---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox and seamonkey SECUNIA ADVISORY ID: SA24384 VERIFY ADVISORY: http://secunia.com/advisories/24384/ CRITICAL: Highly critical IMPACT: Cross Site Scripting, Spoofing, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 10.1 http://secunia.com/product/10796/ openSUSE 10.2 http://secunia.com/product/13375/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ DESCRIPTION: SUSE has issued an update for MozillaFirefox and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system. For more information: SA24205 SA24238 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.2-1.1.i586.rpm 02e3d51d0b3420cc9397760f0e86d191 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.2-1.1.i586.rpm 7b0f32ecd094d7eef87733b3e3476673 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-1.1.1-0.1.i586.rpm 84df0ff9847008b5db52b4c1ae934210 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-dom-inspector-1.1.1-0.1.i586.rpm f90f3afd0bff86b4da3dbb05a2c2335d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-irc-1.1.1-0.1.i586.rpm 80ac7fdac2cc547c76b5eedd482bb082 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-mail-1.1.1-0.1.i586.rpm 91992945df0728e4260ae2ddfb7d3281 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-spellchecker-1.1.1-0.1.i586.rpm a4c38e8b67b32883b7d2a8c43672e762 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-venkman-1.1.1-0.1.i586.rpm 907c12a9bb1662652126d643fe851fcc SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-1.5.0.10-0.2.i586.rpm 6e55236e3b80b3894969c655f9ebf2a4 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-1.5.0.10-0.2.i586.rpm 6d61e4d6e1d6dbc9445cc3f6b6ed30e3 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-1.5.0.10-0.2.i586.rpm d94fa79fb7f0de31f8d9f90baa617ca1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-translations-1.5.0.10-0.2.i586.rpm 1d3fddf5349977a9caead4b47878e51d SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-1.5.0.10-0.2.i586.rpm f6e7cc76afc0fef155553f735fe653b7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-translations-1.5.0.10-0.2.i586.rpm 9e7435497cd97dcd1f38105a6b080d8c Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-2.0.0.2-1.1.ppc.rpm 5c6b5efd358c074106dcef14acb89f23 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-translations-2.0.0.2-1.1.ppc.rpm 1a6991caad9a490822710e4fcf838c9c ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-1.1.1-0.1.ppc.rpm c0dc8bbb08a3d06b656258a86710bc45 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-dom-inspector-1.1.1-0.1.ppc.rpm c834417d2d1db92f284a12c9f88f71d0 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-irc-1.1.1-0.1.ppc.rpm 469a2f5b1968979582291477e83260dd ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-mail-1.1.1-0.1.ppc.rpm 21d9f56ac5b93d70f47eba112505e209 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-spellchecker-1.1.1-0.1.ppc.rpm c550ce638db6e7f8d7fb3f3e037de53a ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-venkman-1.1.1-0.1.ppc.rpm 58c4aced409456293248113d32a00dbf SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-1.5.0.10-0.2.ppc.rpm 4140a6709fabce8a52a9ccaeaeb7bb1a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-1.5.0.10-0.2.ppc.rpm ac0d3d387e2f1930f331fee0800e462b SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-1.5.0.10-0.2.ppc.rpm 76e3f52dd691ca5b652edce6c697070f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-translations-1.5.0.10-0.2.ppc.rpm 3652ee25f11e32a518294ad8b4314b23 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-2.0.0.2-1.1.x86_64.rpm ae21afdc3451c6517c228b7cb012bbc7 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-translations-2.0.0.2-1.1.x86_64.rpm 9ec91717a80c8ad5947d6d6e2fc99d01 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-1.1.1-0.1.x86_64.rpm aa9b1d5d7cf62fcc990aabcae84e7c39 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-dom-inspector-1.1.1-0.1.x86_64.rpm d8ac0deb3f11edc0439ce11153a04fbe ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-irc-1.1.1-0.1.x86_64.rpm 1554c4a8c75564ae02c720455f29775b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-mail-1.1.1-0.1.x86_64.rpm 779e371deec7bf589bda6b3d6fdd4069 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-spellchecker-1.1.1-0.1.x86_64.rpm 2ffba2b0ea7bbaf5806e03c7ffe58ac4 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-venkman-1.1.1-0.1.x86_64.rpm 3761ab7b9fc06cc114a609c322d18803 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.2-1.1.src.rpm f77b9222e0a60e6638a3e0f343fea209 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/seamonkey-1.1.1-0.1.src.rpm ae42228f39110de8d0699694458ff88e SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaFirefox-1.5.0.10-0.2.src.rpm 8f80ec015760d1fd3d25f30be2d5ef01 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-1.5.0.10-0.2.src.rpm 748849a36a1990fea5bdb75b3bd0bcf3 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaFirefox-1.5.0.10-0.2.src.rpm f7d79ad15eeed3798e91a31cace3022d Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/66969064f4a01b40dabf533d22cb76ee.html Novell Linux Desktop 9 for x86 http://support.novell.com/techcenter/psdb/66969064f4a01b40dabf533d22cb76ee.html SUSE SLES 10 http://support.novell.com/techcenter/psdb/1cbeadd626068e3518e641d88f149a11.html SUSE SLED 10 http://support.novell.com/techcenter/psdb/1cbeadd626068e3518e641d88f149a11.html ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html OTHER REFERENCES: SA24205: http://secunia.com/advisories/24205/ SA24238: http://secunia.com/advisories/24238/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------