|
SUSE Update for Multiple Packages
|
|
Secunia Advisory:
|
SA30581
|
|
|
Release Date:
|
2008-06-09
|
|
Popularity:
|
3,169 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Spoofing
Exposure of sensitive information
Privilege escalation
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | openSUSE 10.2
openSUSE 10.3
SUSE Linux 10.1
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9
|
|
| Software: | Novell Open Enterprise Server 1.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, malicious users to gain escalated privileges, and malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
For more information:
SA28694
SA29584
SA29850
SA29882
SA30199
SA30234
SA30568
A vulnerability is caused due to temporary files being handled insecurely by the opensuse-updater on openSUSE 10.2, which can be exploited to disclose sensitive information (e.g. passwords) via symlink attacks.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
