English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75096 CVE descriptions
and 39644 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.52651
Category:FreeBSD Local Security Checks
Title:FreeBSD Security Advisory (FreeBSD-SA-04:09.kadmind.asc)
Summary:FreeBSD Security Advisory (FreeBSD-SA-04:09.kadmind.asc)
Description:The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-04:09.kadmind.asc

Heimdal implements the Kerberos 5 network authentication protocols.
The k5admind(8) daemon provides the administrative interface to the
Kerberos Key Distribution Center (KDC). In some configurations,
k5admind also includes Kerberos 4 compatibility.

NOTE: FreeBSD versions prior to 5.1-RELEASE contain optional Kerberos
4 support. FreeBSD versions 5.1-RELEASE and later do not include
Kerberos 4 support of any kind.

An input validation error was discovered in the k5admind code that
handles the framing of Kerberos 4 compatibility administration
requests. The code assumed that the length given in the framing was
always two or more bytes. Smaller lengths will cause k5admind to read
an arbitrary amount of data into a minimally-sized buffer on the heap.

Note that this code is not present unless k5admind has been compiled
with Kerberos 4 support. This will occur if a FreeBSD system is
compiled with both of the WITH_KERBEROS4 and WITH_KERBEROS5 build flags.
These flags are never simultaneously set during the FreeBSD binary
release process
consequently, binary installs of FreeBSD (even with
Kerberos support installed) are not affected.

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date

http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-04:09.kadmind.asc
Cross-Ref: BugTraq ID: 10288
Common Vulnerability Exposure (CVE) ID: CVE-2004-0434
Bugtraq: 20040505 Advisory: Heimdal kadmind version4 remote heap overflow (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=108386148126457&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html
Debian Security Information: DSA-504 (Google Search)
http://www.debian.org/security/2004/dsa-504
FreeBSD Security Advisory: FreeBSD-SA-04:09
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc
http://security.gentoo.org/glsa/glsa-200405-23.xml
XForce ISS Database: heimdal-kadmind-bo(16071)
http://xforce.iss.net/xforce/xfdb/16071
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 39644 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.