and Seamonkey SECUNIA ADVISORY ID: SA21529 VERIFY ADVISORY: http://secunia.com/advisories/21529/ CRITICAL: Highly critical IMPACT: Cross Site Scripting, DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird and Seamonkey. These fix some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. For more information: SA19873 SA21228 SA21229 SOLUTION: Apply updated packages. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-1.5.0.6-1.3.i586.rpm b077ab8d63cbca9fad680e31faa34d80 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-1.5.0.6-1.3.i586.rpm 083893020c930fb8d0d2ac107e6afcb2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaThunderbird-1.5.0.5-0.1.i586.rpm 857642c909f7184dc1a6441025c57d82 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaThunderbird-translations-1.5.0.5-0.1.i586.rpm 41cdd09824e46732fe0160d2eea1db13 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-1.0.4-2.1.i586.rpm eecf97bedf164629445589bf5fe96f3a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-calendar-1.0.4-2.1.i586.rpm 9817cd23edbe982c54e8e9788b068272 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-dom-inspector-1.0.4-2.1.i586.rpm acc5e00265da3c37d75dd8467e942523 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-irc-1.0.4-2.1.i586.rpm 7a00bd110f7f36a7adac792b4d385cf2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-mail-1.0.4-2.1.i586.rpm 507c561f4179f75652550dea985fd5c5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-spellchecker-1.0.4-2.1.i586.rpm 0e528364b0a47d8cc186be99c9273680 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-venkman-1.0.4-2.1.i586.rpm 0756055ab6c663c03520a566e748fd84 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-1.5.0.6-1.2.i586.rpm 169195ef8d8d6aa42578c52301637a7b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-translations-1.5.0.6-1.2.i586.rpm ce2ca0073cb95cd52908eca9162f12db ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaThunderbird-1.5.0.5-0.1.i586.rpm 82c3c849160d835d7dd2e83d58ab46ed SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-1.5.0.6-1.4.i586.rpm 45252c09a02b7947e2dcff6c7b2680f7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-translations-1.5.0.6-1.4.i586.rpm 3f916156c178db203e19854f1be14a6e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaThunderbird-1.5.0.5-0.1.i586.rpm 3878dfec4b42ebf979488794dd5ba153 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaFirefox-1.5.0.6-1.4.i586.rpm 1a6ec1263972cc8ee19b4b88112cbc91 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaFirefox-translations-1.5.0.6-1.4.i586.rpm 10b2b66061b686aab364255edfc7330f ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaThunderbird-1.5.0.5-0.1.i586.rpm d7a39ac5e59594f326c0a7ebf893025a Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-1.5.0.6-1.3.ppc.rpm beb4517859e09e23b1c1b8e6fe9f7f1b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-1.5.0.6-1.3.ppc.rpm f9f7424e954609520a7dcfa5401aa6a0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaThunderbird-1.5.0.5-0.1.ppc.rpm a3810db291a8575ec602046534ac0046 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaThunderbird-translations-1.5.0.5-0.1.ppc.rpm 1c3f6bdab05076e177c39900b8796291 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-1.0.4-2.1.ppc.rpm 2a57cf8e9d58c738d08f3457b18c39c8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-calendar-1.0.4-2.1.ppc.rpm 5e5b4e2bc287c6b9fa8dcd920bd5691f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-dom-inspector-1.0.4-2.1.ppc.rpm 2b6d0f991fdf834704a717a9da239114 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-irc-1.0.4-2.1.ppc.rpm 8130da7cdb4ece3a5b3ffcd1d8de6604 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-mail-1.0.4-2.1.ppc.rpm 42a37ed33a80d3a9c7922b260ec8d017 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-spellchecker-1.0.4-2.1.ppc.rpm 7ed788d6b9eaaa450c7bdef217d1da0b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-venkman-1.0.4-2.1.ppc.rpm 22bef32ee56511c1527f2aba2686c31b SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-1.5.0.6-1.2.ppc.rpm 7088063ef61fef41e8ae463017bc2e7a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-translations-1.5.0.6-1.2.ppc.rpm 1179980ccb74d1268981a991ea99ef76 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaThunderbird-1.5.0.5-0.1.ppc.rpm 50989117d508769abe562192f7a29ac0 x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/MozillaThunderbird-1.5.0.5-0.1.x86_64.rpm c3c35689ec4183a3f65eadefe0e035f9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/MozillaThunderbird-translations-1.5.0.5-0.1.x86_64.rpm c2a68df8c7a37edb184de0d816bc6f40 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-1.0.4-2.1.x86_64.rpm 2c9f593099e65d8a4bea1ddb4475b51b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-calendar-1.0.4-2.1.x86_64.rpm 546d70365782daeae85bc2a5e042bae6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-dom-inspector-1.0.4-2.1.x86_64.rpm 1b985d53285222446923fb37d936d759 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-irc-1.0.4-2.1.x86_64.rpm c81a87ba73ed766dc25f2b89b98f4f8e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-mail-1.0.4-2.1.x86_64.rpm 36ca5818bb717578542d7def4b8724f9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-spellchecker-1.0.4-2.1.x86_64.rpm 2c798a9aa382ff0bc6f0d44c1861156d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-venkman-1.0.4-2.1.x86_64.rpm b6f3a089873cf2df5d82e7fcc4943b28 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/MozillaThunderbird-1.5.0.5-0.1.x86_64.rpm 64b491ee5e76fd81d22e6bc03efe6b86 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/MozillaThunderbird-1.5.0.5-0.1.x86_64.rpm 5f797b743baa880b609350dce4003e28 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaFirefox-1.5.0.6-1.4.x86_64.rpm 02d00c594d85c27901ac8975ff4074b5 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaFirefox-translations-1.5.0.6-1.4.x86_64.rpm c3e1ab3e8bffa3b7fd1f8c93253bd387 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaThunderbird-1.5.0.5-0.1.x86_64.rpm 409577b2b376df93980071fa6b080638 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaFirefox-1.5.0.6-1.3.src.rpm 8052f82d870aa163544f20fb0e6e2a7e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaThunderbird-1.5.0.5-0.1.src.rpm a6cc091a2379e066d89f30cc4ef4daca ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/seamonkey-1.0.4-2.1.src.rpm 22f8c43051e3f87df2f6c892259b84c1 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-1.5.0.6-1.2.src.rpm b369c54440dab641eaca7ffacce2fdca ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaThunderbird-1.5.0.5-0.1.src.rpm 3d8939c81652438cc45df2dfafad3401 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaFirefox-1.5.0.6-1.4.src.rpm 6e343044e7c9061e7893d1ad798fb683 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaThunderbird-1.5.0.5-0.1.src.rpm 520ad8710e85f56082e8f744dd7fa9b4 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/MozillaFirefox-1.5.0.6-1.4.src.rpm e102231a46d19c0d05f6e31318a6527e ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/MozillaThunderbird-1.5.0.5-0.1.src.rpm 206929deb348a7ca699d92cda0e4c3e1 ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Aug/0007.html OTHER REFERENCES: SA19873: http://secunia.com/advisories/19873/ SA21229: http://secunia.com/advisories/21229/ SA21228: http://secunia.com/advisories/21228/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------