 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.67291 |
| Kategorie: | FreeBSD Local Security Checks |
| Titel: | FreeBSD Ports: krb5 |
| Zusammenfassung: | The remote host is missing an update to the system; as announced in the referenced advisory. |
| Beschreibung: | Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: krb5 CVE-2010-0283 The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request. CVE-2010-0628 The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0283 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html BugTraq ID: 38260 http://www.securityfocus.com/bid/38260 Bugtraq: 20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service (Google Search) http://www.securityfocus.com/archive/1/509553/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html http://securitytracker.com/id?1023593 http://secunia.com/advisories/38598 http://secunia.com/advisories/39023 http://secunia.com/advisories/40220 http://www.ubuntu.com/usn/USN-916-1 http://www.vupen.com/english/advisories/2010/1481 Common Vulnerability Exposure (CVE) ID: CVE-2010-0628 BugTraq ID: 38904 http://www.securityfocus.com/bid/38904 Bugtraq: 20100323 MITKRB5-SA-2010-002 denial of service in SPNEGO [CVE-2010-0628 VU#839413] (Google Search) http://www.securityfocus.com/archive/1/510281/100/0/threaded CERT/CC vulnerability note: VU#839413 http://www.kb.cert.org/vuls/id/839413 |
| Copyright | Copyright (C) 2010 E-Soft Inc. |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |