ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0196
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0196)
Resumen:	The remote host is missing an update for the 'krb5-appl' package(s) announced via the MGASA-2021-0196 advisory.
Descripción:	Summary: The remote host is missing an update for the 'krb5-appl' package(s) announced via the MGASA-2021-0196 advisory. Vulnerability Insight: An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283 (CVE-2019-25017). In the rcp client in MIT krb5-appl through 1.0.3 malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side (CVE-2019-25018). Affected Software/OS: 'krb5-appl' package(s) on Mageia 7, Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-25017 https://bugzilla.suse.com/show_bug.cgi?id=1131109 Common Vulnerability Exposure (CVE) ID: CVE-2019-25018
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.