Test ID:	1.3.6.1.4.1.25623.1.0.59366
Category:	Fedora Local Security Checks
Title:	Fedora Core 5 FEDORA-2006-905 (krb5)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to krb5 announced via advisory FEDORA-2006-905. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. Update Information: This update addresses MITKRB-SA-2006-001. * Tue Aug 8 2006 Nalin Dahyabhai 1.4.3-6 - apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084) * Fri Apr 14 2006 Stepan Kasal - 1.4.3-5 - Fix formatting typo in kinit.1 (krb5-kinit-man-typo.patch) Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2006-905 Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3084 BugTraq ID: 19427 http://www.securityfocus.com/bid/19427 Bugtraq: 20060808 MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/442599/100/0/threaded Bugtraq: 20060816 UPDATED: MITKRB5-SA-2006-001: multiple local privilege escalation vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/443498/100/100/threaded CERT/CC vulnerability note: VU#401660 http://www.kb.cert.org/vuls/id/401660 Debian Security Information: DSA-1146 (Google Search) http://www.debian.org/security/2006/dsa-1146 http://fedoranews.org/cms/node/2376 http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml http://security.gentoo.org/glsa/glsa-200608-21.xml http://www.osvdb.org/27871 http://www.osvdb.org/27872 http://securitytracker.com/id?1016664 http://secunia.com/advisories/21402 http://secunia.com/advisories/21436 http://secunia.com/advisories/21439 http://secunia.com/advisories/21461 http://secunia.com/advisories/21467 http://secunia.com/advisories/21527 http://secunia.com/advisories/21613 http://secunia.com/advisories/23707 SuSE Security Announcement: SUSE-SR:2006:020 (Google Search) http://www.novell.com/linux/security/advisories/2006_20_sr.html http://www.ubuntu.com/usn/usn-334-1 http://www.vupen.com/english/advisories/2006/3225
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.