English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54351
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2005:119 (krb5)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to krb5
announced via advisory MDKSA-2005:119.

A number of vulnerabilities have been corrected in this Kerberos
update:

The rcp protocol would allow a server to instruct a client to write to
arbitrary files outside of the current directory. The Kerberos-aware
rcp could be abused to copy files from a malicious server
(CVE-2004-0175).

Gael Delalleau discovered an information disclosure vulnerability in
the way some telnet clients handled messages from a server. This could
be abused by a malicious telnet server to collect information from the
environment of any victim connecting to the server using the Kerberos-
aware telnet client (CVE-2005-0488).

Daniel Wachdorf disovered that in error conditions that could occur in
response to correctly-formatted client requests, the Kerberos 5 KDC may
attempt to free uninitialized memory, which could cause the KDC to
crash resulting in a Denial of Service (CVE-2005-1174).

Daniel Wachdorf also discovered a single-byte heap overflow in the
krb5_unparse_name() function that could, if successfully exploited,
lead to a crash, resulting in a DoS. To trigger this flaw, an attacker
would need to have control of a Kerberos realm that shares a cross-
realm key with the target (CVE-2005-1175).

Finally, a double-free flaw was discovered in the krb5_recvauth()
routine which could be triggered by a remote unauthenticated attacker.
This issue could potentially be exploited to allow for the execution of
arbitrary code on a KDC. No exploit is currently known to exist
(CVE-2005-1689).

The updated packages have been patched to address this issue and
Mandriva urges all users to upgrade to these packages as quickly as
possible.

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1,

Multi Network Firewall 2.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:119
http://www.kb.cert.org/vuls/id/623332
http://www.kb.cert.org/vuls/id/259798
http://www.kb.cert.org/vuls/id/885830
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0175
BugTraq ID: 9986
http://www.securityfocus.com/bid/9986
Computer Incident Advisory Center Bulletin: O-212
http://www.ciac.org/ciac/bulletins/o-212.shtml
Conectiva Linux advisory: CLSA-2004:831
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000831
http://www.mandriva.com/security/advisories?name=MDKSA-2005:100
http://www.mandriva.com/security/advisories?name=MDVSA-2008:191
http://www.osvdb.org/9550
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10184
http://www.redhat.com/support/errata/RHSA-2005-074.html
http://www.redhat.com/support/errata/RHSA-2005-106.html
http://www.redhat.com/support/errata/RHSA-2005-165.html
http://www.redhat.com/support/errata/RHSA-2005-481.html
http://www.redhat.com/support/errata/RHSA-2005-495.html
http://www.redhat.com/support/errata/RHSA-2005-562.html
http://www.redhat.com/support/errata/RHSA-2005-567.html
SCO Security Bulletin: SCOSA-2006.11
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt
http://secunia.com/advisories/17135
http://secunia.com/advisories/19243
SuSE Security Announcement: SuSE-SA:2004:009 (Google Search)
http://www.novell.com/linux/security/advisories/2004_09_kernel.html
XForce ISS Database: openssh-scp-file-overwrite(16323)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16323
Common Vulnerability Exposure (CVE) ID: CVE-2005-0488
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
BugTraq ID: 13940
http://www.securityfocus.com/bid/13940
BugTraq ID: 19289
http://www.securityfocus.com/bid/19289
Cert/CC Advisory: TA06-214A
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
CERT/CC vulnerability note: VU#800829
http://www.kb.cert.org/vuls/id/800829
http://idefense.com/application/poi/display?id=260&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11373
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1139
http://www.redhat.com/support/errata/RHSA-2005-504.html
http://securitytracker.com/id?1014203
http://secunia.com/advisories/21253
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1
SuSE Security Announcement: SUSE-SR:2005:016 (Google Search)
http://www.novell.com/linux/security/advisories/2005_16_sr.html
http://www.vupen.com/english/advisories/2006/3101
Common Vulnerability Exposure (CVE) ID: CVE-2005-1174
AIX APAR: IY85474
http://www-1.ibm.com/support/docview.wss?uid=swg1IY85474
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 14240
http://www.securityfocus.com/bid/14240
Bugtraq: 20050712 MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC (Google Search)
http://marc.info/?l=bugtraq&m=112122123211974&w=2
CERT/CC vulnerability note: VU#259798
http://www.kb.cert.org/vuls/id/259798
Debian Security Information: DSA-757 (Google Search)
http://www.debian.org/security/2005/dsa-757
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397
http://securitytracker.com/id?1014460
http://secunia.com/advisories/16041
http://secunia.com/advisories/17899
http://secunia.com/advisories/20364
SGI Security Advisory: 20050703-01-U
ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1
SuSE Security Announcement: SUSE-SR:2005:017 (Google Search)
http://www.novell.com/linux/security/advisories/2005_17_sr.html
http://www.trustix.org/errata/2005/0036
TurboLinux Advisory: TLSA-2005-78
http://www.turbolinux.com/security/2005/TLSA-2005-78.txt
https://usn.ubuntu.com/224-1/
http://www.vupen.com/english/advisories/2005/1066
http://www.vupen.com/english/advisories/2006/2074
XForce ISS Database: kerberos-kdc-krb5-tcp-connection-dos(21327)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21327
Common Vulnerability Exposure (CVE) ID: CVE-2005-1175
BugTraq ID: 14236
http://www.securityfocus.com/bid/14236
CERT/CC vulnerability note: VU#885830
http://www.kb.cert.org/vuls/id/885830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902
XForce ISS Database: kerberos-kdc-krb5-udp-tcp-bo(21328)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21328
Common Vulnerability Exposure (CVE) ID: CVE-2005-1689
BugTraq ID: 14239
http://www.securityfocus.com/bid/14239
Bugtraq: 20050712 MITKRB5-SA-2005-003: double-free in krb5_recvauth (Google Search)
http://marc.info/?l=bugtraq&m=112119974704542&w=2
CERT/CC vulnerability note: VU#623332
http://www.kb.cert.org/vuls/id/623332
Conectiva Linux advisory: CLA-2005:993
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993
http://www.gentoo.org/security/en/glsa/glsa-200507-11.xml
HPdes Security Advisory: HPSBUX02152
http://www.securityfocus.com/archive/1/446940/100/0/threaded
HPdes Security Advisory: SSRT5973
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9819
http://securitytracker.com/id?1014461
http://secunia.com/advisories/22090
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101810-1
http://www.vupen.com/english/advisories/2006/3776
XForce ISS Database: kerberos-kdc-krb5recvauth-execute-code(21055)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21055
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.