Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2021-0196)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2021.0196

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2021-0196)

Zusammenfassung: The remote host is missing an update for the 'krb5-appl' package(s) announced via the MGASA-2021-0196 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'krb5-appl' package(s) announced via the MGASA-2021-0196 advisory.

Vulnerability Insight:
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp
implementation being derived from 1983 rcp, the server chooses which
files/directories are sent to the client. However, the rcp client only
performs cursory validation of the object name returned (only directory
traversal attacks are prevented). A malicious rcp server (or
Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client
target directory. If recursive operation (-r) is performed, the server can
manipulate subdirectories as well (for example, to overwrite the
.ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and
CVE-2019-7283 (CVE-2019-25017).

In the rcp client in MIT krb5-appl through 1.0.3 malicious servers could
bypass intended access restrictions via the filename of . or an empty
filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying
the permissions of the target directory on the client side (CVE-2019-25018).

Affected Software/OS:
'krb5-appl' package(s) on Mageia 7, Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-25017
https://bugzilla.suse.com/show_bug.cgi?id=1131109
Common Vulnerability Exposure (CVE) ID: CVE-2019-25018

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2021.0196
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2021-0196)
Zusammenfassung:	The remote host is missing an update for the 'krb5-appl' package(s) announced via the MGASA-2021-0196 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'krb5-appl' package(s) announced via the MGASA-2021-0196 advisory. Vulnerability Insight: An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283 (CVE-2019-25017). In the rcp client in MIT krb5-appl through 1.0.3 malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side (CVE-2019-25018). Affected Software/OS: 'krb5-appl' package(s) on Mageia 7, Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-25017 https://bugzilla.suse.com/show_bug.cgi?id=1131109 Common Vulnerability Exposure (CVE) ID: CVE-2019-25018
Copyright	Copyright (C) 2022 Greenbone AG