Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200504-04 (telnet)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54906

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200504-04 (telnet)

Resumen: The remote host is missing updates announced in;advisory GLSA 200504-04.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200504-04.

Vulnerability Insight:
The mit-krb5 telnet client is vulnerable to two buffer overflows, which
could allow a malicious telnet server operator to execute arbitrary code.

Solution:
All mit-krb5 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.3.6-r2'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0468
BugTraq ID: 12919
http://www.securityfocus.com/bid/12919
CERT/CC vulnerability note: VU#341908
http://www.kb.cert.org/vuls/id/341908
Conectiva Linux advisory: CLA-2005:962
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000962
Debian Security Information: DSA-703 (Google Search)
http://www.debian.org/security/2005/dsa-703
Debian Security Information: DSA-731 (Google Search)
http://www.debian.de/security/2005/dsa-731
FreeBSD Security Advisory: FreeBSD-SA-05:01.telnet
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
http://www.mandriva.com/security/advisories?name=MDKSA-2005:061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9640
http://www.redhat.com/support/errata/RHSA-2005-327.html
http://www.redhat.com/support/errata/RHSA-2005-330.html
http://secunia.com/advisories/14745
http://secunia.com/advisories/17899
SGI Security Advisory: 20050405-01-P
ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1
http://www.ubuntulinux.org/usn/usn-224-1
Common Vulnerability Exposure (CVE) ID: CVE-2005-0469
BugTraq ID: 12918
http://www.securityfocus.com/bid/12918
CERT/CC vulnerability note: VU#291924
http://www.kb.cert.org/vuls/id/291924
Debian Security Information: DSA-697 (Google Search)
http://www.debian.org/security/2005/dsa-697
Debian Security Information: DSA-699 (Google Search)
http://www.debian.org/security/2005/dsa-699
http://www.gentoo.org/security/en/glsa/glsa-200503-36.xml
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9708

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54906
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200504-04 (telnet)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200504-04.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200504-04. Vulnerability Insight: The mit-krb5 telnet client is vulnerable to two buffer overflows, which could allow a malicious telnet server operator to execute arbitrary code. Solution: All mit-krb5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.3.6-r2' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0468 BugTraq ID: 12919 http://www.securityfocus.com/bid/12919 CERT/CC vulnerability note: VU#341908 http://www.kb.cert.org/vuls/id/341908 Conectiva Linux advisory: CLA-2005:962 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000962 Debian Security Information: DSA-703 (Google Search) http://www.debian.org/security/2005/dsa-703 Debian Security Information: DSA-731 (Google Search) http://www.debian.de/security/2005/dsa-731 FreeBSD Security Advisory: FreeBSD-SA-05:01.telnet ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9640 http://www.redhat.com/support/errata/RHSA-2005-327.html http://www.redhat.com/support/errata/RHSA-2005-330.html http://secunia.com/advisories/14745 http://secunia.com/advisories/17899 SGI Security Advisory: 20050405-01-P ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1 http://www.ubuntulinux.org/usn/usn-224-1 Common Vulnerability Exposure (CVE) ID: CVE-2005-0469 BugTraq ID: 12918 http://www.securityfocus.com/bid/12918 CERT/CC vulnerability note: VU#291924 http://www.kb.cert.org/vuls/id/291924 Debian Security Information: DSA-697 (Google Search) http://www.debian.org/security/2005/dsa-697 Debian Security Information: DSA-699 (Google Search) http://www.debian.org/security/2005/dsa-699 http://www.gentoo.org/security/en/glsa/glsa-200503-36.xml http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9708
Copyright	Copyright (C) 2008 E-Soft Inc.