Test ID:	1.3.6.1.4.1.25623.1.0.57981
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200701-21 (mit-krb5)
Summary:	The remote host is missing updates announced in;advisory GLSA 200701-21.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200701-21. Vulnerability Insight: Multiple vulnerabilities in MIT Kerberos 5 could potentially result in the execution of arbitrary code. Solution: All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.5.2' CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6143 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html BugTraq ID: 21970 http://www.securityfocus.com/bid/21970 Bugtraq: 20070109 MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer (Google Search) http://www.securityfocus.com/archive/1/456406/100/0/threaded Cert/CC Advisory: TA07-009B http://www.us-cert.gov/cas/techalerts/TA07-009B.html Cert/CC Advisory: TA07-109A http://www.us-cert.gov/cas/techalerts/TA07-109A.html CERT/CC vulnerability note: VU#481564 http://www.kb.cert.org/vuls/id/481564 http://fedoranews.org/cms/node/2375 http://fedoranews.org/cms/node/2376 http://security.gentoo.org/glsa/glsa-200701-21.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:008 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html http://osvdb.org/31281 http://securitytracker.com/id?1017493 http://secunia.com/advisories/23667 http://secunia.com/advisories/23696 http://secunia.com/advisories/23701 http://secunia.com/advisories/23706 http://secunia.com/advisories/23707 http://secunia.com/advisories/23772 http://secunia.com/advisories/23903 http://secunia.com/advisories/24966 SuSE Security Announcement: SUSE-SA:2007:004 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html http://www.ubuntu.com/usn/usn-408-1 http://www.vupen.com/english/advisories/2007/0111 http://www.vupen.com/english/advisories/2007/1470 XForce ISS Database: kerberos-rpc-code-execution(31422) https://exchange.xforce.ibmcloud.com/vulnerabilities/31422 Common Vulnerability Exposure (CVE) ID: CVE-2006-6144 BugTraq ID: 21975 http://www.securityfocus.com/bid/21975 Bugtraq: 20070109 MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers (Google Search) http://www.securityfocus.com/archive/1/456409/100/0/threaded CERT/CC vulnerability note: VU#831452 http://www.kb.cert.org/vuls/id/831452 http://osvdb.org/31280 http://securitytracker.com/id?1017494 http://secunia.com/advisories/23690 http://secunia.com/advisories/35151 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102772-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-201294-1 http://www.vupen.com/english/advisories/2007/0112 XForce ISS Database: kerberos-gssapi-code-execution(31417) https://exchange.xforce.ibmcloud.com/vulnerabilities/31417
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.