---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: SUSE Update for Multiple Packages SECUNIA ADVISORY ID: SA24506 VERIFY ADVISORY: http://secunia.com/advisories/24506/ CRITICAL: Highly critical IMPACT: Cross Site Scripting, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ openSUSE 10.2 http://secunia.com/product/13375/ SuSE Linux 8.x http://secunia.com/product/141/ DESCRIPTION: SUSE has issued an update for multiple packages. This fixes several vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting and script insertion attacks, gain knowledge of potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA13123 SA17891 SA21726 SA23195 SA23631 SOLUTION: Apply updated packages. Updated packages are available via YaST Online Update or via the SUSE FTP site. ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0005.html OTHER REFERENCES: SA13123: http://secunia.com/advisories/13123/ SA17891: http://secunia.com/advisories/17891/ SA21726: http://secunia.com/advisories/21726/ SA23195: http://secunia.com/advisories/23195/ SA23631: http://secunia.com/advisories/23631/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------