---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: SUSE update for apache2 SECUNIA ADVISORY ID: SA21848 VERIFY ADVISORY: http://secunia.com/advisories/21848/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SUSE Linux 10 http://secunia.com/product/6221/ DESCRIPTION: SUSE has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA21172 Note: These packages also fix a problem which was introduced by a previous patch for CVE-2005-3357. SOLUTION: Apply updated packages. x86 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-2.0.54-10.8.i586.rpm 4e5f7482e476e85e92df04868fda661c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-prefork-2.0.54-10.8.i586.rpm 56fc5c08895d0a9a3c2cc6015b3dd34b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-worker-2.0.54-10.8.i586.rpm 8b1c3a66cbad2f102b1569f3e0333501 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-2.0.53-9.15.i586.rpm a2aa08e4ddd70859ec542aed22ccdee9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-prefork-2.0.53-9.15.i586.rpm bf0ceb6357957c5e0565857dbf544ea3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-worker-2.0.53-9.15.i586.rpm eddf464f0073f6d1b3576fa5ef0b5c8b SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-2.0.50-7.17.i586.rpm 3d7ae24eeb12d37484db873829cad192 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-prefork-2.0.50-7.17.i586.rpm 7ac171bd3c9fe75cb96d18038b63c1f6 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-worker-2.0.50-7.17.i586.rpm 9e6cecbb28ae31c0693e3cb849a75f8f Power PC Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-2.0.54-10.8.ppc.rpm c0690dee4b47c8ece321996832397915 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-prefork-2.0.54-10.8.ppc.rpm 4cb7734bcf6c5c1de524ac1b3bc183b2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-worker-2.0.54-10.8.ppc.rpm c1e262a0f1dd27c7d4da0919070f53a1 x86-64 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-2.0.54-10.8.x86_64.rpm 5a11e9b78e0f946403c47797fb4e49b9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-prefork-2.0.54-10.8.x86_64.rpm b05190443513cea99aafd1a15baf3ddc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-worker-2.0.54-10.8.x86_64.rpm 9248815b04fc1a26950d33c5bcc6b85f SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-2.0.53-9.15.x86_64.rpm 6ce32141596325584f13a18f0271269c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-prefork-2.0.53-9.15.x86_64.rpm dfddc46d4b6feab89f35a579d5471533 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/apache2-worker-2.0.53-9.15.x86_64.rpm de9fb2bd70949d79cc5f020f72beca37 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-2.0.50-7.17.x86_64.rpm 632e9b785b32694a141d0b89d27ac489 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-prefork-2.0.50-7.17.x86_64.rpm b63783a1c93a875064f56f55151acf81 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/apache2-worker-2.0.50-7.17.x86_64.rpm 43ffab89ba259f707edc199ed54eee57 Sources: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/apache2-2.0.54-10.8.src.rpm ae34902816649e317fd03afd1a185565 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/apache2-2.0.53-9.15.src.rpm a4da14a77b4c58a07cd0fcf9e324b3ed SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/apache2-2.0.50-7.17.src.rpm ab9adcf8c71117ed3cb9f1ba75b2138a ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Sep/0004.html OTHER REFERENCES: SA21172: http://secunia.com/advisories/21172/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------