Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2015.0119
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2015-0119)
Zusammenfassung:	The remote host is missing an update for the 'krb5' package(s) announced via the MGASA-2015-0119 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'krb5' package(s) announced via the MGASA-2015-0119 advisory. Vulnerability Insight: MIT Kerberos 5 through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a zero-byte version string or cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c (CVE-2014-5355). Affected Software/OS: 'krb5' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-5355 BugTraq ID: 74042 http://www.securityfocus.com/bid/74042 http://www.mandriva.com/security/advisories?name=MDVSA-2015:069 https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html RedHat Security Advisories: RHSA-2015:0794 http://rhn.redhat.com/errata/RHSA-2015-0794.html SuSE Security Announcement: openSUSE-SU-2015:0542 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html http://www.ubuntu.com/usn/USN-2810-1
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.