FreeBSD Local Security Checks : FreeBSD Ports: krb5

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.67290

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: krb5

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: krb5

CVE-2010-0629
Use-after-free vulnerability in kadmin/server/server_stubs.c in
kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote
authenticated users to cause a denial of service (daemon crash) via a
request from a kadmin client that sends an invalid API version number.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0629
BugTraq ID: 39247
http://www.securityfocus.com/bid/39247
Bugtraq: 20100406 MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases (Google Search)
http://www.securityfocus.com/archive/1/510566/100/0/threaded
Debian Security Information: DSA-2031 (Google Search)
http://www.debian.org/security/2010/dsa-2031
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489
http://www.redhat.com/support/errata/RHSA-2010-0343.html
http://securitytracker.com/id?1023821
http://secunia.com/advisories/39264
http://secunia.com/advisories/39290
http://secunia.com/advisories/39315
http://secunia.com/advisories/39324
http://secunia.com/advisories/39367
SuSE Security Announcement: SUSE-SR:2010:009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html
http://ubuntu.com/usn/usn-924-1
http://www.vupen.com/english/advisories/2010/0876

Copyright Copyright (C) 2010 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.67290
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: krb5
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: krb5 CVE-2010-0629 Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0629 BugTraq ID: 39247 http://www.securityfocus.com/bid/39247 Bugtraq: 20100406 MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases (Google Search) http://www.securityfocus.com/archive/1/510566/100/0/threaded Debian Security Information: DSA-2031 (Google Search) http://www.debian.org/security/2010/dsa-2031 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489 http://www.redhat.com/support/errata/RHSA-2010-0343.html http://securitytracker.com/id?1023821 http://secunia.com/advisories/39264 http://secunia.com/advisories/39290 http://secunia.com/advisories/39315 http://secunia.com/advisories/39324 http://secunia.com/advisories/39367 SuSE Security Announcement: SUSE-SR:2010:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html http://ubuntu.com/usn/usn-924-1 http://www.vupen.com/english/advisories/2010/0876
Copyright	Copyright (C) 2010 E-Soft Inc.