---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA33010 VERIFY ADVISORY: http://secunia.com/advisories/33010/ CRITICAL: Moderately critical IMPACT: Privilege escalation, DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux Enterprise Server 9 http://secunia.com/advisories/product/4118/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service) and malicious people to cause a DoS or potentially compromise a vulnerable system. For more information: SA25895 SA32510 A vulnerability is caused due to a boundary error in the ndiswrapper kernel driver when processing wireless network packets. This can be exploited to cause a buffer overflow via an overly long ESSID (Extended Service Set Identifier). SOLUTION: Apply updated packages. SUSE CORE 9 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&keywords=608eb280879da5fdecef488bd7784dfb SUSE CORE 9 for IBM S/390 31bit http://download.novell.com/index.jsp?search=Search&keywords=159b6d8d14eb391abf36d4914d6b1a81 SUSE CORE 9 for IBM zSeries 64bit http://download.novell.com/index.jsp?search=Search&keywords=af534e16e1946a0401b765acfb9c0ec2 SUSE CORE 9 for IBM POWER http://download.novell.com/index.jsp?search=Search&keywords=17e72f16c45f57d18ec6999ea4a0c696 SUSE CORE 9 for Itanium Processor Family http://download.novell.com/index.jsp?search=Search&keywords=ee9eda96ad81ff11df1777fff94f8834 Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&keywords=f8452f8de5562ed0c0c9d5b8aab02197 SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&keywords=608eb280879da5fdecef488bd7784dfb http://download.novell.com/index.jsp?search=Search&keywords=159b6d8d14eb391abf36d4914d6b1a81 http://download.novell.com/index.jsp?search=Search&keywords=af534e16e1946a0401b765acfb9c0ec2 http://download.novell.com/index.jsp?search=Search&keywords=17e72f16c45f57d18ec6999ea4a0c696 http://download.novell.com/index.jsp?search=Search&keywords=ee9eda96ad81ff11df1777fff94f8834 http://download.novell.com/index.jsp?search=Search&keywords=f8452f8de5562ed0c0c9d5b8aab02197 SUSE CORE 9 for x86 http://download.novell.com/index.jsp?search=Search&keywords=f8452f8de5562ed0c0c9d5b8aab02197 Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&keywords=7cafba4000c518586bc1b78e580e6295 Novell Linux Desktop 9 for x86_64 http://download.novell.com/index.jsp?search=Search&keywords=7cafba4000c518586bc1b78e580e6295 ORIGINAL ADVISORY: SUSE-SA:2008:057: http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html OTHER REFERENCES: SA25895: http://secunia.com/advisories/25895/ SA32510: http://secunia.com/advisories/32510/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------