Secunia

Community Login

Customer Login

Partner Login

Overview

Advisories

Research

Forums

Create Profile

Our Commitment

Database

Advisories by Product

Advisories by Vendor

Terminology

Report Vulnerability

Insecure Library Loading

Secunia Advisory SA31687

SUSE Update for Multiple Packages

Secunia Advisory

SA31687

Get alerted and manage the vulnerability life cycle

Release Date

2008-09-01

Popularity

5,920 views

Comments

0 comments

Criticality level

Highly critical

Impact

Security Bypass
Cross Site Scripting
Spoofing
Exposure of system information
Exposure of sensitive information
Privilege escalation
DoS
System access

Where

From remote

Authentication level

Available in Customer Area

Report reliability

Available in Customer Area

Solution Status

Vendor Patch

Systems affected

Available in Customer Area

Approve distribution

Available in Customer Area

Operating System

openSUSE 10.2

openSUSE 10.3

openSUSE 11.0

SUSE Linux Enterprise Server (SLES) 10

SUSE Linux Enterprise Server 9

Software:

Novell Open Enterprise Server 1.x

Secunia CVSS Score

Available in Customer Area

CVE Reference(s)

Description

SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, gain escalated privileges, and bypass certain security restrictions, by malicious users to conduct script insertion attacks and cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, cause a DoS, poison the DNS cache, and potentially compromise a vulnerable system.

For more information:
SA24483
SA27546
SA28794
SA29232
SA29386
SA29576
SA29595
SA29794
SA30134
SA30790
SA30886
SA31044
SA31197
SA31305
SA31407
SA31508

Solution
Apply updated packages via YaST Online Update or the SUSE FTP server.
Original Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: SUSE Update for Multiple Packages

No posts yet

Secunia

Secunia Advisory SA31687

SUSE Update for Multiple Packages

Do you have additional information related to this advisory?

You must be logged in to post a comment.

Secunia Customer Login

Not a customer already?