Test Kennung:	1.3.6.1.4.1.25623.1.0.55411
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2005-0036 (Multiple packages)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2005-0036. kerberos5: - Double-free in krb5_recvauth (CVE-2005-1689). Buffer overflow, Heap corruption in KDC (CVE-2005-1174) and (CVE-2005-1175) Fixed Bug# 1073 and 1075 kernel: - Fixed Race condition within system calls (CVE-2005-1768). Fix Bug #1065. Critical and major fixes has been done. php4: - New Upstream - Security Bug Fix release to 4.3.11, Fix Bug #1064 Vendor update for XML_RPC to fix remote code execution vulnerability. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0036 Risk factor : High CVSS Score: 7.5
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1689 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html BugTraq ID: 14239 http://www.securityfocus.com/bid/14239 Bugtraq: 20050712 MITKRB5-SA-2005-003: double-free in krb5_recvauth (Google Search) http://marc.info/?l=bugtraq&m=112119974704542&w=2 CERT/CC vulnerability note: VU#623332 http://www.kb.cert.org/vuls/id/623332 Conectiva Linux advisory: CLA-2005:993 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993 Debian Security Information: DSA-757 (Google Search) http://www.debian.org/security/2005/dsa-757 http://www.gentoo.org/security/en/glsa/glsa-200507-11.xml HPdes Security Advisory: HPSBUX02152 http://www.securityfocus.com/archive/1/446940/100/0/threaded HPdes Security Advisory: SSRT5973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9819 http://www.redhat.com/support/errata/RHSA-2005-562.html http://www.redhat.com/support/errata/RHSA-2005-567.html http://securitytracker.com/id?1014461 http://secunia.com/advisories/16041 http://secunia.com/advisories/17135 http://secunia.com/advisories/17899 http://secunia.com/advisories/22090 SGI Security Advisory: 20050703-01-U ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-101810-1 SuSE Security Announcement: SUSE-SR:2005:017 (Google Search) http://www.novell.com/linux/security/advisories/2005_17_sr.html http://www.trustix.org/errata/2005/0036 TurboLinux Advisory: TLSA-2005-78 http://www.turbolinux.com/security/2005/TLSA-2005-78.txt https://usn.ubuntu.com/224-1/ http://www.vupen.com/english/advisories/2005/1066 http://www.vupen.com/english/advisories/2006/3776 XForce ISS Database: kerberos-kdc-krb5recvauth-execute-code(21055) https://exchange.xforce.ibmcloud.com/vulnerabilities/21055 Common Vulnerability Exposure (CVE) ID: CVE-2005-1174 AIX APAR: IY85474 http://www-1.ibm.com/support/docview.wss?uid=swg1IY85474 BugTraq ID: 14240 http://www.securityfocus.com/bid/14240 Bugtraq: 20050712 MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC (Google Search) http://marc.info/?l=bugtraq&m=112122123211974&w=2 CERT/CC vulnerability note: VU#259798 http://www.kb.cert.org/vuls/id/259798 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397 http://securitytracker.com/id?1014460 http://secunia.com/advisories/20364 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1 http://www.vupen.com/english/advisories/2006/2074 XForce ISS Database: kerberos-kdc-krb5-tcp-connection-dos(21327) https://exchange.xforce.ibmcloud.com/vulnerabilities/21327 Common Vulnerability Exposure (CVE) ID: CVE-2005-1175 BugTraq ID: 14236 http://www.securityfocus.com/bid/14236 CERT/CC vulnerability note: VU#885830 http://www.kb.cert.org/vuls/id/885830 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902 XForce ISS Database: kerberos-kdc-krb5-udp-tcp-bo(21328) https://exchange.xforce.ibmcloud.com/vulnerabilities/21328 Common Vulnerability Exposure (CVE) ID: CVE-2005-1768 1014442 http://securitytracker.com/id?1014442 14205 http://www.securityfocus.com/bid/14205 15980 http://secunia.com/advisories/15980 17002 http://secunia.com/advisories/17002 18059 http://secunia.com/advisories/18059 19185 http://secunia.com/advisories/19185 19607 http://secunia.com/advisories/19607 20050711 [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) http://marc.info/?l=bugtraq&m=112110120216116&w=2 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U ADV-2005-1878 http://www.vupen.com/english/advisories/2005/1878 DSA-921 http://www.debian.org/security/2005/dsa-921 RHSA-2005:551 http://www.redhat.com/support/errata/RHSA-2005-551.html RHSA-2005:663 http://www.redhat.com/support/errata/RHSA-2005-663.html SUSE-SA:2005:044 http://www.novell.com/linux/security/advisories/2005_44_kernel.html http://www.suresec.org/advisories/adv4.pdf oval:org.mitre.oval:def:11117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11117
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.