ID de Prueba:	1.3.6.1.4.1.25623.1.0.56450
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: heimdal
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: heimdal CVE-2005-0469 Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. CVE-2005-2040 Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469. CVE-2006-0582 Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors. CVE-2006-0677 telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0469 BugTraq ID: 12918 http://www.securityfocus.com/bid/12918 CERT/CC vulnerability note: VU#291924 http://www.kb.cert.org/vuls/id/291924 Debian Security Information: DSA-697 (Google Search) http://www.debian.org/security/2005/dsa-697 Debian Security Information: DSA-699 (Google Search) http://www.debian.org/security/2005/dsa-699 Debian Security Information: DSA-703 (Google Search) http://www.debian.org/security/2005/dsa-703 Debian Security Information: DSA-731 (Google Search) http://www.debian.de/security/2005/dsa-731 FreeBSD Security Advisory: FreeBSD-SA-05:01.telnet ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc http://www.gentoo.org/security/en/glsa/glsa-200503-36.xml http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9708 http://www.redhat.com/support/errata/RHSA-2005-327.html http://www.redhat.com/support/errata/RHSA-2005-330.html http://secunia.com/advisories/14745 http://secunia.com/advisories/17899 SGI Security Advisory: 20050405-01-P ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1 http://www.ubuntulinux.org/usn/usn-224-1 Common Vulnerability Exposure (CVE) ID: CVE-2005-2040 Debian Security Information: DSA-758 (Google Search) http://www.debian.org/security/2005/dsa-758 http://www.gentoo.org/security/en/glsa/glsa-200506-24.xml http://secunia.com/advisories/15718 SuSE Security Announcement: SUSE-SA:2005:040 (Google Search) http://www.novell.com/linux/security/advisories/2005_40_heimdal.html Common Vulnerability Exposure (CVE) ID: CVE-2006-0582 BugTraq ID: 16524 http://www.securityfocus.com/bid/16524 Debian Security Information: DSA-977 (Google Search) http://www.debian.org/security/2006/dsa-977 http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html http://www.osvdb.org/22986 http://securitytracker.com/id?1015591 http://secunia.com/advisories/18733 http://secunia.com/advisories/18806 http://secunia.com/advisories/18894 http://secunia.com/advisories/19005 http://secunia.com/advisories/19302 SuSE Security Announcement: SUSE-SA:2006:011 (Google Search) http://www.securityfocus.com/archive/1/426043/100/0/threaded https://usn.ubuntu.com/247-1/ http://www.ubuntu.com/usn/usn-253-1 http://www.vupen.com/english/advisories/2006/0456 http://www.vupen.com/english/advisories/2006/0628 XForce ISS Database: heimdal-rshd-privilege-elevation(24532) https://exchange.xforce.ibmcloud.com/vulnerabilities/24532 Common Vulnerability Exposure (CVE) ID: CVE-2006-0677 BugTraq ID: 16676 http://www.securityfocus.com/bid/16676 http://www.osvdb.org/23244 http://secunia.com/advisories/18961 http://securityreason.com/securityalert/449 http://www.vupen.com/english/advisories/2006/0653 XForce ISS Database: heimdal-telnetd-dos(24763) https://exchange.xforce.ibmcloud.com/vulnerabilities/24763
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.