Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

--------------------------------------------------------------------------
  Turbolinux Security Advisory TLSA-2002-20
  http://www/turbolinux.co.jp/security/
                                            security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Namazu

Cross * sight script problem

   Release date : 2002-04-19

   Object package : namazu-2.0.10-1

   Problem
    Making use of the problem by the cross * sight script, unauthorized user can alter the output result and a possibility of cookie information being acquired.

   Solution:
    Please verify version and execute the command below

    # rpm -qa | grep package name

   When problem corresponds, please download the update package. Do the update  by the using the command below.
    Furthermore, please execute the package number which corresponds to your version number. Without starting a new paragraph, please enter the "\ " Bunchu sign.

    Execution example
    ---------------------------------------------------------------------
    # rpm -Fvh Package-1.0.0-1.i586.rpm \
    Package-doc-1.0.0-1.i586.rpm \
    Package-devel-1.0.0-1.i586.rpm

    The case where rpm command is executed, please enter as follows on the command line.

    # rpm -Fvh package-1.0.0-1.i586.rpm package-doc-1.0.0-1.i586.rpm package-devel-1.0.0-1.i586.rpm
    ---------------------------------------------------------------------

    < Turbolinux 7 Workstation >
    # rpm -Fvh namazu-2.0.10-1.i586.rpm \
    namazu-devel-2.0.10-1.i586.rpm \
    perl-File-MMagic-1.13-1.noarch.rpm

Package updates: http://www.turbolinux.co.jp/update/