 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.56283 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-977-1) |
| Summary: | The remote host is missing an update for the Debian 'heimdal' package(s) announced via the DSA-977-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'heimdal' package(s) announced via the DSA-977-1 advisory. Vulnerability Insight: Two vulnerabilities have been discovered in heimdal, a free implementation of Kerberos 5. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-0582 Privilege escalation in the rsh server allows an authenticated attacker to overwrite arbitrary files and gain ownership of them. CVE-2006-0677 A remote attacker could force the telnet server to crash before the user logged in, resulting in inetd turning telnetd off because it forked too fast. The old stable distribution (woody) does not expose rsh and telnet servers. For the stable distribution (sarge) these problems have been fixed in version 0.6.3-10sarge2. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your heimdal packages. Affected Software/OS: 'heimdal' package(s) on Debian 3.1. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-0582 BugTraq ID: 16524 http://www.securityfocus.com/bid/16524 Debian Security Information: DSA-977 (Google Search) http://www.debian.org/security/2006/dsa-977 http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html http://www.osvdb.org/22986 http://securitytracker.com/id?1015591 http://secunia.com/advisories/18733 http://secunia.com/advisories/18806 http://secunia.com/advisories/18894 http://secunia.com/advisories/19005 http://secunia.com/advisories/19302 SuSE Security Announcement: SUSE-SA:2006:011 (Google Search) http://www.securityfocus.com/archive/1/426043/100/0/threaded https://usn.ubuntu.com/247-1/ http://www.ubuntu.com/usn/usn-253-1 http://www.vupen.com/english/advisories/2006/0456 http://www.vupen.com/english/advisories/2006/0628 XForce ISS Database: heimdal-rshd-privilege-elevation(24532) https://exchange.xforce.ibmcloud.com/vulnerabilities/24532 Common Vulnerability Exposure (CVE) ID: CVE-2006-0677 BugTraq ID: 16676 http://www.securityfocus.com/bid/16676 http://www.osvdb.org/23244 http://secunia.com/advisories/18961 http://securityreason.com/securityalert/449 http://www.vupen.com/english/advisories/2006/0653 XForce ISS Database: heimdal-telnetd-dos(24763) https://exchange.xforce.ibmcloud.com/vulnerabilities/24763 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |