---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: SUSE update for phpMyAdmin SECUNIA ADVISORY ID: SA23086 VERIFY ADVISORY: http://secunia.com/advisories/23086/ CRITICAL: Less critical IMPACT: Hijacking, Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 9.3 http://secunia.com/product/4933/ DESCRIPTION: SUSE has issued an update for phpMyAdmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. For more information: SA20907 SA22126 SA22599 SOLUTION: Apply updated packages. Platform Independent: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/noarch/phpMyAdmin-2.9.1.1-2.1.noarch.rpm fb85f5fed5abc54bdbd1309678d80875 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/noarch/phpMyAdmin-2.9.1.1-2.1.noarch.rpm dfb67d57dc9f17df7f7531ffd2d51a85 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/noarch/phpMyAdmin-2.9.1.1-2.1.noarch.rpm b7216edcb198fe74fe5dc4feeafdc0d5 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/phpMyAdmin-2.9.1.1-2.1.src.rpm 4e334b1e1909a0fc17bd02148bf770ac SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/phpMyAdmin-2.9.1.1-2.1.src.rpm 1aa59e5aa181820c771c2ef465128866 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/phpMyAdmin-2.9.1.1-2.1.src.rpm 026a7b85870c558d37724ef96b81c5a9 ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html OTHER REFERENCES: SA20907: http://secunia.com/advisories/20907/ SA22126: http://secunia.com/advisories/22126/ SA22599: http://secunia.com/advisories/22599/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------