Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.131133
Category:Mageia Linux Local Security Checks
Title:Mageia Linux Local Check: mgasa-2015-0446
Summary:Mageia Linux Local Security Checks mgasa-2015-0446
Description:Summary:
Mageia Linux Local Security Checks mgasa-2015-0446

Vulnerability Insight:
Updated krb5 packages fix security vulnerabilities: In any MIT krb5 release with the patches for CVE-2015-2696 applied, an application which calls gss_export_sec_context() may experience memory corruption if the context was established using the IAKERB mechanism. Historically, some vulnerabilities of this nature can be translated into remote code execution, though the necessary exploits must be tailored to the individual application and are usually quite complicated (CVE-2015-2698).

Solution:
Update the affected packages to the latest available version.

CVSS Score:
8.5

CVSS Vector:
AV:N/AC:M/Au:S/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-2698
SuSE Security Announcement: openSUSE-SU-2015:2055 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00116.html
SuSE Security Announcement: openSUSE-SU-2015:2376 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00124.html
http://www.ubuntu.com/usn/USN-2810-1
CopyrightCopyright (C) 2015 Eero Volotinen

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.