Test Kennung:	1.3.6.1.4.1.25623.1.0.57777
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2007:008 (krb5)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to krb5 announced via advisory MDKSA-2007:008. A vulnerability in the RPC library in Kerberos 1.4.x and 1.5.x as used in the kadmind administration daemon calls an uninitialized function pointer in freed memory, which could allow a remote attacker to cause a Denial of Service and possibly execute arbitrary code via unspecified vectors. Updated packages are patched to address this issue. Affected: 2006.0, 2007.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:008 http://www.cert.org/advisories/481564 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt Risk factor : Critical CVSS Score: 9.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6143 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html BugTraq ID: 21970 http://www.securityfocus.com/bid/21970 Bugtraq: 20070109 MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer (Google Search) http://www.securityfocus.com/archive/1/456406/100/0/threaded Cert/CC Advisory: TA07-009B http://www.us-cert.gov/cas/techalerts/TA07-009B.html Cert/CC Advisory: TA07-109A http://www.us-cert.gov/cas/techalerts/TA07-109A.html CERT/CC vulnerability note: VU#481564 http://www.kb.cert.org/vuls/id/481564 http://fedoranews.org/cms/node/2375 http://fedoranews.org/cms/node/2376 http://security.gentoo.org/glsa/glsa-200701-21.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:008 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html http://osvdb.org/31281 http://securitytracker.com/id?1017493 http://secunia.com/advisories/23667 http://secunia.com/advisories/23696 http://secunia.com/advisories/23701 http://secunia.com/advisories/23706 http://secunia.com/advisories/23707 http://secunia.com/advisories/23772 http://secunia.com/advisories/23903 http://secunia.com/advisories/24966 SuSE Security Announcement: SUSE-SA:2007:004 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html http://www.ubuntu.com/usn/usn-408-1 http://www.vupen.com/english/advisories/2007/0111 http://www.vupen.com/english/advisories/2007/1470 XForce ISS Database: kerberos-rpc-code-execution(31422) https://exchange.xforce.ibmcloud.com/vulnerabilities/31422
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.