ID de Prueba:	1.3.6.1.4.1.25623.1.0.67427
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:100 (krb5)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to krb5 announced via advisory MDVSA-2010:100. A vulnerability has been found and corrected in krb5: Certain invalid GSS-API tokens can cause a GSS-API acceptor (server) to crash due to a null pointer dereference in the GSS-API library (CVE-2010-1321). Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The updated packages have been patched to correct this issue. Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:100 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1321 BugTraq ID: 40235 http://www.securityfocus.com/bid/40235 Bugtraq: 20100518 MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref (Google Search) http://www.securityfocus.com/archive/1/511331/100/0/threaded Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search) http://www.securityfocus.com/archive/1/516397/100/0/threaded Cert/CC Advisory: TA10-287A http://www.us-cert.gov/cas/techalerts/TA10-287A.html Cert/CC Advisory: TA11-201A http://www.us-cert.gov/cas/techalerts/TA11-201A.html Debian Security Information: DSA-2052 (Google Search) http://www.debian.org/security/2010/dsa-2052 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBUX02544 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 HPdes Security Advisory: SSRT100107 http://www.mandriva.com/security/advisories?name=MDVSA-2010:100 http://osvdb.org/64744 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11604 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7198 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7450 http://www.redhat.com/support/errata/RHSA-2010-0423.html http://www.redhat.com/support/errata/RHSA-2010-0770.html http://www.redhat.com/support/errata/RHSA-2010-0807.html http://www.redhat.com/support/errata/RHSA-2010-0873.html http://www.redhat.com/support/errata/RHSA-2010-0935.html http://www.redhat.com/support/errata/RHSA-2010-0987.html http://www.redhat.com/support/errata/RHSA-2011-0152.html http://www.redhat.com/support/errata/RHSA-2011-0880.html http://secunia.com/advisories/39762 http://secunia.com/advisories/39784 http://secunia.com/advisories/39799 http://secunia.com/advisories/39818 http://secunia.com/advisories/39849 http://secunia.com/advisories/40346 http://secunia.com/advisories/40685 http://secunia.com/advisories/41967 http://secunia.com/advisories/42432 http://secunia.com/advisories/42974 http://secunia.com/advisories/43335 http://secunia.com/advisories/44954 SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html http://www.ubuntu.com/usn/USN-940-1 http://www.ubuntu.com/usn/USN-940-2 http://www.vupen.com/english/advisories/2010/1177 http://www.vupen.com/english/advisories/2010/1192 http://www.vupen.com/english/advisories/2010/1193 http://www.vupen.com/english/advisories/2010/1196 http://www.vupen.com/english/advisories/2010/1222 http://www.vupen.com/english/advisories/2010/1574 http://www.vupen.com/english/advisories/2010/1882 http://www.vupen.com/english/advisories/2010/3112 http://www.vupen.com/english/advisories/2011/0134
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.