---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: SUSE update for Sun Java SECUNIA ADVISORY ID: SA23650 VERIFY ADVISORY: http://secunia.com/advisories/23650/ CRITICAL: Highly critical IMPACT: Security Bypass, Privilege escalation, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 9.3 http://secunia.com/product/4933/ SuSE Linux Desktop 1.x http://secunia.com/product/2002/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ UnitedLinux 1.0 http://secunia.com/product/2003/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ DESCRIPTION: SUSE has issued an update for Sun Java. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system. For more information: SA23398 SA23445 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_4_2-sun-1.4.2_update13-3.1.i586.rpm 81c565319263d8c7c58e9e01d13f704a ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_4_2-sun-alsa-1.4.2_update13-3.1.i586.rpm 3d80e29e86da461750d4f81aebf468ff ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_4_2-sun-devel-1.4.2_update13-3.1.i586.rpm 9167d98e8dc65249a9d07060f6a74765 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_4_2-sun-jdbc-1.4.2_update13-3.1.i586.rpm 0abe0b6df38b505babea046b29ec984f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_4_2-sun-plugin-1.4.2_update13-3.1.i586.rpm d0adc2abc1aaa827c50f3d537bf81278 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_5_0-sun-1.5.0_update10-2.1.i586.rpm 491bc2c41e4d45ea7ed8bb49d994cbe8 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_5_0-sun-alsa-1.5.0_update10-2.1.i586.rpm 2e463e24dc019506bdfb56ae74d28397 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_5_0-sun-devel-1.5.0_update10-2.1.i586.rpm d5839f4872e763210d8070edaa5b3b18 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_5_0-sun-jdbc-1.5.0_update10-2.1.i586.rpm 2371d8ae5ddc400193bb691f6952ec63 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/java-1_5_0-sun-plugin-1.5.0_update10-2.1.i586.rpm d33b4bc3c465d34c268a387946ea8ce5 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-1.4.2.13-0.2.i586.rpm ab731afee0d28a896d684fa5216290a8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-alsa-1.4.2.13-0.2.i586.rpm dbe701794214d79ae5bd5e85dc892e64 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-demo-1.4.2.13-0.2.i586.rpm 5aac3f025f2f4a026fd29dd9fa3bb3f2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-devel-1.4.2.13-0.2.i586.rpm 43e6cf1a0c090b45a4a409bcdbd8f736 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-jdbc-1.4.2.13-0.2.i586.rpm 71e2ad7281293cd9618935496d61b5d3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-plugin-1.4.2.13-0.2.i586.rpm c86d75d765c23e4d58de79d8bc1089df ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_4_2-sun-src-1.4.2.13-0.2.i586.rpm cd2debb1e6c4e9d11856db3fe519841a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-1.5.0_10-0.1.i586.rpm 9b7e3eaa1d0c55d58eda3f7aa97e9441 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-alsa-1.5.0_10-0.1.i586.rpm 5f5f12ad1670e4a35ad250c5feb2e9be ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-demo-1.5.0_10-0.1.i586.rpm 84b962fe0178668e4aa8d5f9bb969bbc ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-devel-1.5.0_10-0.1.i586.rpm f4e699c71718c3901a9897a33b20df0d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-jdbc-1.5.0_10-0.1.i586.rpm 23e0cfc6b4539e61e3843c7349f1bcae ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-plugin-1.5.0_10-0.1.i586.rpm c7b41e40785eed1fbeafabcc80061e5d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/java-1_5_0-sun-src-1.5.0_10-0.1.i586.rpm d3126e7ccaac8eb959b3a63bee316280 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-1.4.2.13-0.1.i586.rpm 01c42908922ef09a7db9e94b80c4f36a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-alsa-1.4.2.13-0.1.i586.rpm 6db1f2255fb32dc5a205907c7515bcd8 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-demo-1.4.2.13-0.1.i586.rpm 76c296ed9a0c10c5d5d70141badbaf4f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-devel-1.4.2.13-0.1.i586.rpm e8201238c0d522f9ae2d877d6115c89d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-jdbc-1.4.2.13-0.1.i586.rpm 6ce914b04c9f64db3be56ac79fee8b2b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-plugin-1.4.2.13-0.1.i586.rpm 39735a1837bccd86d2f6aaaa13d5e7a9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/java-1_4_2-sun-src-1.4.2.13-0.1.i586.rpm 770a5e25c80be675c5d9079a055763f2 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-1.4.2.13-0.1.i586.rpm a12bc6b3eef904121096c57b9fec0578 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-alsa-1.4.2.13-0.1.i586.rpm 479caeebe4f56179a11851e29625c78c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-demo-1.4.2.13-0.1.i586.rpm 5847d503752a299655bfe1c713c84f8b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-devel-1.4.2.13-0.1.i586.rpm 1c42d0d68ec84f54980e110cb1d7851b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-jdbc-1.4.2.13-0.1.i586.rpm