Test Kennung:	1.3.6.1.4.1.25623.1.0.60623
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200803-31 (mit-krb5)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200803-31.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200803-31. Vulnerability Insight: Multiple vulnerabilities have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges. Solution: All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.6.3-r1' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5894 BugTraq ID: 26750 http://www.securityfocus.com/bid/26750 Bugtraq: 20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation (Google Search) http://www.securityfocus.com/archive/1/489883/100/0/threaded http://seclists.org/fulldisclosure/2007/Dec/0176.html http://seclists.org/fulldisclosure/2007/Dec/0321.html http://bugs.gentoo.org/show_bug.cgi?id=199205 http://osvdb.org/44333 http://secunia.com/advisories/28636 http://secunia.com/advisories/29457 SuSE Security Announcement: SUSE-SR:2008:002 (Google Search) http://www.novell.com/linux/security/advisories/suse_security_summary_report.html Common Vulnerability Exposure (CVE) ID: CVE-2007-5901 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html http://security.gentoo.org/glsa/glsa-200803-31.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:069 http://bugs.gentoo.org/show_bug.cgi?id=199214 http://osvdb.org/43346 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11451 http://www.redhat.com/support/errata/RHSA-2008-0164.html http://secunia.com/advisories/29451 http://secunia.com/advisories/29464 http://secunia.com/advisories/29516 http://secunia.com/advisories/39290 http://ubuntu.com/usn/usn-924-1 http://www.vupen.com/english/advisories/2008/0924/references Common Vulnerability Exposure (CVE) ID: CVE-2007-5971 http://www.mandriva.com/security/advisories?name=MDVSA-2008:070 http://bugs.gentoo.org/show_bug.cgi?id=199212 http://osvdb.org/43345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10296 http://www.redhat.com/support/errata/RHSA-2008-0180.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29450 http://secunia.com/advisories/29462 http://secunia.com/advisories/39784 http://www.ubuntu.com/usn/USN-940-1 http://www.vupen.com/english/advisories/2010/1192 Common Vulnerability Exposure (CVE) ID: CVE-2008-0062 BugTraq ID: 28303 http://www.securityfocus.com/bid/28303 Bugtraq: 20080318 MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc (Google Search) http://www.securityfocus.com/archive/1/489761 Bugtraq: 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues (Google Search) http://www.securityfocus.com/archive/1/493080/100/0/threaded CERT/CC vulnerability note: VU#895609 http://www.kb.cert.org/vuls/id/895609 Debian Security Information: DSA-1524 (Google Search) http://www.debian.org/security/2008/dsa-1524 http://www.gentoo.org/security/en/glsa/glsa-200803-31.xml HPdes Security Advisory: HPSBOV02682 http://marc.info/?l=bugtraq&m=130497213107107&w=2 HPdes Security Advisory: SSRT100495 http://www.mandriva.com/security/advisories?name=MDVSA-2008:071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9496 http://www.redhat.com/support/errata/RHSA-2008-0181.html http://www.redhat.com/support/errata/RHSA-2008-0182.html http://www.securitytracker.com/id?1019626 http://secunia.com/advisories/29423 http://secunia.com/advisories/29424 http://secunia.com/advisories/29428 http://secunia.com/advisories/29435 http://secunia.com/advisories/29438 http://secunia.com/advisories/29663 http://secunia.com/advisories/30535 SuSE Security Announcement: SUSE-SA:2008:016 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html http://www.ubuntu.com/usn/usn-587-1 http://www.vupen.com/english/advisories/2008/0922/references http://www.vupen.com/english/advisories/2008/1102/references http://www.vupen.com/english/advisories/2008/1744 XForce ISS Database: krb5-kdc-code-execution(41275) https://exchange.xforce.ibmcloud.com/vulnerabilities/41275 Common Vulnerability Exposure (CVE) ID: CVE-2008-0063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8916 http://www.securitytracker.com/id?1019627 XForce ISS Database: krb5-kdc-kerberos4-info-disclosure(41277) https://exchange.xforce.ibmcloud.com/vulnerabilities/41277 Common Vulnerability Exposure (CVE) ID: CVE-2008-0947 BugTraq ID: 28302 http://www.securityfocus.com/bid/28302 http://www.securityfocus.com/archive/1/489762/100/0/threaded Bugtraq: 20080318 MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin (resend, corrected subject) (Google Search) http://www.securityfocus.com/archive/1/489784/100/0/threaded Cert/CC Advisory: TA08-079B http://www.us-cert.gov/cas/techalerts/TA08-079B.html CERT/CC vulnerability note: VU#374121 http://www.kb.cert.org/vuls/id/374121 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10984 http://www.securitytracker.com/id?1019631 http://securityreason.com/securityalert/3752 XForce ISS Database: krb5-rpclibrary-bo(41273) https://exchange.xforce.ibmcloud.com/vulnerabilities/41273
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.