|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Ports: krb5|
|Summary:||FreeBSD Ports: krb5|
|Description:||The remote host is missing an update to the system|
as announced in the referenced advisory.
The following package is affected: krb5
Double free vulnerability in do_tgs_req.c in the Key Distribution
Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2
allows remote authenticated users to cause a denial of service (daemon
crash) or possibly execute arbitrary code via a request associated
with (1) renewal or (2) validation.
Update your system with the appropriate patches or
Common Vulnerability Exposure (CVE) ID: CVE-2010-1320|
Bugtraq: 20100420 MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC (Google Search)
SuSE Security Announcement: SUSE-SR:2010:010 (Google Search)
BugTraq ID: 39599
|Copyright||Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.