d8a089d92655d8f0c0f99facbb00b6f2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-plugin-1.4.2.13-0.1.i586.rpm dcf3226d5eb96725725445703a32f1d3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_4_2-sun-src-1.4.2.13-0.1.i586.rpm 0e39ae7c8ed7be6db647c104f202ef41 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-1.5.0_10-0.1.i586.rpm ede1d5b840059e0ef4397ce9934217fd ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-alsa-1.5.0_10-0.1.i586.rpm 0e8aba2703badd0b0023ea7a1c413ee7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-demo-1.5.0_10-0.1.i586.rpm feaa9180c7deaf538fa303ef6991b0e7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-devel-1.5.0_10-0.1.i586.rpm 2c783a72645b218f7b39219f263a1119 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-jdbc-1.5.0_10-0.1.i586.rpm 350e2e6cbc13ce0551363e03219c71f7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-plugin-1.5.0_10-0.1.i586.rpm d34d9b8728be32b459429c2e4f5ebb02 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/java-1_5_0-sun-src-1.5.0_10-0.1.i586.rpm 129fff7e8359cc26f7eec6b7a4da2274 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/java-1_5_0-sun-1.5.0_update10-2.1.x86_64.rpm d95af4791d768248d85a879a9af1c60c ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/java-1_5_0-sun-alsa-1.5.0_update10-2.1.x86_64.rpm fdfe5e8925ec1ec2fa02ac4b7011c104 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/java-1_5_0-sun-devel-1.5.0_update10-2.1.x86_64.rpm 189972c8c315424a77044f8582256a59 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/java-1_5_0-sun-jdbc-1.5.0_update10-2.1.x86_64.rpm ce9d5527a989388b2102985820ac85f1 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/java-1_5_0-sun-1.5.0_10-0.1.x86_64.rpm d4d5307be992866ee9728e4a2d95c3b2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/java-1_5_0-sun-alsa-1.5.0_10-0.1.x86_64.rpm fa667f16d6be5893e345402f457bc1e5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/java-1_5_0-sun-demo-1.5.0_10-0.1.x86_64.rpm 79371a930adb81aac20f0bd0388b03b6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/java-1_5_0-sun-devel-1.5.0_10-0.1.x86_64.rpm 7f724100d575096819838bbfe052655a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/java-1_5_0-sun-jdbc-1.5.0_10-0.1.x86_64.rpm eefe320b0695b0cce838fa1ae8aa4d93 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/java-1_5_0-sun-src-1.5.0_10-0.1.x86_64.rpm 434855da573f6ae2bd710c81bf9ab286 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/java-1_5_0-sun-1.5.0_10-0.1.x86_64.rpm 3a7c5e1782128e542218d59fab18069f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/java-1_5_0-sun-alsa-1.5.0_10-0.1.x86_64.rpm 5ea0a7eeba2975dccfe7b3e18b62b524 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/java-1_5_0-sun-demo-1.5.0_10-0.1.x86_64.rpm ed7906d110161e840c546bbb9687763a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/java-1_5_0-sun-devel-1.5.0_10-0.1.x86_64.rpm 551dbc446ff7af9335f92b7018b3d9d2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/java-1_5_0-sun-jdbc-1.5.0_10-0.1.x86_64.rpm 25b6a19d1381f432b3dbbf00e3cedc38 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/java-1_4_2-sun-1.4.2_update13-3.1.nosrc.rpm 3a00b836232f6bdea0746947d81d9a4f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/java-1_5_0-sun-1.5.0_update10-2.1.nosrc.rpm 4ce00bd1661fe5a47a9d05a9132a0107 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/java-1_4_2-sun-1.4.2.13-0.2.nosrc.rpm 07e52f5f67c800ef1c6d19e40d14bd8f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/java-1_5_0-sun-1.5.0_10-0.1.src.rpm 414acf97c129f721ce1c8c24c186b2d5 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/java-1_4_2-sun-1.4.2.13-0.1.src.rpm 2cb5a8d1603b10eb60706c7faad08ae5 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/java-1_4_2-sun-1.4.2.13-0.1.src.rpm e51fc5224e0323f0e7509cea80523c3c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/java-1_5_0-sun-1.5.0_10-0.1.src.rpm 329dd9dc0181b1c8d299de35f28f8815 SUSE SLES 10 http://support.novell.com/techcenter/psdb/587b3ae0b3dd71be5cad19cd1b67c3b4.html SUSE SLED 10 http://support.novell.com/techcenter/psdb/587b3ae0b3dd71be5cad19cd1b67c3b4.html UnitedLinux 1.0 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html Open Enterprise Server http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html Novell Linux POS 9 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SuSE Linux School Server http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SUSE LINUX Retail Solution 8 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SuSE Linux Desktop 1.0 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html SUSE SLES 9 http://support.novell.com/techcenter/psdb/b61d3cf1f87c35751e465d9d7a361d47.html ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html OTHER REFERENCES: SA23398: http://secunia.com/advisories/23398/ SA23445: http://secunia.com/advisories/23445/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------