Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54337
Category:Turbolinux Local Security Tests
Title:Turbolinux TLSA-2005-78 (krb5)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to krb5
announced via advisory TLSA-2005-78.

Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the use of
insecure cleartext passwords.

The multiple vulnerabilities exist in krb5.

These vulerabilities allow remote attackers to cause a denial of service or execute arbitrary code.

Solution: Please use the turbopkg (zabom) tool to apply the update.
http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-78

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-1174
AIX APAR: IY85474
http://www-1.ibm.com/support/docview.wss?uid=swg1IY85474
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 14240
http://www.securityfocus.com/bid/14240
Bugtraq: 20050712 MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC (Google Search)
http://marc.info/?l=bugtraq&m=112122123211974&w=2
CERT/CC vulnerability note: VU#259798
http://www.kb.cert.org/vuls/id/259798
Debian Security Information: DSA-757 (Google Search)
http://www.debian.org/security/2005/dsa-757
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397
http://www.redhat.com/support/errata/RHSA-2005-567.html
http://securitytracker.com/id?1014460
http://secunia.com/advisories/16041
http://secunia.com/advisories/17899
http://secunia.com/advisories/20364
SGI Security Advisory: 20050703-01-U
ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1
SuSE Security Announcement: SUSE-SR:2005:017 (Google Search)
http://www.novell.com/linux/security/advisories/2005_17_sr.html
http://www.trustix.org/errata/2005/0036
TurboLinux Advisory: TLSA-2005-78
http://www.turbolinux.com/security/2005/TLSA-2005-78.txt
https://usn.ubuntu.com/224-1/
http://www.vupen.com/english/advisories/2005/1066
http://www.vupen.com/english/advisories/2006/2074
XForce ISS Database: kerberos-kdc-krb5-tcp-connection-dos(21327)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21327
Common Vulnerability Exposure (CVE) ID: CVE-2005-1175
BugTraq ID: 14236
http://www.securityfocus.com/bid/14236
CERT/CC vulnerability note: VU#885830
http://www.kb.cert.org/vuls/id/885830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902
http://www.redhat.com/support/errata/RHSA-2005-562.html
http://secunia.com/advisories/17135
XForce ISS Database: kerberos-kdc-krb5-udp-tcp-bo(21328)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21328
Common Vulnerability Exposure (CVE) ID: CVE-2005-1689
BugTraq ID: 14239
http://www.securityfocus.com/bid/14239
Bugtraq: 20050712 MITKRB5-SA-2005-003: double-free in krb5_recvauth (Google Search)
http://marc.info/?l=bugtraq&m=112119974704542&w=2
CERT/CC vulnerability note: VU#623332
http://www.kb.cert.org/vuls/id/623332
Conectiva Linux advisory: CLA-2005:993
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993
http://www.gentoo.org/security/en/glsa/glsa-200507-11.xml
HPdes Security Advisory: HPSBUX02152
http://www.securityfocus.com/archive/1/446940/100/0/threaded
HPdes Security Advisory: SSRT5973
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9819
http://securitytracker.com/id?1014461
http://secunia.com/advisories/22090
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101810-1
http://www.vupen.com/english/advisories/2006/3776
XForce ISS Database: kerberos-kdc-krb5recvauth-execute-code(21055)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21055
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.